gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-13520,TSG-13356: 支持通过tsg_pull_shaping_result函数获取命中的shaping策略,增加common_shaping_rule_ids日志字段,支持通过bridge接口及时通知命中的shaping策略,增加gtest测试用例

Browse Source
This commit is contained in:
刘学利
2023-02-07 02:51:03 +00:00
parent 5328511bfb
commit ccf02881fa
24 changed files with 1126 additions and 434 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
.gitlab-ci.yml
View File

@@ -8,6 +8,8 @@ variables:
stages:
- build
- test
- package
.build_before_script:
before_script:
@@ -43,6 +45,30 @@ stages:
tags:
- share
run_test_for_centos7:
stage: test
extends: .build_by_travis_for_centos7
script:
- yum makecache
- ./ci/travis.sh
- cd build
- make test
- cd testing
- ./gtest_rule
- ./gtest_master
run_test_for_centos8:
stage: test
extends: .build_by_travis_for_centos8
script:
- yum makecache
- ./ci/travis.sh
- cd build
- make test
- cd testing
- ./gtest_rule
- ./gtest_master
branch_build_debug_for_centos7:
stage: build
extends: .build_by_travis_for_centos7
@@ -101,7 +127,7 @@ develop_build_release_for_centos7:
- /^master.*$/i
release_build_debug_for_centos7:
stage: build
stage: package
variables:
BUILD_TYPE: Debug
PACKAGE: 1
@@ -117,7 +143,7 @@ release_build_debug_for_centos7:
- tags
release_build_release_for_centos7:
stage: build
stage: package
variables:
BUILD_TYPE: RelWithDebInfo
PACKAGE: 1
@@ -192,7 +218,7 @@ develop_build_release_for_centos8:
- /^master.*$/i
release_build_debug_for_centos8:
stage: build
stage: package
variables:
BUILD_TYPE: Debug
PACKAGE: 1
@@ -208,7 +234,7 @@ release_build_debug_for_centos8:
- tags
release_build_release_for_centos8:
stage: build
stage: package
variables:
BUILD_TYPE: RelWithDebInfo
PACKAGE: 1

2
CMakeLists.txt
View File

@@ -37,7 +37,7 @@ set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run)
add_subdirectory(support)
add_subdirectory(src)
add_subdirectory(vendor)
add_subdirectory(test)
add_subdirectory(test/src)
enable_testing()
add_subdirectory(./ctest)

1
bin/tsg_log_field.conf
View File

@@ -122,3 +122,4 @@ STRING common_tunnel_endpoint_b_desc 109
LONG common_t_vsys_id 110
STRING common_app_full_path 111
LONG common_flags 112
LONG common_shaping_rule_ids 113

3
bin/tsg_static_tableinfo.conf
View File

@@ -9,7 +9,9 @@
#quickswitch quickon or quick off
#id name type src_charset dst_charset do_merge cross_cache quickswitch
0 TSG_SECURITY_COMPILE compile escape --
0 TRAFFIC_SHAPING_COMPILE compile escape --
1 GROUP_COMPILE_RELATION group2compile --
1 GROUP_SHAPING_COMPILE_RELATION group2compile --
2 GROUP_GROUP_RELATION group2group --
3 TSG_OBJ_IP_ADDR ip_plus UTF8 UTF8 no 0
3 TSG_OBJ_IP_LEARNING_ADDR ip_plus UTF8 UTF8 no 0
@@ -91,3 +93,4 @@
79 TSG_SECURITY_TUNNEL virtual TSG_OBJ_TUNNEL_ID --
80 TSG_OBJ_FLAG flag --
81 TSG_SECURITY_FLAG virtual TSG_OBJ_FLAG --
82 TRAFFIC_SHAPING_PROFILE plugin {"key":1,"valid":8}

18
ctest/CMakeLists.txt
View File

@@ -2,16 +2,16 @@ cmake_minimum_required (VERSION 2.8)
project(sapp_ctest)
add_test(NAME COPY_CREATE_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/ ${CMAKE_BINARY_DIR}/testing/plug")
add_test(NAME COPY_MASTER_GTEST_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/master_gtest ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_MASTER_GTEST_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/etc/ ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_MASTER_GTEST_CONFLIST COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/conflist.inf ${CMAKE_BINARY_DIR}/testing/plug")
add_test(NAME COPY_CREATE_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/tsgconf/ ")
add_test(NAME COPY_GTEST_MAIN_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/main.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_MAAT_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/maat.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_LOG_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_log_field.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_PROTO_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_l7_protocol.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_TABLEINFO COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_static_tableinfo.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_MAAT_RULE COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/gtest_maat.json ${CMAKE_BINARY_DIR}/testing/tsgconf/tsg_maat.json")
add_test(NAME COPY_MASTER_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/")
add_test(NAME COPY_MASTER_INF COMMAND sh -c "cp ${CMAKE_SOURCE_DIR}/bin/tsg_master.inf ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/tsg_master.inf")
add_test(NAME COPY_MASTER_SO COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/tsg_master_gtest.so ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/tsg_master.so")
add_test(NAME COPY_MASTER_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/ ${CMAKE_BINARY_DIR}/testing/tsgconf")
add_test(NAME COPY_GTEST_RULE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_rule ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_GTEST_MASTER COMMAND sh -c "cp -r ${CMAKE_BINARY_DIR}/test/src/gtest_master ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME FAKE_TEST COMMAND sh -c "pwd")

22
inc/tsg_label.h
View File

@@ -107,23 +107,6 @@ struct session_attribute_label
unsigned long session_flags;
};
struct policy_priority_label
{
tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h)
int domain_len;
int result_type; //enum _PULL_RESULT_TYPE (tsg_rule.h)
int result_num;
union
{
char *http_url;
char *quic_ua;
void *para;
};
char domain[MAX_DOMAIN_LEN];
Maat_rule_t result[MAX_RESULT_NUM];
};
struct tsg_conn_sketch_notify_data
{
tsg_protocol_t protocol;
@@ -135,6 +118,11 @@ struct tsg_conn_sketch_notify_data
}pdata;
};
struct notify_shaping_policy
{
int shaping_result_num;
struct Maat_rule_t shaping_result[MAX_RESULT_NUM];
};
enum NOTIFY_TYPE
{

4
inc/tsg_rule.h
View File

@@ -12,6 +12,7 @@
#define TSG_ACTION_MONITOR 0x01
#define TSG_ACTION_INTERCEPT 0x02
#define TSG_ACTION_DENY 0x10
#define TSG_ACTION_SHAPING 0x20
#define TSG_ACTION_MANIPULATE 0x30
#define TSG_ACTION_BYPASS 0x80
#define TSG_ACTION_MAX 0x80
@@ -54,6 +55,8 @@ int tsg_rule_init(const char *conffile, void *logger);
int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t*result, int result_num, struct identify_info *identify_info);
int tsg_pull_shaping_result(struct streaminfo *a_stream, Maat_rule_t*result, int result_num);
char *tsg_pull_quic_ua(struct streaminfo *a_stream);
char *tsg_pull_http_url(struct streaminfo *a_stream);
@@ -86,5 +89,6 @@ int tsg_get_fqdn_category_id(Maat_feather_t maat_feather, char *fqdn, unsigned i
int tsg_scan_app_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *name, unsigned int id, int thread_seq);
int tsg_scan_fqdn_category_id(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, unsigned int *category_id, int category_id_num, int thread_seq);
int tsg_notify_hited_monitor_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
int tsg_notify_hited_shaping_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
#endif

