From c558ea4b711b7f723b92b4842d1f137b9d3e7adc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E5=AD=A6=E5=88=A9?= Date: Fri, 29 Jul 2022 10:41:09 +0000 Subject: [PATCH] =?UTF-8?q?TSG-11250:=20=E6=94=AF=E6=8C=81=E4=BB=8EREDIS?= =?UTF-8?q?=E4=B8=AD=E8=AF=BB=E5=8F=96=E7=A7=BB=E5=8A=A8=E7=BD=91=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E6=A0=87=E8=AF=86=E6=98=A0=E5=B0=84=E5=85=B3=E7=B3=BB?= =?UTF-8?q?=E8=A1=A8=E5=B9=B6=E6=89=A7=E8=A1=8C=E5=AF=B9=E5=BA=94=E7=AD=96?= =?UTF-8?q?=E7=95=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bin/tsg_static_tableinfo.conf | 1 + inc/tsg_label.h | 1 + src/tsg_entry.cpp | 16 +---- src/tsg_entry.h | 22 ++++-- src/tsg_gtp_signaling.cpp | 87 ++++++++++++++++++----- src/tsg_rule.cpp | 129 +++++++++++++++++++++++++++++----- 6 files changed, 200 insertions(+), 56 deletions(-) diff --git a/bin/tsg_static_tableinfo.conf b/bin/tsg_static_tableinfo.conf index f6af353..ac243c4 100644 --- a/bin/tsg_static_tableinfo.conf +++ b/bin/tsg_static_tableinfo.conf @@ -82,3 +82,4 @@ 70 APP_SIGNATURE_UPDATE_PROFILE plugin {"key":1,"valid":5,"foreign":"2,3"} 71 TSG_DYN_SUBSCRIBER_IP plugin {"key":3,"valid":5} -- 72 TSG_PROFILE_TRAFFIC_MIRROR plugin {"key":1,"valid":4} -- +73 TSG_DYN_MOBILE_IDENTITY_APN_TEID plugin {"key":2,"valid":7} -- diff --git a/inc/tsg_label.h b/inc/tsg_label.h index 51fb96e..543b1f7 100644 --- a/inc/tsg_label.h +++ b/inc/tsg_label.h @@ -63,6 +63,7 @@ struct subscribe_id_info struct umts_user_info { + int ref_cnt; char *apn; char *imsi; char *imei; diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index dc2e00f..bfcadb5 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -272,15 +272,6 @@ static int print_hit_path(const struct streaminfo *a_stream, struct master_conte return 1; } -static void free_user_item(char *item) -{ - if(item!=NULL) - { - free(item); - item=NULL; - } -} - static int is_only_monitor(struct Maat_rule_t *result, int hit_cnt) { int i=0; @@ -1357,12 +1348,7 @@ static void free_session_attribute_label(int thread_seq, void *project_req_value if(label->user_info!=NULL) { - free_user_item(label->user_info->apn); - free_user_item(label->user_info->imsi); - free_user_item(label->user_info->imei); - free_user_item(label->user_info->msisdn); - - dictator_free(thread_seq, (void *)label->user_info); + gtp_c_free_data(0, (MAAT_PLUGIN_EX_DATA *)&label->user_info, 0, g_tsg_para.logger); label->user_info=NULL; } diff --git a/src/tsg_entry.h b/src/tsg_entry.h index 37698f1..c5c40c9 100644 --- a/src/tsg_entry.h +++ b/src/tsg_entry.h @@ -60,7 +60,7 @@ enum DEPLOY_MODE DEPLOY_MODE_MAX }; -enum MASTER_TABLE{ +enum MASTER_STATIC_TABLE{ TABLE_SECURITY_COMPILE=0, TABLE_IP_ADDR, TABLE_SUBSCRIBER_ID, @@ -93,6 +93,12 @@ enum MASTER_TABLE{ TABLE_MAX }; +enum MASTER_DYNAMIC_TABLE{ + DYN_TABLE_SUBSCRIBER_IP=0, + DYN_TABLE_GTP_SIGNALING, + DYN_TABLE_MAX +}; + enum TSG_FS2_TYPE{ TSG_FS2_TCP_LINKS=0, TSG_FS2_UDP_LINKS, @@ -278,7 +284,7 @@ typedef struct tsg_para int app_dict_field_num; int device_seq_in_dc; int datacenter_id; - int hash_switch; + int scan_signaling_switch; int hash_timeout; int hash_slot_size; int feature_tamper; @@ -288,8 +294,8 @@ typedef struct tsg_para int unknown_app_id; int hit_path_switch; int default_compile_id; - int table_id[TABLE_MAX]; - int dyn_subscribe_ip_table_id; //TSG_DYN_SUBSCRIBER_IP + int table_id[TABLE_MAX]; + int dyn_table_id[DYN_TABLE_MAX]; int priority_project_id; int session_attribute_project_id; int context_project_id; @@ -303,7 +309,8 @@ typedef struct tsg_para char device_id_command[MAX_DOMAIN_LEN/8]; char data_center[_MAX_TABLE_NAME_LEN]; char device_tag[MAX_DOMAIN_LEN/2]; - char table_name[TABLE_MAX][_MAX_TABLE_NAME_LEN]; + char table_name[TABLE_MAX][_MAX_TABLE_NAME_LEN]; + char dyn_table_name[DYN_TABLE_MAX][_MAX_TABLE_NAME_LEN]; char bridge_name[BRIDGE_TYPE_MAX][_MAX_TABLE_NAME_LEN]; void *logger; void *maat_logger; @@ -426,6 +433,8 @@ void location_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* void ASN_number_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp); void