1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
|
#ifndef _FLOWOOD_H_
#define _FLOWOOD_H_ 1
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <netinet/ip6.h>
#include "MESA_htable.h"
#include "MESA_list_queue.h"
#include "MESA_atomic.h"
#include "MESA_handle_logger.h"
#include "MESA_prof_load.h"
#include "MESA_list_count.h"
#include "MESA_list.h"
#include "stream.h"
#define FLWD_RUN_AS_SAPP_PLUG (1) /* ת��������sapp�IJ����ʽ���� */
#define FLWD_NO_ACTIVE_IP_DISCOVER (0) /* û�л�ԾIP������ϵͳ������, �ֹ�ָ��һЩ����ip, �Բ��� */
#define FLWD_NO_GDEV_ENV (0) /* û��GDEV�Ļ�����, ת������ģ��·��ģʽ, ����ת����, ��ʵ��Ҫ���ڲ��Խ������ع��� */
#define FLWD_NO_ACTIVE_ARP_QUERY (0) /* û������ARP��ѯ�������, ����Э��ջģ��, ��raw_socket, marsioԭʼ�ӿ�, Ҫ�ֶ�ָ��MAC��ַ */
#define FLWD_NO_MAAT (0)
#define FLWD_SUPPORT_DNAT (0) /* DNAT�Ȳ�ʵ��! */
#define FLWD_ASYNC_LOCK_FREE (0) /* �첽����ģʽ���̸߳��� */
#define FLWD_IP_REGION_BY_LIB (0) /* 1:IP�ĵ���λ����Ϣ��������IP��ַ���ѯ�õ�; 0:IP����λ����Ϣ�����ֹ����úͶ�̬����ϵͳ, ����˵ɶ����ɶ */
#define FLWD_USE_LTSM_FOR_QUICK_CLOSE (0) /* ʹ��LTSM������ǿ���ʱ��̭, �Ծ������TCP����, �Ի��տ��ö˿� */
#define FLWD_NAT_SPORT_VOLATILE (0) /* access����NAT�ڲ�ʱ, ����Դ�˿ڻ�仯, ����access����Դ�˿�Ҳ����, ��ʱ��ҪforwardҲ��¼�յ���ʱ��Դ�˿�, ����������� */
#define FLWD_RUN_IN_CEIEC_TEST (1) /* ��ceiec���Ի�����ʱд���IJ��� */
#define FLWD_USE_SPORT_HASH_AS_MARK (1) /* ʹ��Դ�˿ڵ�ijЩbitλ, ���ڱ�ʶacc-gateway, hashֵ, fwd-gateway����ȷ���ش�����̨acc-gateway */
/*
������ʹ��������ʱ��bit�ֲ�λ:
|15|14|13|12|11|10|9|8|7|6|5|4|3|2|1|0|
|accid| hash | sport |
���2bit ��������id;
�м�6bit HASHֵ;
���8bit �����Ŀ��ö˿�;
*/
#if FLWD_USE_SPORT_HASH_AS_MARK
#define FLWD_SPORT_ACC_ID_MASK (0xC000) /* ������, acc-gateway ID, ���λ����bit, ͬһ�ֵ�֧��4̨acc-gateway�豸 */
#define FLWD_SPORT_ACC_ID_SHIFT_NUM (14) /* MASK�ƶ�14λ, ���������, ��ǰ�ֵ�ID */
#define FLWD_UDP_SPORT_HASH_MASK (0x3F00) /* ������, hashֵ,���ڸ���ʵ��������, 6bit, ��Ԫ���ͻʶ��ȷ��: 98.4%, ���Ǹ��ÿͻ��˺���ʵ�ͻ���ͬʱ����һ����������ʶ���� */
#define FLWD_UDP_SPORT_ACTUAL_PORT_MASK (0x00FF) /* ������, ��ʵ���ö˿ڵ�ֵ, 8bit. ��ʵҲ��������10bit, �ټ���acc-gateway id */
#define FLWD_TCP_SPORT_ACTUAL_PORT_MASK (FLWD_UDP_SPORT_ACTUAL_PORT_MASK) /* TODO, �Ժ����, TCP�ɲ�ʹ�ö˿�HASH��Ϊ����, ��ISN���±�������,���ӿ��ö˿ڷ�Χ */
#else
#endif
#define FLWD_LINK_MTU (2048)
#define FLWD_MAX_THREAD_NUM (64)
#define FLWD_REGION_STR_LEN_MAX (32) /* ��������ֵ */
#define FLWD_NETWORK_NxM_MAX (16) /* GDEV��ת������֮�� NxM �������豸���ֵ */
