TSG-22348 feature: adapt maat support UUID
This commit is contained in:
luwenpeng
@@ -668,9 +668,9 @@ static inline void action_mirr_forward(struct session_ctx *session_ctx, marsio_b
|
||||
THROUGHPUT_METRICS_INC(&(thread_metrics->mirr_tx), 1, meta->raw_len);
|
||||
THROUGHPUT_METRICS_INC(&sf->tx, 1, nsend);
|
||||
struct sf_metrics_key key = {0};
|
||||
key.rule_id = sf->rule_id;
|
||||
key.sff_profile_id = sf->sff_profile_id;
|
||||
key.sf_profile_id = sf->sf_profile_id;
|
||||
uuid_copy(key.rule_uuid, sf->rule_uuid);
|
||||
uuid_copy(key.sff_uuid, sf->sff_uuid);
|
||||
uuid_copy(key.sf_uuid, sf->sf_uuid);
|
||||
key.vsys_id = sf->rule_vsys_id;
|
||||
sf_metrics_input(sf_metrics, thread_index, &key, 0, 0, 1, nsend);
|
||||
}
|
||||
@@ -703,23 +703,30 @@ static inline void action_stee_forward(struct session_ctx *session_ctx, marsio_b
|
||||
THROUGHPUT_METRICS_INC(&(thread_metrics->stee_tx), 1, meta->raw_len);
|
||||
THROUGHPUT_METRICS_INC(&sf->tx, 1, nsend);
|
||||
struct sf_metrics_key key = {0};
|
||||
key.rule_id = sf->rule_id;
|
||||
key.sff_profile_id = sf->sff_profile_id;
|
||||
key.sf_profile_id = sf->sf_profile_id;
|
||||
uuid_copy(key.rule_uuid, sf->rule_uuid);
|
||||
uuid_copy(key.sff_uuid, sf->sff_uuid);
|
||||
uuid_copy(key.sf_uuid, sf->sf_uuid);
|
||||
key.vsys_id = sf->rule_vsys_id;
|
||||
sf_metrics_input(sf_metrics, thread_index, &key, 0, 0, 1, nsend);
|
||||
}
|
||||
|
||||
static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx *session_ctx, struct selected_chaining *chaining, marsio_buff_t *rx_buff, struct metadata *meta, int next_sf_index)
|
||||
{
|
||||
char rule_uuid_str[UUID_STRING_SIZE];
|
||||
char sff_uuid_str[UUID_STRING_SIZE];
|
||||
char sf_uuid_str[UUID_STRING_SIZE];
|
||||
|
||||
int sf_index;
|
||||
for (sf_index = next_sf_index; sf_index < chaining->chaining_used; sf_index++)
|
||||
{
|
||||
struct selected_sf *sf = &(chaining->chaining[sf_index]);
|
||||
LOG_DEBUG("%s: session: %lu %s execute chaining [%d/%d]: policy %lu->%d->%d, action %s->%s->%s->%s",
|
||||
uuid_unparse(sf->rule_uuid, rule_uuid_str);
|
||||
uuid_unparse(sf->sff_uuid, sff_uuid_str);
|
||||
uuid_unparse(sf->sf_uuid, sf_uuid_str);
|
||||
LOG_DEBUG("%s: session: %lu %s execute chaining [%d/%d]: policy %s->%s->%s, action %s->%s->%s->%s",
|
||||
LOG_TAG_POLICY, session_ctx->session_id, session_ctx->session_addr,
|
||||
sf_index, chaining->chaining_used,
|
||||
sf->rule_id, sf->sff_profile_id, sf->sf_profile_id,
|
||||
rule_uuid_str, sff_uuid_str, sf_uuid_str,
|
||||
(meta->is_decrypted ? "decrypted" : "raw"), (meta->direction ? "E2I" : "I2E"), forward_type_tostring(sf->sff_forward_type), action_desc_tostring(sf->sf_action_desc));
|
||||
|
||||
PACKET_TRACE_ON_CHAIN(thread_ctx->ref_io->instance, rx_buff, sf, meta);
|
||||
@@ -786,10 +793,11 @@ static int send_ctrl_packet(struct session_ctx *session_ctx, struct thread_ctx *
|
||||
{
|
||||
struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx;
|
||||
struct packet_io *packet_io = thread_ctx->ref_io;
|
||||
struct mutable_array *rule_ids = &session_ctx->rule_ids;
|
||||
struct uuid_array *rule_uuid_array = &session_ctx->rule_uuid_array;
|
||||
struct selected_chaining *chaining_raw = session_ctx->chaining_raw;
|
||||
struct selected_chaining *chaining_decrypted = session_ctx->chaining_decrypted;
|
||||
int thread_index = thread_ctx->thread_index;
|
||||
