diff options
| -rw-r--r-- | bin/conf/all_ip_info_v4.mmdb | bin | 148263034 -> 0 bytes | |||
| -rw-r--r-- | doc/MRL部署及常见日志说明-简版.docx | bin | 20871 -> 21411 bytes | |||
| -rw-r--r-- | include/mrl_utils.h | 3 | ||||
| -rw-r--r-- | src/mrl_io.cpp | 32 | ||||
| -rw-r--r-- | src/mrl_redis.cpp | 101 | ||||
| -rw-r--r-- | src/mrl_utils.cpp | 11 |
6 files changed, 82 insertions, 65 deletions
diff --git a/bin/conf/all_ip_info_v4.mmdb b/bin/conf/all_ip_info_v4.mmdb Binary files differdeleted file mode 100644 index a5d5bd9..0000000 --- a/bin/conf/all_ip_info_v4.mmdb +++ /dev/null diff --git a/doc/MRL部署及常见日志说明-简版.docx b/doc/MRL部署及常见日志说明-简版.docx Binary files differindex 03414b3..4d09b6e 100644 --- a/doc/MRL部署及常见日志说明-简版.docx +++ b/doc/MRL部署及常见日志说明-简版.docx diff --git a/include/mrl_utils.h b/include/mrl_utils.h index 56d2759..794221c 100644 --- a/include/mrl_utils.h +++ b/include/mrl_utils.h @@ -56,6 +56,7 @@ #define MRL_CLOSED_LOCATION -1
#define MRL_INSIDE_LOCATION 0
#define MRL_OUTSIDE_LOCATION 1
+#define MRL_UNDEFINED_LOCATION 2
#define MRL_COUNTRY_LEVEL 0
#define MRL_PROVINCE_LEVEL 1
@@ -107,6 +108,6 @@ int mrl_get_pkt_tuple(const char *raw_packet, struct mrl_tuple *five_tuple); void mrl_mmdb_init(const char *path);
-int mrl_is_inside_ip(const char *ip_addr);
+int mrl_is_outside_ip(const char *ip_addr);
#endif
diff --git a/src/mrl_io.cpp b/src/mrl_io.cpp index 2879108..265f4de 100644 --- a/src/mrl_io.cpp +++ b/src/mrl_io.cpp @@ -323,7 +323,7 @@ void ht_link_identity_iterate_cb(const uchar* key, uint size, void* data, void* size_t ip_len = 0;
int thread_seq = 0;
int temp_len = 0;
- int is_inside = -1;
+ int is_outside = MRL_CLOSED_LOCATION;
char ip_pkt[MRL_IP_PKT_LEN];
memset(ip_pkt,0,MRL_IP_PKT_LEN);
uint64_t* identity_value = (uint64_t* )data;
@@ -336,15 +336,20 @@ void ht_link_identity_iterate_cb(const uchar* key, uint size, void* data, void* inet_pton(AF_INET,mydata->detect_ip,&sip);
if(mrl_instance.mrl_cfg.ip_location_enable)
{
- is_inside =mrl_is_inside_ip(mydata->detect_ip);
- if(is_inside)
+ is_outside =mrl_is_outside_ip(mydata->detect_ip);
+ switch(is_outside)
{
- inet_pton(AF_INET,mrl_instance.mrl_cfg.outside_detect_ip,&dip);
- }
- else
- {
- inet_pton(AF_INET,mrl_instance.mrl_cfg.inside_detect_ip,&dip);
- }
+ case MRL_INSIDE_LOCATION:
+ case MRL_UNDEFINED_LOCATION:
+ inet_pton(AF_INET,mrl_instance.mrl_cfg.outside_detect_ip,&dip);
+ break;
+ case MRL_OUTSIDE_LOCATION:
+ inet_pton(AF_INET,mrl_instance.mrl_cfg.inside_detect_ip,&dip);
+ break;
+ default:
+ assert(0);
+ break;
+ }
}
else
{
@@ -354,7 +359,7 @@ void ht_link_identity_iterate_cb(const uchar* key, uint size, void* data, void* sapp_get_platform_opt(SPO_INDEPENDENT_THREAD_ID, &thread_seq, &temp_len);
mrl_send_to_gdev(thread_seq,link_identity,ip_pkt,ip_len);
global_stat.send_detect_pkts ++;
- switch(is_inside)
+ switch(is_outside)
{
case MRL_CLOSED_LOCATION:
MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"ht_link_identity_iterate_cb",
@@ -365,12 +370,17 @@ void ht_link_identity_iterate_cb(const uchar* key, uint size, void* data, void* MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"ht_link_identity_iterate_cb",
"cur detect ip %s is inside ip,detect dest ip is %s,detect payload info is [nominee_type:%d,link_identity:%lu]",
mydata->detect_ip,mrl_instance.mrl_cfg.outside_detect_ip,mydata->nominee_type,link_identity);
- break;
+ break;
case MRL_OUTSIDE_LOCATION:
MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"ht_link_identity_iterate_cb",
"cur detect ip %s is outside ip,detect dest ip is %s,detect payload info is [nominee_type:%d,link_identity:%lu]",