#define TRAFFIC_STAT_STR_LEN (32)
#define FLWD_CONFIG_FILE "./conf/ip_reuse/flowood.conf"
#define FLWD_MACRO_TO_STRING(x) (#x)
/* �����֧ѡ���Ż�, ��������еķ�֧�ж�, ʹ��flwd_likely()���� */
#ifndef flwd_likely
#define flwd_likely(x) __builtin_expect(!!(x), 1)
#endif
#ifndef flwd_unlikely
#define flwd_unlikely(x) __builtin_expect(!!(x), 0)
#endif
typedef enum{
FLWD_DROP = 0,
FLWD_PASS = 1,
}flwd_pkt_action_t;
/* ��ֵ�����ÿ����Ҫ��Ӧ, ��ֹ������ */
typedef enum {
FLWD_NAT_TYPE_SNAT = 1,
FLWD_NAT_TYPE_DNAT = 2,
}flwd_nat_type_t;
typedef enum {
FLWD_IP_REGION_INLAND = 0, /* ����, �˶���Ҫ��pangu���ݿ������һ��!!! */
FLWD_IP_REGION_OUTLAND = 1, /* ����, �˶���Ҫ��pangu���ݿ������һ��!!! */
FLWD_IP_REGION_MAX = 2,
}flwd_ip_region_type_t;
typedef enum {
FLWD_ACT_IP_DYNAMIC = 1, /* �Զ����ֵĶ�̬��ԾIP */
FLWD_ACT_IP_STATIC = 2, /* �û�ͨ�������·��ľ�̬IP��ַ�� */
}flwd_active_ip_type_t;
/* NOTE: Ϊ�˳�����ʹ�������±�����v4, v6, �˴�������4,6�������õ�������ʵ��ֵ */
typedef enum{
FLWD_IP_ADDR_TYPE_V4 = 0,
FLWD_IP_ADDR_TYPE_V6 = 1,
}flwd_ip_addr_type_t;
typedef enum{
FLWD_MAAT_SRC_JSON = 1,
FLWD_MAAT_SRC_LOCAL_FILE = 2,
FLWD_MAAT_SRC_REDIS = 3,
}flwd_maat_cfg_source_t;
typedef struct{
unsigned char addr_type;
unsigned char addr_len;
unsigned short dport; /* NOTE: ��������ṹҲ������, �˴��Ŀ�϶����һ��port����, ������DNAT */
union{
unsigned int addr_ipv4;
struct in6_addr addr_ipv6;
unsigned char addr_value[16];
};
}flwd_ip_t;
typedef struct{
unsigned int sip_net_order;
unsigned int dip_net_order;
}flwd_ippair_v4_t;
typedef struct{
struct in6_addr sip_net_order;
struct in6_addr dip_net_order;
}flwd_ippair_v6_t;
typedef struct{
unsigned char addr_type; /* flwd_ip_addr_type_t, ÿ����Ԫ��ʹ�ö����ĵ�ַ����, Ԥ��v4_over_v6, v6_over_v4�ĵ�ַת������ */
unsigned char protocol; /* TCP��UDP��Ԫ����Ҫ����, ����Э���ֶ�, ʵ����5Ԫ�� */
unsigned char dir_reverse; /* natת��֮ǰ��key��Ԫ����ʵ����, �Ƿ���ݴ��ַ��ΪԴ��HASH�淶, ���˵�ַ��ת, ��: TCP_SYN��, �����ֵΪ1, ˵��key->dip����������SYN�����ͷ�, д��־ʱ����ע�� */
unsigned char __pad; /* �ֽڶ��� */
unsigned short sport_net_order;
unsigned short dport_net_order;
union{
flwd_ippair_v6_t *ippair_v6; /* �˴�ʹ��ָ��, ��IPv6��ַ̫��, V6������Խ���, �˽ṹ���ɺ�flwd_ippair_v4_tһ����, union���Խ�Լ�ڴ�. ע��free!! */
flwd_ippair_v4_t ippair_v4;
};
}flwd_tuple5_t; /* NAT��Ԫ�� */
/* ��ʵ������IP�Ͷ˿� */
typedef struct{
unsigned int actual_server_ip_net_order;
unsigned short actual_server_port_net_order;
}flwd_actual_ip_port_t;
