diff options
| author | 崔一鸣 <[email protected]> | 2018-11-28 21:16:03 +0800 |
|---|---|---|
| committer | 崔一鸣 <[email protected]> | 2018-11-28 21:16:03 +0800 |
| commit | 51f6d0c17cd7885607302433780aa456676dd0ff (patch) | |
| tree | 0e50994372ea34a3c3dc7b74a8a17cd1ff096c09 | |
| parent | eaab1f2770dbda848a01f31c631961a016526bf8 (diff) | |
增加snat,dnat超时淘汰
| -rw-r--r-- | .vscode/ftp-kr.sync.cache.json | 204 | ||||
| -rw-r--r-- | access/include/ip_mgr.h | 4 | ||||
| -rw-r--r-- | access/include/nat.h | 4 | ||||
| -rw-r--r-- | access/src/ip_mgr.cpp | 44 | ||||
| -rw-r--r-- | access/src/main.cpp | 42 | ||||
| -rw-r--r-- | access/src/nat.cpp | 203 | ||||
| -rw-r--r-- | access/src/udp_server.cpp | 1 | ||||
| -rw-r--r-- | access/src/vpn_monitor.cpp | 2 | ||||
| -rw-r--r-- | common/include/mgw_utils.h | 12 | ||||
| -rw-r--r-- | common/src/mgw_tun.cpp | 1 | ||||
| -rw-r--r-- | common/src/mgw_utils.cpp | 55 | ||||
| -rw-r--r-- | conf/mgw.conf | 67 | ||||
| -rw-r--r-- | create_tun.sh | 8 |
13 files changed, 416 insertions, 231 deletions
diff --git a/.vscode/ftp-kr.sync.cache.json b/.vscode/ftp-kr.sync.cache.json index ac0ee69..5d02977 100644 --- a/.vscode/ftp-kr.sync.cache.json +++ b/.vscode/ftp-kr.sync.cache.json @@ -7,8 +7,8 @@ "include": { "mgw_utils.h": { "type": "-", - "size": 1669, - "lmtime": 1541749644647, + "size": 2409, + "lmtime": 1543324367843, "modified": false }, "tun.h": { @@ -16,19 +16,31 @@ "size": 294, "lmtime": 1541750944509, "modified": false + }, + "mgw_socket.h": { + "type": "-", + "size": 280, + "lmtime": 1542803512494, + "modified": false + }, + "mgw_tun.h": { + "type": "-", + "size": 335, + "lmtime": 1542337427911, + "modified": false } }, "CMakeLists.txt": { "type": "-", - "size": 174, - "lmtime": 1541749907789, + "size": 197, + "lmtime": 1542267283818, "modified": false }, "src": { "mgw_utils.cpp": { "type": "-", - "size": 2357, - "lmtime": 1541748400171, + "size": 6240, + "lmtime": 1543324108185, "modified": false }, "tun.cpp": { @@ -36,15 +48,40 @@ "size": 2742, "lmtime": 1541750772819, "modified": false + }, + "mgw_socket.cpp": { + "type": "-", + "size": 1222, + "lmtime": 1542803548144, + "modified": false + }, + "mgw_tun.cpp": { + "type": "-", + "size": 2513, + "lmtime": 1542856595431, + "modified": false } + }, + "CMakeFiles": {}, + "Makefile": { + "type": "-", + "size": 6174, + "lmtime": 0, + "modified": true + }, + "cmake_install.cmake": { + "type": "-", + "size": 1114, + "lmtime": 0, + "modified": false + }, + "libcommon.a": { + "type": "-", + "size": 9328, + "lmtime": 0, + "modified": true } }, - "CMakeLists.txt": { - "type": "-", - "size": 353, - "lmtime": 1540963722549, - "modified": false - }, "README.md": { "type": "-", "size": 26, @@ -54,15 +91,15 @@ "access": { "CMakeLists.txt": { "type": "-", - "size": 1093, - "lmtime": 1541746572765, + "size": 1421, + "lmtime": 1542874405065, "modified": false }, "include": { "vpn_monitor.h": { "type": "-", - "size": 316, - "lmtime": 1541745105496, + "size": 205, + "lmtime": 1543236257323, "modified": false }, "nat.cpp": { @@ -73,16 +110,28 @@ }, "nat.h": { "type": "-", - "size": 0, - "lmtime": 1541751736748, + "size": 561, + "lmtime": 1543324682605, + "modified": false + }, + "ip_mgr.h": { + "type": "-", + "size": 1191, + "lmtime": 1543325691334, + "modified": false + }, + "udp_server.h": { + "type": "-", + "size": 225, + "lmtime": 1542964765077, "modified": false } }, "src": { "main.cpp": { "type": "-", - "size": 6385, - "lmtime": 1541751403568, + "size": 16408, + "lmtime": 1543325721962, "modified": false }, "tun.cpp": { @@ -93,14 +142,14 @@ }, "vpn_monitor.cpp": { "type": "-", - "size": 8266, - "lmtime": 1541748000824, + "size": 9250, + "lmtime": 1543236257310, "modified": false }, "nat.cpp": { "type": "-", - "size": 3068, - "lmtime": 1541771190090, + "size": 24641, + "lmtime": 1543325655332, "modified": false }, "ip_translator.cpp": { @@ -120,22 +169,86 @@ "size": 0, "lmtime": 1541751709640, "modified": false + }, + "ip_mgr.cpp": { + "type": "-", + "size": 17464, + "lmtime": 1543325742644, + "modified": false + }, + "udp_server.cpp": { + "type": "-", + "size": 2491, + "lmtime": 1543320908556, + "modified": false + }, + "status_monitor.cpp": { + "type": "-", + "size": 3267, + "lmtime": 1542873603316, + "modified": false } }, "test": { "test_maat_redis.cpp": { "type": "-", - "size": 6241, - "lmtime": 1541320257970, + "size": 5515, + "lmtime": 1542703778965, "modified": false }, "test_tun.cpp": { "type": "-", "size": 3123, - "lmtime": 1541751177033, + "lmtime": 1542176058502, + "modified": false + }, + "test_MESA_htable.cpp": { + "type": "-", + "size": 3966, + "lmtime": 1543216225110, "modified": false } - } + }, + "CMakeFiles": {}, + "Makefile": { + "type": "-", + "size": 13421, + "lmtime": 0, + "modified": true + }, + "cmake_install.cmake": { + "type": "-", + "size": 1119, + "lmtime": 0, + "modified": true + }, + "log": {}, + "test_htable": { + "type": "-", + "size": 8584, + "lmtime": 0, + "modified": true + }, + "test_tun": { + "type": "-", + "size": 13584, + "lmtime": 0, + "modified": true + }, + "test_maat_redis": { + "type": "-", + "size": 13696, + "lmtime": 0, + "modified": false + }, + "mgw": { + "type": "-", + "size": 56312, + "lmtime": 0, + "modified": true + }, + "conf": {}, + "rulescan_tmp": {} }, "vendor": { "CMakeLists.txt": { @@ -155,16 +268,41 @@ "conf": { "table_info.conf": { "type": "-", - "size": 604, - "lmtime": 1541321983862, + "size": 633, + "lmtime": 1542702676007, "modified": false }, "mgw.conf": { "type": "-", - "size": 447, - "lmtime": 1541321983862, - "modified": true + "size": 1581, + "lmtime": 1543323941481, + "modified": false } + }, + "Makefile": { + "type": "-", + "size": 5841, + "lmtime": 0, + "modified": true + }, + "CMakeLists.txt": { + "type": "-", + "size": 459, + "lmtime": 1542863950666, + "modified": false + }, + "CMakeFiles": {}, + "CMakeCache.txt": { + "type": "-", + "size": 13301, + "lmtime": 0, + "modified": true + }, + "cmake_install.cmake": { + "type": "-", + "size": 1756, + "lmtime": 0, + "modified": true } } } diff --git a/access/include/ip_mgr.h b/access/include/ip_mgr.h index 8b75e59..7b2f9f7 100644 --- a/access/include/ip_mgr.h +++ b/access/include/ip_mgr.h @@ -28,7 +28,7 @@ struct ip_mgr_vxlan_info }; struct ip_mgr_handle; -struct ip_mgr_handle *ip_mgr_init(MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, - Maat_feather_t feather, struct htable_opts* opts, void *logger); +struct ip_mgr_handle *ip_mgr_init(const char *profile, MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, + Maat_feather_t feather, void *logger); void ip_mgr_destroy(struct ip_mgr_handle *handle); int ip_mgr_candidata_ip_get(struct ip_mgr_handle *handle, const char *user_name, uint32_t *selected_ip);
\ No newline at end of file diff --git a/access/include/nat.h b/access/include/nat.h index b97764b..5df0104 100644 --- a/access/include/nat.h +++ b/access/include/nat.h @@ -2,8 +2,8 @@ #define NAT_COVERT_FAILURE 0 struct nat_handle; -struct nat_handle * nat_init(MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, - struct field_stat_handle *fs_handle, struct htable_opts* opts, void *logger); +struct nat_handle * nat_init(const char *profile, MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, + struct field_stat_handle *fs_handle, void *logger); void nat_destroy(struct nat_handle *handle); int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_handle, char *buff, int len, struct ip_mgr_vxlan_info **vxlan_info, uint32_t *mrl_ip); int nat_dest_convert(struct nat_handle *handle, char *buff, int len);
\ No newline at end of file diff --git a/access/src/ip_mgr.cpp b/access/src/ip_mgr.cpp index 622e333..020a882 100644 --- a/access/src/ip_mgr.cpp +++ b/access/src/ip_mgr.cpp @@ -84,7 +84,7 @@ int ip_mgr_candidata_ip_get(struct ip_mgr_handle *handle, const char *user_name, } } -static void user_info_htable_data_free_cb(void *data) +static void user_policy_htable_data_free_cb(void *data) { FREE(&data); } @@ -145,13 +145,16 @@ static void Maat_user_policy_update_cb(int table_id, const char* table_line, voi { //add user_policy_htable int rtn = MESA_htable_add(handle->user_policy_htable, (const unsigned char *)user_name, key_size, value); - if(rtn < 0) + if(rtn < 0 && rtn != MESA_HTABLE_RET_DUP_ITEM) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at add, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at add, table is %s, user_name is %s, group_id is %d, rtn is %d", "user_policy_htable", user_name, group_id, rtn); return; } - MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at add, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); - FS_operate(fs_handle->handle, fs_handle->line_user_policy, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + if(rtn >= 0) + { + MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at add, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); + FS_operate(fs_handle->handle, fs_handle->line_user_policy, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + } } else { @@ -159,7 +162,7 @@ static void Maat_user_policy_update_cb(int table_id, const char* table_line, voi int rtn = MESA_htable_del(handle->user_policy_htable, (const unsigned char *)user_name, key_size, NULL); if(rtn < 0) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, user_name is %s, group_id is %d, rtn is %d", "user_policy_htable", user_name, group_id, rtn); return; } MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); @@ -234,7 +237,7 @@ static void Maat_cand_ip_update_cb(int table_id, const char* table_line, void* a int rtn = MESA_htable_add(handle->cand_ip_group_htable, (const unsigned char *)&group_id, sizeof(group_id), (void *)ip_group); if(rtn < 0) { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, group_id is %d, errno is %d", "cand_ip_group_htable", group_id, rtn); + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, group_id is %d, rtn is %d", "cand_ip_group_htable", group_id, rtn); return; } MGW_LOG_INFO(logger, "MESA_htable: Succeed at add, table is %s, group_id is %d", "cand_ip_group_htable", group_id); @@ -271,13 +274,16 @@ static void Maat_cand_ip_update_cb(int table_id, const char* table_line, void* a //add to cand_ip_detail_htable int rtn = MESA_htable_add(handle->cand_ip_detail_htable, (const unsigned char *)&ip, sizeof(ip), (void *)_cand_ip); - if(rtn < 0) + if(rtn < 0 && rtn != MESA_HTABLE_RET_DUP_ITEM) { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, ip is %s, rtn is %d", "cand_ip_detail_htable", rtn); return; } - MGW_LOG_INFO(logger, "MESA_htable: Succeed at add, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + if(rtn >= 0) + { + MGW_LOG_INFO(logger, "MESA_htable: Succeed at add, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + } } else { @@ -313,10 +319,10 @@ static void Maat_cand_ip_update_cb(int table_id, const char* table_line, void* a rtn = MESA_htable_del(handle->cand_ip_detail_htable, (const unsigned char *)(&ip), sizeof(ip), NULL); if(rtn < 0) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, ip is %s, rtn is %d", "cand_ip_detail_htable", ip_addr, rtn); return; } - MGW_LOG_ERROR(handle->logger, "MESA_htable: Succeed at del, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_element_num, FS_OP_ADD, -1); } return; @@ -350,7 +356,7 @@ static int Maat_plugin_register(Maat_feather_t feather, const char* table_name, table_id = Maat_table_register(feather, table_name); if(table_id == -1) { - MGW_LOG_ERROR(logger, "Maat_redis: database table %s register failed", table_name); + MGW_LOG_ERROR(logger, "Maat_redis: Failed at register table %s", table_name); return -1; } else @@ -358,7 +364,7 @@ static int Maat_plugin_register(Maat_feather_t feather, const char* table_name, ret = Maat_table_callback_register(feather, table_id, start, update, finish, (void *)handle); if(ret < 0) { - MGW_LOG_ERROR(logger, "Maat_redis: callback register table %s error", table_name); + MGW_LOG_ERROR(logger, "Maat_redis: Failed to register callback of table %s", table_name); return -1; } } @@ -366,16 +372,16 @@ static int Maat_plugin_register(Maat_feather_t feather, const char* table_name, } -struct ip_mgr_handle *ip_mgr_init(MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, - Maat_feather_t feather, struct htable_opts* opts, void *logger) +struct ip_mgr_handle *ip_mgr_init(const char *profile, MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, + Maat_feather_t feather, void *logger) { struct ip_mgr_handle *handle = ALLOC(struct ip_mgr_handle, 1); handle->logger = logger; handle->feather = feather; handle->fs_handle = fs_handle; handle->cand_ip_detail_htable = cand_ip_detail_htable; - handle->user_policy_htable = mgw_utils_create_htable("user_info_htable", opts, (void *)user_info_htable_data_free_cb, NULL); - handle->cand_ip_group_htable = mgw_utils_create_htable("cand_ip_group_htable", opts, (void *)cand_ip_group_htable_data_free_cb, NULL); + handle->user_policy_htable = mgw_utils_create_htable(profile, "user_policy_htable", (void *)user_policy_htable_data_free_cb, NULL, logger); + handle->cand_ip_group_htable = mgw_utils_create_htable(profile, "cand_ip_group_htable", (void *)cand_ip_group_htable_data_free_cb, NULL, logger); int rtn = Maat_plugin_register(feather, "IR_POLICY", Maat_user_policy_start_cb, Maat_user_policy_update_cb, Maat_user_policy_finish_cb, handle); if(rtn == -1) { diff --git a/access/src/main.cpp b/access/src/main.cpp index 15d37f8..3ccd966 100644 --- a/access/src/main.cpp +++ b/access/src/main.cpp @@ -19,7 +19,6 @@ struct mgw_handle void* logger; char *profile; Maat_feather_t Maat_feather; - struct htable_opts *htable_opts_s; struct mgw_tun_handle *mgw_tun_handle_s; struct nat_handle *nat_handle_s; struct ip_mgr_handle *ip_mgr_handle_s; @@ -34,7 +33,7 @@ static void wrapped_Maat_set_feather_opt(void *logger, Maat_feather_t feather, e int rtn = Maat_set_feather_opt(feather, type, value, size); if(unlikely(rtn < 0)) { - MGW_LOG_ERROR(logger, "Failed at Maat_set_feather_opt, type is %d", type); + MGW_LOG_ERROR(logger, "Failed at Maat_set_feather_opt, type is %d, rtn is %d", type, rtn); exit(EXIT_FAILURE); } } @@ -53,7 +52,8 @@ static Maat_feather_t Maat_init(const char *profile, void *logger) MESA_load_profile_string_def(profile, section, "Maat_redis_ip", Maat_redis_ip, sizeof(Maat_redis_ip), "127.0.0.1"); MESA_load_profile_int_def(profile, section, "Maat_redis_port", &Maat_redis_port, 6379); MESA_load_profile_string_def(profile, section, "stat_file_path", stat_file_path, sizeof(stat_file_path), "./log/Maat_stat.log"); - MGW_LOG_INFO(logger, "MESA_prof_load, [%s]:\n table_info_path: %s\n max_thread_num: %d\n Maat_redis_ip: %s\n Maat_redis_port: %d\n stat_file_path: %s", "Maat", table_info_path, max_thread_num, Maat_redis_ip, Maat_redis_port, stat_file_path); + MGW_LOG_INFO(logger, "MESA_prof_load, [%s]:\n table_info_path: %s\n max_thread_num: %d\n Maat_redis_ip: %s\n Maat_redis_port: %d\n stat_file_path: %s", "Maat", + table_info_path, max_thread_num, Maat_redis_ip, Maat_redis_port, stat_file_path); // init Maat Maat_feather_t feather = NULL; feather = Maat_feather(max_thread_num, table_info_path, logger); @@ -81,20 +81,6 @@ static Maat_feather_t Maat_init(const char *profile, void *logger) return feather; } -static struct htable_opts * htable_opt_init(const char* profile, void *logger) -{ - struct htable_opts* _htable_opts = ALLOC(struct htable_opts, 1); - const char *section = "htable_opt"; - MESA_load_profile_int_def(profile, section, "mho_screen_print_ctrl", &(_htable_opts->mho_screen_print_ctrl), 0); - MESA_load_profile_int_def(profile, section, "mho_thread_safe", &(_htable_opts->mho_thread_safe), 1); - MESA_load_profile_int_def(profile, section, "mho_mutex_num", &(_htable_opts->mho_mutex_num), 16); - MESA_load_profile_int_def(profile, section, "mho_hash_slot_size", &(_htable_opts->mho_hash_slot_size), 16000); - MESA_load_profile_int_def(profile, section, "mho_expire_time", &(_htable_opts->mho_expire_time), 0); - MGW_LOG_INFO(logger, "MESA_prof_load, [%s]:\n mho_screen_print_ctrl: %d\n mho_thread_safe: %d\n mho_mutex_num: %d\n mho_hash_slot_size: %d\n mho_expire_time: %d", - "htable_opt", _htable_opts->mho_screen_print_ctrl, _htable_opts->mho_thread_safe, _htable_opts->mho_mutex_num, _htable_opts->mho_hash_slot_size, _htable_opts->mho_expire_time); - return _htable_opts; -} - static void ip2user_htable_data_free_cb(void *data) { FREE(&data); @@ -286,10 +272,6 @@ static struct mgw_handle * mgw_init() _mgw_handle->logger = logger; _mgw_handle->profile = (char *)profile; - //init htable_opt - struct htable_opts * _htable_opts = htable_opt_init(profile, logger); - _mgw_handle->htable_opts_s = _htable_opts; - //init feild_stat struct field_stat_handle *fs_handle = fs_init(profile, logger); _mgw_handle->fs_handle = fs_handle; @@ -302,14 +284,14 @@ static struct mgw_handle * mgw_init() _mgw_handle->mgw_tun_handle_s = mgw_tun_init("tun_mgw", logger); //init ip_mgr - MESA_htable_handle cand_ip_detail_htable = mgw_utils_create_htable("cand_ip_detail_htable", _mgw_handle->htable_opts_s, (void *)cand_ip_detail_htable_data_free_cb, NULL); + MESA_htable_handle cand_ip_detail_htable = mgw_utils_create_htable(profile, "cand_ip_detail_htable", (void *)cand_ip_detail_htable_data_free_cb, NULL, logger); if(cand_ip_detail_htable == NULL) { MGW_LOG_ERROR(logger, "Failed at create cand_ip_detail_htable"); exit(EXIT_FAILURE); } _mgw_handle->cand_ip_detail_htable = cand_ip_detail_htable; - struct ip_mgr_handle * _ip_mgr_handle = ip_mgr_init(cand_ip_detail_htable, fs_handle, Maat_feather, _htable_opts, logger); + struct ip_mgr_handle * _ip_mgr_handle = ip_mgr_init(profile, cand_ip_detail_htable, fs_handle, Maat_feather, logger); if(unlikely(_ip_mgr_handle == NULL)) { MGW_LOG_ERROR(logger, "Failed at init_ip_mgr"); @@ -319,14 +301,14 @@ static struct mgw_handle * mgw_init() //init nat - MESA_htable_handle ip2user_htable = mgw_utils_create_htable("ip2user_htable", _mgw_handle->htable_opts_s, (void *)ip2user_htable_data_free_cb, NULL); + MESA_htable_handle ip2user_htable = mgw_utils_create_htable(profile, "ip2user_htable", (void *)ip2user_htable_data_free_cb, NULL, logger); if(ip2user_htable == NULL) { MGW_LOG_ERROR(logger, "Failed at create ip2user_htable"); exit(EXIT_FAILURE); } _mgw_handle->ip2user_htable = ip2user_htable; - _mgw_handle->nat_handle_s = nat_init(ip2user_htable, cand_ip_detail_htable, fs_handle, _htable_opts, logger); + _mgw_handle->nat_handle_s = nat_init(profile, ip2user_htable, cand_ip_detail_htable, fs_handle, logger); //create thread_vpn_monitor @@ -368,7 +350,6 @@ static void mgw_destroy(struct mgw_handle *handle) { MESA_destroy_runtime_log_handle(handle->logger); FREE(&handle->profile); - FREE(&handle->htable_opts_s); Maat_burn_feather(handle->Maat_feather); MESA_htable_destroy(handle->cand_ip_detail_htable, NULL); MESA_htable_destroy(handle->ip2user_htable, NULL); @@ -377,6 +358,7 @@ static void mgw_destroy(struct mgw_handle *handle) ip_mgr_destroy(handle->ip_mgr_handle_s); FREE(&handle->udp_client_handle_s); FS_stop(&handle->fs_handle->handle); + FREE(&handle->fs_handle); FREE(&handle); } @@ -404,6 +386,10 @@ static void mgw_run(struct mgw_handle *handle) sleep(10); struct timespec start_time, end_time; struct field_stat_handle *fs_handle = handle->fs_handle; + //for test + //struct timespec _start_time; + //clock_gettime(CLOCK_MONOTONIC, &_start_time); + while(1) { @@ -428,6 +414,10 @@ static void mgw_run(struct mgw_handle *handle) long long cost_time; cost_time = (end_time.tv_sec - start_time.tv_sec) * 1000000 + (end_time.tv_nsec - start_time.tv_nsec) / 1000; FS_operate(fs_handle->handle, fs_handle->snat_latency, 0, FS_OP_SET, cost_time); + + //for test + //if(end_time.tv_sec - _start_time.tv_sec > 60) + //break; } } diff --git a/access/src/nat.cpp b/access/src/nat.cpp index d558e0b..296c02f 100644 --- a/access/src/nat.cpp +++ b/access/src/nat.cpp @@ -7,7 +7,6 @@ struct nat_handle { void *logger; - struct htable_opts* htable_opts_s; MESA_htable_handle ip2user_htable; // should be thread-safe MESA_htable_handle snat_htable; MESA_htable_handle dnat_htable; @@ -16,6 +15,8 @@ struct nat_handle int access_id; }; +struct field_stat_handle *g_fs_handle; + struct session { uint32_t sip; @@ -189,27 +190,31 @@ static int packet_dest_replace(const char *buff, int len, struct ip_port_pair *p static void snat_htable_data_free_cb(void *data) { + //printf("call snat_htable_data_free_cb\n"); + FS_operate(g_fs_handle->handle, g_fs_handle->line_snat, g_fs_handle->cloumn_element_num, FS_OP_ADD, -1); FREE(&data); } static void dnat_htable_data_free_cb(void *data) { + //printf("call dnat_htable_data_free_cb\n"); + FS_operate(g_fs_handle->handle, g_fs_handle->line_dnat, g_fs_handle->cloumn_element_num, FS_OP_ADD, -1); FREE(&data); } -struct nat_handle * nat_init(MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, - struct field_stat_handle *fs_handle, struct htable_opts* opts, void *logger) +struct nat_handle * nat_init(const char *profile, MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, + struct field_stat_handle *fs_handle, void *logger) { struct nat_handle *handle = ALLOC(struct nat_handle, 1); handle->logger = logger; handle->fs_handle = fs_handle; handle->ip2user_htable = ip2user_htable; handle->cand_ip_detail_htable = cand_ip_detail_htable; - handle->htable_opts_s = opts; - handle->snat_htable = mgw_utils_create_htable("snat_htable", opts, (void *)snat_htable_data_free_cb, NULL); - handle->dnat_htable = mgw_utils_create_htable("dnat_htable", opts, (void *)dnat_htable_data_free_cb, NULL); + handle->snat_htable = mgw_utils_create_htable(profile, "snat_htable", (void *)snat_htable_data_free_cb, NULL, logger); + handle->dnat_htable = mgw_utils_create_htable(profile, "dnat_htable", (void *)dnat_htable_data_free_cb, NULL, logger); handle->access_id = 0; + g_fs_handle = fs_handle; return handle; } @@ -252,6 +257,24 @@ static long dnat_htable_query_cb(void *data, const uchar *key, uint size, void * } } +/* +static long dnat_htable_query_cb(void *data, const uchar *key, uint size, void *user_arg) +{ + struct ip_port_pair *pair = (struct ip_port_pair *)user_arg; + if(data != NULL) + { + struct ip_port_pair *_data = (struct ip_port_pair *)data; + pair->ip = _data->ip; + pair->port = _data->port; + return HTABLE_KEY_EXISTED; + } + else + { + return HTABLE_KEY_NOT_EXISTED; + } +} +*/ + static uint16_t get_candidate_port(int access_id, struct session *sess, uint32_t cand_ip) { u_int16_t random = mgw_utils_get_random(64); @@ -267,7 +290,8 @@ static uint16_t get_candidate_port(int access_id, struct session *sess, uint32_t return htons(port); } -static struct ip_port_pair * snat_pair_get(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_handle, const char *user_name, +//get snat_value, if succeed, has already added to dnat_htable +static struct ip_port_pair * snat_value_get(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_handle, const char *user_name, struct session *snat_key, struct ip_mgr_vxlan_info **vxlan_info, uint32_t *mrl_ip) { struct field_stat_handle *fs_handle = handle->fs_handle; @@ -277,7 +301,15 @@ static struct ip_port_pair * snat_pair_get(struct nat_handle *handle, struct ip_ dnat_key->sip = snat_key->dip; dnat_key->sport = snat_key->dport; dnat_key->proto = snat_key->proto; - struct ip_port_pair *pair = ALLOC(struct ip_port_pair, 1); + struct ip_port_pair *snat_value = ALLOC(struct ip_port_pair, 1); + struct ip_port_pair *dnat_value = ALLOC(struct ip_port_pair, 1); + dnat_value->ip = snat_key->sip; + dnat_value->port = snat_key->sport; + char dnat_key_sip[MGW_SYMBOL_MAX]; + char dnat_key_dip[MGW_SYMBOL_MAX]; + char dnat_value_ip[MGW_SYMBOL_MAX]; + mgw_utils_inet_ntoa(dnat_key->sip, dnat_key_sip); + mgw_utils_inet_ntoa(dnat_value->ip, dnat_value_ip); for(int i = 0; i < retry_times; i++) { uint32_t cand_ip; @@ -286,52 +318,59 @@ static struct ip_port_pair * snat_pair_get(struct nat_handle *handle, struct ip_ { MGW_LOG_INFO(logger, "Failed to find ip and port, user_name is %s", user_name); FREE(&dnat_key); - FREE(&pair); + FREE(&dnat_value); + FREE(&snat_value); return NULL; } u_int16_t port = get_candidate_port(handle->access_id, snat_key, cand_ip); - - //for test - //port = snat_key->sport; dnat_key->dip = cand_ip; dnat_key->dport = port; - long dnat_cb_rtn = -1; - MESA_htable_search_cb(handle->dnat_htable, (const unsigned char *)(dnat_key), sizeof(struct session), dnat_htable_query_cb, (void *)(pair), &dnat_cb_rtn); - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_queyr_num, FS_OP_ADD, 1); - if(dnat_cb_rtn == HTABLE_KEY_EXISTED) + snat_value->ip = cand_ip; + snat_value->port = port; + mgw_utils_inet_ntoa(dnat_key->dip, dnat_key_dip); + // check if cand_ip is still valid + struct ip_mgr_cand_ip_detail *cand_ip_detail = NULL; + cand_ip_detail = (struct ip_mgr_cand_ip_detail *)MESA_htable_search(handle->cand_ip_detail_htable, (const unsigned char *)(&cand_ip), sizeof(cand_ip)); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_queyr_num, FS_OP_ADD, 1); + char _ip[MGW_SYMBOL_MAX]; + if(cand_ip_detail == NULL) { - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); - MGW_LOG_INFO(logger, "Select ip and port conflict, retry times is %d", i); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); + mgw_utils_inet_ntoa(cand_ip, _ip); + MGW_LOG_ERROR(logger, "MESA_htable: table is %s, key %s not existed", "cand_ip_detail_htable", _ip); continue; } - else + MGW_LOG_INFO(logger, "MESA_htable: table is %s, key %s existed", "cand_ip_detail_htable", _ip); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); + + //try to add to dnat + rtn = MESA_htable_add(handle->dnat_htable, (const unsigned char *)dnat_key, sizeof(struct session), (void *)dnat_value); + if(rtn < 0 && rtn != MESA_HTABLE_RET_DUP_ITEM) { - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); - pair->ip = cand_ip; - pair->port = port; - //reference + 1, when to -- - struct ip_mgr_cand_ip_detail *cand_ip_detail = NULL; - cand_ip_detail = (struct ip_mgr_cand_ip_detail *)MESA_htable_search(handle->cand_ip_detail_htable, (const unsigned char *)(&cand_ip), sizeof(cand_ip)); - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_queyr_num, FS_OP_ADD, 1); - if(cand_ip_detail == NULL) - { - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); - char _ip[MGW_SYMBOL_MAX]; - mgw_utils_inet_ntoa(cand_ip, _ip); - MGW_LOG_ERROR(logger, "MESA_htable: table is %s, key %s not existed", "cand_ip_detail_htable", _ip); - continue; - } - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); - cand_ip_detail->reference ++; - *vxlan_info = cand_ip_detail->vxlan_info; - *mrl_ip = cand_ip_detail->mrl_ip; - FREE(&dnat_key); - return pair; + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>, rtn is %d", "dnat_htable", + dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port), rtn); + continue; + } + if(rtn == MESA_HTABLE_RET_DUP_ITEM) + { + MGW_LOG_INFO(logger, "Selected ip and port <%s:%d> conflict", dnat_key_dip, ntohs(dnat_key->dport)); + continue; } + //rtn >= 0, succeed to add to dnat + MGW_LOG_INFO(logger, "MESA_htable: Succeed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "dnat_htable", + dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port)); + FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + //reference + 1, when to --? + cand_ip_detail->reference ++; + *vxlan_info = cand_ip_detail->vxlan_info; + *mrl_ip = cand_ip_detail->mrl_ip; + FREE(&dnat_key); + return snat_value; } - MGW_LOG_INFO(logger, "Failed to find ip and port, retry times is %d", retry_times - 1); + MGW_LOG_ERROR(logger, "Failed to find ip and port, retry times is %d", retry_times - 1); FREE(&dnat_key); - FREE(&pair); + FREE(&dnat_value); + FREE(&snat_value); return NULL; } @@ -352,9 +391,6 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han char snat_key_sip[MGW_SYMBOL_MAX]; char snat_key_dip[MGW_SYMBOL_MAX]; char snat_value_ip[MGW_SYMBOL_MAX]; - char dnat_key_sip[MGW_SYMBOL_MAX]; - char