summaryrefslogtreecommitdiff
path: root/inc
diff options
context:
space:
mode:
authorlijia <[email protected]>2018-10-24 09:36:45 +0800
committerlijia <[email protected]>2018-10-24 09:36:45 +0800
commit86a43b4d325ddc850fa9dc4711670880f35b11e8 (patch)
tree8356a056ac9bfb8cf14fcf57f113dd306b4277d1 /inc
create new project.
Diffstat (limited to 'inc')
-rw-r--r--inc/flowood.h491
-rw-r--r--inc/flowood_fun.h92
-rw-r--r--inc/flwd_net.h389
-rw-r--r--inc/ltsm.h117
4 files changed, 1089 insertions, 0 deletions
diff --git a/inc/flowood.h b/inc/flowood.h
new file mode 100644
index 0000000..74f77c4
--- /dev/null
+++ b/inc/flowood.h
@@ -0,0 +1,491 @@
+#ifndef _FLOWOOD_H_
+#define _FLOWOOD_H_ 1
+#include <stdio.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <netinet/ip6.h>
+#include "MESA_htable.h"
+#include "MESA_list_queue.h"
+#include "MESA_atomic.h"
+#include "MESA_handle_logger.h"
+#include "MESA_prof_load.h"
+#include "MESA_list_count.h"
+#include "MESA_list.h"
+#include "stream.h"
+
+
+#define FLWD_RUN_AS_SAPP_PLUG (1) /* ת��������sapp�IJ����ʽ���� */
+#define FLWD_NO_ACTIVE_IP_DISCOVER (0) /* û�л�ԾIP������ϵͳ������, �ֹ�ָ��һЩ����ip, �Բ��� */
+#define FLWD_NO_GDEV_ENV (0) /* û��GDEV�Ļ�����, ת������ģ��·��ģʽ, ��͸��ת����, ��ʵ��Ҫ���ڲ��Խ������ع��� */
+#define FLWD_NO_ACTIVE_ARP_QUERY (0) /* û������ARP��ѯ�������, ����Э��ջģ��, ��raw_socket, marsioԭʼ�ӿ�, Ҫ�ֶ�ָ��MAC��ַ */
+#define FLWD_NO_MAAT (0)
+#define FLWD_SUPPORT_DNAT (0) /* DNAT�Ȳ�ʵ��! */
+#define FLWD_ASYNC_LOCK_FREE (0) /* �첽����ģʽ���̸߳��� */
+#define FLWD_IP_REGION_BY_LIB (0) /* 1:IP�ĵ���λ����Ϣ��������IP��ַ���ѯ�õ�; 0:IP����λ����Ϣ�����ֹ����úͶ�̬����ϵͳ, ����˵ɶ����ɶ */
+#define FLWD_USE_LTSM_FOR_QUICK_CLOSE (0) /* ʹ��LTSM������ǿ���ʱ��̭, �Ծ������TCP����, �Ի��տ��ö˿� */
+
+#define FLWD_NAT_SPORT_VOLATILE (0) /* access����NAT�ڲ�ʱ, ����Դ�˿ڻ�仯, ����access����Դ�˿�Ҳ����, ��ʱ��ҪforwardҲ��¼�յ���ʱ��Դ�˿�, ������޷����� */
+
+#define FLWD_RUN_IN_CEIEC_TEST (1) /* ��ceiec���Ի�����ʱд���IJ��� */
+
+#define FLWD_USE_SPORT_HASH_AS_MARK (1) /* ʹ��Դ�˿ڵ�ijЩbitλ, ���ڱ�ʶacc-gateway, hashֵ, fwd-gateway����ȷ���ش�����̨acc-gateway */
+/*
+ ������ʹ��������ʱ��bit�ֲ�λ:
+ |15|14|13|12|11|10|9|8|7|6|5|4|3|2|1|0|
+ |accid| hash | sport |
+
+ ���2bit ��������id;
+ �м�6bit HASHֵ;
+ ���8bit �����Ŀ��ö˿�;
+*/
+#if FLWD_USE_SPORT_HASH_AS_MARK
+#define FLWD_SPORT_ACC_ID_MASK (0xC000) /* ������, acc-gateway ID, ���λ����bit, ͬһ�ֵ�֧��4̨acc-gateway�豸 */
+#define FLWD_SPORT_ACC_ID_SHIFT_NUM (14) /* MASK�ƶ�14λ, ���������, ��ǰ�ֵ�ID */
+
+#define FLWD_UDP_SPORT_HASH_MASK (0x3F00) /* ������, hashֵ,���ڸ���ʵ��������, 6bit, ��Ԫ���ͻʶ��׼ȷ��: 98.4%, ���Ǹ��ÿͻ��˺���ʵ�ͻ���ͬʱ����һ����������ʶ���� */
+#define FLWD_UDP_SPORT_ACTUAL_PORT_MASK (0x00FF) /* ������, ��ʵ���ö˿ڵ�ֵ, 8bit. ��ʵҲ��������10bit, �ټ���acc-gateway id */
+#define FLWD_TCP_SPORT_ACTUAL_PORT_MASK (FLWD_UDP_SPORT_ACTUAL_PORT_MASK) /* TODO, �Ժ����, TCP�ɲ�ʹ�ö˿�HASH��Ϊ����, ��ISN���±�������,���ӿ��ö˿ڷ�Χ */
+#else
+
+#endif
+
+
+#define FLWD_LINK_MTU (2048)
+#define FLWD_MAX_THREAD_NUM (64)
+#define FLWD_REGION_STR_LEN_MAX (32) /* ��������ֵ */
+#define FLWD_NETWORK_NxM_MAX (16) /* GDEV��ת������֮�� NxM �������豸���ֵ */
+
+#define TRAFFIC_STAT_STR_LEN (32)
+
+#define FLWD_CONFIG_FILE "./conf/ip_reuse/flowood.conf"
+
+#define FLWD_MACRO_TO_STRING(x) (#x)
+
+
+/* �����֧ѡ���Ż�, ��������еķ�֧�ж�, ʹ��flwd_likely()���� */
+#ifndef flwd_likely
+#define flwd_likely(x) __builtin_expect(!!(x), 1)
+#endif
+
+#ifndef flwd_unlikely
+#define flwd_unlikely(x) __builtin_expect(!!(x), 0)
+#endif
+
+typedef enum{
+ FLWD_DROP = 0,
+ FLWD_PASS = 1,
+}flwd_pkt_action_t;
+
+
+/* ��ֵ�����ÿ����Ҫ��Ӧ, ��ֹ�����޸� */
+typedef enum {
+ FLWD_NAT_TYPE_SNAT = 1,
+ FLWD_NAT_TYPE_DNAT = 2,
+}flwd_nat_type_t;
+
+
+typedef enum {
+ FLWD_IP_REGION_INLAND = 0, /* ����, �˶���Ҫ��pangu���ݿ������һ��!!! */
+ FLWD_IP_REGION_OUTLAND = 1, /* ����, �˶���Ҫ��pangu���ݿ������һ��!!! */
+ FLWD_IP_REGION_MAX = 2,
+}flwd_ip_region_type_t;
+
+
+typedef enum {
+ FLWD_ACT_IP_DYNAMIC = 1, /* �Զ����ֵĶ�̬��ԾIP */
+ FLWD_ACT_IP_STATIC = 2, /* �û�ͨ�������·��ľ�̬IP��ַ�� */
+}flwd_active_ip_type_t;
+
+/* NOTE: Ϊ�˳�����ʹ�������±�����v4, v6, �˴�������4,6�������õ�������ʵ��ֵ */
+typedef enum{
+ FLWD_IP_ADDR_TYPE_V4 = 0,
+ FLWD_IP_ADDR_TYPE_V6 = 1,
+}flwd_ip_addr_type_t;
+
+
+typedef enum{
+ FLWD_MAAT_SRC_JSON = 1,
+ FLWD_MAAT_SRC_LOCAL_FILE = 2,
+ FLWD_MAAT_SRC_REDIS = 3,
+}flwd_maat_cfg_source_t;
+
+
+typedef struct{
+ unsigned char addr_type;
+ unsigned char addr_len;