312
src/tsg_entry.cpp
View File

@@ -66,6 +66,7 @@ id2field_t g_tsg_fs2_field[TSG_FS2_MAX]={{0, TSG_FS2_TCP_LINKS, "tcp_links"},
{0, TSG_FS2_HIT_ADDR, "hit_addr"},
{0, TSG_FS2_HIT_SHARE, "hit_share"},
{0, TSG_FS2_INTERCEPT, "intercept"},
{0, TSG_FS2_SHAPING, "shaping"},
{0, TSG_FS2_EXCLUSION, "exclusion"},
{0, TSG_FS2_APP_DPKT_RESULT, "D_result"},
{0, TSG_FS2_APP_Q_RESULT, "Q_result"},
@@ -880,6 +881,15 @@ static void free_tcpall_label(int thread_seq, void *project_req_value)
return ;
}
void free_shaping_result(const struct streaminfo *stream, int bridge_id, void *data)
{
if(data!=NULL)
{
dictator_free(stream->threadnum, data);
data=NULL;
}
}
void free_policy_label(int thread_seq, void *project_req_value)
{
if(project_req_value!=NULL)
@@ -956,84 +966,6 @@ static void copy_monitor_result(const struct streaminfo *a_stream, struct master
}
static void copy_result_to_project(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *p_result, PULL_RESULT_TYPE result_type, int thread_seq)
{
int ret=0;
struct policy_priority_label *priority_label=NULL;
priority_label=(struct policy_priority_label *)project_req_get_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id);
if(priority_label==NULL)
{
priority_label=(struct policy_priority_label *)dictator_malloc(thread_seq, sizeof(struct policy_priority_label));
memset(priority_label, 0, sizeof(struct policy_priority_label));
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"DUP_HIT_POLICY",
"Hit policy, domain: %s policy_id: %d action: %d addr: %s",
(context->domain!=NULL ? context->domain : ""),
p_result->config_id,
(unsigned char)p_result->action,
PRINTADDR(a_stream, g_tsg_para.level)
);
}
priority_label->proto=context->proto;
if(context->domain!=NULL)
{
priority_label->domain_len=MIN(sizeof(priority_label->domain)-1 ,strlen(context->domain));
memcpy(priority_label->domain, context->domain, priority_label->domain_len);
}
if(context->para!=NULL)
{
int length=strlen(context->http_url);
priority_label->para=dictator_malloc(thread_seq,length+1);
memcpy(priority_label->para, context->para, length);
((char *)priority_label->para)[length]='\0';
}
if(priority_label->result_num<=0 || (priority_label->result[0].action < p_result->action))
{
priority_label->result_num=1;
priority_label->result_type=result_type;
memcpy(priority_label->result, p_result, sizeof(struct Maat_rule_t));
}
ret=project_req_add_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id, (void *)priority_label);
if(ret<0)
{
free_policy_label(thread_seq, (void *)priority_label);
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_FATAL,
"PROJECT_ADD",
"Add policy_priority_label failed, policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
(context->domain!=NULL ? context->domain : ""),
(context->para!=NULL ? context->http_url : ""),
priority_label->result[0].config_id,
(unsigned char)priority_label->result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return ;
}
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"COPY_RESULT",
"Hit policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
(context->domain!=NULL ? context->domain : ""),
(context->para!=NULL ? context->http_url : ""),
priority_label->result[0].config_id,
(unsigned char)priority_label->result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return ;
}
static void copy_bypass_result(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *p_result, int thread_seq)
{
if(context->result==NULL)
@@ -1424,6 +1356,155 @@ char get_direction_from_tcpall(const struct streaminfo *a_stream)
return -1;
}
int get_shaping_result(struct Maat_rule_t *hit_result, int hit_num, struct Maat_rule_t *shaping_result, int shaping_result_num)
{
int shaping_cnt=0;
for(int i=0; i<hit_num; i++)
{
if(hit_result[i].action==TSG_ACTION_SHAPING && shaping_cnt<shaping_result_num)
{
memcpy(&shaping_result[shaping_cnt++], &hit_result[i], sizeof(struct Maat_rule_t));
}
}
return shaping_cnt;
}
static void set_shaping_result_to_project(const struct streaminfo *a_stream, struct Maat_rule_t *p_result, int p_result_num, int thread_seq)
{
if(p_result==NULL || p_result_num==0)
{
return ;
}
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get((struct streaminfo *)a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
if(shaping_label==NULL)
{
shaping_label=(struct notify_shaping_policy *)dictator_malloc(thread_seq, sizeof(struct notify_shaping_policy));
memset(shaping_label, 0, sizeof(struct notify_shaping_policy));
}
int inc_result_num=0;
struct Maat_rule_t *inc_result=&(shaping_label->shaping_result[shaping_label->shaping_result_num]);
int num=MIN(MAX_RESULT_NUM-shaping_label->shaping_result_num, p_result_num);
for(int i=0; i<num; i++)
{
int repeat_result=0;
for(int j=0; j<shaping_label->shaping_result_num+inc_result_num; j++)
{
if(p_result[i].config_id==shaping_label->shaping_result[j].config_id)
{
repeat_result=1;
break;
}
}
if(repeat_result==0)
{
memcpy(&(inc_result[inc_result_num++]), &(p_result[i]), sizeof(struct Maat_rule_t));
}
}
struct notify_shaping_policy sync_result={0, {0}};
sync_result.shaping_result_num=inc_result_num;
memcpy(sync_result.shaping_result, inc_result, inc_result_num*sizeof(struct Maat_rule_t));
stream_bridge_sync_data_put(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)&sync_result);
shaping_label->shaping_result_num+=inc_result_num;
int ret=stream_bridge_async_data_put((struct streaminfo *)a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
if(ret<0)
{
free_shaping_result(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
return ;
}
}
int tsg_notify_hited_shaping_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq)
{
set_shaping_result_to_project(a_stream, result, result_num, thread_seq);
return 0;
}
static void set_security_result_to_project(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *p_result, int p_result_num, PULL_RESULT_TYPE result_type, int thread_seq)
{
if(p_result==NULL || p_result_num==0)
{
return ;
}
struct policy_priority_label *priority_label=(struct policy_priority_label *)project_req_get_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id);
if(priority_label==NULL)
{
priority_label=(struct policy_priority_label *)dictator_malloc(thread_seq, sizeof(struct policy_priority_label));
memset(priority_label, 0, sizeof(struct policy_priority_label));
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"DUP_HIT_POLICY",
"Hit policy, domain: %s policy_id: %d action: %d addr: %s",
(context->domain!=NULL ? context->domain : ""),
p_result->config_id,
(unsigned char)p_result->action,
PRINTADDR(a_stream, g_tsg_para.level)
);
}
priority_label->proto=context->proto;
if(context->domain!=NULL)
{
priority_label->domain_len=MIN(sizeof(priority_label->domain)-1 ,strlen(context->domain));
memcpy(priority_label->domain, context->domain, priority_label->domain_len);
}
if(context->para!=NULL)
{
int length=strlen(context->http_url);
priority_label->para=dictator_malloc(thread_seq,length+1);
memcpy(priority_label->para, context->para, length);
((char *)priority_label->para)[length]='\0';
}
if(priority_label->security_result_num<=0 || (priority_label->security_result[0].action < p_result->action))
{
priority_label->security_result_num=1;
priority_label->result_type=result_type;
memcpy(priority_label->security_result, p_result, sizeof(struct Maat_rule_t));
}
int ret=project_req_add_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id, (void *)priority_label);
if(ret<0)
{
free_policy_label(thread_seq, (void *)priority_label);
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_FATAL,
"PROJECT_ADD",
"Add policy_priority_label failed, policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
(context->domain!=NULL ? context->domain : ""),
(context->para!=NULL ? context->http_url : ""),
priority_label->security_result[0].config_id,
(unsigned char)priority_label->security_result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return ;
}
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"COPY_RESULT",
"Hit policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
(context->domain!=NULL ? context->domain : ""),
(context->para!=NULL ? context->http_url : ""),
priority_label->security_result[0].config_id,
(unsigned char)priority_label->security_result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return ;
}
