tango-tsg-service-chaining-…/platform/include/policy.h

#ifndef _POLICY_H
#define _POLICY_H

#ifdef __cpluscplus
extern "C"
{
#endif

#include "utils.h"
#include "raw_packet.h"

enum traffic_type
{
	TRAFFIC_TYPE_NONE = 0,
	TRAFFIC_TYPE_RAW = 1,
	TRAFFIC_TYPE_DECRYPTED = 2,
};

enum forward_type
{
	FORWARD_TYPE_NONE = 0,
	FORWARD_TYPE_STEERING = 1,
	FORWARD_TYPE_MIRRORING = 2,
};

enum session_action
{
	SESSION_ACTION_BYPASS = 0,
	SESSION_ACTION_FORWARD = 1,
	SESSION_ACTION_BLOCK = 2,
};

enum action_reason
{
	ACTION_BYPASS_DUE_DEFAULT = 0x00,
	ACTION_BYPASS_DUE_INVALID_POLICY = 0x01,
	ACTION_BYPASS_DUE_FAILURE_ACTION = 0x02,
	ACTION_BYPASS_DUE_UNAVAILABLE_ACTION = 0x03,
	ACTION_BYPASS_DUE_HEALTH_SF_LIMIT = 0x04,

	ACTION_BLOCK_DUE_FAILURE_ACTION = 0x10,
	ACTION_BLOCK_DUE_UNAVAILABLE_ACTION = 0x11,

	ACTION_FORWAED_DUE_SELECTED_SF = 0x20,
};

enum package_method
{
	PACKAGE_METHOD_NONE = 0,
	PACKAGE_METHOD_LAYER2_SWITCH = 1,
	PACKAGE_METHOD_LAYER3_SWITCH = 2,
	PACKAGE_METHOD_VXLAN_G = 3,
};

enum health_check_method
{
	HEALTH_CHECK_METHOD_NONE = 0,
	HEALTH_CHECK_METHOD_IN_BAND_BFD = 1,
	HEALTH_CHECK_METHOD_BFD = 2,
	HEALTH_CHECK_METHOD_HTTP = 3,
};

struct health_check
{
	enum health_check_method method;

	char url[128];
	char address[64];
	int retires;
	int interval_ms;
};

struct connectivity
{
	enum package_method method;
	int int_vlan_tag;
	int ext_vlan_tag;
	char dest_ip[64];
};

struct selected_sf
{
	int policy_id;
	enum traffic_type traffic_type;

	int sff_profile_id;
	enum forward_type sff_forward_type;

	int sf_need_skip;
	int sf_profile_id;
	enum session_action sf_action;
	enum action_reason sf_action_reason;
	struct connectivity sf_connectivity;

	struct throughput_metrics rx;
	struct throughput_metrics tx;

	char sf_dst_ip[16];
	char sf_dst_mac[32];
	int sf_index;
};

struct selected_chaining
{
	struct selected_sf *chaining;
	int chaining_size;
	int chaining_used;

	uint64_t session_id;
	char *session_addr;
};

struct selected_chainings
{
	struct selected_chaining *chaining_raw;
	struct selected_chaining *chaining_decrypted;
};

const char *traffic_type_to_string(enum traffic_type traffic_type);
const char *forward_type_to_string(enum forward_type forward_type);
const char *session_action_to_string(enum session_action session_action);
const char *action_reason_to_string(enum action_reason action_reason);
const char *package_method_to_string(enum package_method package_method);

struct selected_chaining *selected_chaining_create(int chaining_size, uint64_t session_id, char *session_addr);
void selected_chaining_destory(struct selected_chaining *chaining);
void selected_chaining_dump(struct selected_chaining *chaining);
void selected_chaining_bref(struct selected_chaining *chaining);
void selected_chaining_uniq(struct selected_chaining *chaining);

// return  NULL : error
// return !NULL : success
struct policy_enforcer *policy_enforcer_create(const char *instance, const char *profile, int thread_num, void *logger);
void policy_enforcer_destory(struct policy_enforcer *enforcer);

// return  0 : success
// return -1 : error
int policy_enforcer_register(struct policy_enforcer *enforcer);
int policy_enforce_chaining_size(struct policy_enforcer *enforcer);
void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct selected_chainings *chainings, struct session_ctx *s_ctx, struct raw_pkt_parser *parser, int policy_id, int dir_is_i2e);

#ifdef __cpluscplus
}
#endif

#endif
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`#ifndef _POLICY_H`
			`#define _POLICY_H`

			`#ifdef __cpluscplus`
			`extern "C"`
			`{`
			`#endif`

TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00			`#include "utils.h"`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`#include "raw_packet.h"`

			`enum traffic_type`
			`{`
			`TRAFFIC_TYPE_NONE = 0,`
			`TRAFFIC_TYPE_RAW = 1,`
			`TRAFFIC_TYPE_DECRYPTED = 2,`
			`};`