subscriber_id_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp); void app_id_dict_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp); +void gtp_c_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp); + void http_response_pages_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp); void dns_profile_records_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp); void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATTRIBUTE_TYPE type, void *value, int value_len, int thread_seq); @@ -438,7 +447,10 @@ int tsg_scan_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream int tsg_scan_shared_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, char *domain, Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, int thread_seq); int tsg_scan_app_properties_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *property, char *district, int thread_seq); int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, struct subscribe_id_info *user_info, int thread_seq); + int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info); +struct umts_user_info *tsg_get_umts_user_info_form_redis(unsigned int teid); + int tsg_scan_gtp_apn_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *apn, int thread_seq); int tsg_scan_gtp_imsi_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *imsi, int thread_seq); int tsg_scan_gtp_phone_number_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *phone_number, int thread_seq); diff --git a/src/tsg_gtp_signaling.cpp b/src/tsg_gtp_signaling.cpp index 98f8c5e..1c1f6a9 100644 --- a/src/tsg_gtp_signaling.cpp +++ b/src/tsg_gtp_signaling.cpp @@ -10,6 +10,13 @@ MESA_htable_handle g_gtp_signaling_hash_handle=NULL; +enum SIGNALING_ORIGIN +{ + SIGNALING_ORIGIN_NO=0, + SIGNALING_ORIGIN_HASH=1, + SIGNALING_ORIGIN_REDIS=2, + +}; static int is_gtp_tunnel(const struct streaminfo *a_stream) { @@ -114,7 +121,7 @@ void tsg_free_gtp_signaling_field(void *data) } -static int get_umts_user_info(struct umts_user_info **user_info, unsigned int teid, int thread_seq) +static int get_umts_user_info_form_hash(struct umts_user_info **user_info, unsigned int teid, int thread_seq) { long cb_ret=0; struct umts_user_info tmp_user_info={0}; @@ -122,7 +129,8 @@ static int get_umts_user_info(struct umts_user_info **user_info, unsigned int te MESA_htable_search_cb(g_gtp_signaling_hash_handle, (unsigned char *)&(teid), sizeof(unsigned int), copy_user_info, (void *)&tmp_user_info, &cb_ret); if(cb_ret>0) { - *user_info=(struct umts_user_info *)dictator_malloc(thread_seq, sizeof(struct umts_user_info)); + tmp_user_info.ref_cnt=1; + *user_info=(struct umts_user_info *)calloc(1, sizeof(struct umts_user_info)); memcpy(*user_info, &tmp_user_info, sizeof(struct umts_user_info)); return 1; @@ -131,12 +139,24 @@ static int get_umts_user_info(struct umts_user_info **user_info, unsigned int te return 0; } +static int get_umts_user_info_form_redis(struct umts_user_info **user_info, unsigned int teid, int thread_seq) +{ + (*user_info)=tsg_get_umts_user_info_form_redis(teid); + if((*user_info)!=NULL) + { + return 1; + } + + return 0; +} + + int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info) { int ret=0; unsigned int uplink=0,downlink=0; - if(g_tsg_para.hash_switch==0) + if(g_tsg_para.scan_signaling_switch==SIGNALING_ORIGIN_NO) { return 0; } @@ -158,16 +178,36 @@ int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_i return 0; } - ret=get_umts_user_info(user_info, uplink, a_stream->threadnum); - if(ret==1) + switch(g_tsg_para.scan_signaling_switch) { - return 1; - } + case SIGNALING_ORIGIN_HASH: + ret=get_umts_user_info_form_hash(user_info, uplink, a_stream->threadnum); + if(ret==1) + { + return 1; + } - ret=get_umts_user_info(user_info, downlink, a_stream->threadnum); - if(ret==1) - { - return 1; + ret=get_umts_user_info_form_hash(user_info, downlink, a_stream->threadnum); + if(ret==1) + { + return 1; + } + break; + case SIGNALING_ORIGIN_REDIS: + ret=get_umts_user_info_form_redis(user_info, uplink, a_stream->threadnum); + if(ret==1) + { + return 