/* ���ݰ���Դ, �������� or ת������,
���н���������ת������֮��, Ԥ������socketͨ��ģʽ, ��Ϊ�������̿��Բ�����һ̨����
*/
typedef enum {
TOPO_ACC_LINK_USER = 0, /* ��������--�û��ն� */
TOPO_ACC_LINK_FWD = 1, /* ��������--ת������ */
TOPO_FWD_LINK_ACC = 2, /* ת������--�������� */
TOPO_FWD_LINK_GDEV = 3, /* ת������--ר���豸 */
__TOPO_MODE_MAX = 4,
}flwd_topology_t;
/* �û������ն�Э������ */
typedef enum {
FLWD_TERMINAL_IP_LAYER,
FLWD_TERMINAL_IP_L2TP,
FLWD_TERMINAL_IP_PPTP,
}flwd_terminal_proto_t;
typedef enum {
CAP_MODEL_PAG = 0,
CAP_MODEL_PCAP_ONLINE = 1,
CAP_MODEL_SOCKET = 2, /* ����ƽ̨������, ��Ϊflowoodϵͳ�϶������ö���ģʽ, ��������ʵʱ��������, ��dumpfile��Ϊsocketģʽ */
CAP_MODEL_PFRING = 3,
CAP_MODEL_DPDK = 4,
CAP_MODEL_PPF = 5,
CAP_MODEL_NPACKET = 6,
CAP_MODEL_QNF = 7, /* for ��߿Ƽ�Zhuanyong���� */
CAP_MODEL_N95 = 8, /* to do: for xx9 UDP�½ӿ� */
CAP_MODEL_PCAP_DUMPLIST = 9, /* 2014-11-19 lijia add */
CAP_MODEL_TOPSEC = 10, /* 2015-09-29 lijia add, for trojan detect */
CAP_MODEL_IPFILE = 11,
CAP_MODEL_MARSIOV4 = 12, /* 2016-10-26 lijia add, for DPDK-marsio-V4.0 */
CAP_MODEL_AGENT_SMITH = 13, /* 2016-10-27 lijia add, for ��Դ���빲���ڴ� */
CAP_MODEL_DPDK_VXLAN = 14, /* 2016-11-01 lijia add, for DPDK-3.0, vxlan������� */
CAP_MODEL_MARSIOV4_VXLAN= 15, /* 2016-11-01 lijia add, for MARSIO-4.0, vxlan������� */
CAP_MODEL_PAG_MARSIO = 16, /* 2017-04-07 lijia add, for marsio compat pag */
__CAP_MODEL_MAX = 17,
}flwd_cap_mode_t;
typedef enum{
FLWD_OUTOPT_FIRST_PKT = 0x1, /* һ�������װ�, ��Ҫ����ָ������, accessͨ��vxlan�����ֶθ�֮fwd�˰����װ�, fwdҪ����session�� */
}flwd_output_opt_t;
typedef struct{
void *low_level_mbuff; /* �ײ�IO����ذ��ṹ, ��: struct pfring_pkthdr, marsio_buff_t */
char *inner_pkt_data; /* �ڲ�MAC�㿪ʼ�����ݲ��� */
char *outer_pkt_data; /* ���MAC�㿪ʼ�����ݲ��� */
int inner_pkt_len; /* �ڲ�MACͷ��ʼ�����ݳ��� */
int outer_pkt_len; /* ���MACͷ��ʼ�����ݳ��� */
flwd_terminal_proto_t terminal_proto;
const char *inner_ip_layer_hdr; /* Vxlan(����)�ڲ�IP��ͷ��ʼ��ַ, v4 or v6 */
}flwd_raw_pkt_t;
typedef struct{
const char *device_name;
const char *pkt_filter; /* ����ijЩ������֧�� */
flwd_cap_mode_t cap_mode;
flwd_topology_t topo_mode;
unsigned int device_ip_net_order; /* �����豸IP��ַ */
unsigned int device_ip_mask_net_order; /* �����豸IP���� */
unsigned int gateway_ip_net_order; /* Ĭ������IP��ַ */
// unsigned int *device_slave_ip_net_order; /* ������˫IPģʽ, ������������������, ����ģʽ����һ��������, ͬʱ����ת�����غͽ����ն˵Ļ�����, ����ͬIP���������� */