mydata->detect_ip,mrl_instance.mrl_cfg.inside_detect_ip,mydata->nominee_type,link_identity);
break;
+ case MRL_UNDEFINED_LOCATION:
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"ht_link_identity_iterate_cb",
+ "cur detect ip %s is undefined ip,detect dest ip is %s,detect payload info is [nominee_type:%d,link_identity:%lu]",
+ mydata->detect_ip,mrl_instance.mrl_cfg.inside_detect_ip,mydata->nominee_type,link_identity);
+ break;
default:
assert(0);
break;
diff --git a/src/mrl_redis.cpp b/src/mrl_redis.cpp index 90b83c4..34c49ef 100644 --- a/src/mrl_redis.cpp +++ b/src/mrl_redis.cpp @@ -267,14 +267,17 @@ void Maat_del_back_info(const int cfg_id, const char *back_ip) void Maat_del_dnat_candidate(const char *candidate_ip,int rule_id)
{
- if(Maat_del_line(mrl_instance.dynamic_feather, rule_id,MRL_DEL_AFTER,IR_DNAT_CANDIDATE_IP_TABLE_NAME))
+ if(MESA_htable_search_cb(mrl_instance.ht_dnat_candidate, (const unsigned char *)candidate_ip, MRL_STR_IP_LEN,NULL,NULL,NULL) != NULL)
{
- MESA_handle_runtime_log(mrl_instance.mrl_log_handle,RLOG_LV_FATAL,"Maat_del_dnat_candidate","Maat succeed to del dnat_candidate item %s",candidate_ip);
- global_stat.vxlan_info_num--;
- }
- else
- {
- MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"Maat_del_dnat_candidate","Maat fail to del dnat_candidate item %s",candidate_ip);
+ if(Maat_del_line(mrl_instance.dynamic_feather, rule_id,MRL_DEL_AFTER,IR_DNAT_CANDIDATE_IP_TABLE_NAME))
+ {
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle,RLOG_LV_FATAL,"Maat_del_dnat_candidate","Maat succeed to del dnat_candidate item %s",candidate_ip);
+ global_stat.vxlan_info_num--;
+ }
+ else
+ {
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"Maat_del_dnat_candidate","Maat fail to del dnat_candidate item %s",candidate_ip);
+ }
}
}
@@ -287,7 +290,7 @@ void mrl_create_snat_candidate(struct mrl_snat_candidate* snat_candidate, struct strncpy(snat_candidate->ip_addr,(const char*)snat_nominee->ip_addr,MRL_STR_IP_LEN);
if(mrl_instance.mrl_cfg.ip_location_enable)
{
- snat_candidate->location = mrl_is_inside_ip(snat_candidate->ip_addr);
+ snat_candidate->location = mrl_is_outside_ip(snat_candidate->ip_addr);
}
else
{
@@ -309,7 +312,7 @@ void mrl_create_dnat_candidate(struct mrl_dnat_candidate* dnat_candidate, struct dnat_candidate->addr_type = dnat_nominee->addr_type;
if(mrl_instance.mrl_cfg.ip_location_enable)
{
- dnat_candidate->location = mrl_is_inside_ip(dnat_candidate->ip_addr);
+ dnat_candidate->location = mrl_is_outside_ip(dnat_candidate->ip_addr);
}
else
{
@@ -404,7 +407,7 @@ void snat_nominee_start_cb(int update_type,void* u_para) void snat_nominee_update_cb(int table_id,const char *table_line,void *u_para)
{
int ret = 0;
- int is_inside = -1;
+ int is_outside = MRL_CLOSED_LOCATION;
struct mrl_nominee snat_nominee;
memset(&snat_nominee,0,sizeof(snat_nominee));
@@ -424,10 +427,11 @@ void snat_nominee_update_cb(int table_id,const char *table_line,void *u_para) strncpy(nominee_key.sip,(const char*)snat_nominee.ip_addr,MRL_STR_IP_LEN);
if(mrl_instance.mrl_cfg.ip_location_enable)
{
- is_inside = mrl_is_inside_ip(snat_nominee.ip_addr);
- switch(is_inside)
+ is_outside = mrl_is_outside_ip(snat_nominee.ip_addr);
+ switch(is_outside)
{
case MRL_INSIDE_LOCATION:
+ case MRL_UNDEFINED_LOCATION:
strncpy(nominee_key.dip,(const char*)mrl_instance.mrl_cfg.outside_detect_ip,MRL_STR_IP_LEN);
break;
case MRL_OUTSIDE_LOCATION:
@@ -599,7 +603,7 @@ void dnat_policy_start_cb(int update_type,void* u_para) void dnat_policy_update_cb(int table_id, const char *table_line, void *u_para)
{
- int ret = 0, is_inside = -1;