dnat_key_dip[MGW_SYMBOL_MAX]; - char dnat_value_ip[MGW_SYMBOL_MAX]; mgw_utils_inet_ntoa(snat_key->sip, snat_key_sip); mgw_utils_inet_ntoa(snat_key->dip, snat_key_dip); @@ -396,8 +432,6 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han FREE(&snat_value); return NAT_COVERT_FAILURE; } - mgw_utils_inet_ntoa(snat_key->sip, snat_key_sip); - mgw_utils_inet_ntoa(snat_key->dip, snat_key_dip); MGW_LOG_INFO(logger, "After snat: session is <%s:%d %s:%d %d>", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); *vxlan_info = cand_ip_detail->vxlan_info; @@ -410,48 +444,18 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han { FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); MGW_LOG_INFO(handle->logger, "MESA_htable, key not existed, table is %s, key is %s", "cand_ip_detail_htable", snat_value_ip); - //if session exists in sant but ip is valid. del session from snat and dnat + //if session exists in sant but ip is valid. del session from snat, do not del dnat rtn = MESA_htable_del(handle->snat_htable, (const unsigned char *)(snat_key), sizeof(struct session), NULL); - // data may be freed because of expire if(rtn < 0 && rtn != MESA_HTABLE_RET_NOT_FOUND) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, errno is %d, table is %s, key is <%s:%d %s,%d, %d>", rtn, "snat_htable", + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, rtn is %d, table is %s, key is <%s:%d %s,%d, %d>", rtn, "snat_htable", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); FREE(&snat_key); FREE(&snat_value); return NAT_COVERT_FAILURE;; } - if(rtn >= 0) - { - FS_operate(fs_handle->handle, fs_handle->line_snat, fs_handle->cloumn_element_num, FS_OP_ADD, -1); - } - MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, key is <%s:%d %s,%d, %d>", "snat_htable", + MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, key is <%s:%d %s,%d, %d>", "snat_htable", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); - struct session *dnat_key = ALLOC(struct session, 1); - dnat_key->sip = snat_key->dip; - dnat_key->sport = snat_key->dport; - dnat_key->dip = snat_value->ip; - dnat_key->dport = snat_value->port; - dnat_key->proto = snat_key->proto; - mgw_utils_inet_ntoa(dnat_key->sip, dnat_key_sip); - mgw_utils_inet_ntoa(dnat_key->dip, dnat_key_dip); - rtn = MESA_htable_del(handle->dnat_htable, (const unsigned char *)(dnat_key), sizeof(struct session), NULL); - if(rtn < 0 && rtn != MESA_HTABLE_RET_NOT_FOUND) - { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, errno is %d, table is %s, key is <%s:%d %s,%d, %d>", rtn, "dnat_htable", - snat_key_sip, ntohs(dnat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); - FREE(&snat_key); - FREE(&snat_value); - FREE(&dnat_key); - return NAT_COVERT_FAILURE;; - } - if(rtn >= 0) - { - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_element_num, FS_OP_ADD, -1); - } - MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, key is <%s:%d %s,%d, %d>", "dnat_htable", - snat_key_sip, ntohs(dnat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); - FREE(&dnat_key); } } //do snat @@ -464,20 +468,20 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han if(user_name != NULL) { FS_operate(fs_handle->handle, fs_handle->line_ip2user, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); - snat_value = snat_pair_get(handle, _ip_mgr_handle, user_name, snat_key, vxlan_info, mrl_ip); + snat_value = snat_value_get(handle, _ip_mgr_handle, user_name, snat_key, vxlan_info, mrl_ip); if(snat_value == NULL) { FREE(&snat_key); FREE(&snat_value); return NAT_COVERT_FAILURE; } - //add sess to snat, dnat + //add sess to snat rtn = MESA_htable_add(handle->snat_htable, (const unsigned char *)(snat_key), sizeof(struct session), (const void*)snat_value); mgw_utils_inet_ntoa(snat_value->ip, snat_value_ip); if(rtn < 0) { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "snat_htable", - snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto, snat_value_ip, ntohs(snat_value->port)); + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>, rtn is %d", "snat_htable", + snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto, snat_value_ip, ntohs(snat_value->port), rtn); FREE(&snat_key); FREE(&snat_value); return NAT_COVERT_FAILURE; @@ -485,38 +489,12 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han FS_operate(fs_handle->handle, fs_handle->line_snat, fs_handle->cloumn_element_num, FS_OP_ADD, 1); MGW_LOG_INFO(logger, "MESA_htable: Succeed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "snat_htable", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto, snat_value_ip, ntohs(snat_value->port)); - struct session *dnat_key = ALLOC(struct session, 1); - dnat_key->sip = snat_key->dip; - dnat_key->sport = snat_key->dport; - dnat_key->dip = snat_value->ip; - dnat_key->dport = snat_value->port; - dnat_key->proto = snat_key->proto; - struct ip_port_pair *dnat_value = ALLOC(struct ip_port_pair, 1); - dnat_value->ip = snat_key->sip; - dnat_value->port = snat_key->sport; - mgw_utils_inet_ntoa(dnat_key->sip, dnat_key_sip); - mgw_utils_inet_ntoa(dnat_key->dip, dnat_key_dip); - mgw_utils_inet_ntoa(dnat_value->ip, dnat_value_ip); - rtn = MESA_htable_add(handle->dnat_htable, (const unsigned char *)(dnat_key), sizeof(struct session), (const void*)dnat_value); - if(rtn < 0) - { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "dnat_htable", - dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port)); - FREE(&snat_key); - FREE(&dnat_key); - FREE(&dnat_value); - return NAT_COVERT_FAILURE; - } - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_element_num, FS_OP_ADD, 