// unsigned char device_slave_ip_num; /* ��Ҫ����DNAT�Ľ������غ���ʵ������ͨ��, ���ֻ��һ��IP, ���������ֻ��65411��, ����ʹ�ö������ip��ַ, ���ܱ�֤�߲����� */
unsigned short socket_port_net_order; /* lo���ػػ�socketͨ�Ŷ˿�ģʽ */
unsigned char local_mac_addr[6];
}flwd_io_para_t;
typedef struct __flwd_device_handle{
int tot_thread_count;
int sapp_send_thread_seq; /* �Բ����ʽ���ص�sappʱ, �ǰ������̵߳ķ����߳�ID */
flwd_io_para_t io_para; /* ������������, ������, ����ģʽ, �ӿ�IP,MAC��ַ�ȵ� */
void *low_level_io_handle;
int (*low_level_io_init)(struct __flwd_device_handle *h);
void (*low_level_io_run)(struct __flwd_device_handle *h);
int (*low_level_pkt_recv)(struct __flwd_device_handle *h, int tid, void **mbuff);
void (*low_level_pkt_free)(struct __flwd_device_handle *h, int tid, void *mbuff);
void *(* low_level_mbuff_malloc)(struct __flwd_device_handle *h, int tid, int len);
void (* low_level_mbuff_free)(struct __flwd_device_handle *h, int tid, void *mbuff);
void (* low_level_mbuff_free_after_send)(struct __flwd_device_handle *h, int tid, void *mbuff); /* ��marsioģʽ���ͺ��Զ�free, ijЩ���ֲ��Զ�free, ������ôһ�������ӿ� */
void (* low_level_mbuff_send_back)(struct __flwd_device_handle *h, int tid, void *mbuff); /* GDEVģʽ��, fwd���ػ�ע���ݰ� */
char * (* low_level_mbuff_mtod)(void *mbuff);
char * (*low_level_mbuff_data_append)(void *mbuff, const char *user_data, int user_data_len);
char * (*low_level_mbuff_data_forward)(void *mbuff, int n); /* ����ָ����ǰ�ƶ�N���ֽ�, ���ݳ����Զ�����N */
char * (*low_level_mbuff_data_rearward)(void *mbuff, int n); /* ����ָ������ƶ�N���ֽ�, ���ݳ����Զ�����N */
int (*low_level_mbuff_get_pkt_len)(void *mbuff);
void (*low_level_mbuff_set_pkt_len)(void *mbuff, int pkt_len);
int (*low_level_send)(struct __flwd_device_handle *h, int tid, void *mbuff); /* ����֮ǰ����low_level_mbuff_malloc(), ��������Զ�free, ������������low_level_mbuff_free() */
}flwd_device_handle_t;
/* Ϊ���������, �ڲ�Ϊÿ�������, ��maat���ص�table_id��ͬ */
typedef enum{
FLWD_MAAT_TB_IR_POLICY_COMPILE = 0,
FLWD_MAAT_TB_IR_POLICY_GROUP,
FLWD_MAAT_TB_IR_POLICY_IP,
FLWD_MAAT_TB_IR_STATIC_IP_POOL_CB, /* �û��˹�����IP */
FLWD_MAAT_TB_IR_DYN_SIFT_IP_CB, /* �Զ�����IP */
FLWD_MAAT_TB_IR_DYN_CONN_IP, /* ��ɢIP���õ���Ԫ��, ��֮������ϵͳ, ����ϵͳ�ڳ�ͻ���� */
FLWD_MAAT_TB_MAX,
}flwd_inner_maat_table_id_t;
typedef struct{
const char *table_name;
int table_id;
}flwd_maat_table_info_t;
typedef struct{
void *flwd_log_handle; /* MESA-handle_logger��־��� */