+ int ret = 0, is_outside = MRL_CLOSED_LOCATION;
int operation = MRL_ADD_DNAT_NOMINEE;
long nominee_count = 0;
struct mrl_dnat_policy dnat_policy;
@@ -629,10 +633,11 @@ void dnat_policy_update_cb(int table_id, const char *table_line, void *u_para) strncpy(nominee_key.sip,dnat_policy.original_dest_ip,MRL_STR_IP_LEN);
if(mrl_instance.mrl_cfg.ip_location_enable)
{
- is_inside = mrl_is_inside_ip(dnat_policy.original_dest_ip);
- switch(is_inside)
+ is_outside = mrl_is_outside_ip(dnat_policy.original_dest_ip);
+ switch(is_outside)
{
case MRL_INSIDE_LOCATION:
+ case MRL_UNDEFINED_LOCATION:
strncpy(nominee_key.dip,(const char*)mrl_instance.mrl_cfg.outside_detect_ip,MRL_STR_IP_LEN);
break;
case MRL_OUTSIDE_LOCATION:
@@ -1102,13 +1107,10 @@ bool mrl_construct_ir_vxlan_info(int cfg_id, uint64_t link_identity,const char* assert(0);
return false;
}
- else
- {
- global_stat.vxlan_info_num++;
- MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_construct_ir_vxlan_info"," Maat succeed to insert the vxlan_info key[back_ip:%s] into ht_vxlan_info",back_ip);
- Maat_set_vxlan_info(mrl_instance.dynamic_feather,vxlan_info);
- return true;
- }
+ global_stat.vxlan_info_num++;
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_construct_ir_vxlan_info"," Maat succeed to insert the vxlan_info key[back_ip:%s] into ht_vxlan_info",back_ip);
+ Maat_set_vxlan_info(mrl_instance.dynamic_feather,vxlan_info);
+ return true;
}
else
{
@@ -1133,27 +1135,21 @@ void mrl_construct_ir_mrl_ip(int mrl_ip_config_id, const char* back_ip, int back assert(0);
return;
}
- else
- {
- global_stat.mrl_ip_num ++;
- MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_construct_ir_mrl_ip"," Maat succeed to insert the mrl_ip_info key[back_ip:%s] into ht_mrl_ip_info",back_ip);
- Maat_set_mrl_ip(mrl_instance.dynamic_feather, mrl_ip);
- return ;
- }
+ global_stat.mrl_ip_num ++;
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_construct_ir_mrl_ip"," Maat succeed to insert the mrl_ip_info key[back_ip:%s] into ht_mrl_ip_info",back_ip);
+ Maat_set_mrl_ip(mrl_instance.dynamic_feather, mrl_ip);
}
else
{
MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_construct_ir_mrl_ip","the mrl_ip_info key[back_ip:%s] is duplicate in ht_mrl_ip_info",back_ip);
- return ;
}
-
+ return ;
}
void mrl_deal_snat_detect(struct mrl_nominee* snat_nominee, uint64_t link_identity)
{
int ret = 0;
struct mrl_snat_candidate* snat_candidate = NULL;
-
if(MESA_htable_search_cb(mrl_instance.ht_snat_candidate, (const unsigned char *)snat_nominee->ip_addr, MRL_STR_IP_LEN,NULL,NULL,NULL) == NULL)
{
snat_candidate = (struct mrl_snat_candidate* )calloc(1,sizeof(struct mrl_snat_candidate));
@@ -1162,19 +1158,18 @@ void mrl_deal_snat_detect(struct mrl_nominee* snat_nominee, uint64_t link_identi ret = MESA_htable_add(mrl_instance.ht_snat_candidate, (const unsigned char *)snat_candidate->ip_addr, MRL_STR_IP_LEN, snat_candidate);
if(ret < 0)
{
- MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_deal_snat_detect","fail to add the snat_candidate key[ip_addr:%s] into ht_vxlan_info! ret is %d",snat_candidate->ip_addr,ret);
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_deal_snat_detect","fail to add the snat_candidate key[ip_addr:%s] into ht_snat_candidate ! ret is %d",snat_candidate->ip_addr,ret);
free(snat_candidate);
snat_candidate = NULL;
assert(0);
- }
- else
+ return;
+ }
+ global_stat.snat_candidate_num ++;
+ if(Maat_set_snat_candidate(mrl_instance.dynamic_feather,snat_candidate))
{
- if(Maat_set_snat_candidate(mrl_instance.dynamic_feather,snat_candidate))
