重构调用maat新接口

author: jixinyi <[email protected]> 2019-01-18 16:37:51 +0800
committer: jixinyi <[email protected]> 2019-01-18 16:37:51 +0800
commit: 2e83f0db5a94ba44cbbcd9d41863215934a738c0 (patch)
tree: 20c25957e655e18308b2ceb1285562874c9b89aa
parent: 6c370f68c7b54973f24558a7f51d6611337fc3e9 (diff)
parent: 263cdc86b5b2f58bd3003f0af3234bc4ea4690a4 (diff)
7 files changed, 932 insertions, 0 deletions
diff --git a/bin/conf/table_info.conf b/bin/conf/table_info.conf
index 78e1268..b1efd85 100644
--- a/bin/conf/table_info.conf
+++ b/bin/conf/table_info.conf
@@ -7,6 +7,7 @@
 #do_merege [yes/no]
 #cross cache [number]
 #quick mode [quickon/quickoff], default [quickoff]
+<<<<<<< HEAD
 #For ip/intval/digest/compile/group table.
 #id	name	type
 #
@@ -21,4 +22,22 @@
 3	IR_NOMINEE_IP	plugin	{"key":1,"valid":5}	--
 4	IR_INTERCEPT_IP	plugin	{"key":1,"valid":14}	--
 5	IR_CANDIDATE_IP	plugin	{"key":1,"valid":6}	--
+=======
+#For ip/intval/digest/compile/group
+#id	name	type
+#
+#For plugin table
+#id	name	type	valid_column
+#
+#For expr/expr_plus Table
+#id	name	type	src_charset	dst_charset	do_merge cross_cache quick_mode	
+0	IR_STATIC_NOMINEE_IP	plugin	15	--
+1	IR_DYNAMIC_NOMINEE_IP	plugin	9	--
+2	IR_DNAT_POLICY	plugin	12	--
+3	IR_INTERCEPT_IP	plugin	14	--
+4	IR_NOMINEE_IP	plugin	5	--
+5	IR_CANDIDATE_IP	plugin	6	--
+
+
+>>>>>>> 263cdc86b5b2f58bd3003f0af3234bc4ea4690a4
 
diff --git a/bin/ir_mctrl b/bin/ir_mctrl
new file mode 100644
index 0000000..24c655c
--- /dev/null
+++ b/bin/ir_mctrl
diff --git a/bin/mctrl_r2 b/bin/mctrl_r2
index 485bd0e..595546b 100644
--- a/bin/mctrl_r2
+++ b/bin/mctrl_r2
@@ -1,4 +1,8 @@
+<<<<<<< HEAD
 killall mctrl_r3 mctrl
+=======
+killall mctrl_r3 ir_mctrl
+>>>>>>> 263cdc86b5b2f58bd3003f0af3234bc4ea4690a4
 ./mctrl_r3 &> /dev/null &
 #./kill_sapp_by_mem.sh &> /dev/null &
 
diff --git a/bin/mctrl_r3 b/bin/mctrl_r3
index 2373dd4..6928cb5 100644
--- a/bin/mctrl_r3
+++ b/bin/mctrl_r3
@@ -11,7 +11,11 @@ while [ 1 ]; do
                 ulimit -c 0
         fi
 
+<<<<<<< HEAD
     ./mctrl > /dev/null
+=======
+    ./ir_mctrl > /dev/null
+>>>>>>> 263cdc86b5b2f58bd3003f0af3234bc4ea4690a4
         echo program crashed, restart at `date +"%w %Y/%m/%d, %H:%M:%S"` >> RESTART.log
     sleep 10
 done
diff --git a/src/Makefile b/src/Makefile
index e9c52f4..40b519d 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -5,8 +5,13 @@ CFLAGS = -Wall -g -fPIC
 #1INC	+= /usr/include/MESA
 LDFLAGS = -L./lib/
 LIBS = -lMESA_handle_logger -lMESA_prof_load -lMESA_htable -lmaatframe
+<<<<<<< HEAD
 OBJ =mctrl.o
 TARGET =mctrl
+=======
+OBJ =ir_mctrl.o
+TARGET =ir_mctrl
+>>>>>>> 263cdc86b5b2f58bd3003f0af3234bc4ea4690a4
 
 .cpp.o:
 	$(CCC) -c $(CFLAGS) $(INC) $<
diff --git a/src/ir_mctrl.cpp b/src/ir_mctrl.cpp
new file mode 100644
index 0000000..83f7820
--- /dev/null
+++ b/src/ir_mctrl.cpp
@@ -0,0 +1,814 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <unistd.h>
+#include <time.h>
+#include "MESA_prof_load.h"
+#include "MESA_handle_logger.h"
+#include "Maat_rule.h"
+#include "Maat_command.h"
+#include "ir_mctrl.h"
+#include "MESA_htable.h"
+
+struct MCTRL_GLOCAL_INFO mctrl_g;
+
+void sta_dyn_policy_maat_start_cb(int update_type,void* u_para)
+{
+	if(update_type==MAAT_RULE_UPDATE_TYPE_FULL)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO,(char*)"sta_dyn_policy_maat_start_cb", "table_id:%d,Maat rule type is full",*(int*)u_para);
+		switch(*(int*)u_para)
+		{
+			case DYNAMIC_NOMINEE_FLAG:
+				mctrl_g.update_type_d=MAAT_RULE_UPDATE_TYPE_FULL;
+				mctrl_g.version_d++;
+				MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG,(char*)"sta_dyn_policy_maat_start_cb", "table_id:%d,version:%d",*(int*)u_para,mctrl_g.version_d);
+				break;
+			case STATIC_NOMINEE_FLAG:
+				mctrl_g.update_type_s=MAAT_RULE_UPDATE_TYPE_FULL;
+				mctrl_g.version_s++;
+				MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG,(char*)"sta_dyn_policy_maat_start_cb", "table_id:%d,version:%d",*(int*)u_para,mctrl_g.version_s);
+				break;
+			case DNAT_POLICY_FLAG:	
+				mctrl_g.update_type_dp=MAAT_RULE_UPDATE_TYPE_FULL;
+				mctrl_g.version_dp++;
+				MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG,(char*)"sta_dyn_policy_maat_start_cb", "table_id:%d,version:%d",*(int*)u_para,mctrl_g.version_dp);
+				break;
+			default:
+				MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG,(char*)"sta_dyn_policy_maat_start_cb", "maat_start_cb table id error!!!");
+				assert(0);
+				break;
+		}
+	}
+	else
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO,(char*)"sta_dyn_policy_maat_start_cb", "table_id:%d,Maat rule type is inc",*(int*)u_para);
+	}
+	return;
+}
+
+
+void nominee_intercept_candidate_maat_start_cb(int update_type,void* u_para)
