gfwleak/tango-tsg-service-chaining-engine
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-14568 tsg-service-chaining-engine支持MAAT4

Browse Source
This commit is contained in:
luwenpeng
2023-04-07 14:09:20 +08:00
parent 0f45abedc8
commit 7215e0b545
24 changed files with 193 additions and 141 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
platform/src/packet_io.cpp
View File

@@ -3,7 +3,6 @@
#include <netinet/udp.h>
#include <netinet/ether.h>
#include <marsio.h>
#include <cjson/cJSON.h>
#include <MESA/MESA_prof_load.h>
@@ -11,6 +10,7 @@
#include "sce.h"
#include "utils.h"
#include "g_vxlan.h"
#include "packet_io.h"
#include "sf_metrics.h"
#include "ctrl_packet.h"
#include "global_metrics.h"
@@ -436,7 +436,7 @@ static void action_mirr_forward(marsio_buff_t *rx_buff, struct metadata *meta, s
throughput_metrics_inc(&(g_metrics->device.endpoint_tx), 1, nsend);
throughput_metrics_inc(&(g_metrics->raw_pkt.mirr_tx), 1, raw_len);
throughput_metrics_inc(&sf->tx, 1, nsend);
sf_metrics_inc(thread_ctx->sf_metrics, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend);
sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend);
}
static void action_stee_bypass(marsio_buff_t *rx_buff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx)
@@ -467,7 +467,7 @@ static void action_stee_forward(marsio_buff_t *rx_buff, struct metadata *meta, s
throughput_metrics_inc(&(g_metrics->device.endpoint_tx), 1, nsend);
throughput_metrics_inc(&(g_metrics->raw_pkt.stee_tx), 1, raw_len);
throughput_metrics_inc(&sf->tx, 1, nsend);
sf_metrics_inc(thread_ctx->sf_metrics, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend);
sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend);
}
static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx *session_ctx, struct selected_chaining *chaining, marsio_buff_t *rx_buff, struct metadata *meta, int next_sf_index)
@@ -476,9 +476,9 @@ static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx
for (sf_index = next_sf_index; sf_index < chaining->chaining_used; sf_index++)
{
struct selected_sf *sf = &(chaining->chaining[sf_index]);
LOG_INFO("%s: session: %lu %s execute chaining [%d/%d] policy_id: %d, sff_profile_id: %d, sf_profile_id: %d, sf_need_skip: %d, sf_action_reason: %s, is_e2i: %d, is_decrypted: %d",
LOG_INFO("%s: session: %lu %s execute chaining [%d/%d] rule_id: %lu, sff_profile_id: %d, sf_profile_id: %d, sf_need_skip: %d, sf_action_reason: %s, is_e2i: %d, is_decrypted: %d",
LOG_TAG_POLICY, session_ctx->session_id, session_ctx->session_addr, sf_index, chaining->chaining_used,
sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason),
sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason),
meta->is_e2i_dir, meta->is_decrypted);
if (sf->sf_need_skip)
@@ -607,8 +607,8 @@ static void dump_event_log(struct session_ctx *session_ctx, struct selected_chai
for (int i = 0; i < chaining->chaining_used; i++)
{
struct selected_sf *sf = &(chaining->chaining[i]);
LOG_INFO("%s: session %lu %s %s metrics log: policy %d sff_profile_id %d sf_profile_id %d sf_need_skip %d sf_action_reason %s rx_pkts %lu rx_bytes %lu tx_pkts %lu tx_bytes %lu",
LOG_TAG_METRICS, session_ctx->session_id, session_ctx->session_addr, tag, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason), sf->rx.n_pkts, sf->rx.n_bytes, sf->tx.n_pkts, sf->tx.n_bytes);
LOG_INFO("%s: session %lu %s %s metrics log: rule_id %lu sff_profile_id %d sf_profile_id %d sf_need_skip %d sf_action_reason %s rx_pkts %lu rx_bytes %lu tx_pkts %lu tx_bytes %lu",
LOG_TAG_METRICS, session_ctx->session_id, session_ctx->session_addr, tag, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason), sf->rx.n_pkts, sf->rx.n_bytes, sf->tx.n_pkts, sf->tx.n_bytes);
}
}
@@ -620,21 +620,21 @@ static void session_value_free_cb(void *ctx)
static void handle_policy_mutil_hits(struct policy_enforcer *enforcer, struct session_ctx *session_ctx, struct ctrl_pkt_parser *ctrl_parser, raw_pkt_parser *raw_parser, int is_e2i_dir)
{
for (int i = 0; i < ctrl_parser->policy_id_num; i++)
for (int i = 0; i < ctrl_parser->rule_id_num; i++)
{
int policy_id = ctrl_parser->policy_ids[i];
if (fixed_num_array_exist_elem(&session_ctx->policy_ids, policy_id))
uint64_t rule_id = ctrl_parser->rule_ids[i];
if (fixed_num_array_exist_elem(&session_ctx->rule_ids, rule_id))
{
continue;
}
else
{
policy_enforce_select_chainings(enforcer, &session_ctx->chainings, session_ctx, raw_parser, policy_id, is_e2i_dir);
policy_enforce_select_chainings(enforcer, &session_ctx->chainings, session_ctx, raw_parser, rule_id, is_e2i_dir);
selected_chaining_bref(session_ctx->chainings.chaining_raw);
selected_chaining_bref(session_ctx->chainings.chaining_decrypted);
fixed_num_array_add_elem(&session_ctx->policy_ids, policy_id);
fixed_num_array_add_elem(&session_ctx->rule_ids, rule_id);
}
}
}
@@ -951,7 +951,7 @@ static void handle_inject_packet(marsio_buff_t *rx_buff, struct thread_ctx *thre
struct selected_sf *sf = &(chaining->chaining[sf_index]);
throughput_metrics_inc(&sf->rx, 1, raw_len);
throughput_metrics_inc(&(g_metrics->raw_pkt.stee_rx), 1, meta.raw_len);
sf_metrics_inc(thread_ctx->sf_metrics, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, 1, raw_len, 0, 0);
sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 1, raw_len, 0, 0);
}
marsio_buff_adj(rx_buff, raw_len - meta.raw_len);