void *maat_log_handle;
void *maat_static_handle; /* redis�������÷���, maatҲҪ��ʼ��������ͬ��� */
void *maat_dynamic_handle; /* redis�������÷���, maatҲҪ��ʼ��������ͬ��� */
void *flwd_network_conn_table; /* gdev��forward����֮��Ļ�����ϵ */
void *flwd_arp_table; /* ARP HASH��, ip��Ϊkey, mac_addrΪdata */
pthread_rwlock_t flwd_arp_htable_rwlock; /* arp��Ҫ��̬����, ��htableֻ�л�����, ��������Ƕ�����, ��Ҫ��д��, ����߶��߳����� */
time_t cur_time;
struct in6_addr zero_ipv6_addr; /* ��ʾȫ0��IPv6��ַ */
unsigned char zero_mac_addr[6]; /* ��ʾȫ0��MAC��ַ */
unsigned long long cur_time_usec; /* ��1970-01-01 ��ʼ����ǰʱ��ľ������� */
flwd_device_handle_t global_io_handle[__TOPO_MODE_MAX];
flwd_maat_table_info_t maat_table_info[FLWD_MAAT_TB_MAX];
}flwd_global_val_t; /* ȫ�ֱ��� */
typedef struct{
unsigned long long eth_pkt_num;
unsigned long long ip_pkt_num;
unsigned long long tcp_pkt_num;
unsigned long long udp_pkt_num;
unsigned long long eth_pkt_byte;
unsigned long long ip_pkt_byte;
unsigned long long tcp_pkt_byte;
unsigned long long udp_pkt_byte;
}flwd_pkt_stat_t; /* ���ݰ�����ͳ����Ϣ */
/* Դ��Ŀ�ķ����Ե�ǰ����Ϊ */
struct __flwd_tuple4{
unsigned char addr_type; /* �ѵ�ַ���ͷ�ֹ�ṹ����ǰ, ����v4, v6����ʶ�� */
unsigned char protocol; /* TCP��UDP��Ԫ����Ҫ����, ����Э���ֶ� */
unsigned short sport_net_order;
unsigned short dport_net_order;
unsigned int sip_net_order;
unsigned int dip_net_order;
}__attribute__((packed));
typedef struct __flwd_tuple4 flwd_tuple4v4_t;
/* Դ��Ŀ�ķ����Ե�ǰ����Ϊ */
struct __flwd_tuple6{
unsigned char addr_type; /* �ѵ�ַ���ͷ�ֹ�ṹ����ǰ, ����v4, v6����ʶ�� */
unsigned char protocol; /* TCP��UDP��Ԫ����Ҫ����, ����Э���ֶ� */
unsigned short sport_net_order;
unsigned short dport_net_order;
struct in6_addr sip_net_order;
struct in6_addr dip_net_order;
}__attribute__((packed));
typedef struct __flwd_tuple6 flwd_tuple4v6_t;
typedef struct{
unsigned int gdev_ip_net_order; /* ��¼�����������IP��GDEV IP, ʵ�ʾ��DZ�ҵ���loopback ip, ����region_id, dev_idͨ������õ� */
unsigned char region_id; /* ���ڱ�� */
unsigned char dev_id; /* �豸��� */
unsigned char link_id; /* ��ǰIP������ʱ����·�� */
unsigned char this_ip_as_sip_route_dir; /* �˻�ԾIP��ΪԴIPʱ, ��INLINE�豸�ķ���λ, һ��Ҫ��TCP��SYN�����ӵ�����, udp���ܻύ��sip��dip, ��Ϊ������ΪԴ��ַ, ͨ����ֵ����� */
unsigned char inner_raw_smac[6];
unsigned char inner_raw_dmac[6];
}flwd_gdev_associated_args_t;
/* �洢��ת�������еĵײ�·����Ϣ, ����ÿ�ζ���̬��·�ɱ�, ARP��, �ÿռ任ʱ��!!!