+{
+	if(update_type==MAAT_RULE_UPDATE_TYPE_FULL)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO,(char*)"nominee_intercept_candidate_maat_start_cb", "table_id:%d,Maat rule type is full",*(int*)u_para);
+	}
+	else
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO,(char*)"nominee_intercept_candidate_maat_start_cb", "table_id:%d,Maat rule type is inc",*(int*)u_para);
+	}
+	return;
+}
+
+void mctrl_get_cur_time(char *date)
+{   
+	time_t t;
+    struct tm *lt;
+    time(&t);
+    lt = localtime(&t);
+    snprintf(date, MAX_TIME_LEN,"%d/%d/%d/%d:%d:%d",lt->tm_year+1900, lt->tm_mon+1, lt->tm_mday, lt->tm_hour, lt->tm_min, lt->tm_sec);
+}
+
+
+int set_ir_line(Maat_feather_t feather,const char *ir_table_name,const char *table_line,int rule_id)
+{
+	const struct Maat_line_t *p_line;
+	struct Maat_line_t line_rule;
+	int ret = 0;
+	char m_table_line[HTABLE_DATA_LEN];
+	struct IR_MCTRL_INFO mctrl_info;
+	memset(&mctrl_info,0,sizeof(mctrl_info));
+	memset(&line_rule, 0,sizeof(line_rule));
+
+	line_rule.label_id=0;
+	line_rule.rule_id=rule_id;
+	line_rule.table_name=ir_table_name;
+
+	sscanf(table_line, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s", 
+		&mctrl_info.htable_flag,&mctrl_info.version,&mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+		mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+		mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+		&mctrl_info.action,&mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+
+	mctrl_get_cur_time(mctrl_info.op_time);
+	
+	if(!memcmp(ir_table_name,NOMINEE_TABLE_NAME,strlen(NOMINEE_TABLE_NAME)))
+	{
+		snprintf(m_table_line,sizeof(m_table_line),"%d\t%d\t%d\t%s\t%d\t%s\t%s",
+			rule_id,mctrl_info.addr_pool_id,mctrl_info.addr_type,mctrl_info.src_ip,mctrl_info.is_valid,mctrl_info.effective_range,mctrl_info.op_time);
+	}
+	else 
+	{
+		snprintf(m_table_line,sizeof(m_table_line),"%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s",
+			rule_id,mctrl_info.group_id,mctrl_info.addr_type,
+			mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+			mctrl_info.dst_port,mctrl_info.mask_dst_port,mctrl_info.procotol,mctrl_info.direction,
+			mctrl_info.is_valid,mctrl_info.action,mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+	}
+	
+	line_rule.table_line=m_table_line;
+	line_rule.expire_after=0;
+	p_line=&line_rule;
+
+	ret=Maat_cmd_set_line(feather, p_line, MAAT_OP_ADD);
+
+	MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"set_ir_line", "set_table_name:%s  set_table_line:%s",ir_table_name,m_table_line);
+	
+	if(ret==-1)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"set_ir_line","%s:set rule_id is %d  redis  line error",ir_table_name,rule_id);
+	}
+	else
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"set_ir_line","%s:set rule_id is %d  redis line success",ir_table_name,rule_id);
+	}
+	return ret;
+}
+
+
+int del_ir_line(Maat_feather_t feather,const char *ir_table_name,const char *table_line,int rule_id)
+{
+	int ret=0;
+	
+	const struct Maat_line_t *p_line;
+	struct Maat_line_t line_rule;
+	memset(&line_rule,0,sizeof(line_rule));
+	
+	line_rule.label_id=0;
+	line_rule.rule_id=rule_id;
+	line_rule.table_name=ir_table_name;
+	line_rule.table_line=NULL;
+	if(!memcmp(ir_table_name,INTERCEPT_TABLE_NAME,strlen(NOMINEE_TABLE_NAME)))
+	{
+		line_rule.expire_after=TIME_OUT;
+		p_line=&line_rule;
+		ret=Maat_cmd_set_line(feather, p_line, MAAT_OP_RENEW_TIMEOUT);
+	}
+	else
+	{
+		line_rule.expire_after=0;
+		p_line=&line_rule;
+		ret=Maat_cmd_set_line(feather, p_line, MAAT_OP_DEL);
+	}
+
+	MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"del_ir_line", "del_table_name:%s  del_table_line:%s",ir_table_name,table_line);
+
+	if(ret==-1)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"del_ir_line","%s:del rule_id is %d  redis line error",ir_table_name,rule_id);
+	}
+	else 
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"del_ir_line","%s:del rule_id is %d  redis line success",ir_table_name,rule_id);
+	}
+	return ret;
+	
+}
+
+long del_update_search_htable_cb(void *data, const uchar *key, uint size, void *user_arg)
+{
+	int htable_flag=0;
+	char *htable_data=(char*)data;
+	if(htable_data!=NULL)
+	{
+		sscanf(htable_data,"%d\t",&htable_flag);
+	}
+	return htable_flag;
+}
+
+long set_update_search_htable_cb(void *data, const uchar *key, uint size, void *user_arg)
+{
+	struct IR_MCTRL_INFO mctrl_info;
+	memset(&mctrl_info,0,sizeof(mctrl_info));
+	char *htable_data=(char*)data;
+	
+	if(htable_data!=NULL)
+	{
+		sscanf(htable_data,"%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s", 
