summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Makefile22
-rw-r--r--src/mctrl.cpp665
-rw-r--r--src/mctrl.h88
3 files changed, 775 insertions, 0 deletions
diff --git a/src/Makefile b/src/Makefile
new file mode 100644
index 0000000..e9c52f4
--- /dev/null
+++ b/src/Makefile
@@ -0,0 +1,22 @@
+CC = gcc
+CCC = g++
+CFLAGS = -Wall -g -fPIC
+#INC = -I./inc/
+#1INC += /usr/include/MESA
+LDFLAGS = -L./lib/
+LIBS = -lMESA_handle_logger -lMESA_prof_load -lMESA_htable -lmaatframe
+OBJ =mctrl.o
+TARGET =mctrl
+
+.cpp.o:
+ $(CCC) -c $(CFLAGS) $(INC) $<
+
+all: $(TARGET)
+
+$(TARGET): $(OBJ)
+ $(CCC) -o $@ $(OBJ) $(LDFLAGS) $(LIBS)
+
+clean:
+ -rm -rf $(OBJ) $(TARGET)
+
+.PHONY:clean
diff --git a/src/mctrl.cpp b/src/mctrl.cpp
new file mode 100644
index 0000000..d321f4b
--- /dev/null
+++ b/src/mctrl.cpp
@@ -0,0 +1,665 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <unistd.h>
+#include <time.h>
+#include "MESA_prof_load.h"
+#include "MESA_handle_logger.h"
+#include "Maat_rule.h"
+#include "Maat_command.h"
+#include "mctrl.h"
+#include "MESA_htable.h"
+
+struct mctrl_glocal_info mctrl_g;
+
+void mctrl_get_cur_time(char *date)
+{
+ time_t t;
+ struct tm *lt;
+ time(&t);
+ lt = localtime(&t);
+ snprintf(date, MAX_TIME_LEN,"%d/%d/%d/%d:%d:%d",lt->tm_year+1900, lt->tm_mon+1, lt->tm_mday, lt->tm_hour, lt->tm_min, lt->tm_sec);
+}
+
+int set_ir_line(Maat_feather_t feather,const char *ir_table_name,const char *table_line,int rule_id)
+{
+ const struct Maat_line_t *p_line;
+ struct Maat_line_t line_rule;
+ int ret = 0;
+ char m_table_line[HTABLE_DATA_LEN];
+ struct IR_MCTRL_INFO mctrl_info;
+ memset(&mctrl_info,0,sizeof(mctrl_info));
+ memset(&line_rule, 0,sizeof(line_rule));
+
+ line_rule.label_id=0;
+ line_rule.rule_id=rule_id;
+ line_rule.table_name=ir_table_name;
+
+ sscanf(table_line, "%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s",
+ &mctrl_info.htable_flag,&mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+ mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+ mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+ &mctrl_info.action,&mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+
+ mctrl_get_cur_time(mctrl_info.op_time);
+
+ if(!memcmp(ir_table_name,NOMINEE_TABLE_NAME,strlen(NOMINEE_TABLE_NAME)))
+ {
+ snprintf(m_table_line,sizeof(m_table_line),"%d\t%d\t%d\t%s\t%d\t%s\t%s",
+ rule_id,mctrl_info.addr_pool_id,mctrl_info.addr_type,mctrl_info.src_ip,mctrl_info.is_valid,mctrl_info.effective_range,mctrl_info.op_time);
+ }
+ else
+ {
+ snprintf(m_table_line,sizeof(m_table_line),"%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s",
+ rule_id,mctrl_info.group_id,mctrl_info.addr_type,
+ mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+ mctrl_info.dst_port,mctrl_info.mask_dst_port,mctrl_info.procotol,mctrl_info.direction,
+ mctrl_info.is_valid,mctrl_info.action,mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+ }
+
+ line_rule.table_line=m_table_line;
+ line_rule.expire_after=0;
+ p_line=&line_rule;
+
+ ret=Maat_cmd_set_line(feather, p_line, MAAT_OP_ADD);
+
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"maat_update", "set_table_name:%s set_table_line:%s",ir_table_name,m_table_line);
+
+ if(ret==-1)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"SET_LINE","%s:set rule_id is %d redis line error",ir_table_name,rule_id);
+ }
+ else
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"SET_LINE","%s:set rule_id is %d redis line success",ir_table_name,rule_id);