1; + } + + ret=get_umts_user_info_form_redis(user_info, downlink, a_stream->threadnum); + if(ret==1) + { + return 1; + } + break; + default: + break; } return 0; @@ -175,17 +215,11 @@ int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_i int tsg_gtp_signaling_hash_init(const char* conffile, void *logger) { - MESA_load_profile_int_def(conffile, "GTP_SIGNALING", "HASH_SWITCH", &g_tsg_para.hash_switch, 1); - if(g_tsg_para.hash_switch==0) - { - return 0; - } - - MESA_htable_create_args_t args; MESA_load_profile_int_def(conffile, "GTP_SIGNALING", "HASH_TIMEOUT", &g_tsg_para.hash_timeout, 300); MESA_load_profile_int_def(conffile, "GTP_SIGNALING", "HASH_SLOT_SIZE", &g_tsg_para.hash_slot_size, 1024*1024*32); + MESA_htable_create_args_t args; memset(&args, 0, sizeof(args)); args.thread_safe=128; args.recursive=1; @@ -202,6 +236,23 @@ int tsg_gtp_signaling_hash_init(const char* conffile, void *logger) return -1; } + char signaling_origin[32]={0}; + MESA_load_profile_string_def(conffile, "GTP_SIGNALING", "SIGNALING_ORIGIN", signaling_origin, sizeof(signaling_origin), "HASH"); + + int length=strlen(signaling_origin); + if(length==2 && (strncasecmp("NO", signaling_origin, 2)==0)) + { + g_tsg_para.scan_signaling_switch=SIGNALING_ORIGIN_NO; + } + else if(length==4 && (strncasecmp("HASH", signaling_origin, 4)==0)) + { + g_tsg_para.scan_signaling_switch=SIGNALING_ORIGIN_HASH; + } + else if(length==5 && (strncasecmp("REDIS", signaling_origin, 5)==0)) + { + g_tsg_para.scan_signaling_switch=SIGNALING_ORIGIN_REDIS; + } + return 0; } diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp index d513d24..1930e6b 100644 --- a/src/tsg_rule.cpp +++ b/src/tsg_rule.cpp @@ -356,6 +356,59 @@ static int get_integer_from_json(cJSON *object, const char *key, int *value) return 0; } +void gtp_c_dup_data(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void* argp) +{ + if((*from)!=NULL) + { + struct umts_user_info *user_info=(struct umts_user_info *)(*from); + atomic_inc(&user_info->ref_cnt); + *to=*from; + } + + return; +} + +void gtp_c_new_data(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp) +{ + int imsi=3,msisdn=4,apn=5,imei=6; + struct umts_user_info *user_info=(struct umts_user_info *)calloc(1, sizeof(struct umts_user_info)); + + user_info->imsi=tsg_get_column_string_value(table_line, imsi); + user_info->msisdn=tsg_get_column_string_value(table_line, msisdn); + user_info->apn=tsg_get_column_string_value(table_line, apn); + user_info->imei=tsg_get_column_string_value(table_line, imei); + + str_unescape(user_info->imsi); + str_unescape(user_info->msisdn); + str_unescape(user_info->apn); + str_unescape(user_info->imei); + + atomic_inc(&user_info->ref_cnt); + *ad=(MAAT_PLUGIN_EX_DATA)user_info; + + return; +} + +void gtp_c_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp) +{ + if(*ad!=NULL) + { + struct umts_user_info *user_info=(struct umts_user_info *)(*ad); + if((__sync_sub_and_fetch(&user_info->ref_cnt, 1) == 0)) + { + _free_field(user_info->imsi); + _free_field(user_info->msisdn); + _free_field(user_info->apn); + _free_field(user_info->imei); + + _free_field((char *)(*ad)); + *ad=NULL; + } + } + + return; +} + void ASN_number_dup(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void* argp) { @@ -1694,7 +1747,6 @@ int tsg_rule_init(const char* conffile, void *logger) int log_level=30; char log_path[128]={0}; char maat_conffile[256]={0}; - char cb_subscriber_ip_table[32]={0}; MESA_load_profile_int_def(conffile, "MAAT","APP_ID_TABLE_TYPE", &g_tsg_para.app_dict_field_num, 18); MESA_load_profile_int_def(conffile, "MAAT","LOCATION_TABLE_TYPE", &g_tsg_para.location_field_num, 18); @@ -1733,11 +1785,12 @@ int tsg_rule_init(const char* conffile, void *logger) MESA_load_profile_string_def(conffile, "MAAT", "GTP_APN", g_tsg_para.table_name[TABLE_GTP_APN], _MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_APN"); MESA_load_profile_string_def(conffile, "MAAT", "GTP_IMSI", g_tsg_para.table_name[TABLE_GTP_IMSI], _MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_IMSI"); MESA_load_profile_string_def(conffile, "MAAT", "GTP_PHONE_NUMBER", g_tsg_para.table_name[TABLE_GTP_PHONE_NUMBER], _MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_PHONE_NUMBER"); - MESA_load_profile_string_def(conffile, "MAAT", "GTP_PHONE_NUMBER", g_tsg_para.table_name[TABLE_GTP_PHONE_NUMBER], _MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_PHONE_NUMBER"); + MESA_load_profile_string_def(conffile, "MAAT", "RESPONSE_PAGES_TABLE", g_tsg_para.table_name[TABLE_RESPONSE_PAGES], _MAX_TABLE_NAME_LEN, "TSG_PROFILE_RESPONSE_PAGES"); MESA_load_profile_string_def(conffile, "MAAT", "DNS_PROFILE_RECORDS", g_tsg_para.table_name[TABLE_DNS_PROFILE_RECORD], _MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_DNS_RECORDS"); MESA_load_profile_string_def(conffile, "MAAT", "TRAFFIC_MIRROR_PROFILE", g_tsg_para.table_name[TABLE_PROFILE_MIRROR], _MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_TRAFFIC_MIRROR"); + MESA_load_profile_int_def(conffile, "MAAT","LOG_LEVEL", &log_level, 30); MESA_load_profile_string_def(conffile, "MAAT", "LOG_PATH", log_path, sizeof(log_path), "./tsglog/maat/tsg_maat.log"); g_tsg_para.maat_logger=MESA_create_runtime_log_handle(log_path, log_level); @@ -1934,21 +1987,26 @@ int tsg_rule_init(const char* conffile, void *logger) g_tsg_dynamic_maat_feather=g_tsg_maat_feather; } - MESA_load_profile_string_def(conffile, "MAAT", "CB_SUBSCRIBER_IP_TABLE", cb_subscriber_ip_table, sizeof(cb_subscriber_ip_table), "TSG_DYN_SUBSCRIBER_IP"); + MESA_load_profile_string_def(conffile, "MAAT", "CB_SUBSCRIBER_IP_TABLE", g_tsg_para.dyn_table_name[DYN_TABLE_SUBSCRIBER_IP], sizeof(g_tsg_para.dyn_table_name[DYN_TABLE_SUBSCRIBER_IP]), "TSG_DYN_SUBSCRIBER_IP"); + MESA_load_profile_string_def(conffile, "MAAT", "GTP_SIGNALING_TABLE", g_tsg_para.dyn_table_name[DYN_TABLE_GTP_SIGNALING], sizeof(g_tsg_para.dyn_table_name[DYN_TABLE_SUBSCRIBER_IP]), (char *)"TSG_DYN_MOBILE_IDENTITY_APN_TEID"); - g_tsg_para.dyn_subscribe_ip_table_id=Maat_table_register(g_tsg_dynamic_maat_feather, cb_subscriber_ip_table); - if(g_tsg_para.dyn_subscribe_ip_table_id<0) + for(i=0; i0 && *dest_subscribe_id==NULL) { - *dest_subscribe_id = (struct subscribe_id_info *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_subscribe_ip_table_id, dest_ip); + *dest_subscribe_id = (struct subscribe_id_info *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_table_id[DYN_TABLE_SUBSCRIBER_IP], dest_ip); } if(strlen(source_ip)>0 && *source_subscribe_id==NULL) { - *source_subscribe_id = (struct subscribe_id_info *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_subscribe_ip_table_id, source_ip); + *source_subscribe_id = (struct subscribe_id_info *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_table_id[DYN_TABLE_SUBSCRIBER_IP], source_ip); } return 0; } -int tsg_scan_ip_asn(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct asn_info *asn, enum MASTER_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num) +int tsg_scan_ip_asn(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct asn_info *asn, enum MASTER_STATIC_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num) { int ret=0; @@ -2167,7 +2252,7 @@ int tsg_scan_ip_asn(Maat_feather_t maat_feather, const struct streaminfo *a_stre } -int tsg_scan_ip_location(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct location_info *location, enum MASTER_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num) +int tsg_scan_ip_location(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct location_info *location, enum MASTER_STATIC_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num) { int ret=0; char full_address[1024]={0}; @@ -2958,3 +3043,11 @@ int tsg_get_location_type(void) { return g_tsg_para.location_field_num; } + +struct umts_user_info *tsg_get_umts_user_info_form_redis(unsigned int teid) +{ + char teid_str[32]={0}; + snprintf(teid_str, sizeof(teid_str), "%d", teid); + return (struct umts_user_info *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_table_id[DYN_TABLE_GTP_SIGNALING], (const char *)teid_str); +} +