+			&mctrl_info.htable_flag,&mctrl_info.version,&mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+			mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+			mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+			&mctrl_info.action,&mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+		
+		if(mctrl_info.htable_flag & DYNAMIC_NOMINEE_FLAG)
+		{
+			mctrl_info.version=mctrl_g.version_d; 	
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"set_update_search_htable_cb","get htable flag:%d! version:%d!",mctrl_info.htable_flag,mctrl_info.version);
+		}
+		else if(mctrl_info.htable_flag & STATIC_NOMINEE_FLAG)
+		{
+			mctrl_info.version=mctrl_g.version_s; 
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"set_update_search_htable_cb","get htable flag:%d! version:%d!",mctrl_info.htable_flag,mctrl_info.version);
+		}
+		else if(mctrl_info.htable_flag & DNAT_POLICY_FLAG)
+		{
+			mctrl_info.version=mctrl_g.version_dp;
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"set_update_search_htable_cb","get htable flag:%d! version:%d!",mctrl_info.htable_flag,mctrl_info.version);
+		}
+		else
+		{
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"set_update_search_htable_cb","get htable flag:%d!",mctrl_info.htable_flag);
+		}
+	
+		snprintf(htable_data,HTABLE_DATA_LEN, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s", 
+			mctrl_info.htable_flag,mctrl_info.version,mctrl_info.region_id,mctrl_info.group_id,mctrl_info.addr_type,
+			mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+			mctrl_info.dst_port,mctrl_info.mask_dst_port,mctrl_info.procotol,mctrl_info.direction,mctrl_info.addr_pool_id,mctrl_info.is_valid,
+			mctrl_info.action,mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+	}
+	return mctrl_info.htable_flag;
+}
+
+
+long nominee_intercept_candidate_search_htable_cb(void *data, const uchar *key, uint size, void *user_arg)
+{
+	int htable_flag=0;
+	struct IR_MCTRL_INFO mctrl_info;
+	memset(&mctrl_info,0,sizeof(mctrl_info));
+	char *htable_data=(char*)data;
+	
+	if(htable_data==NULL)
+	{
+		return htable_flag;
+	}
+	
+	sscanf(htable_data, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s", 
+		&htable_flag,&mctrl_info.version,&mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+		mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+		mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+		&mctrl_info.action,&mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+
+	switch(*(int*)user_arg)
+	{
+		case INTERCEPT_FLAG:
+			if(!(htable_flag & INTERCEPT_FLAG))	
+			{	
+				htable_flag+=INTERCEPT_FLAG;
+			}
+			break;
+		case NOMINEE_FLAG:
+			if(!(htable_flag & NOMINEE_FLAG))
+			{
+				htable_flag+=NOMINEE_FLAG;
+			}
+			break;
+		case CANDIDATE_FLAG:
+			if(!(htable_flag & CANDIDATE_FLAG))
+			{
+				htable_flag+=CANDIDATE_FLAG;
+			}
+			break;
+		default:
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"nominee_intercept_candidate_search_htable_cb","read nom_intercept_candidate_table error!!!");	
+			assert(0);
+			break;
+	}
+	
+	snprintf(htable_data,HTABLE_DATA_LEN, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s", 
+		htable_flag,mctrl_info.version,mctrl_info.region_id,mctrl_info.group_id,mctrl_info.addr_type,
+		mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+		mctrl_info.dst_port,mctrl_info.mask_dst_port,mctrl_info.procotol,mctrl_info.direction,mctrl_info.addr_pool_id,mctrl_info.is_valid,
+		mctrl_info.action,mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+		
+	MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"nominee_intercept_candidate_search_htable_cb","Data rule id is:%d  htable flag is:%d",mctrl_info.region_id, htable_flag);	
+
+	return htable_flag;
+}
+
+void del_ir_redis_info(int flag,const char* table_line,int rule_id)
+{
+
+	if(flag & INTERCEPT_FLAG)
+	{
+		del_ir_line(mctrl_g.i_feather,(char*)INTERCEPT_TABLE_NAME,table_line,rule_id);
+	}
+
+	if(flag & NOMINEE_FLAG)
+	{
+		del_ir_line(mctrl_g.n_feather,(char*)NOMINEE_TABLE_NAME,table_line,rule_id);
+	}
+
+	if(flag & CANDIDATE_FLAG)
+	{
+		del_ir_line(mctrl_g.n_feather,(char*)CANDIDATE_TABLE_NAME,table_line,rule_id);
+	}
+	
+	return;
+}
+
+void nominee_intercept_candidate_maat_update_cb(int table_id,const char* table_line,void* u_para)
+{
+	int rule_id=0;
+	void *htable_data=NULL;
+	int is_valid=-1;
+	long search_ret=0;
+
+	switch(*(int*)u_para)
+	{
+		case NOMINEE_FLAG:
+			sscanf(table_line,"%d\t%*d\t%*d\t%*s\t%d",&rule_id,&is_valid);
+			if(rule_id<DNAT_NUMBER)
+			{
+				del_ir_line(mctrl_g.n_feather,(char*)NOMINEE_TABLE_NAME,table_line,rule_id);
+			}
+			break;
+		case INTERCEPT_FLAG:
+			sscanf(table_line,"%d\t%*d\t%*d\t%*s\t%*s\t%*s\t%*s\t%*s\t%*s\t%*s\t%*s\t%*d\t%*d\t%d",&rule_id,&is_valid);
+			break;
+		case CANDIDATE_FLAG:
+			sscanf(table_line,"%d\t%*d\t%*d\t%*s\t%*d\t%d",&rule_id,&is_valid);
+			break;
+		default:	
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"nominee_intercept_candidate_maat_update_cb","read nom_intercept_candidate_table flag error!!!");
+			assert(0);
+			break;
+	}
+
+	unsigned char *key_id=(unsigned char*)&rule_id;
+
+	if(is_valid==0)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"nominee_intercept_candidate_maat_update_cb"," del table_id:%d,data:%s is_valid==0,del succeed",*(int*)u_para,table_line);
+		return;
+	}
+	
+	htable_data=MESA_htable_search_cb(mctrl_g.mctrl_htable_handle,key_id,sizeof(rule_id), nominee_intercept_candidate_search_htable_cb,u_para,&search_ret);
+
+	if(htable_data==NULL)
+	{
+		del_ir_redis_info(*(int*)u_para,table_line,rule_id);
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"nominee_intercept_candidate_maat_update_cb","htable data not exist,del it! rule_id is:%d",rule_id);
+	}
+	else
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"nominee_intercept_candidate_maat_update_cb","htable data exist! rule_id is:%d",rule_id);
+	}
+	return;
+}
+
+void htable_data_free(void *data)
+{
+	if(data!=NULL)
+	{
+		int rule_id=0;
+		sscanf((char*)data,"%*d\t%d",&rule_id);
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_INFO, (char*)"htable_data_free","rule_id is:%d",rule_id);
+		free(data);
+		data=NULL;
+	}
+	return;
+}
+
+void set_ir_redis_info(int flag,const char* table_line,int rule_id)
+{
+	if(!(flag & INTERCEPT_FLAG))
+	{
+		set_ir_line(mctrl_g.i_feather, (char*)INTERCEPT_TABLE_NAME,table_line,rule_id);
+	}
+
+	if((!(flag & NOMINEE_FLAG))&&(!(flag & DNAT_POLICY_FLAG)))
+	{
+		set_ir_line(mctrl_g.n_feather,(char*)NOMINEE_TABLE_NAME,table_line,rule_id);
+	}
+
+	return;
+}
+
+void sta_dyn_policy_maat_update_cb(int table_id,const char* table_line,void* u_para)
+{
+	int add_ret=0;
+	struct IR_MCTRL_INFO mctrl_info;
+	memset(&mctrl_info,0,sizeof(mctrl_info));
+	char *htable_data=NULL;
+	void *search_result=NULL;
+	int rule_id=0;
+	int del_ret=0;
+	long cb_ret=0;
+	switch(*(int*)u_para)
+	{
+		case DYNAMIC_NOMINEE_FLAG:
+			mctrl_info.addr_pool_id=0;
+			memcpy(mctrl_info.src_port,"0",sizeof("0"));
+			memcpy(mctrl_info.mask_src_ip,"0.0.0.0",sizeof("0.0.0.0"));
+			memcpy(mctrl_info.mask_src_port,"0",sizeof("0"));
+			memcpy(mctrl_info.dst_ip,"0.0.0.0",sizeof("0.0.0.0"));
+			memcpy(mctrl_info.mask_dst_ip,"0.0.0.0",sizeof("0.0.0.0"));
+			memcpy(mctrl_info.dst_port,"0",sizeof("0"));
+			memcpy(mctrl_info.mask_dst_port,"0",sizeof("0"));
+			memcpy(mctrl_info.effective_range,"{}",sizeof("{}"));
+			mctrl_info.action=96;
+			mctrl_info.service=832;
+			mctrl_info.htable_flag=DYNAMIC_NOMINEE_FLAG;
+			sscanf(table_line,"%d\t%d\t%d\t%s\t%*s\t%d\t%s\t%*d\t%d\t%d\t%*d\t%*s\t%*s", 
+				&mctrl_info.region_id,&mctrl_info.addr_type,&mctrl_info.procotol,mctrl_info.src_ip,
+				&mctrl_info.direction,mctrl_info.user_region,&mctrl_info.is_valid,&mctrl_info.service);
+			mctrl_info.region_id=(mctrl_info.region_id%SNAT_DYNAMIC_NUMBER)+SNAT_DYNAMIC_NUMBER;
+			mctrl_info.group_id=mctrl_info.region_id;
+			break;
+		case STATIC_NOMINEE_FLAG:
+			memcpy(mctrl_info.user_region,"0",sizeof("0"));
+			memcpy(mctrl_info.effective_range,"{}",sizeof("{}"));
+			mctrl_info.service=832;	
+			mctrl_info.htable_flag=STATIC_NOMINEE_FLAG;
+			sscanf(table_line,"%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%*d\t%*s\t%*s", 
+				&mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+				mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+				mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+				&mctrl_info.action);
+			mctrl_info.region_id=(mctrl_info.region_id%DNAT_NUMBER)+DNAT_NUMBER;
+			break;
+		case DNAT_POLICY_FLAG:
+			memcpy(mctrl_info.src_ip,"0.0.0.0",sizeof("0.0.0.0"));
+			memcpy(mctrl_info.src_port,"0",sizeof("0"));
+			memcpy(mctrl_info.mask_src_ip,"0.0.0.0",sizeof("0.0.0.0"));
+			memcpy(mctrl_info.mask_src_port,"0",sizeof("0"));
+			memcpy(mctrl_info.mask_dst_ip,"0.0.0.0",sizeof("0.0.0.0"));
+			memcpy(mctrl_info.mask_dst_port,"0",sizeof("0"));
+			memcpy(mctrl_info.user_region,"0",sizeof("0"));
+			memcpy(mctrl_info.effective_range,"{}",sizeof("{}"));
+			mctrl_info.direction=0;
+			mctrl_info.action=96;
+			mctrl_info.service=832;
+			mctrl_info.htable_flag=DNAT_POLICY_FLAG;
+			sscanf(table_line,"%d\t%d\t%s\t%s\t%d\t%*s\t%*s\t%*s\t%d\t%*d\t%*d\t%d\t%*s\t%*s", 
+				&mctrl_info.region_id,&mctrl_info.addr_type,mctrl_info.dst_ip,mctrl_info.dst_port,&mctrl_info.procotol,
+				&mctrl_info.do_log,&mctrl_info.is_valid);
+			mctrl_info.group_id=mctrl_info.region_id;
+			mctrl_info.region_id=mctrl_info.region_id%DNAT_NUMBER;
+			break;
+		default:	