+ unsigned short dport; /* NOTE: ��������ṹҲ������, �˴��Ŀ�϶����һ��port����, ������DNAT */
+ union{
+ unsigned int addr_ipv4;
+ struct in6_addr addr_ipv6;
+ unsigned char addr_value[16];
+ };
+}flwd_ip_t;
+
+
+typedef struct{
+ unsigned int sip_net_order;
+ unsigned int dip_net_order;
+}flwd_ippair_v4_t;
+
+typedef struct{
+ struct in6_addr sip_net_order;
+ struct in6_addr dip_net_order;
+}flwd_ippair_v6_t;
+
+
+typedef struct{
+ unsigned char addr_type; /* flwd_ip_addr_type_t, ÿ����Ԫ��ʹ�ö����ĵ�ַ����, Ԥ��v4_over_v6, v6_over_v4�ĵ�ַת������ */
+ unsigned char protocol; /* TCP��UDP��Ԫ����Ҫ����, ����Э���ֶ�, ʵ����5Ԫ�� */
+ unsigned char dir_reverse; /* natת��֮ǰ��key��Ԫ����ʵ����, �Ƿ���ݴ��ַ��ΪԴ��HASH�淶, ���˵�ַ��ת, ��: TCP_SYN��, �����ֵΪ1, ˵��key->dip����������SYN�����ͷ�, д��־ʱ����ע�� */
+ unsigned char __pad; /* �ֽڶ��� */
+ unsigned short sport_net_order;
+ unsigned short dport_net_order;
+ union{
+ flwd_ippair_v6_t *ippair_v6; /* �˴�ʹ��ָ��, ��IPv6��ַ̫��, V6������Խ���, �˽ṹ���ɺ�flwd_ippair_v4_tһ����, union���Խ�Լ�ڴ�. ע��free!! */
+ flwd_ippair_v4_t ippair_v4;
+ };
+}flwd_tuple5_t; /* NAT��Ԫ�� */
+
+
+/* ��ʵ������IP�Ͷ˿� */
+typedef struct{
+ unsigned int actual_server_ip_net_order;
+ unsigned short actual_server_port_net_order;
+}flwd_actual_ip_port_t;
+
+
+
+/* ���ݰ���Դ, �������� or ת������,
+ ���н���������ת������֮��, Ԥ������socketͨ��ģʽ, ��Ϊ�������̿��Բ�����һ̨����
+*/
+typedef enum {
+ TOPO_ACC_LINK_USER = 0, /* ��������--�û��ն� */
+ TOPO_ACC_LINK_FWD = 1, /* ��������--ת������ */
+ TOPO_FWD_LINK_ACC = 2, /* ת������--�������� */
+ TOPO_FWD_LINK_GDEV = 3, /* ת������--ר���豸 */
+ __TOPO_MODE_MAX = 4,
+}flwd_topology_t;
+
+/* �û������ն�Э������ */
+typedef enum {
+ FLWD_TERMINAL_IP_LAYER,
+ FLWD_TERMINAL_IP_L2TP,
+ FLWD_TERMINAL_IP_PPTP,
+}flwd_terminal_proto_t;
+
+typedef enum {
+ CAP_MODEL_PAG = 0,
+ CAP_MODEL_PCAP_ONLINE = 1,
+ CAP_MODEL_SOCKET = 2, /* ����ƽ̨������, ��Ϊflowoodϵͳ�϶������ö���ģʽ, ��������ʵʱ��������, ��dumpfile��Ϊsocketģʽ */
+ CAP_MODEL_PFRING = 3,
+ CAP_MODEL_DPDK = 4,
+ CAP_MODEL_PPF = 5,
+ CAP_MODEL_NPACKET = 6,
+ CAP_MODEL_QNF = 7, /* for ��߿Ƽ�Zhuanyong���� */
+ CAP_MODEL_N95 = 8, /* to do: for xx9 UDP�½ӿ� */
+ CAP_MODEL_PCAP_DUMPLIST = 9, /* 2014-11-19 lijia add */
+ CAP_MODEL_TOPSEC = 10, /* 2015-09-29 lijia add, for trojan detect */
+ CAP_MODEL_IPFILE = 11,
+ CAP_MODEL_MARSIOV4 = 12, /* 2016-10-26 lijia add, for DPDK-marsio-V4.0 */
+ CAP_MODEL_AGENT_SMITH = 13, /* 2016-10-27 lijia add, for ��Դ���빲���ڴ� */
+ CAP_MODEL_DPDK_VXLAN = 14, /* 2016-11-01 lijia add, for DPDK-3.0, vxlan������� */
+ CAP_MODEL_MARSIOV4_VXLAN= 15, /* 2016-11-01 lijia add, for MARSIO-4.0, vxlan������� */
+ CAP_MODEL_PAG_MARSIO = 16, /* 2017-04-07 lijia add, for marsio compat pag */
+ __CAP_MODEL_MAX = 17,
+}flwd_cap_mode_t;
+
+
+typedef enum{
+ FLWD_OUTOPT_FIRST_PKT = 0x1, /* һ�������װ�, ��Ҫ����ָ������, accessͨ��vxlan�����ֶθ�֮fwd�˰����װ�, fwdҪ����session�� */
+
+}flwd_output_opt_t;
+
+
+typedef struct{
+ void *low_level_mbuff; /* �ײ�IO����ذ��ṹ, ��: struct pfring_pkthdr, marsio_buff_t */
+ char *inner_pkt_data; /* �ڲ�MAC�㿪ʼ�����ݲ��� */
+ char *outer_pkt_data; /* ���MAC�㿪ʼ�����ݲ��� */
+ int inner_pkt_len; /* �ڲ�MACͷ��ʼ�����ݳ��� */
+ int outer_pkt_len; /* ���MACͷ��ʼ�����ݳ��� */
+ flwd_terminal_proto_t terminal_proto;
+ const char *inner_ip_layer_hdr; /* Vxlan(����)�ڲ�IP��ͷ��ʼ��ַ, v4 or v6 */
+}flwd_raw_pkt_t;
+
+typedef struct{
+ const char *device_name;
+ const char *pkt_filter; /* ����ijЩ������֧�� */
+ flwd_cap_mode_t cap_mode;
+ flwd_topology_t topo_mode;
+ unsigned int device_ip_net_order; /* �����豸IP��ַ */
+ unsigned int device_ip_mask_net_order; /* �����豸IP���� */
+ unsigned int gateway_ip_net_order; /* Ĭ������IP��ַ */
+// unsigned int *device_slave_ip_net_order; /* ������˫IPģʽ, ������������������, ����ģʽ����һ��������, ͬʱ����ת�����غͽ����ն˵Ļ�����, ����ͬIP���������� */
+// unsigned char device_slave_ip_num; /* ��Ҫ����DNAT�Ľ������غ���ʵ������ͨ��, ���ֻ��һ��IP, ��󲢷�������ֻ��65411��, ����ʹ�ö������ip��ַ, ���ܱ�֤�߲����� */
+ unsigned short socket_port_net_order; /* lo���ػػ�socketͨ�Ŷ˿�ģʽ */
+ unsigned char local_mac_addr[6];
+}flwd_io_para_t;
+
+typedef struct __flwd_device_handle{
+ int tot_thread_count;
+ int sapp_send_thread_seq; /* �Բ����ʽ���ص�sappʱ, �ǰ������̵߳ķ����߳�ID */
+ flwd_io_para_t io_para; /* ������������, ������, ����ģʽ, �ӿ�IP,MAC��ַ�ȵ� */
+ void *low_level_io_handle;
+ int (*low_level_io_init)(struct __flwd_device_handle *h);