+ }
+ return ret;
+}
+
+
+int del_ir_line(Maat_feather_t feather,const char *ir_table_name,const char *table_line,int rule_id)
+{
+ int ret=0;
+
+ const struct Maat_line_t *p_line;
+ struct Maat_line_t line_rule;
+ memset(&line_rule,0,sizeof(line_rule));
+
+ line_rule.label_id=0;
+ line_rule.rule_id=rule_id;
+ line_rule.table_name=ir_table_name;
+ line_rule.table_line=NULL;
+ if(!memcmp(ir_table_name,INTERCEPT_TABLE_NAME,strlen(NOMINEE_TABLE_NAME)))
+ {
+ line_rule.expire_after=TIME_OUT;
+ p_line=&line_rule;
+ ret=Maat_cmd_set_line(feather, p_line, MAAT_OP_RENEW_TIMEOUT);
+ }
+ else
+ {
+ line_rule.expire_after=0;
+ p_line=&line_rule;
+ ret=Maat_cmd_set_line(feather, p_line, MAAT_OP_DEL);
+ }
+
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_DEBUG, (char*)"maat_update", "del_table_name:%s del_rule_id is:%d table_line:%s",ir_table_name,rule_id,table_line);
+
+ if(ret==-1)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"DEL_LINE","%s:del rule_id is %d redis line error",ir_table_name,rule_id);
+ }
+ else
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"DEL_LINE","%s:del rule_id is %d redis line success",ir_table_name,rule_id);
+ }
+
+ return ret;
+
+}
+
+void set_ir_redis_info(int flag,const char* table_line,int rule_id)
+{
+ if((!(flag & INTERCEPT_FLAG))&&((flag & STATIC_NOMINEE_FLAG)||(flag & DYNAMIC_NOMINEE_FLAG)||(flag & DNAT_POLICY_FLAG)))
+ {
+ set_ir_line(mctrl_g.i_feather, (char*)INTERCEPT_TABLE_NAME,table_line,rule_id);
+ }
+
+ if((!(flag & NOMINEE_FLAG))&&((flag & STATIC_NOMINEE_FLAG)||(flag & DYNAMIC_NOMINEE_FLAG)))
+ {
+ set_ir_line(mctrl_g.n_feather,(char*)NOMINEE_TABLE_NAME,table_line,rule_id);
+ }
+
+ return;
+}
+
+void del_ir_redis_info(int flag,const char* table_line,int rule_id)
+{
+ if(flag & INTERCEPT_FLAG)
+ {
+ del_ir_line(mctrl_g.i_feather,(char*)INTERCEPT_TABLE_NAME,table_line,rule_id);
+ }
+
+ if(flag & NOMINEE_FLAG)
+ {
+ del_ir_line(mctrl_g.n_feather,(char*)NOMINEE_TABLE_NAME,table_line,rule_id);
+ }
+
+ if(flag & CANDIDATE_FLAG)
+ {
+ del_ir_line(mctrl_g.n_feather,(char*)CANDIDATE_TABLE_NAME,table_line,rule_id);
+ }
+
+ return;
+}
+
+long new_update_search_htable_cb(void *data, const uchar *key, uint size, void *user_arg)
+{
+ int rule_id=0;
+ int htable_flag=*(int*)user_arg;
+ char *htable_data=(char*)data;
+ if(htable_data!=NULL)
+ {
+ sscanf(htable_data,"%d\t%d",&htable_flag,&rule_id);
+ set_ir_redis_info(htable_flag,htable_data,rule_id);
+ }
+ return htable_flag;
+}
+
+long free_update_search_htable_cb(void *data, const uchar *key, uint size, void *user_arg)
+{
+ int rule_id=0;
+ int htable_flag=0;
+ char *htable_data=(char*)data;
+ if(htable_data!=NULL)
+ {
+ sscanf(htable_data,"%d\t%d",&htable_flag,&rule_id);
+ del_ir_redis_info(htable_flag,htable_data,rule_id);
+ }
+ return htable_flag;
+}
+
+
+void htable_data_free(void *data)
+{
+ if(data!=NULL)
+ {
+ int rule_id=0;
+ sscanf((char*)data,"%*d\t%d",&rule_id);
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_INFO, (char*)"htable_data_free","rule_id is:%d",rule_id);
+ free(data);
+ data=NULL;
+ }
+ return;
+}
+
+void static_dynamic_dpolicy_table_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp)
+{
+ struct IR_MCTRL_INFO mctrl_info;
+ memset(&mctrl_info,0,sizeof(mctrl_info));
+ char *htable_data=NULL;
+ void *search_result=NULL;
+ int *add_data=NULL;
+ int add_ret=0;
+ long cb_ret=0;
+
+ switch(table_id)
+ {
+ case DYNAMIC_NOMINEE_ID:
+ mctrl_info.addr_pool_id=0;
+ memcpy(mctrl_info.src_port,"0",sizeof("0"));