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"sta_dyn_policy_maat_update_cb","read_snat_or_dnat table flag error!!");
+			assert(0);
+			break;
+	}
+
+	unsigned char *key_id=(unsigned char*)&mctrl_info.region_id;
+	rule_id=mctrl_info.region_id;
+
+	if(mctrl_info.is_valid==1) 
+	{
+		
+		htable_data=(char*)malloc(HTABLE_DATA_LEN);
+		if(htable_data==NULL)
+			{
+				MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"sta_dyn_policy_maat_update_cb","malloc htable_data error!!");
+				exit(1);
+			}
+		snprintf(htable_data,HTABLE_DATA_LEN,"%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s", 
+			mctrl_info.htable_flag,mctrl_info.version,mctrl_info.region_id,mctrl_info.group_id,mctrl_info.addr_type,
+			mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+			mctrl_info.dst_port,mctrl_info.mask_dst_port,mctrl_info.procotol,mctrl_info.direction,mctrl_info.addr_pool_id,mctrl_info.is_valid,
+			mctrl_info.action,mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+		add_ret=MESA_htable_add(mctrl_g.mctrl_htable_handle,key_id,sizeof(rule_id),htable_data);
+		if(add_ret<0)
+		{
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"sta_dyn_policy_maat_update_cb","add htable error:%d",add_ret);
+		}
+		else
+		{
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"sta_dyn_policy_maat_update_cb","add htable succeed:%d",add_ret);
+		}
+		
+		MESA_htable_search_cb(mctrl_g.mctrl_htable_handle,key_id,sizeof(rule_id),set_update_search_htable_cb,NULL,&cb_ret);
+		
+		set_ir_redis_info(cb_ret,htable_data,rule_id);
+
+	}
+	
+	else if(mctrl_info.is_valid==0)
+	{
+		search_result=MESA_htable_search_cb(mctrl_g.mctrl_htable_handle,key_id,sizeof(rule_id),del_update_search_htable_cb,NULL,&cb_ret);
+		
+		if(search_result==NULL)
+		{
+			MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"sta_dyn_policy_maat_update_cb", "already del!!!");
+			return;
+		}
+
+		del_ir_redis_info(cb_ret,table_line,rule_id);
+		
+		del_ret=MESA_htable_del(mctrl_g.mctrl_htable_handle,key_id,sizeof(rule_id),htable_data_free);
+		
+		if(del_ret<0)
+		{
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"sta_dyn_policy_maat_update_cb","del htable error:%d",del_ret);
+			assert(0);
+		}
+	}
+	else
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"sta_dyn_policy_maat_update_cb", "is_valid default !!!");
+		assert(0);
+	}
+
+	return;
+}
+
+void sta_dyn_policy_htable_full_iterate(const uchar * key, uint size, void * data, void * user)
+{
+	struct IR_MCTRL_INFO mctrl_info;
+	memset(&mctrl_info,0,sizeof(mctrl_info));
+	char *htable_data=(char*)data;
+	int del_ret=0;
+	if(htable_data==NULL)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"sta_dyn_policy_htable_full_iterate","htable is null");
+		return;
+	}
+	
+	sscanf(htable_data, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s", 
+		&mctrl_info.htable_flag,&mctrl_info.version,&mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+		mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+		mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+		&mctrl_info.action,&mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+	if((mctrl_g.update_type_s==MAAT_RULE_UPDATE_TYPE_FULL&&(mctrl_info.htable_flag & STATIC_NOMINEE_FLAG)&&mctrl_info.version!=mctrl_g.version_s)||
+		(mctrl_g.update_type_d==MAAT_RULE_UPDATE_TYPE_FULL&&(mctrl_info.htable_flag & DYNAMIC_NOMINEE_FLAG)&&mctrl_info.version!=mctrl_g.version_d)||
+		(mctrl_g.update_type_dp==MAAT_RULE_UPDATE_TYPE_FULL&&(mctrl_info.htable_flag & DNAT_POLICY_FLAG)&&mctrl_info.version!=mctrl_g.version_dp))
+		
+	{
+		del_ir_redis_info(mctrl_info.htable_flag,(char*)data,mctrl_info.region_id);
+		
+		unsigned char *key_id=(unsigned char*)&mctrl_info.region_id;
+		
+		del_ret=MESA_htable_del(mctrl_g.mctrl_htable_handle,key_id,sizeof(int),htable_data_free);
+				
+		if(del_ret<0)
+		{
+			MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"sta_dyn_policy_htable_full_iterate","del htable error:%d",del_ret);
+			assert(0);
+		}
+	}
+	return;
+}
+
+
+void sta_dyn_policy_maat_finish_cb(void* u_para)
+{
+	if((*(int*)u_para==DYNAMIC_NOMINEE_FLAG)&&mctrl_g.update_type_d==MAAT_RULE_UPDATE_TYPE_FULL)
+	{
+		MESA_htable_iterate(mctrl_g.mctrl_htable_handle, sta_dyn_policy_htable_full_iterate,NULL);
+		mctrl_g.update_type_d=MAAT_RULE_UPDATE_TYPE_INC;
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG, (char*)"sta_dyn_policy_maat_finish_cb", "table_id:%d,update_type:%d,finish succeed",*(int*)u_para,mctrl_g.update_type_d);
+	}
+	else if((*(int*)u_para==STATIC_NOMINEE_FLAG)&&mctrl_g.update_type_s==MAAT_RULE_UPDATE_TYPE_FULL)
+	{
+		MESA_htable_iterate(mctrl_g.mctrl_htable_handle, sta_dyn_policy_htable_full_iterate,NULL);