1); - MGW_LOG_INFO(logger, "MESA_htable: Succeed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "dnat_htable", - dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port)); packet_src_replace(buff, len, snat_value); rtn = sess_get_from_packet(buff, len, snat_key); if(rtn == -1) { MGW_LOG_ERROR(logger, "Failed at parse packet, len is %d", len); FREE(&snat_key); - FREE(&dnat_key); return NAT_COVERT_FAILURE; } mgw_utils_inet_ntoa(snat_key->sip, snat_key_sip); @@ -524,7 +502,6 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han MGW_LOG_INFO(logger, "After snat: session is <%s:%d %s:%d %d>", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); FREE(&snat_key); - FREE(&dnat_key); return NAT_COVERT_SUCCESS; } else @@ -548,7 +525,7 @@ int nat_dest_convert(struct nat_handle *handle, char *buff, int len) int rtn = sess_get_from_packet(buff, len, dnat_key); if(rtn == -1) { - MGW_LOG_ERROR(logger, "Failed at parse packet, packet len is %d", len); + MGW_LOG_ERROR(logger, "Failed at nat_dest_convert: parse packet failed, packet len is %d", len); FREE(&dnat_key); return NAT_COVERT_FAILURE; } @@ -575,7 +552,7 @@ int nat_dest_convert(struct nat_handle *handle, char *buff, int len) rtn = sess_get_from_packet(buff, len, dnat_key); if(rtn == -1) { - MGW_LOG_ERROR(logger, "Failed at parse packet, len is %d", len); + MGW_LOG_ERROR(logger, "Failed at nat_dest_convert: parse packet failed, packet len is %d", len); FREE(&dnat_key); return NAT_COVERT_FAILURE; } diff --git a/access/src/udp_server.cpp b/access/src/udp_server.cpp index 52d9ca7..bcf8547 100644 --- a/access/src/udp_server.cpp +++ b/access/src/udp_server.cpp @@ -48,7 +48,6 @@ void * thread_udp_server(void *args) int rtn = nat_dest_convert(_nat_handle, buff, len); if(rtn == NAT_COVERT_FAILURE) { - //MGW_LOG_INFO(logger, "Failed to nat_dest_convert"); continue; } //write to tun diff --git a/access/src/vpn_monitor.cpp b/access/src/vpn_monitor.cpp index 9114b72..68d9c89 100644 --- a/access/src/vpn_monitor.cpp +++ b/access/src/vpn_monitor.cpp @@ -34,7 +34,7 @@ static long ip2user_cb_to_del_key(void *data, const uchar *key, uint size, void FS_operate(fs_handle->handle, fs_handle->line_ip2user, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); MGW_LOG_INFO(handle->logger, "MESA_htable: key existed, table is %s, key is %s", "ip2user_htable", _key); int rtn = MESA_htable_del(handle->ip2user_htable, key, size, NULL); - if(rtn != 0) + if(rtn < 0) { MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, errno is %d, table is %s, key is %s", rtn, "ip2user_htable", _key); return HTABLE_QUERY_CB_FAILURE; diff --git a/common/include/mgw_utils.h b/common/include/mgw_utils.h index 3deeace..db001f2 100644 --- a/common/include/mgw_utils.h +++ b/common/include/mgw_utils.h @@ -42,17 +42,9 @@ do { \ #define MGW_LOG_DEBUG(handler, fmt, ...) \ do { MESA_handle_runtime_log(handler, RLOG_LV_DEBUG, "mgw", fmt, ##__VA_ARGS__); } while(0) -struct htable_opts -{ - int mho_screen_print_ctrl; - int mho_thread_safe; - int mho_mutex_num; - int mho_hash_slot_size; - int mho_expire_time; - void *logger; -}; + //fprintf(stderr, fmt "\n", ##__VA_ARGS__); -MESA_htable_handle mgw_utils_create_htable(const char *symbol, struct htable_opts *_htable_opts, void *free_data_cb, void *expire_notify_cb); +MESA_htable_handle mgw_utils_create_htable(const char *profile, const char *section, void *free_data_cb, void *expire_notify_cb, void *logger); struct field_stat_handle diff --git a/common/src/mgw_tun.cpp b/common/src/mgw_tun.cpp index b082a79..b7fe3f7 100644 --- a/common/src/mgw_tun.cpp +++ b/common/src/mgw_tun.cpp @@ -68,6 +68,7 @@ int mgw_tun_read(struct mgw_tun_handle *handle, char *buff, size_t len) MGW_LOG_ERROR(logger, "mgw_tun: Failed at read from tun, errno is %d, %s\n", errno, strerror(errno));
exit(EXIT_FAILURE);
}
+ MGW_LOG_INFO(logger, "mgw_tun: Succeed at read from tun, len is %d", recv_len);
return recv_len;
}
diff --git a/common/src/mgw_utils.cpp b/common/src/mgw_utils.cpp index defffe3..34368c7 100644 --- a/common/src/mgw_utils.cpp +++ b/common/src/mgw_utils.cpp @@ -5,8 +5,8 @@ static int __wrapper_MESA_htable_set_opt(MESA_htable_handle table, enum MESA_hta int ret = MESA_htable_set_opt(table, opt_type, &value, (int)(sizeof(value))); if(unlikely(ret != 0)) { + MGW_LOG_ERROR(logger, "Failed at MESA_htable_set_opt, htable is %s, opt_type is %d", symbol, opt_type); exit(EXIT_FAILURE); - MGW_LOG_ERROR(logger, "Failed at MESA_htable_set_opt, htable is %s, opt_type is %d", symbol, opt_type); } return ret; } @@ -16,33 +16,56 @@ static int __wrapper_MESA_htable_set_opt(MESA_htable_handle table, enum MESA_hta int ret = MESA_htable_set_opt(table, opt_type, val, (int)len); if(unlikely(ret != 0)) { + MGW_LOG_ERROR(logger, "Failed at MESA_htable_set_opt, htable is %s, opt_type is %d", symbol, opt_type); exit(EXIT_FAILURE); - MGW_LOG_ERROR(logger, "Failed at MESA_htable_set_opt, htable is %s, opt_type is %d", symbol, opt_type); } return ret; } -MESA_htable_handle mgw_utils_create_htable(const char *symbol, struct htable_opts *_htable_opts, void *free_data_cb, void *expire_notify_cb) +MESA_htable_handle mgw_utils_create_htable(const char *profile, const char *section, void *free_data_cb, void *expire_notify_cb, void *logger) { - int ret = 0; - void *logger = _htable_opts->logger; + int mho_screen_print_ctrl; + int mho_thread_safe; + int mho_mutex_num; + int mho_hash_slot_size; + int mho_hash_max_element_num; + int mho_expire_time; + char mho_eliminate_type[MGW_SYMBOL_MAX]; + MESA_load_profile_int_def(profile, section, "mho_screen_print_ctrl", &mho_screen_print_ctrl, 