void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATTRIBUTE_TYPE type, void *value, int value_len, int thread_seq)
{
@@ -1654,6 +1735,11 @@ struct Maat_rule_t *tsg_policy_decision_criteria(Maat_rule_t *result, int result
for(i=0; i<result_num; i++)
{
if((unsigned char)result[i].action==TSG_ACTION_SHAPING)
{
continue;
}
if(p_result==NULL)
{
p_result=&result[i];
@@ -1947,6 +2033,19 @@ int scan_application_id_and_properties(const struct streaminfo *a_stream, struct
return hit_num;
}
static int master_deal_shaping_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int hit_num)
{
//get shaping rule
struct Maat_rule_t shaping_result[hit_num];
int shaping_result_num=get_shaping_result(result, hit_num, shaping_result, hit_num);
set_shaping_result_to_project(a_stream, shaping_result, shaping_result_num, a_stream->threadnum);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_SHAPING], 0, FS_OP_ADD, 1);
set_method_to_tcpall(a_stream, TSG_METHOD_TYPE_UNKNOWN, a_stream->threadnum);
return 0;
}
static unsigned char master_deal_scan_result(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *result, int hit_num, const void *a_packet)
{
Maat_rule_t *p_result=NULL;
@@ -1977,7 +2076,7 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
if((state&APP_STATE_DROPPKT)==APP_STATE_DROPPKT || (state&APP_STATE_KILL_OTHER))
{
copy_deny_result(a_stream, context, p_result, a_stream->threadnum);
copy_result_to_project(a_stream, context, p_result, PULL_FW_RESULT, a_stream->threadnum);
set_security_result_to_project(a_stream, context, p_result, 1, PULL_FW_RESULT, a_stream->threadnum);
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"DENY",
@@ -1999,7 +2098,7 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
break;
case TSG_ACTION_BYPASS:
copy_bypass_result(a_stream, context, p_result, a_stream->threadnum);
copy_result_to_project(a_stream, context, p_result, PULL_FW_RESULT, a_stream->threadnum);
set_security_result_to_project(a_stream, context, p_result, 1, PULL_FW_RESULT, a_stream->threadnum);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_BYPASS], 0, FS_OP_ADD, 1);
state=APP_STATE_GIVEME|APP_STATE_KILL_OTHER;
@@ -2012,7 +2111,7 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
break;
}
copy_result_to_project(a_stream, context, p_result, PULL_KNI_RESULT, a_stream->threadnum);
set_security_result_to_project(a_stream, context, p_result, 1, PULL_KNI_RESULT, a_stream->threadnum);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_INTERCEPT], 0, FS_OP_ADD, 1);
state=APP_STATE_DROPME|APP_STATE_KILL_OTHER;
@@ -2023,6 +2122,11 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
}
}
if(state==APP_STATE_GIVEME)
{
master_deal_shaping_result(a_stream, result, hit_num);
}
return state;
}
@@ -2139,7 +2243,6 @@ static int session_flags_identify_result_cb(const struct streaminfo *a_stream, i
context->sync_cb_state=master_deal_scan_result(a_stream, context, scan_result, hit_num, NULL);
return 0;
}
@@ -2248,7 +2351,6 @@ static unsigned char tsg_master_data_entry(const struct streaminfo *a_stream, vo
}
hit_num+=deal_pending_state(a_stream, context, scan_result+hit_num, MAX_RESULT_NUM-hit_num, a_packet);
p_result=tsg_policy_decision_criteria(scan_result, hit_num);
state=master_deal_scan_result(a_stream, context, scan_result, hit_num, a_packet);
context->deal_pkt_num++;
break;
@@ -2348,7 +2450,7 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
struct Maat_rule_t *p_result=NULL;
unsigned char state=APP_STATE_GIVEME;
struct identify_info tmp_identify_info;
struct Maat_rule_t result[MAX_RESULT_NUM]={0};
struct Maat_rule_t security_result[MAX_RESULT_NUM]={0};
struct tcpall_context *all_context=(struct tcpall_context *)(*pme);
if(stream_state==OP_STATE_PENDING && all_context->method_type!=TSG_METHOD_TYPE_ALLOW && !(all_context->udp_data_dropme))
@@ -2359,10 +2461,12 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
all_context->default_policy_after_n_packets=get_default_para(a_stream, g_tsg_para.default_compile_id);
}
hit_num=tsg_scan_nesting_addr(g_tsg_maat_feather, a_stream, PROTO_UNKONWN, &scan_mid, result, MAX_RESULT_NUM);
hit_num=tsg_scan_nesting_addr(g_tsg_maat_feather, a_stream, PROTO_UNKONWN, &scan_mid, security_result, MAX_RESULT_NUM);
if(hit_num>0)
{
p_result=tsg_policy_decision_criteria(result, hit_num);
p_result=tsg_policy_decision_criteria(security_result, hit_num);
if(p_result!=NULL)
{
switch(p_result->action)
{
case TSG_ACTION_DENY:
@@ -2370,13 +2474,19 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
master_send_log(a_stream, p_result, 1, NULL, thread_seq);
break;
case TSG_ACTION_MONITOR:
tsg_notify_hited_monitor_result(a_stream, result, hit_num, thread_seq);
tsg_notify_hited_monitor_result(a_stream, security_result, hit_num, thread_seq);
break;
default:
break;
}
}
if(state==APP_STATE_GIVEME)
{
master_deal_shaping_result(a_stream, security_result, hit_num);
}
}
Maat_clean_status(&scan_mid);
scan_mid=NULL;
}
@@ -2397,7 +2507,8 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
}
break;
case TSG_METHOD_TYPE_TAMPER:
if(0 == send_tamper_xxx(a_stream, &all_context->tamper_count, a_packet)){
if(0 == send_tamper_xxx(a_stream, &all_context->tamper_count, a_packet))
{
state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
}
break;
@@ -2407,10 +2518,10 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
break;
}
if(get_default_policy(g_tsg_para.default_compile_id, &result[0]))
if(get_default_policy(g_tsg_para.default_compile_id, &security_result[0]))
{
state=tsg_deal_deny_action(a_stream, &result[0], PROTO_UNKONWN, ACTION_RETURN_TYPE_TCPALL, a_packet);
master_send_log(a_stream, &result[0], 1, NULL, thread_seq);
state=tsg_deal_deny_action(a_stream, &security_result[0], PROTO_UNKONWN, ACTION_RETURN_TYPE_TCPALL, a_packet);
master_send_log(a_stream, &security_result[0], 1, NULL, thread_seq);
}
break;
case TSG_METHOD_TYPE_DROP:
@@ -2424,7 +2535,7 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
break;
}
ret=tsg_pull_policy_result((struct streaminfo *)a_stream,PULL_FW_RESULT, &result[0], 1, &tmp_identify_info);
ret=tsg_pull_policy_result((struct streaminfo *)a_stream,PULL_FW_RESULT, &security_result[0], 1, &tmp_identify_info);
if(ret<=0)
{
break;
@@ -2432,11 +2543,11 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
if(all_context->hited_para.hited_app_id<=0)
{
state=tsg_deal_deny_action(a_stream, &result[0], all_context->protocol, ACTION_RETURN_TYPE_TCPALL, a_packet);
state=tsg_deal_deny_action(a_stream, &security_result[0], all_context->protocol, ACTION_RETURN_TYPE_TCPALL, a_packet);
}
else
{
state=tsg_deny_application(a_stream, &result[0], all_context->protocol, all_context->hited_para.hited_app_id, ACTION_RETURN_TYPE_TCPALL, a_packet);
state=tsg_deny_application(a_stream, &security_result[0], all_context->protocol, all_context->hited_para.hited_app_id, ACTION_RETURN_TYPE_TCPALL, a_packet);
}
break;
default:
@@ -2625,6 +2736,7 @@ extern "C" int TSG_MASTER_INIT()
MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "SKETCH_NOTIFY_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_RECV_CONN_SKETCH_DATA],_MAX_TABLE_NAME_LEN, "TSG_CONN_SKETCH_NOTIFY_DATA");
MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "MASTER_NOTIFY_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_SEND_CONN_SKETCH_DATA],_MAX_TABLE_NAME_LEN, "TSG_MASTER_NOTIFY_DATA");
MESA_load_profile_string_def(tsg_conffile, "SESSION_FLAGS", "FLAGS_NOTIFY_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_NOTIFY_FLAGS],_MAX_TABLE_NAME_LEN, "SESSION_FLAGS_SYNC_NOTIFY_DATA");
MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "SHAPING_RESULT_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT],_MAX_TABLE_NAME_LEN, "NOTIFY_SHAPING_RESULT");
for(i=0; i<BRIDGE_TYPE_MAX; i++)
{
@@ -2659,6 +2771,18 @@ extern "C" int TSG_MASTER_INIT()
return -1;
}
ret=stream_bridge_register_data_free_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], free_shaping_result);
if(ret<0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_FATAL,
"APP_BRIDGE",
"Register async free callback failed, bridge_name: %d",
g_tsg_para.bridge_name[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]
);
return -1;
}
g_tsg_para.context_project_id=project_producer_register("TSG_MASTER_CONTEXT", PROJECT_VAL_TYPE_STRUCT, free_context_label);
if(g_tsg_para.context_project_id<0)
{

