gfwleak/tango-tsg-service-chaining-engine
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-13630 tsg-service-chaining-engine使用mrzcpd捕获报文/回注报文

Browse Source 
TSG-13685 tsg-service-chaining-engine使用VXLAN封装Steering/Mirroring的Package
This commit is contained in:
luwenpeng
2023-02-10 14:22:40 +08:00
parent 158e4e89e8
commit 737ca3d4be
23 changed files with 2397 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
platform/src/policy.cpp
View File

@@ -1103,6 +1103,22 @@ static enum session_action select_sf_by_ldbc(uint64_t hash, struct sff_param *sf
return SESSION_ACTION_BYPASS;
}
static void selected_sf_init(struct selected_sf *item)
{
if (item)
{
item->policy_id = -1;
item->traffic_type = TRAFFIC_TYPE_NONE;
item->sff_profile_id = -1;
item->sff_forward_type = FORWARD_TYPE_NONE;
item->sf_need_skip = 0;
item->sf_profile_id = -1;
item->sf_action = SESSION_ACTION_BYPASS;
item->sf_action_reason = ACTION_BYPASS_DUE_DEFAULT;
memset(&item->sf_connectivity, 0, sizeof(struct connectivity));
}
}
/******************************************************************************
* Public API
******************************************************************************/
@@ -1298,21 +1314,15 @@ struct selected_chaining *selected_chaining_create(int chaining_size)
{
struct selected_chaining *chaining = (struct selected_chaining *)calloc(1, sizeof(struct selected_chaining));
assert(chaining);
chaining->policy_id = -1;
chaining->traffic_type = TRAFFIC_TYPE_NONE;
chaining->chaining_index = 0;
chaining->chaining_used = 0;
chaining->chaining_size = chaining_size;
chaining->chaining = (struct selected_sf *)calloc(chaining->chaining_size, sizeof(struct selected_sf));
assert(chaining->chaining);
for (int i = 0; i < chaining->chaining_size; i++)
{
struct selected_sf *elem = &(chaining->chaining[i]);
elem->sff_profile_id = -1;
elem->sff_forward_type = FORWARD_TYPE_NONE;
elem->sf_profile_id = -1;
elem->sf_action = SESSION_ACTION_BYPASS;
elem->sf_action_reason = ACTION_BYPASS_DUE_DEFAULT;
struct selected_sf *item = &(chaining->chaining[i]);
selected_sf_init(item);
}
return chaining;
@@ -1340,18 +1350,20 @@ void selected_chaining_dump(struct selected_chaining *chaining)
return;
}
LOG_DEBUG("%s: selected_chaining->policy_id : %d", LOG_TAG_POLICY, chaining->policy_id);
LOG_DEBUG("%s: selected_chaining->traffic_type : %s", LOG_TAG_POLICY, traffic_type_to_string(chaining->traffic_type));
LOG_DEBUG("%s: selected_chaining->chaining_size : %d", LOG_TAG_POLICY, chaining->chaining_size);
LOG_DEBUG("%s: selected_chaining->chaining_used : %d", LOG_TAG_POLICY, chaining->chaining_used);
for (int i = 0; i < chaining->chaining_size; i++)
for (int i = 0; i < chaining->chaining_used; i++)
{
struct selected_sf *node = &(chaining->chaining[i]);
LOG_DEBUG("%s: selected_chaining->node[%d]->policy_id : %d", LOG_TAG_POLICY, i, node->policy_id);
LOG_DEBUG("%s: selected_chaining->node[%d]->traffic_type : %s", LOG_TAG_POLICY, i, traffic_type_to_string(node->traffic_type));
// sff
LOG_DEBUG("%s: selected_chaining->node[%d]->sff_profile_id : %d", LOG_TAG_POLICY, i, node->sff_profile_id);
LOG_DEBUG("%s: selected_chaining->node[%d]->sff_forward_type : %s", LOG_TAG_POLICY, i, forward_type_to_string(node->sff_forward_type));
// sf