+ void (*low_level_io_run)(struct __flwd_device_handle *h);
+ int (*low_level_pkt_recv)(struct __flwd_device_handle *h, int tid, void **mbuff);
+ void (*low_level_pkt_free)(struct __flwd_device_handle *h, int tid, void *mbuff);
+ void *(* low_level_mbuff_malloc)(struct __flwd_device_handle *h, int tid, int len);
+ void (* low_level_mbuff_free)(struct __flwd_device_handle *h, int tid, void *mbuff);
+ void (* low_level_mbuff_free_after_send)(struct __flwd_device_handle *h, int tid, void *mbuff); /* ��marsioģʽ���ͺ��Զ�free, ijЩ���ֲ��Զ�free, ������ôһ�������ӿ� */
+ void (* low_level_mbuff_send_back)(struct __flwd_device_handle *h, int tid, void *mbuff); /* GDEVģʽ��, fwd���ػ�ע���ݰ� */
+ char * (* low_level_mbuff_mtod)(void *mbuff);
+ char * (*low_level_mbuff_data_append)(void *mbuff, const char *user_data, int user_data_len);
+ char * (*low_level_mbuff_data_forward)(void *mbuff, int n); /* ����ָ����ǰ�ƶ�N���ֽ�, ���ݳ����Զ�����N */
+ char * (*low_level_mbuff_data_rearward)(void *mbuff, int n); /* ����ָ������ƶ�N���ֽ�, ���ݳ����Զ�����N */
+ int (*low_level_mbuff_get_pkt_len)(void *mbuff);
+ void (*low_level_mbuff_set_pkt_len)(void *mbuff, int pkt_len);
+ int (*low_level_send)(struct __flwd_device_handle *h, int tid, void *mbuff); /* ����֮ǰ����low_level_mbuff_malloc(), ��������Զ�free, ������������low_level_mbuff_free() */
+}flwd_device_handle_t;
+
+
+/* Ϊ���������, �ڲ�Ϊÿ�������, ��maat���ص�table_id��ͬ */
+typedef enum{
+ FLWD_MAAT_TB_IR_POLICY_COMPILE = 0,
+ FLWD_MAAT_TB_IR_POLICY_GROUP,
+ FLWD_MAAT_TB_IR_POLICY_IP,
+ FLWD_MAAT_TB_IR_STATIC_IP_POOL_CB, /* �û��˹�����IP */
+ FLWD_MAAT_TB_IR_DYN_SIFT_IP_CB, /* �Զ�����IP */
+ FLWD_MAAT_TB_IR_DYN_CONN_IP, /* ��ɢIP���õ���Ԫ��, ��֮������ϵͳ, ����ϵͳ�ڳ�ͻ���� */
+ FLWD_MAAT_TB_MAX,
+}flwd_inner_maat_table_id_t;
+
+typedef struct{
+ const char *table_name;
+ int table_id;
+}flwd_maat_table_info_t;
+
+typedef struct{
+ void *flwd_log_handle; /* MESA-handle_logger��־��� */
+ void *maat_log_handle;
+ void *maat_static_handle; /* redis�������÷���, maatҲҪ��ʼ��������ͬ��� */
+ void *maat_dynamic_handle; /* redis�������÷���, maatҲҪ��ʼ��������ͬ��� */
+ void *flwd_network_conn_table; /* gdev��forward����֮��Ļ�����ϵ */
+ void *flwd_arp_table; /* ARP HASH��, ip��Ϊkey, mac_addrΪdata */
+ pthread_rwlock_t flwd_arp_htable_rwlock; /* arp��Ҫ��̬����, ��htableֻ�л�����, ����󲿷����Ƕ�����, ��Ҫ��д��, ����߶��߳����� */
+ time_t cur_time;
+ struct in6_addr zero_ipv6_addr; /* ��ʾȫ0��IPv6��ַ */
+ unsigned char zero_mac_addr[6]; /* ��ʾȫ0��MAC��ַ */
+ unsigned long long cur_time_usec; /* ��1970-01-01 ��ʼ����ǰʱ��ľ���΢���� */
+ flwd_device_handle_t global_io_handle[__TOPO_MODE_MAX];
+ flwd_maat_table_info_t maat_table_info[FLWD_MAAT_TB_MAX];
+}flwd_global_val_t; /* ȫ�ֱ��� */
+
+
+typedef struct{
+ unsigned long long eth_pkt_num;
+ unsigned long long ip_pkt_num;
+ unsigned long long tcp_pkt_num;
+ unsigned long long udp_pkt_num;
+
+ unsigned long long eth_pkt_byte;
+ unsigned long long ip_pkt_byte;
+ unsigned long long tcp_pkt_byte;
+ unsigned long long udp_pkt_byte;
+
+}flwd_pkt_stat_t; /* ���ݰ�����ͳ����Ϣ */
+
+
+/* Դ��Ŀ�ķ����Ե�ǰ����Ϊ׼ */
+struct __flwd_tuple4{
+ unsigned char addr_type; /* �ѵ�ַ���ͷ�ֹ�ṹ����ǰ, ����v4, v6����ʶ�� */
+ unsigned char protocol; /* TCP��UDP��Ԫ����Ҫ����, ����Э���ֶ� */
+ unsigned short sport_net_order;
+ unsigned short dport_net_order;
+ unsigned int sip_net_order;
+ unsigned int dip_net_order;
+}__attribute__((packed));
+typedef struct __flwd_tuple4 flwd_tuple4v4_t;
+
+/* Դ��Ŀ�ķ����Ե�ǰ����Ϊ׼ */
+struct __flwd_tuple6{
+ unsigned char addr_type; /* �ѵ�ַ���ͷ�ֹ�ṹ����ǰ, ����v4, v6����ʶ�� */
+ unsigned char protocol; /* TCP��UDP��Ԫ����Ҫ����, ����Э���ֶ� */
+ unsigned short sport_net_order;
+ unsigned short dport_net_order;
+ struct in6_addr sip_net_order;
+ struct in6_addr dip_net_order;
+}__attribute__((packed));
+typedef struct __flwd_tuple6 flwd_tuple4v6_t;
+
+
+typedef struct{
+ unsigned int gdev_ip_net_order; /* ��¼�����������IP��GDEV IP, ʵ�ʾ��DZ�ҵ���loopback ip, ����region_id, dev_idͨ������õ� */
+ unsigned char region_id; /* ���ڱ�� */
+ unsigned char dev_id; /* �豸��� */
+ unsigned char link_id; /* ��ǰIP������ʱ����·�� */
+ unsigned char this_ip_as_sip_route_dir; /* �˻�ԾIP��ΪԴIPʱ, ��INLINE�豸�ķ���λ, һ��Ҫ��TCP��SYN�����ӵ�����, udp���ܻύ��sip��dip, ��Ϊ������ΪԴ��ַ, ͨ����ֵ����� */
+ unsigned char inner_raw_smac[6];
+ unsigned char inner_raw_dmac[6];
+}flwd_gdev_associated_args_t;
+
+
+/* �洢��ת�������еĵײ�·����Ϣ, ����ÿ�ζ���̬��·�ɱ�, ARP��, �ÿռ任ʱ��!!!