19
src/tsg_entry.h
View File

@@ -112,6 +112,7 @@ enum TSG_FS2_TYPE{
TSG_FS2_HIT_ADDR,
TSG_FS2_HIT_SHARE,
TSG_FS2_INTERCEPT,
TSG_FS2_SHAPING,
TSG_FS2_EXCLUSION,
TSG_FS2_APP_DPKT_RESULT,
TSG_FS2_APP_Q_RESULT,
@@ -184,6 +185,7 @@ enum BRIDGE_TYPE
BRIDGE_TYPE_RECV_CONN_SKETCH_DATA,
BRIDGE_TYPE_APP_IDENTIFY_RESULT,
BRIDGE_TYPE_NOTIFY_FLAGS,
BRIDGE_TYPE_NOTIFY_SHAPING_RESULT,
BRIDGE_TYPE_MAX
};
@@ -216,6 +218,22 @@ struct l7_protocol
UT_hash_handle hh2; /* handle for second hash table */
};
struct policy_priority_label
{
tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h)
int domain_len;
int result_type; //enum _PULL_RESULT_TYPE (tsg_rule.h)
int security_result_num;
union
{
char *http_url;
char *quic_ua;
void *para;
};
char domain[MAX_DOMAIN_LEN];
Maat_rule_t security_result[MAX_RESULT_NUM];
};
struct fqdn_category
{
int ref_cnt;
@@ -342,6 +360,7 @@ typedef struct tsg_para
int table_id[TABLE_MAX];
int dyn_table_id[DYN_TABLE_MAX];
int priority_project_id;
int shaping_project_id;
int session_attribute_project_id;
int context_project_id;
int tcpall_project_id;

28
src/tsg_rule.cpp
View File

@@ -2247,9 +2247,9 @@ int tsg_set_policy_result(const struct streaminfo *a_stream, PULL_RESULT_TYPE re
priority_label->proto=proto;
priority_label->result_num=1;
priority_label->security_result_num=1;
priority_label->result_type=result_type;
memcpy(priority_label->result, p_result, sizeof(struct Maat_rule_t));
memcpy(priority_label->security_result, p_result, sizeof(struct Maat_rule_t));
int ret=project_req_add_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id, (void *)priority_label);
if(ret<0)
@@ -2259,8 +2259,8 @@ int tsg_set_policy_result(const struct streaminfo *a_stream, PULL_RESULT_TYPE re
RLOG_LV_FATAL,
"PROJECT_ADD",
"Add policy_priority_label failed, policy, policy_id: %d action: %d addr: %s",
priority_label->result[0].config_id,
(unsigned char)priority_label->result[0].action,
priority_label->security_result[0].config_id,
(unsigned char)priority_label->security_result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return -1;
@@ -2270,14 +2270,26 @@ int tsg_set_policy_result(const struct streaminfo *a_stream, PULL_RESULT_TYPE re
RLOG_LV_DEBUG,
"COPY_RESULT",
"Hit policy, policy_id: %d action: %d addr: %s",
priority_label->result[0].config_id,
(unsigned char)priority_label->result[0].action,
priority_label->security_result[0].config_id,
(unsigned char)priority_label->security_result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return 0;
}
int tsg_pull_shaping_result(struct streaminfo *a_stream, Maat_rule_t*result, int result_num)
{
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
if(shaping_label!=NULL && result!=NULL && result_num>0)
{
int num=MIN(shaping_label->shaping_result_num, result_num);
memcpy(result, shaping_label->shaping_result, num*sizeof(Maat_rule_t));
return num;
}
return 0;
}
int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t*result, int result_num, struct identify_info *identify_info)
{
@@ -2289,8 +2301,8 @@ int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_re
{
if((label->result_type==pull_result_type) || (pull_result_type==PULL_ALL_RESULT))
{
num=MIN(label->result_num, result_num);
memcpy(result, label->result, num*sizeof(Maat_rule_t));
num=MIN(label->security_result_num, result_num);
memcpy(result, label->security_result, num*sizeof(Maat_rule_t));
if(label->domain_len>0)
{

37
src/tsg_send_log.cpp
View File

@@ -1209,6 +1209,17 @@ struct TLD_handle_t *TLD_create(int thread_id)
return _handle;
}
int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff_len)
{
StringBuffer sb(0, 2048);
Writer<StringBuffer> writer(sb);
_handle->document->Accept(writer);
memcpy(buff, sb.GetString(), MIN(sb.GetSize(), buff_len));
return 1;
}
static int set_mail_eml(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
{
struct tsg_conn_sketch_notify_data *notify_mail=(struct tsg_conn_sketch_notify_data *)stream_bridge_async_data_get(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_RECV_CONN_SKETCH_DATA]);
@@ -1326,6 +1337,27 @@ static int set_tunnel_ipv4v6_port(struct tsg_log_instance_t *_instance, struct T
return 0;
}
int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
{
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
if(shaping_label==NULL)
{
return 0;
}
int offset=0;
char shaping_rule_ids[512]={0};
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
offset+=snprintf(shaping_rule_ids+offset, sizeof(shaping_rule_ids)-offset, "%d,", shaping_label->shaping_result[i].config_id);
}
shaping_rule_ids[offset-1]='\0';
TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_RULE_IDS].name, (void *)shaping_rule_ids, TLD_TYPE_STRING);
return 1;
}
static int set_common_tunnels(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
{
int ret=0;
@@ -2109,6 +2141,11 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
set_application_behavior(_instance, _handle, log_msg->a_stream);
if(log_msg->result[i].service_id==2 && log_msg->a_stream!=NULL) // stream of intercept is NULL
{
set_shaping_rule_ids(_instance, _handle, log_msg->a_stream);
}
for(i=0;i<log_msg->result_num; i++)
{
if(is_multi_hit_same_policy(&(log_msg->result[i]), policy_id, &repeat_cnt))

1
src/tsg_send_log_internal.h
View File

@@ -134,6 +134,7 @@ typedef enum _tsg_log_field_id
LOG_COMMON_TRAFFIC_VSYSTEM_ID,
LOG_COMMON_APP_FULL_PATH,
LOG_COMMON_FLAGS,
LOG_COMMON_SHAPING_RULE_IDS,
LOG_COMMON_MAX
}tsg_log_field_id_t;

