#include #include #include #include #include #include "mrl_io.h" #include "mrl_main.h" #include "mrl_redis.h" #include "mrl_stat.h" struct mrl_global_instance mrl_instance; extern struct global_stat_t global_stat; /* extern bool Maat_del_line(Maat_feather_t feather, int rule_id, const char* table_name); void test_Maat_del_nominee_line() { int rule_id =1; Maat_del_line(mrl_instance.mrl_feather, rule_id, IR_NOMINEE_IP_TABLE_NAME); } void test_Maat_set_nominee_line() { const char ip_addr[MRL_STR_IP_LEN]="192.168.11.60"; struct mrl_nominee_item nominee_item; memset(&nominee_item, 0, sizeof(struct mrl_nominee_item)); nominee_item.config_id = 1; nominee_item.addr_pool_id =1; nominee_item.addr_type = 4; memcpy(nominee_item.ip_addr,ip_addr,MRL_STR_IP_LEN); nominee_item.is_valid = 1; memcpy(nominee_item.effective_range,"{}",strlen("{}")); memcpy(nominee_item.op_time,"20181212",strlen("20181212")); struct Maat_line_t line_rule; char table_line[512]; int ret=0; memset(&line_rule,0,sizeof(line_rule)); memset(&table_line,0,sizeof(table_line)); line_rule.label_id=0; line_rule.rule_id=nominee_item.config_id; line_rule.table_name=IR_NOMINEE_IP_TABLE_NAME; snprintf(table_line,sizeof(table_line),"%d\t%d\t%d\t%s\t%d\t%s\t%s", nominee_item.config_id, nominee_item.addr_pool_id,nominee_item.addr_type, nominee_item.ip_addr,nominee_item.is_valid,nominee_item.effective_range, nominee_item.op_time); line_rule.table_line=table_line; line_rule.expire_after=0; ret=Maat_cmd_set_line(mrl_instance.mrl_feather, (const struct Maat_line_t*)&line_rule, MAAT_OP_ADD); if(ret < 0) { MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"test_Maat_set_nominee_line","Maat fail to set the IR_NOMINEE_IP item:" "[config_id:%d,addr_pool_id:%d,addr_type:%d,ip_addr:%s,is_valid:%d,effective_range:%s,op_time:%s], ret is %d", nominee_item.config_id, nominee_item.addr_pool_id,nominee_item.addr_type, nominee_item.ip_addr,nominee_item.is_valid,nominee_item.effective_range, nominee_item.op_time, ret); } else { MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"test_Maat_set_nominee_line","Maat succeed to set the IR_NOMINEE_IP item:" "[config_id:%d,addr_pool_id:%d,addr_type:%d,ip_addr:%s,is_valid:%d,effective_range:%s,op_time:%s]", nominee_item.config_id, nominee_item.addr_pool_id,nominee_item.addr_type, nominee_item.ip_addr,nominee_item.is_valid,nominee_item.effective_range, nominee_item.op_time); } return; } */ void mrl_cfg_init(const char *profile) { int temp_port = 0; /********** load log info **********/ MESA_load_profile_int_def(profile, "LOG_INFO", "log_level", &(mrl_instance.mrl_cfg.mrl_log_level),RLOG_LV_DEBUG); MESA_load_profile_string_def(profile, "LOG_INFO", "log_path", mrl_instance.mrl_cfg.mrl_log_path, MRL_MAX_PATH, "./log/mrl.log"); mrl_instance.mrl_log_handle = MESA_create_runtime_log_handle(mrl_instance.mrl_cfg.mrl_log_path, mrl_instance.mrl_cfg.mrl_log_level); if(mrl_instance.mrl_log_handle == NULL) { assert(0); } MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_cfg_init","load log info is:" "[log_path:%s,log_level:%d]",mrl_instance.mrl_cfg.mrl_log_path,mrl_instance.mrl_cfg.mrl_log_level); /********** load detect info **********/ MESA_load_profile_string_def(profile, "DETECT_INFO", "dest_ip", mrl_instance.mrl_cfg.dest_ip, MRL_STR_IP_LEN, "0.0.0.0"); MESA_load_profile_int_def(profile, "DETECT_INFO", "dest_port",&(temp_port),8888); assert(temp_port > 0 && temp_port <= 65535); mrl_instance.mrl_cfg.dest_port = temp_port; MESA_load_profile_int_def(profile, "DETECT_INFO", "local_port",&(temp_port),8888); assert(temp_port > 0 && temp_port <= 65535); mrl_instance.mrl_cfg.local_port = temp_port; MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_cfg_init","load detect info is:" "[dest_ip:%s,dest_port:%hu,local_port:%hu]", mrl_instance.mrl_cfg.dest_ip,mrl_instance.mrl_cfg.dest_port, mrl_instance.mrl_cfg.local_port); /********** load sock info **********/ MESA_load_profile_string_def(profile, "SOCK_INFO", "mgw_ip", mrl_instance.mrl_cfg.mgw_ip, MRL_STR_IP_LEN, "0.0.0.0"); MESA_load_profile_int_def(profile, "SOCK_INFO", "mgw_port",&(temp_port),8888); assert(temp_port > 0 && temp_port <= 65535); mrl_instance.mrl_cfg.mgw_port = temp_port; char mrl_netcard[MRL_STR_NETCARD_LEN]; memset(mrl_netcard,0,MRL_STR_NETCARD_LEN); MESA_load_profile_string_def(profile, "SOCK_INFO", "mrl_netcard", mrl_netcard, MRL_STR_NETCARD_LEN, "eth0"); uint32_t temp_mrl_ip = mrl_get_ip_by_eth_name(mrl_netcard); if(temp_mrl_ip < 0) { MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_cfg_init","get ip from eth name error,eth name is %s",mrl_netcard); assert(0); } inet_ntop(AF_INET,(void *)&temp_mrl_ip, mrl_instance.mrl_cfg.mrl_ip,MRL_STR_IP_LEN); MESA_load_profile_int_def(profile, "SOCK_INFO", "mrl_port",&(temp_port),8888); assert(temp_port > 0 && temp_port <= 65535); mrl_instance.mrl_cfg.mrl_port = temp_port; MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_cfg_init","load sock info is:" "[mgw_ip:%s,mgw_port:%hu,mrl_ip:%s,mrl_port:%hu]", mrl_instance.mrl_cfg.mgw_ip,mrl_instance.mrl_cfg.mgw_port, mrl_instance.mrl_cfg.mrl_ip,mrl_instance.mrl_cfg.mrl_port); /********** load maat info **********/ MESA_load_profile_string_def(profile, "MAAT_INFO", "Maat_table_path", mrl_instance.mrl_cfg.Maat_table_path, MRL_MAX_PATH, "./conf/table_info.conf"); MESA_load_profile_uint_def(profile, "MAAT_INFO", "Maat_max_threads", &(mrl_instance.mrl_cfg.Maat_max_threads), 1); MESA_load_profile_string_def(profile, "MAAT_INFO", "Maat_stat_path", mrl_instance.mrl_cfg.Maat_stat_path,MRL_MAX_PATH, "./log/Maat_stat.log"); MESA_load_profile_string_def(profile, "MAAT_INFO", "static_redis_ip", mrl_instance.mrl_cfg.static_redis_ip, MRL_STR_IP_LEN, "127.0.0.1"); MESA_load_profile_int_def(profile, "MAAT_INFO", "static_redis_port", &(temp_port), 6379); assert(temp_port > 0 && temp_port <= 65535); mrl_instance.mrl_cfg.static_redis_port = temp_port; MESA_load_profile_int_def(profile, "MAAT_INFO", "static_redis_index", &(mrl_instance.mrl_cfg.static_redis_index), 1); MESA_load_profile_string_def(profile, "MAAT_INFO", "dynamic_redis_ip", mrl_instance.mrl_cfg.dynamic_redis_ip, MRL_STR_IP_LEN, "127.0.0.1"); MESA_load_profile_int_def(profile, "MAAT_INFO", "dynamic_redis_port", &(temp_port), 6379); assert(temp_port > 0 && temp_port <= 65535); mrl_instance.mrl_cfg.dynamic_redis_port = temp_port; MESA_load_profile_int_def(profile, "MAAT_INFO", "dynamic_redis_index", &(mrl_instance.mrl_cfg.dynamic_redis_index), 1); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_cfg_init","load maat info