+ SNAT:
+ access����:
+ ���տͻ������ݰ�, ��¼�ͻ���ԴMAC;
+ ����ѡ��Ļ�ԾIP����λ��, ��̬��ѯ��һ��fwd����, ��¼fwd_ip, fwd_mac;
+
+ fwd����:
+ ��������access�İ�, ����hash��, ��¼access_ip, access_mac;
+ ���յ�����gdev�Ļظ���, ֱ��ȡ��nat_info�е�access_ip, access_mac, ֱ��ת��(�������Ĵ��Ļ�ȥ).
+
+ DNAT:
+ fwd����:
+ ���յ�����gdev���װ�, ��̬��ѯdip������̨access���ؿ��Ե���, ��¼access_ip, access_mac;
+
+ access����:
+ ���յ�����fwd���װ�, ��¼fwd_ip, fwd_mac, ���յ���ʵ������Ӧ��ʱ, ȡ���洢��ip,macֱ��ת��(�������Ĵ��Ļ�ȥ).
+*/
+typedef struct{
+ flwd_gdev_associated_args_t gdev_args;
+ unsigned char inner_terminal_mac[6]; /* ��Ҫ����access_gateway, �ͻ��˻���ʵ��������MAC, SNAT��Ӧ������ò�ARP��; DNAT���װ���Ҫ��ѯARP��һ�� */
+ unsigned int next_gateway_ip_net; /* ��Ҫ����access_gateway��fwd_gateway, ��һ�����ص�IP, ʵ�ʾ���vxlan���IP��ַ, ������v4,v6, �϶�����IPv4��ַ */
+ unsigned char next_gateway_mac[6]; /* ��Ҫ����access_gateway��fwd_gateway, ��һ�����ص�MAC */
+}flwd_route_info_t;
+
+
+typedef struct{
+ unsigned char tid; /* ��Ҫ����htable�ص������ڲ���tid�������� */
+ unsigned char reference; /* �˽ṹ��htable�б�������ͬ��key����, �������ü���, ��ֹdouble free */
+ unsigned char act_ip_region; /* flwd_ip_region_type_t, ��¼��ԾIP���ڵ���λ��, �����ӽ�����, ���ն˿�ʱʹ�� */
+ unsigned char act_ip_origin; /* flwd_active_ip_type_t, ��̬���� or �û��������� */
+ flwd_nat_type_t nat_type;
+ flwd_tuple5_t inner_nat_tuple5; /* ����SNAT, ���Ǿ������ڲ���ʵ�ͻ��˵İ�; */
+ flwd_tuple5_t outer_nat_tuple5; /* ����SNAT, ���dz�����, Internet�ϵİ�; */
+ signed long long signature_param; /* ���ݰ�ָ��Э������ض�����, ����TCP��˵, ��SYN-ISNƫ����; ����DNS��˵, ��transidƫ����; ��ֵ��after-nat�IJ���תΪ64bit long long �ͼ�ȥԭʼpre-nat(64bit)��IJ���֮�� */
+ flwd_route_info_t flwd_route_info;
+#if FLWD_USE_LTSM_FOR_QUICK_CLOSE
+ void *ltsm_stat_handle;
+#endif
+}flwd_nat_info_t;
+
+
+typedef struct{
+ unsigned char tid; /* ��Ҫ����htable�ص������ڲ���tid�������� */
+ flwd_route_info_t flwd_route_info;
+}flwd_fwd_nat_info_t;
+
+
+typedef struct{
+ flwd_pkt_stat_t pkt_stat;
+ /* IP��ַ��htable */
+ void *flwd_ip_pool_dynamic_htable[2][2]; /* ʹ��һ����ά����, ����ά�ȷֱ���: [v4_or_v6][inland_or_outland], ��dynamic��static�洢��key��һ��, �ֿ��������� */
+ void *flwd_ip_pool_static_htable[2][2]; /* ʹ��һ����ά����, ����ά�ȷֱ���: [v4_or_v6][inland_or_outland], ��dynamic��static�洢��key��һ��, �ֿ��������� */
+ pthread_rwlock_t flwd_ip_pool_dynamic_rwlock;
+ pthread_rwlock_t flwd_ip_pool_static_rwlock;
+ void *nat_info_table; /* access��fwd���ظ���ͬһ������, TCP��UDPͬ��һ��htable, protocolҲ��Ϊkey��һ���� */
+ flwd_ippair_v6_t nat_key_ipv6_buf; /* ���캯��ջ�ڵ�nat_keyʱ, ��flwd_tuple5_t��ipv6��ַ������ָ��, ����ÿ�ζ�̬malloc/free, �˴�Ϊÿ���̷߳���һ����ʱ��ipv6��ַ������ */
+ struct stream_tuple4_v4 addrv4_convert_buf; /* flwd_tuple5_to_stream_addr()�����õ��ڴ滺���� */
+ struct stream_tuple4_v6 addrv6_convert_buf; /* flwd_tuple5_to_stream_addr()�����õ��ڴ滺���� */
+ char __pad[56];
+}flwd_global_thread_t; /* ���߳�ȫ�ֱ���, ע��64�ֽڻ������ */
+
+
+
+typedef struct{
+ int tot_thread_count;
+ int flwd_log_level;
+ int nat_htable_max_num;
+ int nat_htable_timeout;
+ int global_access_gateway_num; /* ȫ��һ���ж��ٸ���������, ��������ʹ�û�ԾIP��Դ�˿� */
+ int current_access_gateway_id; /* ��ǰ�������ص�ΨһID, ��1��ʼ */
+ int use_static_pool_ip_if_no_dynamic; /* ������, �����ǰû�п��ö�̬IP, ��Ӿ�̬���������ѡһ�� */
+ int use_dynamic_pool_ip_if_no_static; /* ������, ��������˲���, ����static_pool��ǰû�п���IP, ��Ӷ�̬�������ѡһ�� */
+ const char *maat_json_cfg_file;
+ const char* table_info_path; /* maat_cfg */
+ const char* full_cfg_dir; /* maat_cfg */
+ const char* inc_cfg_dir; /* maat_cfg */
+}flwd_global_cfg_t; /* ȫ�������ļ����� */
+
+
+typedef struct{
+ flwd_topology_t topo_mode;
+ const char *cfg_file_section;
+ char addr_para[64];
+}flwd_packet_io_cfg_para_t;
+
+
+
+typedef struct {
+ unsigned char is_valid;
+ unsigned int policy_group_id; /* ��̬IPΪ0 */
+ flwd_ip_region_type_t ip_region_type; /* ���ڡ����� */
+ flwd_active_ip_type_t ip_origin_type; /* ��̬, ��̬ */
+ flwd_ip_t active_ip_net_order;
+ flwd_gdev_associated_args_t gdev_args;
+ MESA_list_t active_ip_list_node; /* ��̬IP��group_idΪkey, ��ͬ��group_id��IPʹ����������; Ϊ�˷��㴦��, quiddityָ�򱾽ṹ��ͷ��, ʹ��get_entry_of̫�鷳; headͷ�ڵ������� */
+ MESA_list_count_t usable_tcp_sport_list_head; /* TCP���ö˿�����, ��ʼ��ʱ, ����ȫ�������ö˿�, ����һ���ʹ��������Ƴ�һ��, ���ӽ����ͷ�ʱ, �ٲ�������, ʹ��MESA_list_count_t, ���ڼ��� */
+ MESA_list_count_t usable_udp_sport_list_head; /* UDP���ö˿�����, ��ʼ��ʱ, ����ȫ�������ö˿�, ����һ���ʹ��������Ƴ�һ��, ���ӽ����ͷ�ʱ, �ٲ�������, ʹ��MESA_list_count_t, ���ڼ��� */
+}flwd_active_ip_t;
+
+
+
+/* ѡ���ԾIP��ͬʱ, ���ݵ�ǰIP�����м�¼, ͬʱѡ��һ������Դ�˿� */
+typedef struct{
+ int tid;
+ flwd_ip_region_type_t dip_region_type; /* ��ǰ��Ԫ����ʵĿ��IP���ڵ���λ�� */
+ flwd_tuple5_t *nat_key; /* ԭʼ����Ԫ����Ϣ, ����SNAT����inner_tuple5, ����DNAT����outer_tuple5 */
+ flwd_ip_t act_sip_net_order; /* ���õĻ�ԾIP��ַ */
+ flwd_gdev_associated_args_t gdev_args;
+ unsigned short act_sport_net_order;
+ unsigned char protocol; /* ��ֵ������htable�ص��������ݲ�����, ����ʱ���������� */
+}flwd_active_ip_port_args_t;
+
+
+
+
+/* ��Ϊ��ԾIP��MAAT�ص���, �����Ƕ����ڰ������߳�, Ϊ�˲���ͬһ��htable��������, ʹ��һ��Сtrick:
+
+
+ op_flag�������bit����:
+ 0λ:
+ 0:callback�߳��Ѿ�������, �������߳̿��Զ�ȡ�����뱾�̵߳�htable;
+ 1:�������߳��Ѿ�������, ��ʱΪNULL, callback�߳̿��Լ�������������.