89
src/tsg_variable.cpp Normal file
View File

@@ -0,0 +1,89 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <assert.h>
#include <sys/time.h>
#include <unistd.h>
#include "tsg_variable.h"
g_tsg_para_t g_tsg_para;
id2field_t g_tsg_fs2_field[TSG_FS2_MAX]={{0, TSG_FS2_TCP_LINKS, "tcp_links"},
{0, TSG_FS2_UDP_LINKS, "udp_links"},
{0, TSG_FS2_BYPASS, "bypass"},
{0, TSG_FS2_HIT_ADDR, "hit_addr"},
{0, TSG_FS2_HIT_SHARE, "hit_share"},
{0, TSG_FS2_INTERCEPT, "intercept"},
{0, TSG_FS2_SHAPING, "shaping"},
{0, TSG_FS2_EXCLUSION, "exclusion"},
{0, TSG_FS2_APP_DPKT_RESULT, "D_result"},
{0, TSG_FS2_APP_Q_RESULT, "Q_result"},
{0, TSG_FS2_APP_USER_RESULT, "U_result"},
{0, TSG_FS2_APP_BUILT_IN_RESULT, "B_result"},
{0, TSG_FS2_INJECT_PKT_SUCCESS, "inject_succuess"},
{0, TSG_FS2_INJECT_PKT_FAILED, "inject_failed"},
{0, TSG_FS2_MIRRORED_PKT_SUCCESS, "mirror_pkt_suc"},
{0, TSG_FS2_MIRRORED_BYTE_SUCCESS, "mirror_byte_suc"},
{0, TSG_FS2_MIRRORED_PKT_FAILED, "mirror_pkt_fai"},
{0, TSG_FS2_MIRRORED_BYTE_FAILED, "mirror_byte_fai"},
{0, TSG_FS2_SET_TIMOUT_SUCCESS, "set_timeout_suc"},
{0, TSG_FS2_SET_TIMOUT_FAILED, "set_timeout_fai"},
{0, TSG_FS2_SUCESS_TAMPER, "tamper_sucess"},
{0, TSG_FS2_TAMPER_FAILED_PLOAD_LESS_4, "tamper_nopload"},
{0, TSG_FS2_TAMPER_FAILED_NOSWAP, "tamper_noswap"},
{0, TSG_FS2_ASN_ADD, "asn_add"},
{0, TSG_FS2_ASN_DEL, "asn_del"},
{0, TSG_FS2_GTPC_ADD, "gtpc_add"},
{0, TSG_FS2_GTPC_DEL, "gtpc_del"},
{0, TSG_FS2_LOCATION_ADD, "location_add"},
{0, TSG_FS2_LOCATION_DEL, "location_del"},
{0, TSG_FS2_FQDN_ADD, "fqdn_add"},
{0, TSG_FS2_FQDN_DEL, "fqdn_del"},
{0, TSG_FS2_SUBSCRIBER_ADD, "subscriber_add"},
{0, TSG_FS2_SUBSCRIBER_DEL, "subscriber_del"},
{0, TSG_FS2_SECURIRY_ADD, "security_add"},
{0, TSG_FS2_SECURIRY_DEL, "security_del"},
{0, TSG_FS2_MIRRORED_ADD, "mirrored_add"},
{0, TSG_FS2_MIRRORED_DEL, "mirrored_del"},
{0, TSG_FS2_HTTP_RES_ADD, "http_res_add"},
{0, TSG_FS2_HTTP_RES_DEL, "http_res_del"},
{0, TSG_FS2_DNS_RES_ADD, "dns_profile_add"},
{0, TSG_FS2_DNS_RES_DEL, "dns_profile_del"},
{0, TSG_FS2_APP_ID_ADD, "app_id_add"},
{0, TSG_FS2_APP_ID_DEL, "app_id_del"},
{0, TSG_FS2_TUNNEL_CATALOG_ADD, "t_catalog_add"},
{0, TSG_FS2_TUNNEL_CATALOG_DEL, "t_catalog_del"},
{0, TSG_FS2_TUNNEL_ENDPOINT_ADD, "t_endpoint_add"},
{0, TSG_FS2_TUNNEL_ENDPOINT_DEL, "t_endpoint_del"},
{0, TSG_FS2_TUNNEL_LABEL_ADD, "t_label_add"},
{0, TSG_FS2_TUNNEL_LABEL_DEL, "t_label_del"}
};
id2field_t g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"},
{PROTO_IPv4, 0, "IPV4"},
{PROTO_IPv6, 0, "IPV6"},
{PROTO_TCP, 0, "TCP"},
{PROTO_UDP, 0, "UDP"},
{PROTO_HTTP, 0, "HTTP"},
{PROTO_MAIL, 0, "MAIL"},
{PROTO_DNS, 0, "DNS"},
{PROTO_FTP, 0, "FTP"},
{PROTO_SSL, 0, "SSL"},
{PROTO_SIP, 0, "SIP"},
{PROTO_BGP, 0, "BGP"},
{PROTO_STREAMING_MEDIA, 0, "STREAMING_MEDIA"},
{PROTO_QUIC, 0, "QUIC"},
{PROTO_SSH, 0, "SSH"},
{PROTO_SMTP, 0, "SMTP"},
{PROTO_IMAP, 0, "IMAP"},
{PROTO_POP3, 0, "POP3"},
{PROTO_RTP, 0, "RTP"},
{PROTO_APP, 0, "BASE"},
{PROTO_L2TP, 0, "L2TP"},
{PROTO_PPTP, 0, "PPTP"},
{PROTO_STRATUM, 0, "Stratum"},
{PROTO_RDP, 0, "RDP"},
{PROTO_DTLS, 0, "DTLS"}
};

69
src/tsg_variable.h Normal file
View File

@@ -0,0 +1,69 @@
#pragma once
struct reset_argv
{
int pkt_num;
int seed1;
int seed2;
int th_flags;
int dir;
int remedy;
};
#define _MAX_TABLE_NAME_LEN 64
typedef struct tsg_para
{
int level;
short mirror_switch;
unsigned short timeout;
int dynamic_maat_switch;
int location_field_num;
int app_dict_field_num;
int device_seq_in_dc;
int datacenter_id;
int scan_signaling_switch;
int hash_timeout;
int hash_slot_size;
int hash_thread_safe;
int feature_tamper;
enum DEPLOY_MODE deploy_mode;
int scan_time_interval;
int identify_app_max_pkt_num;
int unknown_app_id;
int hit_path_switch;
int default_compile_id;
int table_id[TABLE_MAX];
int dyn_table_id[DYN_TABLE_MAX];
int priority_project_id;
int shaping_project_id;
int session_attribute_project_id;
int context_project_id;
int tcpall_project_id;
int gather_app_project_id;
int bridge_id[BRIDGE_TYPE_MAX];
int proto_flag; //tsg_protocol_t
int fs2_field_id[TSG_FS2_MAX];
char device_sn[MAX_DOMAIN_LEN/8];
char log_path[MAX_DOMAIN_LEN/8];
char device_id_command[MAX_DOMAIN_LEN/8];
char data_center[_MAX_TABLE_NAME_LEN];
char device_tag[MAX_DOMAIN_LEN/2];
char table_name[TABLE_MAX][_MAX_TABLE_NAME_LEN];
char dyn_table_name[DYN_TABLE_MAX][_MAX_TABLE_NAME_LEN];
char bridge_name[BRIDGE_TYPE_MAX][_MAX_TABLE_NAME_LEN];
void *logger;
void *maat_logger;
struct reset_argv reset;
struct mirrored_vlan default_vlan;
screen_stat_handle_t fs2_handle;
struct l7_protocol *name_by_id;
struct l7_protocol *id_by_name;
struct traffic_mirror *mirror_handle;
ctemplate::Template *tpl_403,*tpl_404;
ctemplate::Template *tpl_200,*tpl_204;
ctemplate::Template *tpl_303;
}g_tsg_para_t;
extern g_tsg_para_t g_tsg_para;
extern Maat_feather_t g_tsg_dynamic_maat_feather;
extern id2field_t g_tsg_proto_name2id[PROTO_MAX];