+		mctrl_g.update_type_s=MAAT_RULE_UPDATE_TYPE_INC;	
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG, (char*)"sta_dyn_policy_maat_finish_cb", "table_id:%d,update_type:%d,finish succeed",*(int*)u_para,mctrl_g.update_type_s);
+	}
+	else if((*(int*)u_para==DNAT_POLICY_FLAG)&&mctrl_g.update_type_dp==MAAT_RULE_UPDATE_TYPE_FULL)
+	{
+		
+		MESA_htable_iterate(mctrl_g.mctrl_htable_handle, sta_dyn_policy_htable_full_iterate,NULL);
+		mctrl_g.update_type_dp=MAAT_RULE_UPDATE_TYPE_INC;	
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG, (char*)"sta_dyn_policy_maat_finish_cb", "table_id:%d,update_type:%d,finish succeed",*(int*)u_para,mctrl_g.update_type_dp);
+	}
+	else
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO, (char*)"sta_dyn_policy_maat_finish_cb", "table_id:%d,finish succeed",*(int*)u_para);
+	}
+	return;
+}
+
+
+void nominee_intercept_candidate_maat_finish_cb(void* u_para)
+{
+	MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO, (char*)"nominee_intercept_candidate_maat_finish_cb", "table_id:%d,finish succeed",*(int*)u_para);
+	return;
+}
+
+
+int register_plugin_table(Maat_feather_t feather,const char* table_name,
+							Maat_start_callback_t *start,Maat_update_callback_t *update,Maat_finish_callback_t *finish,
+							void *u_para,int table_id)
+{
+	int ret=0;
+
+	ret=Maat_table_callback_register(feather, table_id,
+								start,
+								update, 
+								finish,
+								u_para);
+	if(ret<0)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"register_plugin_table", "Maat callback register table %s error.\n",table_name);
+		assert(0);
+	}
+	
+	return ret;
+}
+
+
+void htable_iterate(const uchar * key, uint size, void * data, void * user)
+{
+	int htable_flag=0;
+	int rule_id=0;
+	char *table_line=(char*)data;
+	
+	sscanf(table_line,"%d\t%*d\t%d",&htable_flag,&rule_id);
+
+	set_ir_redis_info(htable_flag,table_line,rule_id);
+	
+	return;
+}
+
+void Maat_init()
+{
+// load conf
+	const char *section = "Mctrl";
+    const char *section_d = "Mctrl_D";
+	const char *section_s = "Mctrl_S";
+    const char *section_i = "Mctrl_I";
+	const char *section_n = "Mctrl_N";
+    char table_info_path[MAX_PATH_LEN];
+	char logger_path[MAX_PATH_LEN];
+    int max_thread_num=0;
+	int logger_level=0;
+	
+    char Maat_redis_ip_d[MAX_STRING_LEN];
+    int Maat_redis_port_d=0;
+	int Maat_redis_index_d=0;
+	
+	char Maat_redis_ip_s[MAX_STRING_LEN];
+    int Maat_redis_port_s=0;
+	int Maat_redis_index_s=0;
+	
+	char Maat_redis_ip_i[MAX_STRING_LEN];
+    int Maat_redis_port_i=0;
+	int Maat_redis_index_i=0;
+	
+	char Maat_redis_ip_n[MAX_STRING_LEN];
+    int Maat_redis_port_n=0;
+	int Maat_redis_index_n=0;
+		
+    MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section,"table_info_path", table_info_path, sizeof(table_info_path), "./conf/table_info.conf");
+	MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section,"logger_path", logger_path, sizeof(logger_path), "./log/ir_mctrl.log");
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section,"logger_level", &logger_level,RLOG_LV_FATAL);
+    MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section,"max_thread_num", &max_thread_num, 1);
+//dynamic server conf	
+    MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_d,"Maat_redis_ip", Maat_redis_ip_d, sizeof(Maat_redis_ip_d), "192.168.11.243");
+    MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_d,"Maat_redis_port", &Maat_redis_port_d,6800);
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_d,"Maat_redis_index", &Maat_redis_index_d,1);
+//static server conf
+	MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_s, "Maat_redis_ip", Maat_redis_ip_s, sizeof(Maat_redis_ip_s), "192.168.11.243");
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_s,"Maat_redis_port", &Maat_redis_port_s,6379);
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_s,"Maat_redis_index", &Maat_redis_index_s,6);
+//nominee and candate conf
+	MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_n,"Maat_redis_ip", Maat_redis_ip_n, sizeof(Maat_redis_ip_n), "192.168.11.243");
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_n,"Maat_redis_port", &Maat_redis_port_n,6800);
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_n,"Maat_redis_index", &Maat_redis_index_n,5);
+//intercept conf
+	MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_i,"Maat_redis_ip", Maat_redis_ip_i, sizeof(Maat_redis_ip_i), "192.168.11.243");
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_i,"Maat_redis_port", &Maat_redis_port_i,6800);
+	MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_i,"Maat_redis_index", &Maat_redis_index_i,1);
+
+//log
+	mctrl_g.logger_handle=MESA_create_runtime_log_handle(logger_path,logger_level);