+ 1λ:
+ 1:���������߳�ռ��;
+ 0:�������߳��ͷ�;
+ 2λ:
+ 1:��callback�߳�ռ��;
+ 0:callback�߳��ͷ�;
+
+ ��1bit ��0bit ��0bit
+ --------|--------|--------|
+ cb proc valid
+
+ �յ����º�, �����ݿ��ת����flwd_active_ip_t�����Ƹ�ʽ, ���ݲ�ͬ���߳����ò�ͬ�Ķ˿�,
+ Ȼ�����ÿ���̵߳�flwd_temp_active_ip_op_flag=1,
+*/
+
+//#define FLWD_ACT_IP_OP_MASK_DATA_VALID (0x1)
+#define FLWD_ACT_IP_OP_OR_MASK_BY_PROC (0x1) /* ���ӱ��λ */
+#define FLWD_ACT_IP_OP_OR_MASK_BY_CALLBACK (0x2) /* ���ӱ��λ */
+
+#define FLWD_ACT_IP_OP_AND_MASK_BY_PROC (0xFFFE) /* ��ձ��λ */
+#define FLWD_ACT_IP_OP_AND_MASK_BY_CALLBACK (0xFFFD) /* ��ձ��λ */
+
+
+
+extern flwd_global_cfg_t flwd_cfg_val;
+extern flwd_global_val_t flwd_global_val;
+extern flwd_global_thread_t flwd_thread_val[FLWD_MAX_THREAD_NUM];
+extern const flwd_packet_io_cfg_para_t g_packet_io_cfg_para[__TOPO_MODE_MAX];
+extern MESA_ATOMIC_T flwd_temp_active_ip_op_flag[FLWD_MAX_THREAD_NUM];
+extern MESA_lqueue_head flwd_temp_active_ip_to_deal[FLWD_MAX_THREAD_NUM];
+
+#define flwd_log(level, fmt, args...) do{ if(level >= flwd_cfg_val.flwd_log_level){MESA_handle_runtime_log(flwd_global_val.flwd_log_handle, level, "flowood", fmt, ##args);}}while(0)
+
+#endif
+
+
diff --git a/inc/flowood_fun.h b/inc/flowood_fun.h
new file mode 100644
index 0000000..ec66a73
--- /dev/null
+++ b/inc/flowood_fun.h
@@ -0,0 +1,92 @@
+#ifndef _FLOWOOD_FUN_H_
+#define _FLOWOOD_FUN_H_ 1
+#include <stdint.h>
+#include <sys/types.h>
+#include "flowood.h"
+#include "flwd_net.h"
+
+int flwd_gateway_init(void);
+int flwd_packet_io_init(flwd_topology_t first_top_mode, flwd_topology_t second_top_mode);
+int flwd_access_maat_init(void);
+void flwd_packet_io_run(void);
+int flwd_access_ip_layer_input(flwd_device_handle_t *device_handle, int tid, flwd_raw_pkt_t *raw_pkt);
+int flwd_rubbish_pkt_identify(flwd_device_handle_t *device_handle, flwd_raw_pkt_t *raw_pkt, int check_dip);
+void *flwd_stat_thread(void *arg);
+int flwd_sendpacket_build_ipv4(u_int16_t carry_layer_len, u_int8_t tos, u_int16_t id, u_int16_t frag,
+ u_int8_t ttl, u_int8_t prot, u_int32_t src_net_order, u_int32_t dst_net_order, const char *payload,
+ int payload_s, char *buf);
+int flwd_sendpacket_build_ethernet(u_int16_t eth_type_host_order, const unsigned char *src_mac, const unsigned char *dst_mac, char *buf);
+int flwd_sendpacket_build_icmpv4_echo(u_int8_t type, u_int8_t code, u_int16_t sum,
+ u_int16_t id, u_int16_t seq, char *payload, u_int32_t payload_s, char *buf);
+int flwd_sendpacket_build_udp(u_int16_t carry_layer_len,
+ u_int16_t sport_net_order, u_int16_t dport_net_order,
+ const char *payload, int payload_s, char *buf);
+
+int flwd_sendpacket_do_checksum(char *ip_buf, int protocol, int len);
+int flwd_sendpacket_build_arp(u_short hrd_net, u_short pro_net, u_char hln, u_char pln, u_short op_net,
+ u_char *sha, u_char *spa, u_char *tha, u_char *tpa, char *buf);
+int flwd_packet_io_low_level_init(flwd_device_handle_t *g_io_handle);
+void *flwd_packet_io_work_thread(void *arg);
+int flwd_access_kernal_pkt_input(flwd_device_handle_t *device_handle, int tid, flwd_raw_pkt_t *raw_pkt);
+int flwd_protocol_stack_process(flwd_device_handle_t *io_handle, int tid, flwd_raw_pkt_t *raw_pkt);
+int flwd_access_l2tp_layer_input(flwd_device_handle_t *device_handle, int tid, flwd_raw_pkt_t *raw_pkt);
+const char *flwd_tuple5_ntop(int tid, const flwd_tuple5_t *tuple5);
+const char *flwd_tuple5_ntop_r(const flwd_tuple5_t *tuple5, char *str_mbuf, int mbuf_len);
+const char *flwd_ipt_ntop_r(const flwd_ip_t *ipbin, char *str_mbuf, int mbuf_len);
+int flwd_idle_call(int tid);
+int flwd_access_active_ip_init(void);
+flwd_ip_region_type_t flwd_dstip_location(const flwd_tuple5_t *tuple5);
+int flwd_pkt_input(flwd_device_handle_t *device_handle, int tid, flwd_raw_pkt_t *raw_pkt);
+void *flwd_malloc(int tid, size_t size);
+void flwd_free(int tid, void *ptr);
+void *flwd_calloc(int tid, size_t nmemb, size_t size);
+unsigned int flwd_tuple5_hash(const flwd_tuple5_t *tuple5, int);
+flwd_tuple5_t *flwd_tuple5_dup_to_stack(int tid, flwd_tuple5_t *dst_tuple5, const flwd_tuple5_t *src_tuple5);
+flwd_tuple5_t *flwd_tuple5_dup_to_heap(flwd_tuple5_t *dst_tuple5, const flwd_tuple5_t *src_tuple5);
+void flwd_tuple5_adjust_dir(flwd_tuple5_t *tuple5);
+unsigned int compat_marsio_tuple4_hash(const flwd_tuple5_t *nat_key);
+int flwd_act_ip_hash_proc(int tid, flwd_active_ip_t *act_ip_stack);
+int flwd_nat_htable_key_cmp(const uchar * key1, uint size1, const uchar * key2, uint size2);
+uint flwd_nat_htable_key2index(const MESA_htable_handle table, const uchar * key, uint size);
+uchar * flwd_nat_htable_key_dup(const uchar *key, uint key_size);
+void flwd_nat_htable_key_free(uchar *key, uint key_size);
+void flwd_adapt_sleep(int success_work_times_in_recent_100);
+int flwd_build_tuple4_key(int tid, flwd_tuple5_t *nat_key, const flwd_raw_pkt_t *raw_pkt);
+int flwd_pre_process_pkt_input(flwd_device_handle_t *rcv_device_handle, flwd_raw_pkt_t *raw_pkt);
+int flwd_maat_talbe_name_init(void);