+ if(mrl_construct_ir_vxlan_info(snat_candidate->config_id,link_identity,snat_candidate->ip_addr,MRL_SNAT_BACK_TYPE))
{
- if(mrl_construct_ir_vxlan_info(snat_candidate->config_id,link_identity,snat_candidate->ip_addr,MRL_SNAT_BACK_TYPE))
- {
- mrl_construct_ir_mrl_ip(snat_candidate->config_id,snat_candidate->ip_addr,MRL_SNAT_BACK_TYPE);
- }
+ mrl_construct_ir_mrl_ip(snat_candidate->config_id,snat_candidate->ip_addr,MRL_SNAT_BACK_TYPE);
}
}
}
@@ -1186,22 +1181,34 @@ void mrl_deal_snat_detect(struct mrl_nominee* snat_nominee, uint64_t link_identi void mrl_deal_dnat_detect(struct mrl_nominee* dnat_nominee, uint64_t link_identity)
{
- struct mrl_dnat_candidate dnat_candidate;
- memset(&dnat_candidate,0,sizeof(struct mrl_dnat_candidate));
+ int ret = 0;
+ struct mrl_dnat_candidate* dnat_candidate = NULL;
if(MESA_htable_search_cb(mrl_instance.ht_dnat_candidate, (const unsigned char *)dnat_nominee->ip_addr, MRL_STR_IP_LEN,NULL,NULL,NULL) == NULL)
{
- mrl_create_dnat_candidate(&dnat_candidate,dnat_nominee);
- if(Maat_set_dnat_candidate(mrl_instance.dynamic_feather,&dnat_candidate))
+ dnat_candidate = (struct mrl_dnat_candidate* )calloc(1,sizeof(struct mrl_dnat_candidate));
+ global_stat.malloc_memory += sizeof(struct mrl_dnat_candidate);
+ mrl_create_dnat_candidate(dnat_candidate,dnat_nominee);
+ ret = MESA_htable_add(mrl_instance.ht_dnat_candidate, (const unsigned char *)dnat_candidate->ip_addr, MRL_STR_IP_LEN, dnat_candidate);
+ if(ret < 0)
+ {
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_deal_dnat_detect","fail to add the dnat_candidate key[ip_addr:%s] into ht_dnat_candidate! ret is %d",dnat_candidate->ip_addr,ret);
+ free(dnat_candidate);
+ dnat_candidate = NULL;
+ assert(0);
+ return;
+ }
+ global_stat.dnat_candidate_num ++;
+ if(Maat_set_dnat_candidate(mrl_instance.dynamic_feather,dnat_candidate))
{
- if(mrl_construct_ir_vxlan_info(dnat_candidate.config_id,link_identity,dnat_candidate.ip_addr,MRL_DNAT_BACK_TYPE))
+ if(mrl_construct_ir_vxlan_info(dnat_candidate->config_id,link_identity,dnat_candidate->ip_addr,MRL_DNAT_BACK_TYPE))
{
- mrl_construct_ir_mrl_ip(dnat_candidate.config_id,dnat_candidate.ip_addr,MRL_DNAT_BACK_TYPE);
+ mrl_construct_ir_mrl_ip(dnat_candidate->config_id,dnat_candidate->ip_addr,MRL_DNAT_BACK_TYPE);
}
}
}
else
{
- MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_identify_detect_pkt","cur candidate ip[ip_addr:%s] is duplicated int ht_dnat_candidate",dnat_nominee->ip_addr);
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_deal_dnat_detect","cur dnat candidate ip[ip_addr:%s] is duplicated int ht_dnat_candidate",dnat_nominee->ip_addr);
}
}
diff --git a/src/mrl_utils.cpp b/src/mrl_utils.cpp index 7c9283f..96e12a3 100644 --- a/src/mrl_utils.cpp +++ b/src/mrl_utils.cpp @@ -287,25 +287,24 @@ int mrl_search_ip_country(MMDB_s mmdb, const char *ip_address, const unsigned in {
if(memcmp(name, entry_data.utf8_string, entry_data.data_size) == 0)
{
- return 0;
+ return MRL_INSIDE_LOCATION;
}
else
{
- return 1;
+ return MRL_OUTSIDE_LOCATION;
}
}
}
- return -1;
+ return MRL_UNDEFINED_LOCATION;
}
-int mrl_is_inside_ip(const char *ip_addr)
+int mrl_is_outside_ip(const char *ip_addr)
{
int location = 0;
location = mrl_search_ip_country(mrl_instance.mrl_mmdb, ip_addr, mrl_instance.mrl_cfg.ip_location_level,mrl_instance.mrl_cfg.ip_location_name);
if(location < 0)
{
- MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_is_inside_ip","cur ip addr %s not exist in mmdb",ip_addr);
- return 0;
+ MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_is_outside_ip","cur ip addr %s not exist in mmdb",ip_addr);
}
return location;
}
|