42
test/src/CMakeLists.txt
View File

@@ -1,36 +1,30 @@
cmake_minimum_required(VERSION 2.8)
set(SRC ../src/tsg_entry.cpp ../src/tsg_rule.cpp ../src/tsg_ssl_utils.cpp ../src/tsg_send_log.cpp ../src/tsg_statistic.cpp ../src/tsg_ssh_utils.cpp ../src/tsg_gtp_signaling.cpp ../src/tsg_action.cpp ../src/tsg_leaky_bucket.cpp ../src/tsg_dns.cpp ../src/tsg_icmp.cpp ../src/tsg_tamper.cpp tsg_master_gtest_protocol.cpp tsg_master_gtest_entry.cpp)
include_directories(${CMAKE_SOURCE_DIR}/inc)
include_directories(/opt/MESA/include/MESA/)
include_directories(/opt/MESA/include)
include_directories(/usr/include/)
set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maatframe pthread MESA_field_stat2 rdkafka cjson MESA_jump_layer)
set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run)
add_library(tsg_master_gtest SHARED ${SRC})
set_target_properties(tsg_master_gtest PROPERTIES LINK_FLAGS "-Wl,--version-script=${PROJECT_SOURCE_DIR}/src/version.map")
target_link_libraries(tsg_master_gtest ${TSG_MASTER_DEPEND_DYN_LIB} ctemplate-static)
set_target_properties(tsg_master_gtest PROPERTIES PREFIX "")
install(TARGETS tsg_master_gtest LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master_gtest COMPONENT LIBRARIES)
install(FILES ../bin/tsg_master.inf DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master_gtest COMPONENT PROFILE)
include_directories(${PROJECT_SOURCE_DIR}/src/)
add_definitions(-std=c++11)
LINK_DIRECTORIES(/opt/MESA/lib)
file(GLOB TEST_CASE "tsg_master_gtest_main.cpp")
add_executable(master_gtest ${TEST_CASE})
target_compile_options(master_gtest PUBLIC ${MEM_POOL_DEFINITIONS})
target_link_libraries(master_gtest nsl pthread dl m pcap systemd cjson MESA_prof_load MESA_htable MESA_handle_logger MESA_jump_layer breakpad_mini MESA_field_stat2 rdkafka)
target_link_libraries(master_gtest /home/mesasoft/sapp_run/lib/libsapp_devel.so)
target_link_libraries(master_gtest gtest-static ctemplate-static)
install(TARGETS master_gtest DESTINATION ${CMAKE_INSTALL_PREFIX}/ COMPONENT EXECUTABLE)
add_executable(gtest_rule ${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp gtest_common.cpp gtest_rule.cpp)
target_link_libraries(gtest_rule gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maatframe)
set(TSG_MASTER_SRC ${PROJECT_SOURCE_DIR}/src/tsg_entry.cpp
${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp
${PROJECT_SOURCE_DIR}/src/tsg_ssl_utils.cpp
${PROJECT_SOURCE_DIR}/src/tsg_send_log.cpp
${PROJECT_SOURCE_DIR}/src/tsg_statistic.cpp
${PROJECT_SOURCE_DIR}/src/tsg_ssh_utils.cpp
${PROJECT_SOURCE_DIR}/src/tsg_gtp_signaling.cpp
${PROJECT_SOURCE_DIR}/src/tsg_action.cpp
${PROJECT_SOURCE_DIR}/src/tsg_leaky_bucket.cpp
${PROJECT_SOURCE_DIR}/src/tsg_dns.cpp
${PROJECT_SOURCE_DIR}/src/tsg_icmp.cpp
${PROJECT_SOURCE_DIR}/src/tsg_tamper.cpp
)
add_executable(gtest_master ${TSG_MASTER_SRC} gtest_common.cpp gtest_master.cpp)
target_link_libraries(gtest_master gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maatframe rdkafka MESA_htable)

239
test/src/gtest_common.cpp Normal file
View File

@@ -0,0 +1,239 @@
#include <MESA/stream.h>
#include "tsg_entry.h"
const char *gtest_addrlist="127.0.0.1.37690>127.0.0.1.443";
void dictator_free(int thread_seq, void * pbuf)
{
free(pbuf);
pbuf=NULL;
}
void *dictator_malloc(int thread_seq,size_t size)
{
return calloc(1, size);
}
const char *printaddr (const struct layer_addr *paddrinfo, int threadindex)
{
return gtest_addrlist;
}
int get_thread_count(void)
{
return 1;
}
int MESA_rst_tcp(struct streaminfo * stream, struct rst_tcp_para * paras, int para_len)
{
return 0;
}
int sapp_inject_pkt(struct streaminfo * stream, enum sapp_inject_opt sio, const void * payload, int payload_len, unsigned char snd_routedir)
{
return 0;
}
unsigned char MESA_dir_reverse(unsigned char raw_route_dir)
{
return 0;
}
extern "C" int MESA_get_dev_ipv4(const char * device, int * ip_add)
{
return 0;
}
extern "C" int sendpacket_do_checksum(unsigned char *buf, int protocol, int len)
{
return 0;
}
char *layer_addr_ntop_r(const struct streaminfo * pstream, char * out_buf, int out_buf_len)
{
return NULL;
}
const char *layer_addr_prefix_ntop(const struct streaminfo * pstream)
{
return NULL;
}
int stream_addr_list_ntop(const struct streaminfo * pstream, char * dst, int size)
{
return 0;
}
int MESA_dir_link_to_human(int link_route_dir)
{
return 0;
}
int MESA_set_stream_opt(const struct streaminfo * pstream, enum MESA_stream_opt opt, void * opt_val, int opt_val_len)
{
return 0;
}
int MESA_get_stream_opt(const struct streaminfo * pstream, enum MESA_stream_opt opt, void * opt_val, int * opt_val_len)
{
return 0;
}
int sapp_get_platform_opt(enum sapp_platform_opt opt, void * opt_val, int * opt_val_len)
{
return 0;
}
int get_rawpkt_opt_from_streaminfo(const struct streaminfo * pstream, int type, void * out_value)
{
return 0;
}
#define MAX_BRIDGE_NUM 16
void *g_bridge_async_data[MAX_BRIDGE_NUM]={0};
stream_bridge_free_cb_t *g_bridge_async_free[MAX_BRIDGE_NUM]={0};
stream_bridge_sync_cb_t *g_bridge_sync_cb[MAX_BRIDGE_NUM]={0};
int stream_bridge_register_data_free_cb(int bridge_id, stream_bridge_free_cb_t * free_cb_fun)
{
g_bridge_async_free[bridge_id]=free_cb_fun;
return 0;
}
int stream_bridge_register_data_sync_cb(int bridge_id, stream_bridge_sync_cb_t * sync_cb_fun)
{
if(g_bridge_sync_cb[bridge_id])
{
g_bridge_sync_cb[bridge_id]=sync_cb_fun;
}
return 0;
}
int stream_bridge_sync_data_put(const struct streaminfo *stream, int bridge_id, void *data)
{
if(g_bridge_sync_cb[bridge_id])
{
g_bridge_sync_cb[bridge_id](stream, bridge_id, data);
}
return 0;
}
void *stream_bridge_async_data_get(const struct streaminfo *stream, int bridge_id)
{
return g_bridge_async_data[bridge_id];
}
int stream_bridge_async_data_put(const struct streaminfo * stream, int bridge_id, void * data)
{
g_bridge_async_data[bridge_id]=data;
return 0;
}
int stream_bridge_build(const char * bridge_name, const char * rw_mode)
{
static int bridge_id=0;
assert(bridge_id<MAX_BRIDGE_NUM);
return bridge_id++;
}
int project_req_add_struct(struct streaminfo *stream, int project_req_id, const void *project_req_value)
{
return 0;
}
const void *project_req_get_struct(const struct streaminfo *stream, int project_req_id)
{
return NULL;
}
int project_customer_register(const char * project_req_name, const char * project_req_val_type)
{
return 0;
}
int project_producer_register(const char * project_req_name, const char * project_req_val_type, project_req_free_t * free_cb)
{
return 0;
}
extern "C" void *http_field_parser(const char* buf, unsigned int buflen, int http_dir)
{
return NULL;
}
extern "C" int http_get_filed_result(void *result, long long field_flag, char **field_value)
{
return 0;
}
extern "C" void http_free_filed_result(void *result)
{
}
extern "C" int ftp_control_identify(struct streaminfo *a_tcp)
{
return 0;
}
extern "C" int ftp_data_identify(struct streaminfo *a_tcp)
{
return 0;
}
extern "C" int mail_protocol_identify_by_first_payload(struct streaminfo *a_tcp, char *payload, int payload_len, int thread_seq)
{
return 0;
}
extern "C" char stratum_identify(struct streaminfo* pstream,void** pme,int thread_seq,const void* a_packet)
{
return 0;
}
extern "C" int rdp_protocol_identify(const char *payload, unsigned int payload_len, int thread_seq)
{
return 0;
}
extern "C" int rdpudp_protocol_identify(const char *payload, unsigned int payload_len, int thread_seq)
{
return 0;
}
int quic_version_int2string(unsigned int version, char *buff, int buff_len)
{
return 0;
}
unsigned int quic_protocol_identify(struct streaminfo *a_stream, void *a_packet, char *out_sni, int *out_sni_len, char *out_ua, int *out_ua_len)
{
return 0;
}
extern "C" unsigned char sip_identify_from_to(char* buff,UINT32 buflen,char** from,UINT32* from_len,char** to,UINT32* to_len)
{
return 0;
}
extern "C" int dtls_parse_sni(const char *udp_payload, int udp_payload_len, char *servername, int servername_len)
{
return 0;
}
extern "C" bool dtls_identifyStream(struct streaminfo *a_udp)
{
return 0;
}
extern "C" struct _ssl_ja3_info_t *ssl_get_ja3_fingerprint(struct streaminfo *stream, unsigned char *payload, int payload_len, int thread_seq)
{
return NULL;
}