+ memcpy(mctrl_info.mask_src_ip,"0.0.0.0",sizeof("0.0.0.0"));
+ memcpy(mctrl_info.mask_src_port,"0",sizeof("0"));
+ memcpy(mctrl_info.dst_ip,"0.0.0.0",sizeof("0.0.0.0"));
+ memcpy(mctrl_info.mask_dst_ip,"0.0.0.0",sizeof("0.0.0.0"));
+ memcpy(mctrl_info.dst_port,"0",sizeof("0"));
+ memcpy(mctrl_info.mask_dst_port,"0",sizeof("0"));
+ memcpy(mctrl_info.effective_range,"{}",sizeof("{}"));
+ mctrl_info.action=96;
+ mctrl_info.service=832;
+ mctrl_info.htable_flag=DYNAMIC_NOMINEE_FLAG;
+ sscanf(table_line,"%d\t%d\t%d\t%s\t%*s\t%d\t%s\t%*d\t%d\t%d\t%*d\t%*s\t%*s",
+ &mctrl_info.region_id,&mctrl_info.addr_type,&mctrl_info.procotol,mctrl_info.src_ip,
+ &mctrl_info.direction,mctrl_info.user_region,&mctrl_info.is_valid,&mctrl_info.service);
+ mctrl_info.region_id=(mctrl_info.region_id%SNAT_DYNAMIC_NUMBER)+SNAT_DYNAMIC_NUMBER;
+ mctrl_info.group_id=mctrl_info.region_id;
+ break;
+ case STATIC_NOMINEE_ID:
+ memcpy(mctrl_info.user_region,"0",sizeof("0"));
+ memcpy(mctrl_info.effective_range,"{}",sizeof("{}"));
+ mctrl_info.service=832;
+ mctrl_info.htable_flag=STATIC_NOMINEE_FLAG;
+ sscanf(table_line,"%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%*d\t%*s\t%*s",
+ &mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+ mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+ mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+ &mctrl_info.action);
+ mctrl_info.region_id=(mctrl_info.region_id%DNAT_NUMBER)+DNAT_NUMBER;
+ break;
+ case DNAT_POLICY_ID:
+ memcpy(mctrl_info.src_ip,"0.0.0.0",sizeof("0.0.0.0"));
+ memcpy(mctrl_info.src_port,"0",sizeof("0"));
+ memcpy(mctrl_info.mask_src_ip,"0.0.0.0",sizeof("0.0.0.0"));
+ memcpy(mctrl_info.mask_src_port,"0",sizeof("0"));
+ memcpy(mctrl_info.mask_dst_ip,"0.0.0.0",sizeof("0.0.0.0"));
+ memcpy(mctrl_info.mask_dst_port,"0",sizeof("0"));
+ memcpy(mctrl_info.user_region,"0",sizeof("0"));
+ memcpy(mctrl_info.effective_range,"{}",sizeof("{}"));
+ mctrl_info.direction=0;
+ mctrl_info.action=96;
+ mctrl_info.service=832;
+ mctrl_info.htable_flag=DNAT_POLICY_FLAG;
+ sscanf(table_line,"%d\t%d\t%s\t%s\t%d\t%*s\t%*s\t%*s\t%d\t%*d\t%*d\t%d\t%*s\t%*s",
+ &mctrl_info.region_id,&mctrl_info.addr_type,mctrl_info.dst_ip,mctrl_info.dst_port,&mctrl_info.procotol,
+ &mctrl_info.do_log,&mctrl_info.is_valid);
+ mctrl_info.group_id=mctrl_info.region_id;
+ mctrl_info.region_id=mctrl_info.region_id%DNAT_NUMBER;
+ break;
+ default:
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"static_dynamic_dpolicy_table_new_cb","read_snat_or_dnat table flag error!!");
+ assert(0);
+ break;
+ }
+
+ search_result=MESA_htable_search_cb(mctrl_g.mctrl_htable_handle,(unsigned char*)&mctrl_info.region_id,sizeof(int),new_update_search_htable_cb,argp,&cb_ret);
+ if(search_result==NULL)
+ {
+ htable_data=(char*)malloc(HTABLE_DATA_LEN);
+
+ if(htable_data==NULL)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"static_dynamic_dpolicy_table_new_cb","malloc htable_data error!!");
+ exit(1);
+ }
+ snprintf(htable_data,HTABLE_DATA_LEN,"%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s",
+ mctrl_info.htable_flag,mctrl_info.region_id,mctrl_info.group_id,mctrl_info.addr_type,
+ mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+ mctrl_info.dst_port,mctrl_info.mask_dst_port,mctrl_info.procotol,mctrl_info.direction,mctrl_info.addr_pool_id,mctrl_info.is_valid,
+ mctrl_info.action,mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+ add_ret=MESA_htable_add(mctrl_g.mctrl_htable_handle,(unsigned char*)&mctrl_info.region_id,sizeof(int),htable_data);
