diff --git a/conf/sce.conf b/conf/sce.conf index ae5da53..70ac842 100644 --- a/conf/sce.conf +++ b/conf/sce.conf @@ -3,6 +3,7 @@ nr_worker_threads=8 enable_cpu_affinity=1 cpu_affinity_mask=2,3,4-9 firewall_sids=1001 +enable_debug=0 # Only when (disable_coredump == 1 || (enable_breakpad == 1 && enable_breakpad_upload == 1)) is satisfied, the core will not be generated locally disable_coredump=0 diff --git a/platform/include/sce.h b/platform/include/sce.h index 436390b..584b579 100644 --- a/platform/include/sce.h +++ b/platform/include/sce.h @@ -74,6 +74,7 @@ void session_ctx_free(struct session_ctx *ctx); struct sce_ctx { + int enable_debug; int firewall_sids; int nr_worker_threads; int enable_cpu_affinity; diff --git a/platform/src/packet_io.cpp b/platform/src/packet_io.cpp index 36e108d..26f22c6 100644 --- a/platform/src/packet_io.cpp +++ b/platform/src/packet_io.cpp @@ -631,6 +631,7 @@ static int handle_control_packet(struct packet_io *handle, marsio_buff_t *rx_buf { struct thread_ctx *thread = (struct thread_ctx *)ctx; struct global_metrics *g_metrics = thread->ref_metrics; + struct sce_ctx *sce_ctx = thread->ref_sce_ctx; struct metadata meta; if (packet_io_get_metadata(rx_buff, &meta) == -1) @@ -657,7 +658,10 @@ static int handle_control_packet(struct packet_io *handle, marsio_buff_t *rx_buf return -1; } - LOG_INFO("%s: recv control packet, session %lu %s", LOG_TAG_PKTIO, ctrl_parser.session_id, session_state_to_string(ctrl_parser.state)); + if (sce_ctx->enable_debug) + { + LOG_INFO("%s: recv control packet, session %lu %s", LOG_TAG_PKTIO, ctrl_parser.session_id, session_state_to_string(ctrl_parser.state)); + } switch (ctrl_parser.state) { @@ -691,6 +695,7 @@ static enum raw_pkt_action handle_raw_packet(struct packet_io *handle, marsio_bu int nsend = 0; struct thread_ctx *thread = (struct thread_ctx *)ctx; struct global_metrics *g_metrics = thread->ref_metrics; + struct sce_ctx *sce_ctx = thread->ref_sce_ctx; int raw_len = marsio_buff_datalen(rx_buff); *action_bytes = 0; @@ -713,9 +718,31 @@ static enum raw_pkt_action handle_raw_packet(struct packet_io *handle, marsio_bu *action_bytes = raw_len; return RAW_PKT_ERR_BYPASS; } + struct session_ctx *s_ctx = (struct session_ctx *)node->val_data; + + if (sce_ctx->enable_debug) + { + struct addr_tuple4 inner_addr; + struct addr_tuple4 reverse_addr; + struct raw_pkt_parser raw_parser; + memset(&inner_addr, 0, sizeof(struct addr_tuple4)); + memset(&reverse_addr, 0, sizeof(struct addr_tuple4)); + raw_packet_parser_init(&raw_parser, 0, LAYER_TYPE_ALL, 8); + raw_packet_parser_parse(&raw_parser, (const void *)meta.raw_data, meta.raw_len); + raw_packet_parser_get_most_inner_tuple4(&raw_parser, &inner_addr); + addr_tuple4_reverse(&inner_addr, &reverse_addr); + if (memcmp(&s_ctx->first_ctrl_pkt.tuple4, &inner_addr, sizeof(struct addr_tuple4)) != 0 && memcmp(&s_ctx->first_ctrl_pkt.tuple4, &reverse_addr, sizeof(struct addr_tuple4)) != 0) + { + char *addr_str = addr_tuple4_to_str(&inner_addr); + LOG_ERROR("%s: unexpected raw packet, session %lu expected address tuple4 to be %s, but now the packet's tuple4 is %s, bypass !!!", LOG_TAG_PKTIO, meta.session_id, s_ctx->first_ctrl_pkt.addr_string, addr_str); + marsio_send_burst(handle->dev_nf_interface.mr_path, thread_seq, &rx_buff, 1); + *action_bytes = raw_len; + free(addr_str); + return RAW_PKT_ERR_BYPASS; + } + } // update sids - struct session_ctx *s_ctx = (struct session_ctx *)node->val_data; if (meta.dir_is_e2i) { sids_write_once(&(s_ctx->raw_pkt_e2i_sids), &(meta.sids)); diff --git a/platform/src/sce.cpp b/platform/src/sce.cpp index 0ca48f2..760c745 100644 --- a/platform/src/sce.cpp +++ b/platform/src/sce.cpp @@ -51,6 +51,7 @@ struct sce_ctx *sce_ctx_create(const char *profile) { struct sce_ctx *ctx = (struct sce_ctx *)calloc(1, sizeof(struct sce_ctx)); + MESA_load_profile_int_def(profile, "system", "enable_debug", (int *)&(ctx->enable_debug), 0); MESA_load_profile_int_def(profile, "system", "firewall_sids", (int *)&(ctx->firewall_sids), 1001); MESA_load_profile_int_def(profile, "system", "nr_worker_threads", (int *)&(ctx->nr_worker_threads), 8); MESA_load_profile_int_def(profile, "system", "enable_cpu_affinity", (int *)&ctx->enable_cpu_affinity, 0);