+int flwd_maat_table_register(void *handle, int inner_table_index);
+unsigned int flwd_access_maat_scan_rule(int tid, const flwd_tuple5_t *tuple5);
+flwd_active_ip_t *flwd_ip_pool_search(unsigned char act_ip_origin, const MESA_htable_handle table, const uchar * key, uint size);
+void flwd_ip_dyn_sift_pool_cb(int table_id,const char* table_line,void* u_para);
+void flwd_ip_pool_del(unsigned char act_ip_origin, MESA_htable_handle table, unsigned int policy_group_id,
+ void (* del_cb)(void *), const flwd_active_ip_t *maat_cb_tobe_del_ip);
+
+int flwd_maat_talbe_name_init(void);
+flwd_ip_region_type_t flwd_ipv4_location(unsigned int ip4addr);
+flwd_ip_region_type_t flwd_ipv6_location(const struct in6_addr *ip6addr);
+void flwd_act_ip_update(const flwd_active_ip_t *stack_act_ip);
+void * flwd_maat_summon(const char *cfg_file, const char *cfg_section);
+int flwd_ipt_equal(const flwd_ip_t *ip1, const flwd_ip_t *ip2);
+
+const char *flwd_ip_region_ntop(int ip_region_type);
+int flwd_arp_table_init(void);
+int flwd_arp_table_query(int tid, flwd_ip_t *ip_union, flwd_device_handle_t *io_handle, unsigned char result_mac[6]);
+void flwd_arp_response_update(const flwd_arp_hdr_t *arp_hdr);
+int flwd_tuple5_to_stream_addr(int tid, const flwd_tuple5_t *tuple5, struct ipaddr *stream_addr);
+unsigned int flwd_search_fwd_ip_by_gdev_ip(unsigned int active_ip_net_order);
+void flwd_del_last_rn(char *data, int max_len);
+int flwd_network_conn_init(void);
+unsigned char *flwd_policy_group_id_key_gen(unsigned int policy_group_id, unsigned char *out_key, int *out_key_len);
+const char *flwd_debug_print_tuple4(const void *a_packet, int tid);
+const char *flwd_debug_print_tuple4_r(const void *a_packet, char *buf, int buf_max_len);
+const char *flwd_debug_print_tuple4_detail(const void *a_packet, int tid);
+const char *flwd_debug_print_tuple4_detail_r(const void *a_packet, char *buf, int buf_max_len);
+
+unsigned short flwd_act_ip_get_usable_tcp_sport_num(void);
+unsigned short flwd_act_ip_get_usable_udp_sport_num(void);
+
+
+
+
+#endif
+
diff --git a/inc/flwd_net.h b/inc/flwd_net.h
new file mode 100644
index 0000000..2651021
--- /dev/null
+++ b/inc/flwd_net.h
@@ -0,0 +1,389 @@
+#ifndef _FLWD_NET_H_
+#define _FLWD_NET_H_ 1
+
+#include <stdint.h>
+#include <sys/types.h>
+#include <linux/if_ether.h>
+#include <netinet/in.h>
+#include <netinet/ip.h>
+#include <netinet/tcp.h>
+#include <netinet/udp.h>
+#include <netinet/ip6.h>
+#include <netinet/ip_icmp.h>
+#include <netinet/in_systm.h>
+#include <linux/ppp_defs.h>
+
+/* ����һ��flwdģ�����õ�ͷ�ļ�, ��linux BSD������һ�� */
+
+struct flwd_eth_hdr{
+ unsigned char h_dest[ETH_ALEN]; /* destination ethernet address */
+ unsigned char h_source[ETH_ALEN]; /* source ethernet address */
+ unsigned short h_proto; /* packet type ID */
+}__attribute__((packed));
+typedef struct flwd_eth_hdr flwd_eth_hdr_t;
+
+typedef struct {
+ u_short ar_hrd; /* format of hardware address */
+
+ u_short ar_pro; /* format of protocol address */
+ u_char ar_hln; /* length of hardware address */
+ u_char ar_pln; /* length of protocol addres */
+ u_short ar_op; /* operation type */
+
+ /*
+ * These should implementation defined but I've hardcoded eth/IP.
+ */
+ u_char ar_sha[6]; /* sender hardware address */
+ u_char ar_spa[4]; /* sender protocol address */
+ u_char ar_tha[6]; /* target hardware address */
+ u_char ar_tpa[4]; /* target protocol address */
+}flwd_arp_hdr_t;
+
+/*
+ * Structure of an internet header, naked of options.
+ */
+typedef struct
+ {
+#if __BYTE_ORDER == __LITTLE_ENDIAN
+ unsigned int ip_hl:4; /* header length */
+ unsigned int ip_v:4; /* version */
+#endif
+#if __BYTE_ORDER == __BIG_ENDIAN
+ unsigned int ip_v:4; /* version */
+ unsigned int ip_hl:4; /* header length */
+#endif
+ u_int8_t ip_tos; /* type of service */
+ u_short ip_len; /* total length */
+ u_short ip_id; /* identification */
+ u_short ip_off; /* fragment offset field */
+#define IP_RF 0x8000 /* reserved fragment flag */
+#define IP_DF 0x4000 /* dont fragment flag */
+#define IP_MF 0x2000 /* more fragments flag */
+#define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
+ u_int8_t ip_ttl; /* time to live */
+ u_int8_t ip_p; /* protocol */
+ u_short ip_sum; /* checksum */
+ struct in_addr ip_src, ip_dst; /* source and dest address */
+}flwd_ipv4_hdr_t;
+
+/*
+ * IPv6 packet header prototype, add by LiJia 2012-03-19.
+ */
+typedef struct{
+ u_int8_t ip6_flags[4]; /* version, traffic-class, flow-label */
+ u_int16_t ip6_payload_len; /* payload length, not contain header */
+ u_int8_t ip6_nxt_hdr; /* next header, same as protocol in IPv4 */
+ u_int8_t ip6_hop; /* hop limit, same as TTL in IPv4 */
+ struct in6_addr ip6_src; /* source address */
+ struct in6_addr ip6_dst; /* dest address */
+}flwd_ipv6_hdr_t;
+
+#define FLWD_IPV4_MULTICAST_ADDR(addr) (((addr&0xF0000000)==0xE0000000)?1:0)
+
+/*
+ * ICMP packet header prototype. // from libnet-headers.h
+ */
+typedef struct
+{
+ u_char icmp_type;
+/*
+ * ICMP types.