10
test/src/gtest_common.h Normal file
View File

@@ -0,0 +1,10 @@
#pragma once
#include "tsg_send_log.h"
extern "C" int TSG_MASTER_INIT();
void free_shaping_result(const struct streaminfo *stream, int bridge_id, void *data);
int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff_len);
int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream);

0
test/src/tsg_master_gtest_function.h → test/src/gtest_function.h
View File

223
test/src/gtest_master.cpp Normal file
View File

@@ -0,0 +1,223 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "gtest_common.h"
#include "tsg_rule.h"
#include "tsg_entry.h"
#include <gtest/gtest.h>
TEST(TSGMaster, ShapingSetRuleIds)
{
const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM; i++)
{
shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+i;
}
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
struct TLD_handle_t *handle=TLD_create(0);
set_shaping_rule_ids(g_tsg_log_instance, handle, (struct streaminfo *)&a_stream);
char shaping_rule_ids[256]={0};
TLD_convert_json(handle, shaping_rule_ids, sizeof(shaping_rule_ids));
EXPECT_STREQ("{\"common_shaping_rule_ids\":\"32,33,34,35,36,37,38,39\"}", shaping_rule_ids);
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
EXPECT_NE(nullptr, shaping_label);
EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num);
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
}
int shaping_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data)
{
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)data;
EXPECT_NE(nullptr, shaping_label);
EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num);
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
return 0;
}
TEST(TSGMaster, ShapingPolicyNotify)
{
const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM; i++)
{
shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+i;
}
stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_policy_notify_cb);
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM, shaping_result_num);
for(int i=0; i<shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
}
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
EXPECT_NE(nullptr, shaping_label);
EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num);
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
}
int shaping_policy_notify_null_cb(const struct streaminfo *stream, int bridge_id, void *data)
{
EXPECT_EQ(nullptr, data);
return 0;
}
TEST(TSGMaster, ShapingPolicyNotifyNULL)
{
const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_policy_notify_null_cb);
tsg_notify_hited_shaping_result(&a_stream, shaping_result, 0, 0);
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
EXPECT_EQ(nullptr, shaping_label);
}
int shaping_duplicate_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data)
{
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)data;
EXPECT_NE(nullptr, shaping_label);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
return 0;
}
TEST(TSGMaster, ShapingDuplicatePolicyNotify)
{
const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM; i++)
{
shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+(i%4);
}
stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_duplicate_policy_notify_cb);
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num);
for(int i=0; i<shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
}
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
EXPECT_NE(nullptr, shaping_label);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
}
TEST(TSGMaster, ShapingDuplicatePolicyMultipleNotify)
{
const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM/2; i++)
{
shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+i;
}
stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_duplicate_policy_notify_cb);
// First notify
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0);
int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num);
for(int i=0; i<shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
}
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
EXPECT_NE(nullptr, shaping_label);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
// Second notify
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0);
shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num);
for(int i=0; i<shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
}
shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
EXPECT_NE(nullptr, shaping_label);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
for(int i=0; i<shaping_label->shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
}
int main(int argc, char *argv[])
{
TSG_MASTER_INIT();
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

0
test/src/tsg_master_gtest_protocol.cpp → test/src/gtest_protocol.cpp
View File

69
test/src/gtest_rule.cpp Normal file
View File

@@ -0,0 +1,69 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "tsg_entry.h"
#include "gtest_common.h"
#include <gtest/gtest.h>
g_tsg_para_t g_tsg_para;
id2field_t g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"},
{PROTO_IPv4, 0, "IPV4"},
{PROTO_IPv6, 0, "IPV6"},
{PROTO_TCP, 0, "TCP"},
{PROTO_UDP, 0, "UDP"},
{PROTO_HTTP, 0, "HTTP"},
{PROTO_MAIL, 0, "MAIL"},
{PROTO_DNS, 0, "DNS"},
{PROTO_FTP, 0, "FTP"},
{PROTO_SSL, 0, "SSL"},
{PROTO_SIP, 0, "SIP"},
{PROTO_BGP, 0, "BGP"},
{PROTO_STREAMING_MEDIA, 0, "STREAMING_MEDIA"},
{PROTO_QUIC, 0, "QUIC"},
{PROTO_SSH, 0, "SSH"},
{PROTO_SMTP, 0, "SMTP"},
{PROTO_IMAP, 0, "IMAP"},
{PROTO_POP3, 0, "POP3"},
{PROTO_RTP, 0, "RTP"},
{PROTO_APP, 0, "BASE"},
{PROTO_L2TP, 0, "L2TP"},
{PROTO_PPTP, 0, "PPTP"},
{PROTO_STRATUM, 0, "Stratum"},
{PROTO_RDP, 0, "RDP"},
{PROTO_DTLS, 0, "DTLS"}
};
unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name)
{
return 0;
}
void free_policy_label(int thread_seq, void *project_req_value)
{
}
void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATTRIBUTE_TYPE type, void *value, int value_len, int thread_seq)
{
}
int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info)
{
return 0;
}
TEST(MasterTest, SetVlan)
{
//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
//EXPECT_EQ(1, ret);
}
int main(int argc, char *argv[])
{
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