+
+ if(add_ret<0)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"static_dynamic_dpolicy_table_new_cb","add htable error:%d",add_ret);
+ assert(0);
+ }
+ else
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"static_dynamic_dpolicy_table_new_cb","add htable succeed:%d",add_ret);
+ }
+ set_ir_redis_info(cb_ret,htable_data,mctrl_info.region_id);
+ add_data=(int*)calloc(sizeof(int),1);
+ if(add_data==NULL)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"static_dynamic_dpolicy_table_new_cb","malloc add_data error!!");
+ exit(1);
+ }
+ *add_data=mctrl_info.region_id;
+ *ad=add_data;
+ }
+ else
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_INFO, (char*)"static_dynamic_dpolicy_table_new_cb","htable_info exit! rule_id is:%d",mctrl_info.region_id);
+ }
+
+ return;
+}
+void static_dynamic_dpolicy_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp)
+{
+ void* search_result=NULL;
+ int del_ret=0;
+ long cb_ret=0;
+ search_result=MESA_htable_search_cb(mctrl_g.mctrl_htable_handle,(unsigned char*)*ad,sizeof(int),free_update_search_htable_cb,NULL,&cb_ret);
+
+ if(search_result==NULL)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"static_dynamic_dpolicy_table_free_cb", "already del!!!");
+ }
+ else
+ {
+ del_ret=MESA_htable_del(mctrl_g.mctrl_htable_handle,(unsigned char*)*ad,sizeof(int),htable_data_free);
+
+ if(del_ret<0)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"static_dynamic_dpolicy_table_free_cb","del htable error:%d",del_ret);
+ assert(0);
+ }
+ }
+
+ if(*ad!=NULL)
+ {
+ free(*ad);
+ }
+
+ *ad=NULL;
+ return;
+}
+
+long nominee_intercept_candidate_search_htable_cb(void *data, const uchar *key, uint size, void *user_arg)
+{
+ int htable_flag=0;
+ struct IR_MCTRL_INFO mctrl_info;
+ memset(&mctrl_info,0,sizeof(mctrl_info));
+ char *htable_data=(char*)data;
+
+ if(htable_data==NULL)
+ {
+ return htable_flag;
+ }
+
+ sscanf(htable_data, "%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s",
+ &htable_flag,&mctrl_info.region_id,&mctrl_info.group_id,&mctrl_info.addr_type,
+ mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+ mctrl_info.dst_port,mctrl_info.mask_dst_port,&mctrl_info.procotol,&mctrl_info.direction,&mctrl_info.addr_pool_id,&mctrl_info.is_valid,
+ &mctrl_info.action,&mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+
+ switch(*(int*)user_arg)
+ {
+ case INTERCEPT_FLAG:
+ if(!(htable_flag & INTERCEPT_FLAG))
+ {
+ htable_flag+=INTERCEPT_FLAG;
+ }
+ break;
+ case NOMINEE_FLAG:
+ if(!(htable_flag & NOMINEE_FLAG))
+ {
+ htable_flag+=NOMINEE_FLAG;
+ }
+ break;
+ case CANDIDATE_FLAG:
+ if(!(htable_flag & CANDIDATE_FLAG))
+ {
+ htable_flag+=CANDIDATE_FLAG;
+ }
+ break;
+ default:
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"nominee_intercept_candidate_search_htable_cb","read nom_intercept_candidate_table error!!!");
+ assert(0);
+ break;
+ }
+
+ snprintf(htable_data,HTABLE_DATA_LEN, "%d\t%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%s\t%s\t%s",
+ htable_flag,mctrl_info.region_id,mctrl_info.group_id,mctrl_info.addr_type,
+ mctrl_info.src_ip,mctrl_info.mask_src_ip,mctrl_info.src_port,mctrl_info.mask_src_port,mctrl_info.dst_ip,mctrl_info.mask_dst_ip,
+ mctrl_info.dst_port,mctrl_info.mask_dst_port,mctrl_info.procotol,mctrl_info.direction,mctrl_info.addr_pool_id,mctrl_info.is_valid,
+ mctrl_info.action,mctrl_info.service,mctrl_info.user_region,mctrl_info.effective_range,mctrl_info.op_time);