int num = uuid_array_get_count(rule_uuid_array);
|
||||
|
||||
char *data;
|
||||
size_t size;
|
||||
@@ -828,9 +836,9 @@ static int send_ctrl_packet(struct session_ctx *session_ctx, struct thread_ctx *
|
||||
{
|
||||
mpack_write_cstr(&writer, "sc_rule_list");
|
||||
mpack_build_array(&writer); // sc_rule_list begin
|
||||
for (int i = 0; i < rule_ids->num; i++)
|
||||
for (int i = 0; i < num; i++)
|
||||
{
|
||||
mpack_write_u64(&writer, mutable_array_index_elem(rule_ids, i));
|
||||
mpack_write_bin(&writer, (const char *)uuid_array_get_at(rule_uuid_array, i), sizeof(uuid_t));
|
||||
}
|
||||
mpack_complete_array(&writer); // sc_rule_list end
|
||||
}
|
||||
@@ -843,7 +851,7 @@ static int send_ctrl_packet(struct session_ctx *session_ctx, struct thread_ctx *
|
||||
struct selected_sf *sf = &(chaining_raw->chaining[i]);
|
||||
if (sf->sf_action == SESSION_ACTION_FORWARD)
|
||||
{
|
||||
mpack_write_u64(&writer, sf->sf_profile_id);
|
||||
mpack_write_bin(&writer, (const char *)&sf->sf_uuid, sizeof(uuid_t));
|
||||
}
|
||||
if (sf->sf_action == SESSION_ACTION_BLOCK && sf->sff_forward_type == FORWARD_TYPE_STEERING)
|
||||
{
|
||||
@@ -861,7 +869,7 @@ static int send_ctrl_packet(struct session_ctx *session_ctx, struct thread_ctx *
|
||||
struct selected_sf *sf = &(chaining_decrypted->chaining[i]);
|
||||
if (sf->sf_action == SESSION_ACTION_FORWARD)
|
||||
{
|
||||
mpack_write_u64(&writer, sf->sf_profile_id);
|
||||
mpack_write_bin(&writer, (const char *)&sf->sf_uuid, sizeof(uuid_t));
|
||||
}
|
||||
if (sf->sf_action == SESSION_ACTION_BLOCK && sf->sff_forward_type == FORWARD_TYPE_STEERING)
|
||||
{
|
||||
@@ -942,12 +950,19 @@ static void dump_sf_metrics(struct session_ctx *session_ctx, struct selected_cha
|
||||
return;
|
||||
}
|
||||
|
||||
char rule_uuid_str[UUID_STRING_SIZE];
|
||||
char sff_uuid_str[UUID_STRING_SIZE];
|
||||
char sf_uuid_str[UUID_STRING_SIZE];
|
||||
|
||||
for (int i = 0; i < chaining->chaining_used; i++)
|
||||
{
|
||||
struct selected_sf *sf = &(chaining->chaining[i]);
|
||||
LOG_INFO("%s: session %lu %s metrics: policy %lu->%d->%d action %s->%s->%s rx_pkts %lu rx_bytes %lu tx_pkts %lu tx_bytes %lu",
|
||||
uuid_unparse(sf->rule_uuid, rule_uuid_str);
|
||||
uuid_unparse(sf->sff_uuid, sff_uuid_str);
|
||||
uuid_unparse(sf->sf_uuid, sf_uuid_str);
|
||||
LOG_INFO("%s: session %lu %s metrics: policy %s->%s->%s action %s->%s->%s rx_pkts %lu rx_bytes %lu tx_pkts %lu tx_bytes %lu",
|
||||
LOG_TAG_SFMETRICS, session_ctx->session_id, session_ctx->session_addr,
|
||||
sf->rule_id, sf->sff_profile_id, sf->sf_profile_id,
|
||||
rule_uuid_str, sff_uuid_str, sf_uuid_str,
|
||||
traffic_type_tostring(sf->traffic_type), forward_type_tostring(sf->sff_forward_type), action_desc_tostring(sf->sf_action_desc),
|
||||
sf->rx.n_pkts, sf->rx.n_bytes, sf->tx.n_pkts, sf->tx.n_bytes);
|
||||
}
|
||||
@@ -964,24 +979,23 @@ static void handle_policy_mutil_hits(struct session_ctx *session_ctx, struct con
|
||||
struct policy_enforcer *enforcer = thread_ctx->ref_enforcer;
|
||||
struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx;
|
||||
|
||||
for (int i = 0; i < ctrl_pkt->rule_id_num; i++)
|
||||
int num = uuid_array_get_count(&ctrl_pkt->rule_uuid_array);
|
||||
for (int i = 0; i < num; i++)
|
||||
{
|
||||
uint64_t rule_id = ctrl_pkt->rule_ids[i];
|
||||
if (mutable_array_exist_elem(&session_ctx->rule_ids, rule_id))
|
||||