			`enum forward_type`
			`{`
			`FORWARD_TYPE_NONE = 0,`
			`FORWARD_TYPE_STEERING = 1,`
			`FORWARD_TYPE_MIRRORING = 2,`
			`};`

			`enum session_action`
			`{`
			`SESSION_ACTION_BYPASS = 0,`
			`SESSION_ACTION_FORWARD = 1,`
			`SESSION_ACTION_BLOCK = 2,`
			`};`

TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`enum action_reason`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`{`
			`ACTION_BYPASS_DUE_DEFAULT = 0x00,`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`ACTION_BYPASS_DUE_INVALID_POLICY = 0x01,`
			`ACTION_BYPASS_DUE_FAILURE_ACTION = 0x02,`
			`ACTION_BYPASS_DUE_UNAVAILABLE_ACTION = 0x03,`
			`ACTION_BYPASS_DUE_HEALTH_SF_LIMIT = 0x04,`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`ACTION_BLOCK_DUE_FAILURE_ACTION = 0x10,`
			`ACTION_BLOCK_DUE_UNAVAILABLE_ACTION = 0x11,`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`ACTION_FORWAED_DUE_SELECTED_SF = 0x20,`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`};`

			`enum package_method`
			`{`
			`PACKAGE_METHOD_NONE = 0,`
			`PACKAGE_METHOD_LAYER2_SWITCH = 1,`
			`PACKAGE_METHOD_LAYER3_SWITCH = 2,`
			`PACKAGE_METHOD_VXLAN_G = 3,`
			`};`

			`enum health_check_method`
			`{`
			`HEALTH_CHECK_METHOD_NONE = 0,`
			`HEALTH_CHECK_METHOD_IN_BAND_BFD = 1,`
			`HEALTH_CHECK_METHOD_BFD = 2,`
			`HEALTH_CHECK_METHOD_HTTP = 3,`
			`};`

			`struct health_check`
			`{`
			`enum health_check_method method;`

			`char url[128];`
			`char address[64];`
			`int retires;`
			`int interval_ms;`
			`};`

			`struct connectivity`
			`{`
			`enum package_method method;`
			`int int_vlan_tag;`
			`int ext_vlan_tag;`
			`char dest_ip[64];`
			`};`

			`struct selected_sf`
			`{`
TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00			`int policy_id;`
			`enum traffic_type traffic_type;`

TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`int sff_profile_id;`
			`enum forward_type sff_forward_type;`

TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00			`int sf_need_skip;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`int sf_profile_id;`
			`enum session_action sf_action;`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`enum action_reason sf_action_reason;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`struct connectivity sf_connectivity;`
TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00
			`struct throughput_metrics rx;`
			`struct throughput_metrics tx;`
TSG-13842 tsg-service-chaining-engine服务链中的SF需缓存第三方设备的目的IP和目的MAC 2023-02-20 15:30:32 +08:00
			`char sf_dst_ip[16];`
			`char sf_dst_mac[32];`
			`int sf_index;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`};`

			`struct selected_chaining`
			`{`
			`struct selected_sf *chaining;`
			`int chaining_size;`
TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00			`int chaining_used;`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00
			`uint64_t session_id;`
			`char *session_addr;`
			`};`

			`struct selected_chainings`
			`{`
			`struct selected_chaining *chaining_raw;`
			`struct selected_chaining *chaining_decrypted;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`};`

TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`const char *traffic_type_to_string(enum traffic_type traffic_type);`
			`const char *forward_type_to_string(enum forward_type forward_type);`
			`const char *session_action_to_string(enum session_action session_action);`
			`const char *action_reason_to_string(enum action_reason action_reason);`
			`const char *package_method_to_string(enum package_method package_method);`

			`struct selected_chaining selected_chaining_create(int chaining_size, uint64_t session_id, char session_addr);`
			`void selected_chaining_destory(struct selected_chaining *chaining);`
			`void selected_chaining_dump(struct selected_chaining *chaining);`
			`void selected_chaining_bref(struct selected_chaining *chaining);`
			`void selected_chaining_uniq(struct selected_chaining *chaining);`

TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`// return NULL : error`
			`// return !NULL : success`
			`struct policy_enforcer policy_enforcer_create(const char instance, const char profile, int thread_num, void logger);`
			`void policy_enforcer_destory(struct policy_enforcer *enforcer);`

			`// return 0 : success`
			`// return -1 : error`
			`int policy_enforcer_register(struct policy_enforcer *enforcer);`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`int policy_enforce_chaining_size(struct policy_enforcer *enforcer);`
			`void policy_enforce_select_chainings(struct policy_enforcer enforcer, struct selected_chainings chainings, struct session_ctx s_ctx, struct raw_pkt_parser parser, int policy_id, int dir_is_i2e);`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00
			`#ifdef __cpluscplus`
			`}`
			`#endif`

			`#endif`