+	if(mctrl_g.logger_handle == NULL)
+	{
+		printf("IR MESA_create_runtime_log_handle() error!\n");
+		assert(0);
+	}
+
+//redis	
+	mctrl_g.d_feather = Maat_feather(max_thread_num, table_info_path,mctrl_g.logger_handle);
+	mctrl_g.s_feather = Maat_feather(max_thread_num, table_info_path,mctrl_g.logger_handle);
+	mctrl_g.n_feather = Maat_feather(max_thread_num, table_info_path,mctrl_g.logger_handle);
+	mctrl_g.i_feather = Maat_feather(max_thread_num, table_info_path,mctrl_g.logger_handle);
+	
+	if(mctrl_g.d_feather==NULL||mctrl_g.s_feather==NULL||mctrl_g.n_feather==NULL||mctrl_g.i_feather==NULL)
+	{
+	   MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"MAAT","IR maat_feather error!");
+	   assert(0);
+	}
+		   
+	Maat_set_feather_opt(mctrl_g.d_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_d,MAX_STRING_LEN);
+	Maat_set_feather_opt(mctrl_g.d_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_d,sizeof(Maat_redis_port_d));
+	Maat_set_feather_opt(mctrl_g.d_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_d,sizeof(Maat_redis_index_d));
+	Maat_set_feather_opt(mctrl_g.d_feather, MAAT_OPT_INSTANCE_NAME, DYNAMIC_NOMINEE_TABLE_NAME, strlen(DYNAMIC_NOMINEE_TABLE_NAME)+1);
+	
+	Maat_set_feather_opt(mctrl_g.s_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_s,MAX_STRING_LEN);
+	Maat_set_feather_opt(mctrl_g.s_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_s,sizeof(Maat_redis_port_s));
+	Maat_set_feather_opt(mctrl_g.s_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_s,sizeof(Maat_redis_index_s));
+	Maat_set_feather_opt(mctrl_g.s_feather, MAAT_OPT_INSTANCE_NAME, STATIC_NOMINEE_TABLE_NAME, strlen(STATIC_NOMINEE_TABLE_NAME)+1);
+	
+	Maat_set_feather_opt(mctrl_g.i_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_i,MAX_STRING_LEN);
+	Maat_set_feather_opt(mctrl_g.i_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_i,sizeof(Maat_redis_port_i));
+	Maat_set_feather_opt(mctrl_g.i_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_i,sizeof(Maat_redis_index_i));
+	Maat_set_feather_opt(mctrl_g.i_feather, MAAT_OPT_INSTANCE_NAME, INTERCEPT_TABLE_NAME, strlen(INTERCEPT_TABLE_NAME)+1);
+
+	Maat_set_feather_opt(mctrl_g.n_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_n,MAX_STRING_LEN);
+	Maat_set_feather_opt(mctrl_g.n_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_n,sizeof(Maat_redis_port_n));
+	Maat_set_feather_opt(mctrl_g.n_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_n,sizeof(Maat_redis_index_n));
+	Maat_set_feather_opt(mctrl_g.n_feather, MAAT_OPT_INSTANCE_NAME, NOMINEE_TABLE_NAME, strlen(NOMINEE_TABLE_NAME)+1);
+	Maat_set_feather_opt(mctrl_g.n_feather, MAAT_OPT_INSTANCE_NAME, CANDIDATE_TABLE_NAME, strlen(CANDIDATE_TABLE_NAME)+1);
+	
+	Maat_initiate_feather(mctrl_g.d_feather);
+	Maat_initiate_feather(mctrl_g.s_feather);
+	Maat_initiate_feather(mctrl_g.i_feather);
+	Maat_initiate_feather(mctrl_g.n_feather);
+	
+}
+
+
+int htable_init()
+{
+	int htable_ret=0;
+	mctrl_g.mctrl_htable_handle = MESA_htable_born();
+	if(mctrl_g.mctrl_htable_handle == NULL)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"htable","htable born failed");
+		assert(0);
+		return -1;
+	}
+	
+	htable_ret = MESA_htable_mature(mctrl_g.mctrl_htable_handle);
+	
+	if(0 == htable_ret)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO,(char*)"htable","htable mature succ");
+		return 0;
+	}
+	else
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"htable","htable mature failed");
+		assert(0);
+		return -1;
+	}
+}
+
+int main(int argc, char * argv [ ])
+{
+	
+	Maat_init();
+	htable_init();
+
+	int static_flag=STATIC_NOMINEE_FLAG;
+	int	dynamic_flag=DYNAMIC_NOMINEE_FLAG;
+	int dnat_policy_flag=DNAT_POLICY_FLAG;
+	int nominee_flag=NOMINEE_FLAG;
+	int candidate_flag=CANDIDATE_FLAG;
+	int intercept_flag=INTERCEPT_FLAG;
+
+	int static_id=-1;
+	int	dynamic_id=-1;
+	int dnat_policy_id=-1;
+	int nominee_id=-1;
+	int candidate_id=-1;
+	int intercept_id=-1;
+
+	static_id=Maat_table_register(mctrl_g.s_feather,STATIC_NOMINEE_TABLE_NAME);
+	dynamic_id=Maat_table_register(mctrl_g.d_feather,DYNAMIC_NOMINEE_TABLE_NAME);
+	dnat_policy_id=Maat_table_register(mctrl_g.s_feather,DNAT_POLICY_TABLE_NAME);
+	
+	if(static_id==-1||dynamic_id==-1||dnat_policy_id==-1)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"main","Sta_Dyn_policy Database table register failed\n");
+		assert(0);
+	}
+
+	register_plugin_table(mctrl_g.s_feather,STATIC_NOMINEE_TABLE_NAME,sta_dyn_policy_maat_start_cb,sta_dyn_policy_maat_update_cb,sta_dyn_policy_maat_finish_cb,
+		&static_flag,static_id);
+	register_plugin_table(mctrl_g.d_feather,DYNAMIC_NOMINEE_TABLE_NAME,sta_dyn_policy_maat_start_cb,sta_dyn_policy_maat_update_cb,sta_dyn_policy_maat_finish_cb,
