tango-tsg-service-chaining-…/platform/include/policy.h

#ifndef _POLICY_H
#define _POLICY_H

#ifdef __cpluscplus
extern "C"
{
#endif

#include "utils.h"
#include "packet.h"
#include <linux/if_ether.h>

enum traffic_type
{
	TRAFFIC_TYPE_NONE = 0,
	TRAFFIC_TYPE_RAW = 1,
	TRAFFIC_TYPE_DECRYPTED = 2,
};

enum forward_type
{
	FORWARD_TYPE_NONE = 0,
	FORWARD_TYPE_STEERING = 1,
	FORWARD_TYPE_MIRRORING = 2,
};

enum session_action
{
	SESSION_ACTION_BYPASS = 0,
	SESSION_ACTION_FORWARD = 1,
	SESSION_ACTION_BLOCK = 2,
};

enum action_desc
{
	ACTION_BYPASS_DUE_DEFAULT = 0x00,
	ACTION_BYPASS_DUE_INVALID_POLICY = 0x01,
	ACTION_BYPASS_DUE_FAILURE_ACTION = 0x02,
	ACTION_BYPASS_DUE_UNAVAILABLE_ACTION = 0x03,
	ACTION_BYPASS_DUE_HEALTH_SF_LIMIT = 0x04,

	ACTION_BLOCK_DUE_FAILURE_ACTION = 0x10,
	ACTION_BLOCK_DUE_UNAVAILABLE_ACTION = 0x11,

	ACTION_FORWAED_DUE_SELECTED_SF = 0x20,
};

enum encapsulate_method
{
	ENCAPSULATE_METHOD_NONE = 0,
	ENCAPSULATE_METHOD_LAYER2_SWITCH = 1,
	ENCAPSULATE_METHOD_LAYER3_SWITCH = 2,
	ENCAPSULATE_METHOD_VXLAN_G = 3,
};

enum health_check_method
{
	HEALTH_CHECK_METHOD_NONE = 0,
	HEALTH_CHECK_METHOD_IN_BAND_BFD = 1,
	HEALTH_CHECK_METHOD_BFD = 2,
	HEALTH_CHECK_METHOD_HTTP = 3,
};

struct health_check
{
	enum health_check_method method;

	char url[128];
	char address[64];
	int retires;
	int interval_ms;
};

struct connectivity
{
	enum encapsulate_method method;
	int int_vlan_tag;
	int ext_vlan_tag;
	char dest_ip[64];
};

struct selected_sf
{
	uint64_t rule_id;
	int rule_vsys_id;
	enum traffic_type traffic_type;

	int sff_profile_id;
	enum forward_type sff_forward_type;

	int sf_vsys_id;
	int sf_profile_id;
	enum session_action sf_action;
	enum action_desc sf_action_desc;
	struct connectivity sf_connectivity;

	struct throughput_metrics rx;
	struct throughput_metrics tx;

	in_addr_t sf_dst_ip;
	u_char sf_dst_mac[ETH_ALEN];
	int sf_index;
};

struct selected_chaining
{
	struct selected_sf *chaining;
	int chaining_size;
	int chaining_used;

	uint64_t session_id;
	char *session_addr;
};

const char *traffic_type_tostring(enum traffic_type traffic_type);
const char *forward_type_tostring(enum forward_type forward_type);
const char *action_desc_tostring(enum action_desc action_desc);
const char *encapsulate_method_tostring(enum encapsulate_method encap_method);

struct selected_chaining *selected_chaining_create(int chaining_size, uint64_t session_id, char *session_addr);
void selected_chaining_destory(struct selected_chaining *chaining);
void selected_chaining_dump(struct selected_chaining *chaining);
void selected_chaining_bref(struct selected_chaining *chaining);
void selected_chaining_uniq(struct selected_chaining *chaining);

// return  NULL : error
// return !NULL : success
struct policy_enforcer *policy_enforcer_create(const char *instance, const char *profile, int thread_num);
void policy_enforcer_destory(struct policy_enforcer *enforcer);