SNAT:
access����:
���տͻ������ݰ�, ��¼�ͻ���ԴMAC;
����ѡ��Ļ�ԾIP����λ��, ��̬��ѯ��һ��fwd����, ��¼fwd_ip, fwd_mac;
fwd����:
��������access�İ�, ����hash��, ��¼access_ip, access_mac;
���յ�����gdev�Ļظ���, ֱ��ȡ��nat_info�е�access_ip, access_mac, ֱ��ת��(�������Ĵ��Ļ�ȥ).
DNAT:
fwd����:
���յ�����gdev���װ�, ��̬��ѯdip������̨access���ؿ��Ե���, ��¼access_ip, access_mac;
access����:
���յ�����fwd���װ�, ��¼fwd_ip, fwd_mac, ���յ���ʵ������Ӧ��ʱ, ȡ���洢��ip,macֱ��ת��(�������Ĵ��Ļ�ȥ).
*/
typedef struct{
flwd_gdev_associated_args_t gdev_args;
unsigned char inner_terminal_mac[6]; /* ��Ҫ����access_gateway, �ͻ��˻���ʵ��������MAC, SNAT��Ӧ������ò�ARP��; DNAT���װ���Ҫ��ѯARP��һ�� */
unsigned int next_gateway_ip_net; /* ��Ҫ����access_gateway��fwd_gateway, ��һ�����ص�IP, ʵ�ʾ���vxlan���IP��ַ, ������v4,v6, �϶�����IPv4��ַ */
unsigned char next_gateway_mac[6]; /* ��Ҫ����access_gateway��fwd_gateway, ��һ�����ص�MAC */
}flwd_route_info_t;
typedef struct{
unsigned char tid; /* ��Ҫ����htable�ص������ڲ���tid�������� */
unsigned char reference; /* �˽ṹ��htable�б�������ͬ��key����, �������ü���, ��ֹdouble free */
unsigned char act_ip_region; /* flwd_ip_region_type_t, ��¼��ԾIP���ڵ���λ��, �����ӽ�����, ���ն˿�ʱʹ�� */
unsigned char act_ip_origin; /* flwd_active_ip_type_t, ��̬���� or �û��������� */
flwd_nat_type_t nat_type;
flwd_tuple5_t inner_nat_tuple5; /* ����SNAT, ���Ǿ������ڲ���ʵ�ͻ��˵İ�; */
flwd_tuple5_t outer_nat_tuple5; /* ����SNAT, ���dz�����, Internet�ϵİ�; */
signed long long signature_param; /* ���ݰ�ָ��Э������ض�����, ����TCP��˵, ��SYN-ISNƫ����; ����DNS��˵, ��transidƫ����; ��ֵ��after-nat�IJ���תΪ64bit long long �ͼ�ȥԭʼpre-nat(64bit)��IJ���֮�� */
flwd_route_info_t flwd_route_info;
#if FLWD_USE_LTSM_FOR_QUICK_CLOSE
void *ltsm_stat_handle;
#endif
}flwd_nat_info_t;
typedef struct{
unsigned char tid; /* ��Ҫ����htable�ص������ڲ���tid�������� */
flwd_route_info_t flwd_route_info;
}flwd_fwd_nat_info_t;
typedef struct{
flwd_pkt_stat_t pkt_stat;
/* IP��ַ��htable */
void *flwd_ip_pool_dynamic_htable[2][2]; /* ʹ��һ����ά����, ����ά�ȷֱ���: [v4_or_v6][inland_or_outland], ��dynamic��static�洢��key��һ��, �ֿ��������� */