+
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"nominee_intercept_candidate_search_htable_cb","table_flag is:%d ,Data rule id is:%d htable flag is:%d",*(int*)user_arg,mctrl_info.region_id, htable_flag);
+
+ return htable_flag;
+}
+
+void nominee_intercept_candidate_table_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp)
+{
+ long search_ret=0;
+ void* search_htable_result=NULL;
+ int rule_id=0;
+ int *add_data=NULL;
+ sscanf(table_line,"%d\t",&rule_id);
+
+ if(*(int*)argp==NOMINEE_FLAG&&rule_id<DNAT_NUMBER)
+ {
+ del_ir_line(mctrl_g.n_feather,(char*)NOMINEE_TABLE_NAME,table_line,rule_id);
+ return;
+ }
+
+ search_htable_result=MESA_htable_search_cb(mctrl_g.mctrl_htable_handle,(unsigned char*)&rule_id,sizeof(int), nominee_intercept_candidate_search_htable_cb,argp,&search_ret);
+
+ if(search_htable_result==NULL)
+ {
+ del_ir_redis_info(*(int*)argp,table_line,rule_id);
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"nominee_intercept_candidate_table_new_cb","htable data not exist,del it!");
+ }
+ else
+ {
+ add_data=(int*)calloc(sizeof(int),1);
+ if(add_data==NULL)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_FATAL, (char*)"nominee_intercept_candidate_table_new_cb","malloc add_data error!!");
+ exit(1);
+ }
+ *add_data=rule_id;
+ *ad=add_data;
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_DEBUG, (char*)"nominee_intercept_candidate_table_new_cb","htable data exist!rule_id is:%d",*(int*)*ad);
+ }
+
+ return;
+}
+void nominee_intercept_candidate_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp)
+{
+ MESA_handle_runtime_log(mctrl_g.logger_handle, RLOG_LV_INFO, (char*)"nominee_intercept_candidate_table_free_cb"," del table_id:%d,del succeed",table_id);
+
+ if(*ad!=NULL)
+ {
+ free(*ad);
+ }
+
+ *ad=NULL;
+ return;
+}
+
+void plugin_EX_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp)
+{
+ *to=*from;
+ return;
+}
+
+int register_plugin_ex_table(Maat_feather_t feather, int table_id,
+ Maat_plugin_EX_new_func_t* new_func,
+ Maat_plugin_EX_free_func_t* free_func,
+ Maat_plugin_EX_dup_func_t* dup_func,
+ Maat_plugin_EX_key2index_func_t* key2index_func,
+ long argl, void *argp)
+{
+ int ret=0;
+
+ ret=Maat_plugin_EX_register(feather,table_id,new_func,free_func,dup_func,key2index_func,argl,argp);
+ if(ret<0)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL, (char*)"REGISTER_TABLE", "Maat callback register table %s error.\n",argp);
+ assert(0);
+ }
+
+ return ret;
+}
+
+void htable_iterate(const uchar * key, uint size, void * data, void * user)
+{
+ int htable_flag=0;
+ int rule_id=0;
+ char *table_line=(char*)data;
+ sscanf(table_line,"%d\t%d",&htable_flag,&rule_id);
+
+ set_ir_redis_info(htable_flag,table_line,rule_id);
+
+ return;
+}
+
+void Maat_init()
+{
+// load conf
+ const char *section = "Mctrl";
+ const char *section_d = "Mctrl_D";
+ const char *section_s = "Mctrl_S";
+ const char *section_i = "Mctrl_I";
+ const char *section_n = "Mctrl_N";
+ char table_info_path[MAX_PATH_LEN];
+ char logger_path[MAX_PATH_LEN];
+ int max_thread_num=0;
+ int logger_level=0;
+
+ char Maat_redis_ip_d[MAX_STRING_LEN];
+ int Maat_redis_port_d=0;
+ int Maat_redis_index_d=0;
+
+ char Maat_redis_ip_s[MAX_STRING_LEN];
+ int Maat_redis_port_s=0;
+ int Maat_redis_index_s=0;
+
+ char Maat_redis_ip_i[MAX_STRING_LEN];
+ int Maat_redis_port_i=0;
+ int Maat_redis_index_i=0;
+
+ char Maat_redis_ip_n[MAX_STRING_LEN];
+ int Maat_redis_port_n=0;
+ int Maat_redis_index_n=0;