1); + MESA_load_profile_int_def(profile, section, "mho_thread_safe", &mho_thread_safe, 0); + MESA_load_profile_int_def(profile, section, "mho_mutex_num", &mho_mutex_num, 12); + MESA_load_profile_int_def(profile, section, "mho_hash_slot_size", &mho_hash_slot_size, 1234); + MESA_load_profile_int_def(profile, section, "mho_hash_max_element_num", &mho_hash_max_element_num, 12345); + MESA_load_profile_int_def(profile, section, "mho_expire_time", &mho_expire_time, 3600); + MESA_load_profile_string_def(profile, section, "mho_eliminate_type", mho_eliminate_type, sizeof(mho_eliminate_type), "FIFO"); + MGW_LOG_INFO(logger, "MESA_prof_load, [%s]:\n mho_screen_print_ctrl: %d\n mho_thread_safe: %d\n mho_mutex_num: %d\n" + "mho_hash_slot_size: %d\n mho_hash_max_element_num: %d\n mho_expire_time: %d\n mho_eliminate_type: %s\n", section, + mho_screen_print_ctrl, mho_thread_safe, mho_mutex_num, mho_hash_slot_size, mho_hash_max_element_num, mho_expire_time, mho_eliminate_type); MESA_htable_handle htable = MESA_htable_born(); - __wrapper_MESA_htable_set_opt(htable, MHO_SCREEN_PRINT_CTRL, _htable_opts->mho_screen_print_ctrl, logger, symbol); - __wrapper_MESA_htable_set_opt(htable, MHO_THREAD_SAFE, _htable_opts->mho_thread_safe, logger, symbol); - __wrapper_MESA_htable_set_opt(htable, MHO_MUTEX_NUM, _htable_opts->mho_mutex_num, logger, symbol); - __wrapper_MESA_htable_set_opt(htable, MHO_HASH_SLOT_SIZE, _htable_opts->mho_hash_slot_size, logger, symbol); - __wrapper_MESA_htable_set_opt(htable, MHO_HASH_MAX_ELEMENT_NUM, _htable_opts->mho_hash_slot_size * 4, logger, symbol); - __wrapper_MESA_htable_set_opt(htable, MHO_EXPIRE_TIME, _htable_opts->mho_expire_time, logger, symbol); - __wrapper_MESA_htable_set_opt(htable, MHO_ELIMIMINATE_TYPE, HASH_ELIMINATE_ALGO_FIFO, logger, symbol); - ret = __wrapper_MESA_htable_set_opt(htable, MHO_CBFUN_DATA_FREE, - (void *)free_data_cb, sizeof(free_data_cb), logger, symbol); + __wrapper_MESA_htable_set_opt(htable, MHO_SCREEN_PRINT_CTRL, mho_screen_print_ctrl, logger, section); + __wrapper_MESA_htable_set_opt(htable, MHO_THREAD_SAFE, mho_thread_safe, logger, section); + __wrapper_MESA_htable_set_opt(htable, MHO_MUTEX_NUM, mho_mutex_num, logger, section); + __wrapper_MESA_htable_set_opt(htable, MHO_HASH_SLOT_SIZE, mho_hash_slot_size, logger, section); + __wrapper_MESA_htable_set_opt(htable, MHO_HASH_MAX_ELEMENT_NUM, mho_hash_max_element_num, logger, section); + __wrapper_MESA_htable_set_opt(htable, MHO_EXPIRE_TIME, mho_expire_time, logger, section); + if(strncmp(mho_eliminate_type, "LRU", MGW_SYMBOL_MAX) == 0) + { + __wrapper_MESA_htable_set_opt(htable, MHO_ELIMIMINATE_TYPE, HASH_ELIMINATE_ALGO_LRU, logger, section); + } + else + { + __wrapper_MESA_htable_set_opt(htable, MHO_ELIMIMINATE_TYPE, HASH_ELIMINATE_ALGO_FIFO, logger, section); + } + + __wrapper_MESA_htable_set_opt(htable, MHO_CBFUN_DATA_FREE, + (void *)free_data_cb, sizeof(free_data_cb), logger, section); //ret = __wrapper_MESA_htable_set_opt(htable, MHO_CBFUN_DATA_EXPIRE_NOTIFY, // (void *)key_keeper_verify_cb); - ret = MESA_htable_mature(htable); + int ret = MESA_htable_mature(htable); if(unlikely(ret != 0)) { + MGW_LOG_ERROR(logger, "Failed at MESA_htable_mature, htable is %s", section); exit(EXIT_FAILURE); - MGW_LOG_ERROR(logger, "Failed at MESA_htable_mature, htable is %s", symbol); } return htable; } diff --git a/conf/mgw.conf b/conf/mgw.conf index 8803215..054bf2a 100644 --- a/conf/mgw.conf +++ b/conf/mgw.conf @@ -9,14 +9,6 @@ maat_redis_ip = 192.168.10.180 maat_redis_port = 26379 stat_file_path = ./log/maat_stat.log - -[htable_opt] -mho_screen_print_ctrl = 0 -mho_thread_safe = 1 -mho_mutex_num = 16 -mho_hash_slot_size = 16000 -mho_expire_time = 0 - [vpn_server] vpn_server_ip = localhost vpn_server_port = 443 @@ -29,3 +21,62 @@ port = 23456 [udp_server] ip = 192.168.11.137 port = 33456 + + +[snat_htable] +mho_screen_print_ctrl = 0 +mho_thread_safe = 1 +mho_mutex_num = 160 +mho_hash_slot_size = 160000 +mho_hash_max_element_num = 640000 +mho_expire_time = 90 +mho_eliminate_type = LRU + +[dnat_htable] +mho_screen_print_ctrl = 0 +mho_thread_safe = 1 +mho_mutex_num = 160 +mho_hash_slot_size = 160000 +mho_hash_max_element_num = 640000 +mho_expire_time = 90 +mho_eliminate_type = LRU + +[ip2user_htable] +mho_screen_print_ctrl = 0 +mho_thread_safe = 1 +mho_mutex_num = 16 +mho_hash_slot_size = 16000 +mho_hash_max_element_num = 64000 +mho_expire_time = 0 +mho_eliminate_type = LRU + +[user_policy_htable] +mho_screen_print_ctrl = 0 +mho_thread_safe = 1 +mho_mutex_num = 16 +mho_hash_slot_size = 16000 +mho_hash_max_element_num = 64000 +mho_expire_time = 0 +mho_eliminate_type = LRU + +[cand_ip_group_htable] +mho_screen_print_ctrl = 0 +mho_thread_safe = 1 +mho_mutex_num = 16 +mho_hash_slot_size = 1600 +mho_hash_max_element_num = 6400 +mho_expire_time = 0 +mho_eliminate_type = LRU + +[cand_ip_detail_htable] +mho_screen_print_ctrl = 0 +mho_thread_safe = 1 +mho_mutex_num = 16 +mho_hash_slot_size = 16000 +mho_hash_max_element_num = 64000 +mho_expire_time = 0 +mho_eliminate_type = LRU + + + + diff --git a/create_tun.sh b/create_tun.sh new file mode 100644 index 0000000..9c6efb6 --- /dev/null +++ b/create_tun.sh @@ -0,0 +1,8 @@ +#!/bin/sh +ip addr add 192.168.30.254/24 dev tap_softether +ip tuntap add dev tun_mgw mode tun && ifconfig tun_mgw up +ip rule add iif tap_softether tab 100 +ip route add default dev tun_mgw table 100 +echo 1 > /proc/sys/net/ipv4/ip_forward +echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter +sysctl -w net.ipv4.conf.default.rp_filter=0 |