// return  0 : success
// return -1 : error
int policy_enforcer_register(struct policy_enforcer *enforcer);
int policy_enforce_chaining_size(struct policy_enforcer *enforcer);
// direction 1: E2I
// direction 0: I2E
void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct session_ctx *s_ctx, struct packet *data_pkt, uint64_t rule_id, int direction);

#ifdef __cpluscplus
}
#endif

#endif
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`#ifndef _POLICY_H`
			`#define _POLICY_H`

			`#ifdef __cpluscplus`
			`extern "C"`
			`{`
			`#endif`

TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00			`#include "utils.h"`
重构Packet Parser 2023-11-13 16:56:31 +08:00			`#include "packet.h"`
perf: Reduce str_to_mac() and inet_addr() calls 2023-10-12 11:59:42 +08:00			`#include <linux/if_ether.h>`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00
			`enum traffic_type`
			`{`
			`TRAFFIC_TYPE_NONE = 0,`
			`TRAFFIC_TYPE_RAW = 1,`
			`TRAFFIC_TYPE_DECRYPTED = 2,`
			`};`

			`enum forward_type`
			`{`
			`FORWARD_TYPE_NONE = 0,`
			`FORWARD_TYPE_STEERING = 1,`
			`FORWARD_TYPE_MIRRORING = 2,`
			`};`

			`enum session_action`
			`{`
			`SESSION_ACTION_BYPASS = 0,`
			`SESSION_ACTION_FORWARD = 1,`
			`SESSION_ACTION_BLOCK = 2,`
			`};`

perf: 优化策略扫描 2023-11-03 10:02:50 +08:00			`enum action_desc`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`{`
			`ACTION_BYPASS_DUE_DEFAULT = 0x00,`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`ACTION_BYPASS_DUE_INVALID_POLICY = 0x01,`
			`ACTION_BYPASS_DUE_FAILURE_ACTION = 0x02,`
			`ACTION_BYPASS_DUE_UNAVAILABLE_ACTION = 0x03,`
			`ACTION_BYPASS_DUE_HEALTH_SF_LIMIT = 0x04,`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`ACTION_BLOCK_DUE_FAILURE_ACTION = 0x10,`
			`ACTION_BLOCK_DUE_UNAVAILABLE_ACTION = 0x11,`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`ACTION_FORWAED_DUE_SELECTED_SF = 0x20,`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`};`

TSG-13684 tsg-service-chaining-engine使用VLAN封装Packet并执行Traffic Mirroring 2023-10-18 10:08:10 +08:00			`enum encapsulate_method`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`{`
TSG-13684 tsg-service-chaining-engine使用VLAN封装Packet并执行Traffic Mirroring 2023-10-18 10:08:10 +08:00			`ENCAPSULATE_METHOD_NONE = 0,`
			`ENCAPSULATE_METHOD_LAYER2_SWITCH = 1,`
			`ENCAPSULATE_METHOD_LAYER3_SWITCH = 2,`
			`ENCAPSULATE_METHOD_VXLAN_G = 3,`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`};`

			`enum health_check_method`
			`{`
			`HEALTH_CHECK_METHOD_NONE = 0,`
			`HEALTH_CHECK_METHOD_IN_BAND_BFD = 1,`
			`HEALTH_CHECK_METHOD_BFD = 2,`
			`HEALTH_CHECK_METHOD_HTTP = 3,`
			`};`

			`struct health_check`
			`{`
			`enum health_check_method method;`

			`char url[128];`
			`char address[64];`
			`int retires;`
			`int interval_ms;`
			`};`

			`struct connectivity`
			`{`
TSG-13684 tsg-service-chaining-engine使用VLAN封装Packet并执行Traffic Mirroring 2023-10-18 10:08:10 +08:00			`enum encapsulate_method method;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`int int_vlan_tag;`
			`int ext_vlan_tag;`
			`char dest_ip[64];`
			`};`