+ */
+#ifndef ICMP_ECHOREPLY
+#define ICMP_ECHOREPLY 0
+#endif
+#ifndef ICMP_UNREACH
+#define ICMP_UNREACH 3
+#endif
+#ifndef ICMP_SOURCEQUENCH
+#define ICMP_SOURCEQUENCH 4
+#endif
+#ifndef ICMP_REDIRECT
+#define ICMP_REDIRECT 5
+#endif
+#ifndef ICMP_ECHO
+#define ICMP_ECHO 8
+#endif
+#ifndef ICMP_ROUTERADVERT
+#define ICMP_ROUTERADVERT 9
+#endif
+#ifndef ICMP_ROUTERSOLICIT
+#define ICMP_ROUTERSOLICIT 10
+#endif
+#ifndef ICMP_TIMXCEED
+#define ICMP_TIMXCEED 11
+#endif
+#ifndef ICMP_PARAMPROB
+#define ICMP_PARAMPROB 12
+#endif
+#ifndef ICMP_TSTAMP
+#define ICMP_TSTAMP 13
+#endif
+#ifndef ICMP_TSTAMPREPLY
+#define ICMP_TSTAMPREPLY 14
+#endif
+#ifndef ICMP_IREQ
+#define ICMP_IREQ 15
+#endif
+#ifndef ICMP_IREQREPLY
+#define ICMP_IREQREPLY 16
+#endif
+#ifndef ICMP_MASKREQ
+#define ICMP_MASKREQ 17
+#endif
+#ifndef ICMP_MASKREPLY
+#define ICMP_MASKREPLY 18
+#endif
+ u_char icmp_code;
+/*
+ * ICMP codes.
+ */
+#ifndef ICMP_UNREACH_NET
+#define ICMP_UNREACH_NET 0
+#endif
+#ifndef ICMP_UNREACH_HOST
+#define ICMP_UNREACH_HOST 1
+#endif
+#ifndef ICMP_UNREACH_PROTOCOL
+#define ICMP_UNREACH_PROTOCOL 2
+#endif
+#ifndef ICMP_UNREACH_PORT
+#define ICMP_UNREACH_PORT 3
+#endif
+#ifndef ICMP_UNREACH_NEEDFRAG
+#define ICMP_UNREACH_NEEDFRAG 4
+#endif
+#ifndef ICMP_UNREACH_SRCFAIL
+#define ICMP_UNREACH_SRCFAIL 5
+#endif
+#ifndef ICMP_UNREACH_NET_UNKNOWN
+#define ICMP_UNREACH_NET_UNKNOWN 6
+#endif
+#ifndef ICMP_UNREACH_HOST_UNKNOWN
+#define ICMP_UNREACH_HOST_UNKNOWN 7
+#endif
+#ifndef ICMP_UNREACH_ISOLATED
+#define ICMP_UNREACH_ISOLATED 8
+#endif
+#ifndef ICMP_UNREACH_NET_PROHIB
+#define ICMP_UNREACH_NET_PROHIB 9
+#endif
+#ifndef ICMP_UNREACH_HOST_PROHIB
+#define ICMP_UNREACH_HOST_PROHIB 10
+#endif
+#ifndef ICMP_UNREACH_TOSNET
+#define ICMP_UNREACH_TOSNET 11
+#endif
+#ifndef ICMP_UNREACH_TOSHOST
+#define ICMP_UNREACH_TOSHOST 12
+#endif
+#ifndef ICMP_UNREACH_FILTER_PROHIB
+#define ICMP_UNREACH_FILTER_PROHIB 13
+#endif
+#ifndef ICMP_UNREACH_HOST_PRECEDENCE
+#define ICMP_UNREACH_HOST_PRECEDENCE 14
+#endif
+#ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
+#define ICMP_UNREACH_PRECEDENCE_CUTOFF 15
+#endif
+#ifndef ICMP_REDIRECT_NET
+#define ICMP_REDIRECT_NET 0
+#endif
+#ifndef ICMP_REDIRECT_HOST
+#define ICMP_REDIRECT_HOST 1
+#endif
+#ifndef ICMP_REDIRECT_TOSNET
+#define ICMP_REDIRECT_TOSNET 2
+#endif
+#ifndef ICMP_REDIRECT_TOSHOST
+#define ICMP_REDIRECT_TOSHOST 3
+#endif
+#ifndef ICMP_TIMXCEED_INTRANS
+#define ICMP_TIMXCEED_INTRANS 0
+#endif
+#ifndef ICMP_TIMXCEED_REASS
+#define ICMP_TIMXCEED_REASS 1
+#endif
+#ifndef ICMP_PARAMPROB_OPTABSENT
+#define ICMP_PARAMPROB_OPTABSENT 1
+#endif
+
+ u_short icmp_sum;
+
+ union
+ {
+ struct
+ {
+ u_short id;
+ u_short seq;
+ }echo;
+
+#undef icmp_id
+#undef icmp_seq
+#define icmp_id hun.echo.id
+#define icmp_seq hun.echo.seq
+
+ u_long gateway;
+ struct
+ {
+ u_short pad;
+ u_short mtu;
+ }frag;
+ }hun;
+ union
+ {
+ struct
+ {
+ n_time its_otime;
+ n_time its_rtime;
+ n_time its_ttime;
+ }ts;
+ struct
+ {
+ struct ip idi_ip;
+ /* options and then 64 bits of data */
+ }ip;
+ u_long mask;
+ char data[1];
+
+#undef icmp_mask
+#define icmp_mask dun.mask
+#undef icmp_data
+#define icmp_data dun.data
+
+#undef icmp_otime
+#define icmp_otime dun.ts.its_otime
+#undef icmp_rtime
+#define icmp_rtime dun.ts.its_rtime
+#undef icmp_ttime
+#define icmp_ttime dun.ts.its_ttime
+ }dun;
+
+}flwd_icmp_hdr_t;
+
+/* 2012-04-10 LiJia add,
+ ��׼ICMPͷ��������ڸ��ӣ�
+ ��ICMPЭ��ͷ���������������ECHO_REQUEST��ECHO_REPLAY.
+*/
+typedef struct{
+ unsigned char icmp_type;
+ unsigned char icmp_code;
+ unsigned short icmp_cksum;
+ unsigned short icd_id;
+ unsigned short icd_seq;
+ //char echo_data[......];
+}flwd_simple_icmp_hdr_t;
+
+
+#ifndef TH_FIN
+#define TH_FIN 0x01
+#endif
+
+#ifndef TH_SYN
+#define TH_SYN 0x02
+#endif
+
+#ifndef TH_RST
+#define TH_RST 0x04
+#endif
+
+#ifndef TH_PUSH
+#define TH_PUSH 0x08
+#endif
+
+#ifndef TH_ACK
+#define TH_ACK 0x10
+#endif
+
+#ifndef TH_URG
+#define TH_URG 0x20
+#endif
+
+typedef struct{
+ u_int16_t th_sport; /* source port */
+ u_int16_t th_dport; /* destination port */
+ u_int32_t th_seq; /* sequence number */
+ u_int32_t th_ack; /* acknowledgement number */
+#if __BYTE_ORDER == __LITTLE_ENDIAN
+ u_int8_t th_x2:4, /* (unused) */
+ th_off:4; /* data offset */
+#elif __BYTE_ORDER == __BIG_ENDIAN
+ u_int8_t th_off:4, /* data offset */
+ th_x2:4; /* (unused) */
+#else
+#error "Please check <endian.h>"
+#endif
+ u_int8_t th_flags; /* control flags */
+ u_int16_t th_win; /* window */
+ u_int16_t th_sum; /* checksum */
+ u_int16_t th_urp; /* urgent pointer */
+}flwd_tcp_hdr_t;
+
+
+/*
+ * UDP packet header prototype.