LOG_DEBUG("%s: selected_chaining->node[%d]->sf_profile_id : %d", LOG_TAG_POLICY, i, node->sf_profile_id);
LOG_DEBUG("%s: selected_chaining->node[%d]->sf_need_skip : %d", LOG_TAG_POLICY, i, node->sf_need_skip);
LOG_DEBUG("%s: selected_chaining->node[%d]->sf_action : %s", LOG_TAG_POLICY, i, session_action_to_string(node->sf_action));
LOG_DEBUG("%s: selected_chaining->node[%d]->sf_action_reason : %s", LOG_TAG_POLICY, i, session_action_reason_to_string(node->sf_action_reason));
LOG_DEBUG("%s: selected_chaining->node[%d]->sf_connectivity->package_method : %s", LOG_TAG_POLICY, i, package_method_to_string(node->sf_connectivity.method));
@@ -1371,48 +1383,43 @@ void selected_chaining_bref(struct selected_chaining *chaining)
char buff[4096] = {0};
int buff_used = 0;
int buff_size = sizeof(buff);
buff_used += snprintf(buff + buff_used, buff_size - buff_used, "policy_id:%d, chaining_size:%d, ", chaining->policy_id, chaining->chaining_size);
for (int i = 0; i < chaining->chaining_size; i++)
buff_used += snprintf(buff + buff_used, buff_size - buff_used, "chaining_size:%d, chaining_used:%d, {", chaining->chaining_size, chaining->chaining_used);
for (int i = 0; i < chaining->chaining_used; i++)
{
struct selected_sf *node = &(chaining->chaining[i]);
if (buff_size - buff_used > 0)
{
buff_used += snprintf(buff + buff_used, buff_size - buff_used, "node[%d]={%s:%d:%d} ", i, session_action_reason_to_string(node->sf_action_reason), node->sff_profile_id, node->sf_profile_id);
buff_used += snprintf(buff + buff_used, buff_size - buff_used, "\"node[%d]\":{\"skip\":%d,\"reason\":\"%s\",\"policy_id\":%d,\"sff_profile_id\":%d,\"sf_profile_id\":%d}, ", i, node->sf_need_skip, session_action_reason_to_string(node->sf_action_reason), node->policy_id, node->sff_profile_id, node->sf_profile_id);
}
}
LOG_DEBUG("%s: selected_chaining_bref: %s", LOG_TAG_POLICY, buff);
LOG_DEBUG("%s: selected_chaining_bref: %s}", LOG_TAG_POLICY, buff);
}
// return NULL: NEED BYPASS ALL SFF
// return !NULL:
struct selected_chaining *policy_enforce_select_chaining(struct policy_enforcer *enforcer, struct raw_pkt_parser *parser, int policy_id, int dir_is_internal)
void policy_enforce_select_chaining(struct selected_chaining *chaining, struct policy_enforcer *enforcer, struct raw_pkt_parser *parser, int policy_id, int dir_is_internal)
{
uint64_t hash_value = 0;
char buffer[16] = {0};
struct sf_param *sf_param = NULL;
struct sff_param *sff_param = NULL;
struct fixed_num_array array = {0};
struct selected_chaining *chaining = NULL;
struct chaining_param *chaining_param = NULL;
snprintf(buffer, sizeof(buffer), "%d", policy_id);
chaining_param = (struct chaining_param *)Maat_plugin_get_EX_data(enforcer->maat, enforcer->compile_table_id, buffer);
if (chaining_param == NULL)
{
LOG_ERROR("%s: failed to get chaining parameter of policy %d, bypass !!!", LOG_TAG_POLICY, policy_id);
// BYPASS ALL SFF
return NULL;
LOG_ERROR("%s: failed to get chaining parameter of policy %d", LOG_TAG_POLICY, policy_id);
return;
}
LOG_DEBUG("%s: enforce chaining policy %d", LOG_TAG_POLICY, policy_id);
chaining = selected_chaining_create(chaining_param->sff_profile_ids_num);
assert(chaining);
chaining->policy_id = policy_id;
chaining->traffic_type = chaining_param->traffic_type;