+
+ MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section,"table_info_path", table_info_path, sizeof(table_info_path), "./conf/table_info.conf");
+ MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section,"logger_path", logger_path, sizeof(logger_path), "./log/ir_mctrl.log");
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section,"logger_level", &logger_level,RLOG_LV_FATAL);
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section,"max_thread_num", &max_thread_num, 1);
+//dynamic server conf
+ MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_d,"Maat_redis_ip", Maat_redis_ip_d, sizeof(Maat_redis_ip_d), "127.0.0.1");
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_d,"Maat_redis_port", &Maat_redis_port_d,6379);
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_d,"Maat_redis_index", &Maat_redis_index_d,1);
+//static server conf
+ MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_s, "Maat_redis_ip", Maat_redis_ip_s, sizeof(Maat_redis_ip_s), "127.0.0.1");
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_s,"Maat_redis_port", &Maat_redis_port_s,6379);
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_s,"Maat_redis_index", &Maat_redis_index_s,0);
+//nominee and candidate conf
+ MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_n,"Maat_redis_ip", Maat_redis_ip_n, sizeof(Maat_redis_ip_n), "127.0.0.1");
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_n,"Maat_redis_port", &Maat_redis_port_n,6379);
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_n,"Maat_redis_index", &Maat_redis_index_n,0);
+//intercept conf
+ MESA_load_profile_string_def((char*)MCTRL_CONF_FILE, section_i,"Maat_redis_ip", Maat_redis_ip_i, sizeof(Maat_redis_ip_i), "127.0.0.1");
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_i,"Maat_redis_port", &Maat_redis_port_i,6379);
+ MESA_load_profile_int_def((char*)MCTRL_CONF_FILE, section_i,"Maat_redis_index", &Maat_redis_index_i,0);
+
+//log
+ mctrl_g.logger_handle=MESA_create_runtime_log_handle(logger_path,logger_level);
+ if(mctrl_g.logger_handle == NULL)
+ {
+ printf("IR MESA_create_runtime_log_handle() error!\n");
+ assert(0);
+ }
+
+//redis
+ mctrl_g.d_feather = Maat_feather(max_thread_num,table_info_path,mctrl_g.logger_handle);
+ mctrl_g.s_feather = Maat_feather(max_thread_num,table_info_path,mctrl_g.logger_handle);
+ mctrl_g.n_feather = Maat_feather(max_thread_num,table_info_path,mctrl_g.logger_handle);
+ mctrl_g.i_feather = Maat_feather(max_thread_num,table_info_path,mctrl_g.logger_handle);
+
+ if(mctrl_g.d_feather==NULL||mctrl_g.s_feather==NULL||mctrl_g.n_feather==NULL||mctrl_g.i_feather==NULL)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"MAAT","IR maat_feather error!");
+ assert(0);
+ }
+
+ Maat_set_feather_opt(mctrl_g.d_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_d,MAX_STRING_LEN);
+ Maat_set_feather_opt(mctrl_g.d_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_d,sizeof(Maat_redis_port_d));
+ Maat_set_feather_opt(mctrl_g.d_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_d,sizeof(Maat_redis_index_d));
+ Maat_set_feather_opt(mctrl_g.d_feather, MAAT_OPT_INSTANCE_NAME, DYNAMIC_NOMINEE_TABLE_NAME, strlen(DYNAMIC_NOMINEE_TABLE_NAME)+1);
+
+ Maat_set_feather_opt(mctrl_g.s_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_s,MAX_STRING_LEN);
+ Maat_set_feather_opt(mctrl_g.s_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_s,sizeof(Maat_redis_port_s));