void *flwd_ip_pool_static_htable[2][2]; /* ʹ��һ����ά����, ����ά�ȷֱ���: [v4_or_v6][inland_or_outland], ��dynamic��static�洢��key��һ��, �ֿ��������� */
pthread_rwlock_t flwd_ip_pool_dynamic_rwlock;
pthread_rwlock_t flwd_ip_pool_static_rwlock;
void *nat_info_table; /* access��fwd���ظ���ͬһ������, TCP��UDPͬ��һ��htable, protocolҲ��Ϊkey��һ���� */
flwd_ippair_v6_t nat_key_ipv6_buf; /* ���캯��ջ�ڵ�nat_keyʱ, ��flwd_tuple5_t��ipv6��ַ������ָ��, ����ÿ�ζ�̬malloc/free, �˴�Ϊÿ���̷߳���һ����ʱ��ipv6��ַ������ */
struct stream_tuple4_v4 addrv4_convert_buf; /* flwd_tuple5_to_stream_addr()�����õ��ڴ滺���� */
struct stream_tuple4_v6 addrv6_convert_buf; /* flwd_tuple5_to_stream_addr()�����õ��ڴ滺���� */
char __pad[56];
}flwd_global_thread_t; /* ���߳�ȫ�ֱ���, ע��64�ֽڻ������ */
typedef struct{
int tot_thread_count;
int flwd_log_level;
int nat_htable_max_num;
int nat_htable_timeout;
int global_access_gateway_num; /* ȫ��һ���ж��ٸ���������, ��������ʹ�û�ԾIP��Դ�˿� */
int current_access_gateway_id; /* ��ǰ�������ص�ΨһID, ��1��ʼ */
int use_static_pool_ip_if_no_dynamic; /* ������, �����ǰû�п��ö�̬IP, ��Ӿ�̬���������ѡһ�� */
int use_dynamic_pool_ip_if_no_static; /* ������, ��������˲���, ����static_pool��ǰû�п���IP, ��Ӷ�̬�������ѡһ�� */
const char *maat_json_cfg_file;
const char* table_info_path; /* maat_cfg */
const char* full_cfg_dir; /* maat_cfg */
const char* inc_cfg_dir; /* maat_cfg */
}flwd_global_cfg_t; /* ȫ�������ļ����� */
typedef struct{
flwd_topology_t topo_mode;
const char *cfg_file_section;
char addr_para[64];
}flwd_packet_io_cfg_para_t;
typedef struct {
unsigned char is_valid;
unsigned int policy_group_id; /* ��̬IPΪ0 */
flwd_ip_region_type_t ip_region_type; /* ���ڡ����� */
flwd_active_ip_type_t ip_origin_type; /* ��̬, ��̬ */
flwd_ip_t active_ip_net_order;
flwd_gdev_associated_args_t gdev_args;
MESA_list_t active_ip_list_node; /* ��̬IP��group_idΪkey, ��ͬ��group_id��IPʹ����������; Ϊ�˷��㴦��, quiddityָ�ṹ��ͷ��, ʹ��get_entry_of̫�鷳; headͷ�ڵ������� */
MESA_list_count_t usable_tcp_sport_list_head; /* TCP���ö˿�����, ��ʼ��ʱ, ����ȫ�������ö˿�, ����һ���ʹ��������Ƴ�һ��, ���ӽ����ͷ�ʱ, �ٲ�������, ʹ��MESA_list_count_t, ���ڼ��� */