			`struct selected_sf`
			`{`
TSG-14568 tsg-service-chaining-engine支持MAAT4 2023-04-07 14:09:20 +08:00			`uint64_t rule_id;`
TSG-14908 tsg-service-chaining-engine的service_chaining_rule_hits metrics适配vsys_id的变更 2023-04-26 14:35:52 +08:00			`int rule_vsys_id;`
TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00			`enum traffic_type traffic_type;`

TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`int sff_profile_id;`
			`enum forward_type sff_forward_type;`

TSG-14909 tsg-service-chaining-engine的service_function_status metrics适配vsys_id的变更 2023-04-26 15:04:04 +08:00			`int sf_vsys_id;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`int sf_profile_id;`
			`enum session_action sf_action;`
perf: 优化策略扫描 2023-11-03 10:02:50 +08:00			`enum action_desc sf_action_desc;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`struct connectivity sf_connectivity;`
TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00
			`struct throughput_metrics rx;`
			`struct throughput_metrics tx;`
TSG-13842 tsg-service-chaining-engine服务链中的SF需缓存第三方设备的目的IP和目的MAC 2023-02-20 15:30:32 +08:00
perf: Reduce str_to_mac() and inet_addr() calls 2023-10-12 11:59:42 +08:00			`in_addr_t sf_dst_ip;`
			`u_char sf_dst_mac[ETH_ALEN];`
TSG-13842 tsg-service-chaining-engine服务链中的SF需缓存第三方设备的目的IP和目的MAC 2023-02-20 15:30:32 +08:00			`int sf_index;`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`};`

			`struct selected_chaining`
			`{`
			`struct selected_sf *chaining;`
			`int chaining_size;`
TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文 TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package 2023-02-10 14:22:40 +08:00			`int chaining_used;`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00
			`uint64_t session_id;`
			`char *session_addr;`
			`};`

perf: 删除无效代码；修改变量命名；减少内存分配 2023-11-23 16:52:06 +08:00			`const char *traffic_type_tostring(enum traffic_type traffic_type);`
			`const char *forward_type_tostring(enum forward_type forward_type);`
			`const char *action_desc_tostring(enum action_desc action_desc);`
			`const char *encapsulate_method_tostring(enum encapsulate_method encap_method);`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00
			`struct selected_chaining selected_chaining_create(int chaining_size, uint64_t session_id, char session_addr);`
			`void selected_chaining_destory(struct selected_chaining *chaining);`
			`void selected_chaining_dump(struct selected_chaining *chaining);`
			`void selected_chaining_bref(struct selected_chaining *chaining);`
			`void selected_chaining_uniq(struct selected_chaining *chaining);`

TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`// return NULL : error`
			`// return !NULL : success`
perf: 删除无效代码；修改变量命名；减少内存分配 2023-11-23 16:52:06 +08:00			`struct policy_enforcer policy_enforcer_create(const char instance, const char *profile, int thread_num);`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00			`void policy_enforcer_destory(struct policy_enforcer *enforcer);`

			`// return 0 : success`
			`// return -1 : error`
			`int policy_enforcer_register(struct policy_enforcer *enforcer);`
TSG-13837 支持decrypted traffic steering/mirroring，并重构packet_io 2023-03-14 16:10:44 +08:00			`int policy_enforce_chaining_size(struct policy_enforcer *enforcer);`
perf: 删除无效代码；修改变量命名；减少内存分配 2023-11-23 16:52:06 +08:00			`// direction 1: E2I`
			`// direction 0: I2E`
			`void policy_enforce_select_chainings(struct policy_enforcer enforcer, struct session_ctx s_ctx, struct packet *data_pkt, uint64_t rule_id, int direction);`
TSG-13500 tsg-service-chaining-engine扫描策略 2023-02-06 10:34:23 +08:00
			`#ifdef __cpluscplus`
			`}`
			`#endif`

			`#endif`