+ Maat_set_feather_opt(mctrl_g.s_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_s,sizeof(Maat_redis_index_s));
+ Maat_set_feather_opt(mctrl_g.s_feather, MAAT_OPT_INSTANCE_NAME, STATIC_NOMINEE_TABLE_NAME, strlen(STATIC_NOMINEE_TABLE_NAME)+1);
+
+ Maat_set_feather_opt(mctrl_g.i_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_i,MAX_STRING_LEN);
+ Maat_set_feather_opt(mctrl_g.i_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_i,sizeof(Maat_redis_port_i));
+ Maat_set_feather_opt(mctrl_g.i_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_i,sizeof(Maat_redis_index_i));
+ Maat_set_feather_opt(mctrl_g.i_feather, MAAT_OPT_INSTANCE_NAME, INTERCEPT_TABLE_NAME, strlen(INTERCEPT_TABLE_NAME)+1);
+
+ Maat_set_feather_opt(mctrl_g.n_feather,MAAT_OPT_REDIS_IP,Maat_redis_ip_n,MAX_STRING_LEN);
+ Maat_set_feather_opt(mctrl_g.n_feather,MAAT_OPT_REDIS_PORT,&Maat_redis_port_n,sizeof(Maat_redis_port_n));
+ Maat_set_feather_opt(mctrl_g.n_feather,MAAT_OPT_REDIS_INDEX,&Maat_redis_index_n,sizeof(Maat_redis_index_n));
+ Maat_set_feather_opt(mctrl_g.n_feather, MAAT_OPT_INSTANCE_NAME, NOMINEE_TABLE_NAME, strlen(NOMINEE_TABLE_NAME)+1);
+ Maat_set_feather_opt(mctrl_g.n_feather, MAAT_OPT_INSTANCE_NAME, CANDIDATE_TABLE_NAME, strlen(CANDIDATE_TABLE_NAME)+1);
+
+ Maat_initiate_feather(mctrl_g.d_feather);
+ Maat_initiate_feather(mctrl_g.s_feather);
+ Maat_initiate_feather(mctrl_g.i_feather);
+ Maat_initiate_feather(mctrl_g.n_feather);
+
+}
+
+
+int htable_init()
+{
+ int htable_ret=0;
+ mctrl_g.mctrl_htable_handle = MESA_htable_born();
+ if(mctrl_g.mctrl_htable_handle == NULL)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"htable","htable born failed");
+ assert(0);
+ return -1;
+ }
+
+ htable_ret = MESA_htable_mature(mctrl_g.mctrl_htable_handle);
+
+ if(0 == htable_ret)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_INFO,(char*)"htable","htable mature succ");
+ return 0;
+ }
+ else
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"htable","htable mature failed");
+ assert(0);
+ return -1;
+ }
+}
+
+int main(int argc, char * argv [ ])
+{
+
+ Maat_init();
+ htable_init();
+
+ int static_flag=STATIC_NOMINEE_FLAG;
+ int dynamic_flag=DYNAMIC_NOMINEE_FLAG;
+ int dnat_policy_flag=DNAT_POLICY_FLAG;
+ int nominee_flag=NOMINEE_FLAG;
+ int candidate_flag=CANDIDATE_FLAG;
+ int intercept_flag=INTERCEPT_FLAG;
+
+ int static_id=-1;
+ int dynamic_id=-1;
+ int dnat_policy_id=-1;
+ int nominee_id=-1;
+ int candidate_id=-1;
+ int intercept_id=-1;
+
+ static_id=Maat_table_register(mctrl_g.s_feather,STATIC_NOMINEE_TABLE_NAME);
+ dynamic_id=Maat_table_register(mctrl_g.d_feather,DYNAMIC_NOMINEE_TABLE_NAME);
+ dnat_policy_id=Maat_table_register(mctrl_g.s_feather,DNAT_POLICY_TABLE_NAME);
+
+ if(static_id==-1||dynamic_id==-1||dnat_policy_id==-1)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"main","Sta_Dyn_policy Database table register failed\n");
+ assert(0);
+ }
+
+ register_plugin_ex_table(mctrl_g.s_feather,static_id,static_dynamic_dpolicy_table_new_cb,static_dynamic_dpolicy_table_free_cb,plugin_EX_dup_cb,NULL,0,&static_flag);
+ register_plugin_ex_table(mctrl_g.d_feather,dynamic_id,static_dynamic_dpolicy_table_new_cb,static_dynamic_dpolicy_table_free_cb,plugin_EX_dup_cb,NULL,0,&dynamic_flag);
+ register_plugin_ex_table(mctrl_g.s_feather,dnat_policy_id,static_dynamic_dpolicy_table_new_cb,static_dynamic_dpolicy_table_free_cb,plugin_EX_dup_cb,NULL,0,&dnat_policy_flag);
+
+ nominee_id=Maat_table_register(mctrl_g.n_feather,NOMINEE_TABLE_NAME);