+ */
+typedef struct{
+ u_int16_t uh_sport; /* soure port */
+ u_int16_t uh_dport; /* destination port */
+ u_int16_t uh_ulen; /* length */
+ u_int16_t uh_sum; /* checksum */
+}flwd_udp_hdr_t;
+
+
+/* ��׼vxlan���� */
+typedef struct{
+ unsigned char flags;
+ /*------------byte delim -------*/
+ unsigned char reserved[3];
+
+ /*--------int delim -------*/
+ unsigned char vlan_id_half_high;
+ unsigned char link_layer_type : 4; /* ���㱨�ķ�װ��ʽ */
+ unsigned char vlan_id_half_low : 4;
+ unsigned int online_test : 1;
+ unsigned int link_id : 6;
+ unsigned int dir : 1;
+
+ unsigned int r7 : 1;
+ unsigned int r6 : 1;
+ unsigned int r5 : 1;
+ unsigned int r4 : 1;
+ unsigned int vni_flag : 1;
+ unsigned int r2 : 1;
+ unsigned int r1 : 1;
+ unsigned int r0 : 1;
+}__vxlan_standard_hdr_t;
+
+/*
+ �˽ṹ�������׼vxlan(RFC7348) __vxlan_standard_hdr_t ��ͬ, ʹ����ijЩԤ���ֶ�,
+ ������access��forward����֮���ڲ�ͨѶ, ����������gdev���, ����ijЩֵ��������ʹ��.
+*/
+typedef struct{
+ unsigned char flags;
+
+ /*------------byte delim -------*/
+ unsigned char reserved[3];
+
+ /*--------int delim -------*/
+ unsigned char vlan_id_half_high;
+ unsigned char link_layer_type : 4; /* ���㱨�ķ�װ��ʽ */
+ unsigned char vlan_id_half_low : 4;
+ unsigned int online_test : 1;
+ unsigned int link_id : 6;
+ unsigned int dir : 1;
+
+ unsigned int r7 : 1;
+ unsigned int r6 : 1;
+ unsigned int r5 : 1;
+ unsigned int r4 : 1;
+ unsigned int vni_flag : 1;
+ unsigned int r2 : 1;
+ unsigned int r1 : 1;
+ unsigned int first_pkt_per_stream : 1; /* �˱�������, ��ʾ��һ�������װ�, ����access֪ͨfwd���� */
+
+}flwd_vxlan_hdr_t;
+
+#define FLWD_VXLAN_OUTER_PACKET_LEN (sizeof(flwd_eth_hdr_t)+sizeof(flwd_ipv4_hdr_t)+sizeof(flwd_udp_hdr_t) + sizeof(flwd_vxlan_hdr_t))
+#endif
+
diff --git a/inc/ltsm.h b/inc/ltsm.h
new file mode 100644
index 0000000..340aa2f
--- /dev/null
+++ b/inc/ltsm.h
@@ -0,0 +1,117 @@
+#ifndef __LTSM_H_
+#define __LTSM_H_
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*
+ LTSM : Light TCP State Machine.
+ Version : 2018-01-16
+*/
+
+/* RFC��׼TCPЭ��ջ״̬������ */
+enum full_tcp_state{
+ FTSM_VOID, /* ���һ�����ĵ�һ��������SYN��, ���ش�ֵ */
+ FTSM_SYN_SENT,
+ FTSM_SYN_RCVD,
+ FTSM_ESTABLISHED,
+ FTSM_FIN_WAIT,
+ FTSM_CLOSE_WAIT,
+ FTSM_LAST_ACK,
+ FTSM_TIME_WAIT,
+ FTSM_CLOSED,
+ FTSM_LISTEN,
+ __FTSM_MAX,
+};
+
+/*
+ ����TCP״̬������,
+ ʵ��ֻ������״̬:�½�����, ��������, ��������,
+ ÿ�����ض�����1��START��1��CLOSE״̬, ���ܰ���0�����ɸ�DATA״̬.
+
+ VOID״̬���ڵ����߿����ж��Ƿ���Ҫ��������.
+*/
+enum light_tcp_state{
+ LTSM_VOID, /* ���һ�����ĵ�һ��������SYN��, ���ش�ֵ */
+ LTSM_START,
+ LTSM_DATA,
+ LTSM_CLOSE,
+};
+
+struct ltsm_iphdr
+ {
+#if __BYTE_ORDER == __LITTLE_ENDIAN
+ unsigned int ip_hl:4; /* header length */
+ unsigned int ip_v:4; /* version */
+#endif
+#if __BYTE_ORDER == __BIG_ENDIAN
+ unsigned int ip_v:4; /* version */
+ unsigned int ip_hl:4; /* header length */
+#endif
+ u_int8_t ip_tos; /* type of service */
+ u_short ip_len; /* total length */
+ u_short ip_id; /* identification */
+ u_short ip_off; /* fragment offset field */
+#define IP_RF 0x8000 /* reserved fragment flag */
+#define IP_DF 0x4000 /* dont fragment flag */
+#define IP_MF 0x2000 /* more fragments flag */
+#define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
+ u_int8_t ip_ttl; /* time to live */
+ u_int8_t ip_p; /* protocol */
+ u_short ip_sum; /* checksum */
+ struct in_addr ip_src, ip_dst; /* source and dest address */
+ };
+
+struct ltsm_tcphdr
+ {
+ u_int16_t th_sport; /* source port */
+ u_int16_t th_dport; /* destination port */
+ u_int32_t th_seq; /* sequence number */
+ u_int32_t th_ack; /* acknowledgement number */
+# if __BYTE_ORDER == __LITTLE_ENDIAN
+ u_int8_t th_x2:4; /* (unused) */
+ u_int8_t th_off:4; /* data offset */
+# endif
+# if __BYTE_ORDER == __BIG_ENDIAN
+ u_int8_t th_off:4; /* data offset */
+ u_int8_t th_x2:4; /* (unused) */
+# endif
+ u_int8_t th_flags;
+# define TH_FIN 0x01
+# define TH_SYN 0x02
+# define TH_RST 0x04
+# define TH_PUSH 0x08
+# define TH_ACK 0x10
+# define TH_URG 0x20
+ u_int16_t th_win; /* window */
+ u_int16_t th_sum; /* checksum */
+ u_int16_t th_urp; /* urgent pointer */
+};
+
+struct ltsm_result{
+ enum full_tcp_state fstate;
+ enum light_tcp_state lstate;
+};
+
+typedef void * ltsm_stream_handle;
+
+ltsm_stream_handle ltsm_create_handle(void);
+
+#define LTSM_DIR_C2S 0
+#define LTSM_DIR_S2C 1
+
+struct ltsm_result ltsm_get_current_state(ltsm_stream_handle pltsm, uint8_t tcp_flags, uint8_t dir);
+
+const char *ltsm_fstate_ntop(enum full_tcp_state fstate);
+const char *ltsm_lstate_ntop(enum light_tcp_state lstate);
+
+void ltsm_destroy_handle(ltsm_stream_handle pltsm);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 17:20:57 +0000