41
test/src/gtest_sendlog.cpp Normal file
View File

@@ -0,0 +1,41 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "gtest_common.h"
#include <gtest/gtest.h>
int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent)
{
return 0;
}
int tsg_get_location_type(void)
{
return 19;
}
char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id)
{
return NULL;
}
char get_direction_from_tcpall(const struct streaminfo *a_stream)
{
return 0;
}
TEST(MasterTest, SetVlan)
{
//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
//EXPECT_EQ(1, ret);
}
int main(int argc, char *argv[])
{
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

207
test/src/tsg_master_gtest_entry.cpp
View File

@@ -1,207 +0,0 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <assert.h>
#include <sys/time.h>
#include <unistd.h>
#include "app_label.h"
#include <MESA/stream.h>
#include <MESA/MESA_prof_load.h>
#include <MESA/MESA_handle_logger.h>
#include <MESA/MESA_jump_layer.h>
enum GTEST_BRIDGE
{
GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT=0,
GTEST_BRIDGE_TYPE_MAX
};
struct gtest_para
{
int bridge_id[GTEST_BRIDGE_TYPE_MAX];
char bridge_name[GTEST_BRIDGE_TYPE_MAX][64];
};
struct gtest_para g_gtest_para;
extern "C" unsigned char GTEST_APP_FULL_PATH_1_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
{
struct app_identify_result lpi;
memset(&lpi, 0, sizeof(lpi));
lpi.app_id_num=2;
lpi.origin=ORIGIN_BASIC_PROTOCOL;
lpi.app_id[0]=336; //openvpn
lpi.app_id[1]=199; //ssl
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
struct app_identify_result user_define;
memset(&user_define, 0, sizeof(user_define));
user_define.app_id_num=1;
user_define.origin=ORIGIN_USER_DEFINE;
user_define.app_id[0]=3145; //qq_web
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&user_define);
struct app_identify_result qm;
memset(&qm, 0, sizeof(qm));
qm.app_id_num=4;
qm.origin=ORIGIN_QM_ENGINE;
qm.app_id[0]=336; //openvpn
qm.app_id[1]=199; //ssl
qm.app_id[2]=1241; //qq_web
qm.app_id[3]=3145; //qq_r2
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
return APP_STATE_DROPME;
}
extern "C" unsigned char GTEST_APP_FULL_PATH_2_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
{
struct app_identify_result lpi;
memset(&lpi, 0, sizeof(lpi));
lpi.app_id_num=2;
lpi.origin=ORIGIN_BASIC_PROTOCOL;
lpi.app_id[0]=336; //openvpn
lpi.app_id[1]=199; //ssl
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
struct app_identify_result built_in;
memset(&built_in, 0, sizeof(built_in));
built_in.app_id_num=1;
built_in.origin=ORIGIN_BUILT_IN;
built_in.app_id[0]=3145; //qq_web
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
struct app_identify_result qm;
memset(&qm, 0, sizeof(qm));
qm.app_id_num=3;
qm.origin=ORIGIN_QM_ENGINE;
qm.app_id[0]=336; //openvpn
qm.app_id[1]=1241; //qq_web
qm.app_id[2]=3145; //qq_r2
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
return APP_STATE_DROPME;
}
extern "C" unsigned char GTEST_APP_FULL_PATH_3_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
{
struct app_identify_result lpi;
memset(&lpi, 0, sizeof(lpi));
lpi.app_id_num=2;
lpi.origin=ORIGIN_BASIC_PROTOCOL;
lpi.app_id[0]=336; //openvpn
lpi.app_id[1]=199; //ssl
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
struct app_identify_result built_in;
memset(&built_in, 0, sizeof(built_in));
built_in.app_id_num=1;
built_in.origin=ORIGIN_BUILT_IN;
built_in.app_id[0]=3145; //qq_web
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
return APP_STATE_DROPME;
}
extern "C" unsigned char GTEST_APP_FULL_PATH_4_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
{
struct app_identify_result lpi;
memset(&lpi, 0, sizeof(lpi));
lpi.app_id_num=1;
lpi.origin=ORIGIN_BASIC_PROTOCOL;
lpi.app_id[0]=199; //ssl
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
struct app_identify_result user_define;
memset(&user_define, 0, sizeof(user_define));
struct app_identify_result built_in;
memset(&built_in, 0, sizeof(built_in));
built_in.app_id_num=2;
built_in.origin=ORIGIN_BUILT_IN;
built_in.app_id[0]=3145; //qq_web
built_in.app_id[1]=156; //qq
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
struct app_identify_result qm;
memset(&qm, 0, sizeof(qm));
qm.app_id_num=4;
qm.origin=ORIGIN_QM_ENGINE;
qm.app_id[0]=336; //openvpn
qm.app_id[1]=199; //ssl
qm.app_id[2]=1241; //qq_web
qm.app_id[3]=3145; //qq_r2
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
return APP_STATE_DROPME;
}
extern "C" unsigned char GTEST_APP_FULL_PATH_5_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
{
struct app_identify_result built_in;
memset(&built_in, 0, sizeof(built_in));
built_in.app_id_num=2;
built_in.origin=ORIGIN_BUILT_IN;
built_in.app_id[0]=3145; //qq_web
built_in.app_id[1]=156; //qq
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
struct app_identify_result qm;
memset(&qm, 0, sizeof(qm));
qm.app_id_num=4;
qm.origin=ORIGIN_QM_ENGINE;
qm.app_id[0]=336; //openvpn
qm.app_id[1]=199; //ssl
qm.app_id[2]=1241; //qq_web
qm.app_id[3]=3145; //qq_r2
stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
return APP_STATE_DROPME;
}
extern "C" unsigned char GTEST_UNKNOWN_APP_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
{
return APP_STATE_DROPME;
}
extern "C" int GTEST_INIT()
{
memset(&g_gtest_para, 0, sizeof(g_gtest_para));
MESA_load_profile_string_def("tsgconf/main.conf", "SYSTEM", "APP_IDENTIFY_RESULT_BRIDGE", g_gtest_para.bridge_name[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], 64, "APP_IDENTIFY_RESULT_BRIDGE");
for(int i=0; i<GTEST_BRIDGE_TYPE_MAX; i++)
{
g_gtest_para.bridge_id[i]=stream_bridge_build(g_gtest_para.bridge_name[i], "w");
if(g_gtest_para.bridge_id[i]<0)
{
printf("stream_bridge_build is error, bridge_name: %s", g_gtest_para.bridge_name[i]);
return -1;
}
}
return 0;
}
extern "C" int GTEST_UNLOAD()
{
return 0;
}

50
test/src/tsg_master_gtest_main.cpp
View File

@@ -1,50 +0,0 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "../inc/app_label.h"
#include "../inc/tsg_rule.h"
#include "../inc/tsg_send_log.h"
#include "../inc/tsg_statistic.h"
//#include "../src/tsg_entry.h"
#include "../src/tsg_send_log_internal.h"
#include "../inc/tsg_ssl_utils.h"
#include "../src/tsg_ssh_utils.h"
#include "../src/tsg_protocol_common.h"
#include "tsg_master_gtest_function.h"
#include <gtest/gtest.h>
/*
L7(openvpn), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon
L7(openvpn), appSketch(psiphon), Thrid(openvpn.qq_web.wechat) = openvpn.psiphon
L7(openvpn), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.psiphon
L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.ssl.psiphon
L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn) = openvpn.ssl.psiphon
L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon
L7(null), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon
L7(null), appSketch(psiphon), Thrid(wechat) = psiphon
L7(null), appSketch(null), Thrid(openvpn.ssl.wechat) = openvpn.ssl.wechat
L7(null), appSketch(null), Thrid(null) = unknown
*/
TEST(MasterTest, AppFullPath)
{
}
TEST(MasterTest, SetVlan)
{
//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
//EXPECT_EQ(1, ret);
}
int main(int argc, char *argv[])
{
libsapp_setup_env(argc,argv);
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}