+ candidate_id=Maat_table_register(mctrl_g.n_feather,CANDIDATE_TABLE_NAME);
+ intercept_id=Maat_table_register(mctrl_g.i_feather,INTERCEPT_TABLE_NAME);
+
+ if(nominee_id==-1||candidate_id==-1||intercept_id==-1)
+ {
+ MESA_handle_runtime_log(mctrl_g.logger_handle,RLOG_LV_FATAL,(char*)"main","Nom_Candidate_Intercept Database table register failed\n");
+ assert(0);
+ }
+
+ register_plugin_ex_table(mctrl_g.i_feather,intercept_id,nominee_intercept_candidate_table_new_cb,nominee_intercept_candidate_table_free_cb,plugin_EX_dup_cb,NULL,0,&intercept_flag);
+ register_plugin_ex_table(mctrl_g.n_feather,nominee_id,nominee_intercept_candidate_table_new_cb,nominee_intercept_candidate_table_free_cb,plugin_EX_dup_cb,NULL,0,&nominee_flag);
+ register_plugin_ex_table(mctrl_g.n_feather,candidate_id,nominee_intercept_candidate_table_new_cb,nominee_intercept_candidate_table_free_cb,plugin_EX_dup_cb,NULL,0,&candidate_flag);
+
+ while(1)
+ {
+ MESA_htable_iterate(mctrl_g.mctrl_htable_handle, htable_iterate, NULL);
+ sleep(SLEEP_TIME);
+ }
+
+ Maat_burn_feather(mctrl_g.d_feather);
+ Maat_burn_feather(mctrl_g.s_feather);
+ Maat_burn_feather(mctrl_g.i_feather);
+ Maat_burn_feather(mctrl_g.n_feather);
+ MESA_destroy_runtime_log_handle(mctrl_g.logger_handle);
+ return 0;
+
+}
+
diff --git a/src/mctrl.h b/src/mctrl.h
new file mode 100644
index 0000000..ca11c06
--- /dev/null
+++ b/src/mctrl.h
@@ -0,0 +1,88 @@
+#ifndef MCTRL_H
+#define MCTRL_H
+
+#include "MESA_handle_logger.h"
+#include "Maat_rule.h"
+#include "Maat_command.h"
+#include "MESA_htable.h"
+
+#define MAX_STRING_LEN 64
+#define MAX_PORT_LEN 6
+#define MAX_PATH_LEN 64
+#define MAX_TABLE_NAME_LEN 64
+#define MAX_TIME_LEN 40
+#define HTABLE_DATA_LEN 512
+
+#define MCTRL_CONF_FILE "./conf/mctrl.conf"
+
+//table name
+#define NOMINEE_TABLE_NAME "IR_NOMINEE_IP"
+#define INTERCEPT_TABLE_NAME "IR_INTERCEPT_IP"
+#define STATIC_NOMINEE_TABLE_NAME "IR_STATIC_NOMINEE_IP"
+#define DYNAMIC_NOMINEE_TABLE_NAME "IR_DYNAMIC_NOMINEE_IP"
+#define CANDIDATE_TABLE_NAME "IR_CANDIDATE_IP"
+#define DNAT_POLICY_TABLE_NAME "IR_DNAT_POLICY"
+
+#define SLEEP_TIME 43200
+#define TIME_OUT 5
+#define MAX_THREAD_NUM 1
+
+#define DNAT_NUMBER 500000000
+#define SNAT_DYNAMIC_NUMBER 1000000000
+
+//table flag
+#define STATIC_NOMINEE_FLAG 1
+#define DYNAMIC_NOMINEE_FLAG 2
+#define DNAT_POLICY_FLAG 4
+#define NOMINEE_FLAG 8
+#define INTERCEPT_FLAG 16
+#define CANDIDATE_FLAG 32
+
+//table_id
+#define STATIC_NOMINEE_ID 0
+#define DYNAMIC_NOMINEE_ID 1
+#define DNAT_POLICY_ID 2
+#define NOMINEE_ID 3
+#define INTERCEPT_ID 4
+#define CANDIDATE_ID 5
+
+struct IR_MCTRL_INFO
+{
+ int region_id;
+ int group_id;
+ int addr_type;
+ char src_ip[MAX_STRING_LEN];
+ char mask_src_ip[MAX_STRING_LEN];
+ char src_port[MAX_PORT_LEN];
+ char mask_src_port[MAX_PORT_LEN];
+ char dst_ip[MAX_STRING_LEN];
+ char mask_dst_ip[MAX_STRING_LEN];
+ char dst_port[MAX_PORT_LEN];
+ char mask_dst_port[MAX_PORT_LEN];
+ int procotol;
+ int direction;
+ int is_valid;
+ int action;
+ int service;
+ int addr_pool_id;
+ char effective_range[MAX_STRING_LEN];
+ char user_region[MAX_STRING_LEN];
+ char op_time[MAX_TIME_LEN];
+ int do_log;
+ int htable_flag;
+};
+
+struct mctrl_glocal_info
+{
+ void *logger_handle;
+ Maat_feather_t d_feather;
+ Maat_feather_t s_feather;
+ Maat_feather_t n_feather;
+ Maat_feather_t i_feather;
+ MESA_htable_handle mctrl_htable_handle;
+};
+
+
+#endif
+
+
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 15:31:27 +0000