+		&dynamic_flag,dynamic_id);
+	register_plugin_table(mctrl_g.s_feather,DNAT_POLICY_TABLE_NAME,sta_dyn_policy_maat_start_cb,sta_dyn_policy_maat_update_cb,sta_dyn_policy_maat_finish_cb,
+		&dnat_policy_flag,dnat_policy_id);
+
+	nominee_id=Maat_table_register(mctrl_g.n_feather,NOMINEE_TABLE_NAME);
+	candidate_id=Maat_table_register(mctrl_g.n_feather,CANDIDATE_TABLE_NAME);
+	intercept_id=Maat_table_register(mctrl_g.i_feather,INTERCEPT_TABLE_NAME);
+	
+	MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"main","static table_id is:%d,dy_id is:%d,dp_id is:%d,nominee_table_id is:%d,intercept_table_id is:%d,candidate_table_id is:%d",
+		static_id,dynamic_id,dnat_policy_id,nominee_id,intercept_id,candidate_id);
+	
+	if(nominee_id==-1||candidate_id==-1||intercept_id==-1)
+	{
+		MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"main","Nom_Candidate_Intercept Database table register failed\n");
+		assert(0);
+	}
+	
+	register_plugin_table(mctrl_g.i_feather,INTERCEPT_TABLE_NAME,nominee_intercept_candidate_maat_start_cb,nominee_intercept_candidate_maat_update_cb,nominee_intercept_candidate_maat_finish_cb,
+		&intercept_flag,intercept_id);
+	register_plugin_table(mctrl_g.n_feather,NOMINEE_TABLE_NAME,nominee_intercept_candidate_maat_start_cb,nominee_intercept_candidate_maat_update_cb,nominee_intercept_candidate_maat_finish_cb,
+		&nominee_flag,nominee_id);
+	register_plugin_table(mctrl_g.n_feather,CANDIDATE_TABLE_NAME,nominee_intercept_candidate_maat_start_cb,nominee_intercept_candidate_maat_update_cb,nominee_intercept_candidate_maat_finish_cb,
+		&candidate_flag,candidate_id);
+
+	while(1)
+	{
+		MESA_htable_iterate(mctrl_g.mctrl_htable_handle, htable_iterate, NULL);
+		sleep(SLEEP_TIME);
+	}
+		
+	Maat_burn_feather(mctrl_g.d_feather);
+	Maat_burn_feather(mctrl_g.s_feather);
+	Maat_burn_feather(mctrl_g.i_feather);
+	Maat_burn_feather(mctrl_g.n_feather);
+	MESA_destroy_runtime_log_handle(mctrl_g.logger_handle);
+	MESA_htable_destroy(mctrl_g.mctrl_htable_handle,htable_data_free);
+	return 0;
+	
+}
+
+
diff --git a/src/ir_mctrl.h b/src/ir_mctrl.h
new file mode 100644
index 0000000..6a42a98
--- /dev/null
+++ b/src/ir_mctrl.h
@@ -0,0 +1,86 @@
+#ifndef IR_MCTRL_H
+#define IR_MCTRL_H
+
+#include "MESA_handle_logger.h"
+#include "Maat_rule.h"
+#include "Maat_command.h"
+#include "MESA_htable.h"
+
+#define MAX_STRING_LEN                64
+#define MAX_PORT_LEN                  6
+#define MAX_PATH_LEN                  64
+#define MAX_TABLE_NAME_LEN            64
+#define MAX_TIME_LEN				 40
+#define	HTABLE_DATA_LEN				 512
+
+#define MCTRL_CONF_FILE				"./conf/mctrl.conf"
+
+//table name
+#define STATIC_NOMINEE_TABLE_NAME 				"IR_STATIC_NOMINEE_IP"
+#define DYNAMIC_NOMINEE_TABLE_NAME				"IR_DYNAMIC_NOMINEE_IP"
+#define DNAT_POLICY_TABLE_NAME					"IR_DNAT_POLICY"
+#define NOMINEE_TABLE_NAME						"IR_NOMINEE_IP"
+#define INTERCEPT_TABLE_NAME					"IR_INTERCEPT_IP"
+#define CANDIDATE_TABLE_NAME					"IR_CANDIDATE_IP"
+
+#define	SLEEP_TIME						43200
+#define TIME_OUT						1800
+#define MAX_THREAD_NUM             	    1
+
+#define DNAT_NUMBER						500000000
+#define SNAT_DYNAMIC_NUMBER				1000000000
+
+//table flag
+#define STATIC_NOMINEE_FLAG				1
+#define	DYNAMIC_NOMINEE_FLAG			2
+#define	DNAT_POLICY_FLAG				4
+#define	NOMINEE_FLAG					8
+#define	INTERCEPT_FLAG					16
+#define	CANDIDATE_FLAG					32
+
+struct IR_MCTRL_INFO
+{
+	int region_id; 
+	int group_id; 
+	int addr_type;	
+	char src_ip[MAX_STRING_LEN];
+	char mask_src_ip[MAX_STRING_LEN];
+	char src_port[MAX_PORT_LEN];
+	char mask_src_port[MAX_PORT_LEN];
+	char dst_ip[MAX_STRING_LEN];
+	char mask_dst_ip[MAX_STRING_LEN];
+	char dst_port[MAX_PORT_LEN];
+	char mask_dst_port[MAX_PORT_LEN];
+	int procotol;
+	int direction;
+	int is_valid;
+	int action;
+	int service;
+	int addr_pool_id;
+	char effective_range[MAX_STRING_LEN];
+	char user_region[MAX_STRING_LEN];
+	char op_time[MAX_TIME_LEN]; 
+	int do_log;
+	int htable_flag;	
+	int version;
+};
+
+struct MCTRL_GLOCAL_INFO
+{
+	void *logger_handle;
+	Maat_feather_t d_feather;
+	Maat_feather_t s_feather;
+	Maat_feather_t n_feather;
+	Maat_feather_t i_feather;
+	MESA_htable_handle mctrl_htable_handle;
+	int update_type_s;
+	int update_type_d;
+	int update_type_dp;
+	int version_s;
+	int version_d;
+	int version_dp;
+};
+
+
+#endif
+
author	jixinyi <[email protected]>	2019-01-18 16:37:51 +0800
committer	jixinyi <[email protected]>	2019-01-18 16:37:51 +0800
commit	2e83f0db5a94ba44cbbcd9d41863215934a738c0 (patch)
tree	20c25957e655e18308b2ceb1285562874c9b89aa
parent	6c370f68c7b54973f24558a7f51d6611337fc3e9 (diff)
parent	263cdc86b5b2f58bd3003f0af3234bc4ea4690a4 (diff)