uuid_t *rule_uuid_ptr = uuid_array_get_at(&ctrl_pkt->rule_uuid_array, i);
|
||||
if (uuid_array_contains(&session_ctx->rule_uuid_array, *rule_uuid_ptr))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
else
|
||||
{
|
||||
policy_enforce_select_chainings(enforcer, session_ctx, data_pkt, rule_id, direction);
|
||||
policy_enforce_select_chainings(enforcer, session_ctx, data_pkt, rule_uuid_ptr, direction);
|
||||
|
||||
if (sce_ctx->enable_debug)
|
||||
{
|
||||
selected_chaining_bref(session_ctx->chaining_raw);
|
||||
selected_chaining_bref(session_ctx->chaining_decrypted);
|
||||
}
|
||||
|
||||
mutable_array_add_elem(&session_ctx->rule_ids, rule_id);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1213,8 +1227,8 @@ static void handle_data_packet(marsio_buff_t *rx_buff, struct thread_ctx *thread
|
||||
{
|
||||
THROUGHPUT_METRICS_INC(&(thread_metrics->raw_rx), 1, meta.raw_len);
|
||||
}
|
||||
PACKET_TRACE_ON_POLICY(thread_ctx->ref_io->instance, rx_buff, &session_ctx->rule_ids, chaining);
|
||||
PACKET_TELEMETRY_ON_POLICY(thread_ctx->ref_io->instance, rx_buff, &session_ctx->rule_ids, chaining);
|
||||
PACKET_TRACE_ON_POLICY(thread_ctx->ref_io->instance, rx_buff, &session_ctx->rule_uuid_array, chaining);
|
||||
PACKET_TELEMETRY_ON_POLICY(thread_ctx->ref_io->instance, rx_buff, &session_ctx->rule_uuid_array, chaining);
|
||||
action_sf_chaining(thread_ctx, session_ctx, chaining, rx_buff, &meta, 0);
|
||||
return;
|
||||
|
||||
@@ -1243,6 +1257,7 @@ static void handle_inject_vxlan_packet(marsio_buff_t *rx_buff, struct thread_ctx
|
||||
struct vxlan_hdr *vxlan_hdr = NULL;
|
||||
struct session_ctx *session_ctx = NULL;
|
||||
struct selected_chaining *chaining = NULL;
|
||||
char sf_uuid_str[UUID_STRING_SIZE];
|
||||
memset(&meta, 0, sizeof(struct metadata));
|
||||
|
||||
int sf_index = 0;
|
||||
@@ -1300,8 +1315,9 @@ static void handle_inject_vxlan_packet(marsio_buff_t *rx_buff, struct thread_ctx
|
||||
|
||||
if (chaining->chaining[sf_index].sff_forward_type == FORWARD_TYPE_MIRRORING)
|
||||
{
|
||||
LOG_DEBUG("%s: unexpected inject packet, session %lu %s with sf_profile_id %d executes mirror and does not require reflow, drop !!!",
|
||||
LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr, chaining->chaining[sf_index].sf_profile_id);
|
||||
uuid_unparse(chaining->chaining[sf_index].sf_uuid, sf_uuid_str);
|
||||
LOG_DEBUG("%s: unexpected inject packet, session %lu %s with sf_uuid %s executes mirror and does not require reflow, drop !!!",
|
||||
LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr, sf_uuid_str);
|
||||
THROUGHPUT_METRICS_INC(&(thread_metrics->mirr_rx_drop), 1, meta.raw_len);
|
||||
goto error_block;
|
||||
}
|
||||
@@ -1311,9 +1327,9 @@ static void handle_inject_vxlan_packet(marsio_buff_t *rx_buff, struct thread_ctx
|
||||
THROUGHPUT_METRICS_INC(&sf->rx, 1, raw_len);
|
||||
THROUGHPUT_METRICS_INC(&(thread_metrics->stee_rx), 1, meta.raw_len);
|
||||
struct sf_metrics_key key = {0};
|
||||
key.rule_id = sf->rule_id;
|
||||
key.sff_profile_id = sf->sff_profile_id;
|
||||
key.sf_profile_id = sf->sf_profile_id;
|
||||
uuid_copy(key.rule_uuid, sf->rule_uuid);
|
||||
uuid_copy(key.sff_uuid, sf->sff_uuid);
|
||||
uuid_copy(key.sf_uuid, sf->sf_uuid);
|
||||
key.vsys_id = sf->rule_vsys_id;
|
||||
sf_metrics_input(sf_metrics, thread_index, &key, 1, raw_len, 0, 0);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user