for (int i = 0; i < chaining_param->sff_profile_ids_num; i++)
for (int i = 0; i < chaining_param->sff_profile_ids_num && chaining->chaining_used < chaining->chaining_size; i++)
{
struct selected_sf *item = &(chaining->chaining[chaining->chaining_index]);
struct selected_sf *item = &(chaining->chaining[chaining->chaining_used]);
selected_sf_init(item);
item->policy_id = policy_id;
item->traffic_type = chaining_param->traffic_type;
item->sff_profile_id = chaining_param->sff_profile_ids[i];
memset(buffer, 0, sizeof(buffer));
@@ -1423,7 +1430,7 @@ struct selected_chaining *policy_enforce_select_chaining(struct policy_enforcer
LOG_ERROR("%s: failed to get sff parameter of profile %d, bypass current sff !!!", LOG_TAG_POLICY, item->sff_profile_id);
item->sf_action = SESSION_ACTION_BYPASS;
item->sf_action_reason = ACTION_BYPASS_DUE_INVALID_POLICY;
chaining->chaining_index++;
chaining->chaining_used++;
continue;
}
item->sff_forward_type = sff_param->sff_forward_type;
@@ -1436,7 +1443,7 @@ struct selected_chaining *policy_enforce_select_chaining(struct policy_enforcer
LOG_DEBUG("%s: chaining policy %d -> sff_profile %d, no sf available after filtering by 'nearby & active', bypass current sff !!!", LOG_TAG_POLICY, policy_id, item->sff_profile_id);
item->sf_action = SESSION_ACTION_BYPASS;
item->sf_action_reason = ACTION_BYPASS_DUE_NO_AVAILABLE_SF;
chaining->chaining_index++;
chaining->chaining_used++;
sff_param_free(sff_param);
continue;
}
@@ -1445,7 +1452,7 @@ struct selected_chaining *policy_enforce_select_chaining(struct policy_enforcer
item->sf_action = select_sf_by_ldbc(hash_value, sff_param, &array, &(item->sf_profile_id), &(item->sf_action_reason));
if (item->sf_action != SESSION_ACTION_FORWARD)
{
chaining->chaining_index++;
chaining->chaining_used++;
sff_param_free(sff_param);
continue;
}
@@ -1458,7 +1465,7 @@ struct selected_chaining *policy_enforce_select_chaining(struct policy_enforcer
LOG_ERROR("%s: failed to get sf parameter of selected profile %d, bypass current sff !!!", LOG_TAG_POLICY, item->sf_profile_id);
item->sf_action = SESSION_ACTION_BYPASS;
item->sf_action_reason = ACTION_BYPASS_DUE_INVALID_POLICY;
chaining->chaining_index++;
chaining->chaining_used++;
sff_param_free(sff_param);
continue;
}
@@ -1467,13 +1474,27 @@ struct selected_chaining *policy_enforce_select_chaining(struct policy_enforcer
item->sf_connectivity.int_vlan_tag = sf_param->sf_connectivity.int_vlan_tag;
item->sf_connectivity.ext_vlan_tag = sf_param->sf_connectivity.ext_vlan_tag;
memcpy(item->sf_connectivity.dest_ip, sf_param->sf_connectivity.dest_ip, strlen(sf_param->sf_connectivity.dest_ip));
chaining->chaining_index++;
chaining->chaining_used++;
sf_param_free(sf_param);
sff_param_free(sff_param);
}
chaining_param_free(chaining_param);
// Selected Service Chaining Before Unique : [1,2,3,1,2]
// Selected Service Chaining After Unique : [1,2,3]
for (int i = 0; i < chaining->chaining_used; i++)
{
struct selected_sf *node_i = &(chaining->chaining[i]);
for (int j = 0; j < i; j++)
{
struct selected_sf *node_j = &(chaining->chaining[j]);
if (node_i->sf_profile_id == node_j->sf_profile_id)
{
node_i->sf_need_skip = 1;
break;
}
}
}
return chaining;
chaining_param_free(chaining_param);
}