MESA_list_count_t usable_udp_sport_list_head; /* UDP���ö˿�����, ��ʼ��ʱ, ����ȫ�������ö˿�, ����һ���ʹ��������Ƴ�һ��, ���ӽ����ͷ�ʱ, �ٲ�������, ʹ��MESA_list_count_t, ���ڼ��� */
}flwd_active_ip_t;
/* ѡ���ԾIP��ͬʱ, ���ݵ�ǰIP�����м�¼, ͬʱѡ��һ������Դ�˿� */
typedef struct{
int tid;
flwd_ip_region_type_t dip_region_type; /* ��ǰ��Ԫ����ʵĿ��IP���ڵ���λ�� */
flwd_tuple5_t *nat_key; /* ԭʼ����Ԫ����Ϣ, ����SNAT����inner_tuple5, ����DNAT����outer_tuple5 */
flwd_ip_t act_sip_net_order; /* ���õĻ�ԾIP��ַ */
flwd_gdev_associated_args_t gdev_args;
unsigned short act_sport_net_order;
unsigned char protocol; /* ��ֵ������htable�ص��������ݲ�����, ����ʱ���������� */
}flwd_active_ip_port_args_t;
/* ��Ϊ��ԾIP��MAAT�ص���, �����Ƕ����ڰ������߳�, Ϊ�˲���ͬһ��htable��������, ʹ��һ��Сtrick:
op_flag�������bit����:
0λ:
0:callback�߳��Ѿ�������, �������߳̿��Զ�ȡ�����뱾�̵߳�htable;
1:�������߳��Ѿ�������, ��ʱΪNULL, callback�߳̿��Լ�������������.
1λ:
1:���������߳�ռ��;
0:�������߳��ͷ�;
2λ:
1:��callback�߳�ռ��;
0:callback�߳��ͷ�;
��1bit ��0bit ��0bit
--------|--------|--------|
cb proc valid
�յ����º�, �����ݿ��ת����flwd_active_ip_t�����Ƹ�ʽ, ���ݲ�ͬ���߳����ò�ͬ�Ķ˿�,
Ȼ�����ÿ���̵߳�flwd_temp_active_ip_op_flag=1,
*/
//#define FLWD_ACT_IP_OP_MASK_DATA_VALID (0x1)
#define FLWD_ACT_IP_OP_OR_MASK_BY_PROC (0x1) /* ���ӱ��λ */
#define FLWD_ACT_IP_OP_OR_MASK_BY_CALLBACK (0x2) /* ���ӱ��λ */
#define FLWD_ACT_IP_OP_AND_MASK_BY_PROC (0xFFFE) /* ��ձ��λ */
#define FLWD_ACT_IP_OP_AND_MASK_BY_CALLBACK (0xFFFD) /* ��ձ��λ */
extern flwd_global_cfg_t flwd_cfg_val;
extern flwd_global_val_t flwd_global_val;
extern flwd_global_thread_t flwd_thread_val[FLWD_MAX_THREAD_NUM];
extern const flwd_packet_io_cfg_para_t g_packet_io_cfg_para[__TOPO_MODE_MAX];
extern MESA_ATOMIC_T flwd_temp_active_ip_op_flag[FLWD_MAX_THREAD_NUM];
extern MESA_lqueue_head flwd_temp_active_ip_to_deal[FLWD_MAX_THREAD_NUM];
#define flwd_log(level, fmt, args...) do{ if(level >= flwd_cfg_val.flwd_log_level){MESA_handle_runtime_log(flwd_global_val.flwd_log_handle, level, "flowood", fmt, ##args);}}while(0)
#endif
|