is:" "[Maat_table_path:%s,Maat_max_threads:%d,Maat_stat_path:%s\n" "static_redis_ip:%s,static_redis_port:%hu,static_redis_index:%d\n" "dynamic_redis_ip:%s,dynamic_redis_port:%hu,dynamic_redis_index:%d\n", mrl_instance.mrl_cfg.Maat_table_path,mrl_instance.mrl_cfg.Maat_max_threads,mrl_instance.mrl_cfg.Maat_stat_path, mrl_instance.mrl_cfg.static_redis_ip,mrl_instance.mrl_cfg.static_redis_port,mrl_instance.mrl_cfg.static_redis_index, mrl_instance.mrl_cfg.dynamic_redis_ip,mrl_instance.mrl_cfg.dynamic_redis_port,mrl_instance.mrl_cfg.dynamic_redis_index); /********** load htable info *********/ MESA_load_profile_uint_def(profile, "HTABLE_INFO", "ht_slot_size", &(mrl_instance.mrl_cfg.ht_slot_size), 1048576); MESA_load_profile_uint_def(profile, "HTABLE_INFO", "ht_max_element_num", &(mrl_instance.mrl_cfg.ht_max_element_num), 0); MESA_load_profile_uint_def(profile, "HTABLE_INFO", "ht_mutex_num", &(mrl_instance.mrl_cfg.ht_mutex_num), 1); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_cfg_init","load htable info is:" "[ht_slot_size:%d,ht_max_element_num:%d,ht_mutex_num:%d]", mrl_instance.mrl_cfg.ht_slot_size,mrl_instance.mrl_cfg.ht_max_element_num, mrl_instance.mrl_cfg.ht_mutex_num); /********** load candidate info **********/ MESA_load_profile_string_def(profile, "CANDIDATE_INFO", "ip_location", mrl_instance.mrl_cfg.ip_location, MRL_LOCATION_LEN, "China"); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_cfg_init","load candidate info is:" "[ip_location:%s]",mrl_instance.mrl_cfg.ip_location); /********** load link identity info **********/ MESA_load_profile_string_def(profile, "LINK_INFO", "link_identity_path", mrl_instance.mrl_cfg.link_identity_path, MRL_MAX_PATH, "./conf/link_dentity.json"); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_cfg_init","load link_identity_path info is:" "[link_identity_path:%s]",mrl_instance.mrl_cfg.link_identity_path); } extern "C" int mrl_init(void) { int ret = 0; mrl_instance.stop_flag = 0; mrl_stat_init(); mrl_cfg_init("./mrl_conf/mrl.conf"); mrl_socket_init(); mrl_mmdb_init("./mrl_conf/all_ip_only_coun_v4.mmdb"); mrl_instance.ht_link_identity = mrl_htable_init((void *)ht_link_identity_free_cb); mrl_instance.ht_nominee = mrl_htable_init((void *)ht_nominee_free_cb); mrl_instance.ht_snat_candidate = mrl_htable_init((void *)ht_snat_candidate_free_cb); mrl_instance.ht_dnat_policy = mrl_htable_init((void *)ht_dnat_policy_free_cb); mrl_instance.ht_dnat_candidate = mrl_htable_init((void *)ht_dnat_candidate_free_cb); mrl_instance.ht_vxlan_info = mrl_htable_init((void *)ht_vxlan_info_free_cb); mrl_instance.ht_mrl_ip_info= mrl_htable_init((void *)ht_mrl_ip_info_free_cb); //创建单独线程接收并处理mwg发送的数据包 pthread_t recv_pid, detect_pid, stat_pid; ret = pthread_create(&recv_pid,NULL,mrl_recv_from_mgw,NULL); if( ret < 0) { MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_init","recv pthread create error,error is %d",ret); assert(0); } pthread_detach(recv_pid); ret = pthread_create(&detect_pid,NULL,mrl_detect_action,NULL); if( ret < 0) { MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_init","detect pthread create error,error is %d",ret); assert(0); } pthread_detach(detect_pid); ret = pthread_create(&stat_pid,NULL,mrl_stat_action,NULL); if( ret < 0) { MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_FATAL,"mrl_init","stat pthread create error,error is %d",ret); assert(0); } pthread_detach(stat_pid); mrl_instance.static_feather = Maat_static_feather_init(mrl_instance.mrl_cfg.static_redis_ip,mrl_instance.mrl_cfg.static_redis_port,mrl_instance.mrl_cfg.static_redis_index); Maat_plugin_table(mrl_instance.static_feather,IR_DNAT_POLICY_TABLE_NAME,dnat_policy_start_cb,dnat_policy_update_cb,dnat_policy_finish_cb,NULL); mrl_instance.dynamic_feather = Maat_dynamic_feather_init(mrl_instance.mrl_cfg.dynamic_redis_ip,mrl_instance.mrl_cfg.dynamic_redis_port, mrl_instance.mrl_cfg.dynamic_redis_index); Maat_plugin_table(mrl_instance.dynamic_feather,IR_NOMINEE_IP_TABLE_NAME,snat_nominee_start_cb,snat_nominee_update_cb,snat_nominee_finish_cb,NULL); Maat_plugin_table(mrl_instance.dynamic_feather,IR_CANDIDATE_IP_TABLE_NAME,snat_candidate_start_cb,snat_candidate_update_cb,snat_candidate_finish_cb,NULL); Maat_plugin_table(mrl_instance.dynamic_feather,IR_VXLAN_INFO_TABLE_NAME,vxlan_info_start_cb,vxlan_info_update_cb,vxlan_info_finish_cb,NULL); Maat_plugin_table(mrl_instance.dynamic_feather,IR_MRL_IP_INFO_TABLE_NAME,mrl_ip_info_start_cb,mrl_ip_info_update_cb,mrl_ip_info_finish_cb,NULL); Maat_plugin_table(mrl_instance.dynamic_feather,IR_DNAT_CANDIDATE_IP_TABLE_NAME,dnat_candidate_start_cb,dnat_candidate_update_cb,dnat_candidate_finish_cb,NULL); //test_Maat_set_nominee_line(); //test_Maat_del_nominee_line(); return 1; } extern "C" void mrl_destroy(void) { MESA_htable_destroy(mrl_instance.ht_link_identity,ht_link_identity_free_cb); MESA_htable_destroy(mrl_instance.ht_nominee,ht_nominee_free_cb); MESA_htable_destroy(mrl_instance.ht_snat_candidate,ht_snat_candidate_free_cb); MESA_htable_destroy(mrl_instance.ht_dnat_policy,ht_dnat_policy_free_cb); MESA_htable_destroy(mrl_instance.ht_dnat_candidate,ht_dnat_candidate_free_cb); MESA_htable_destroy(mrl_instance.ht_vxlan_info,ht_vxlan_info_free_cb); MESA_htable_destroy(mrl_instance.ht_mrl_ip_info,ht_mrl_ip_info_free_cb); Maat_burn_feather(mrl_instance.static_feather); Maat_burn_feather(mrl_instance.dynamic_feather); mrl_socket_close(); mrl_instance.stop_flag = 1; MESA_destroy_runtime_log_handle(mrl_instance.mrl_log_handle); } extern "C" char mrl_tcpall_entry(struct streaminfo *a_tcp,void **pme, int thread_seq, void *raw_packet) { int send_len = 0; char ret = APP_STATE_GIVEME| APP_STATE_FAWPKT; struct mrl_tuple five_tuple; memset(&five_tuple,0,sizeof(struct mrl_tuple)); if(raw_packet != NULL) { mrl_get_pkt_tuple((const char* )raw_packet,&five_tuple); } switch(a_tcp->pktstate){ case OP_STATE_PENDING: if(mrl_dnat_pkt_identify(a_tcp,&five_tuple)) { global_stat.recv_ir_tcp_pkts ++; send_len =mrl_send_to_mgw(raw_packet, thread_seq); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_tcpall_entry","send %d Bytes dnat pkt[sip:%s,sport:%hu,dip:%s,dport:%hu]to mgw.", send_len,five_tuple.sip,five_tuple.sport,five_tuple.dip,five_tuple.dport); ret = APP_STATE_GIVEME|APP_STATE_DROPPKT; } else { if(mrl_snat_pkt_identify(a_tcp,&five_tuple)) { global_stat.recv_ir_tcp_pkts ++; send_len=mrl_send_to_mgw(raw_packet, thread_seq); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_tcpall_entry","send %d Bytes snat pkt[sip:%s,sport:%hu,dip:%s,dport:%hu]to mgw.", send_len,five_tuple.sip,five_tuple.sport,five_tuple.dip,five_tuple.dport); ret = APP_STATE_GIVEME|APP_STATE_DROPPKT; } else { ret = APP_STATE_DROPME|APP_STATE_FAWPKT;//如果当前IP是推荐表中的IP,那么后续数据包不用给我,并且回流转发 } } break; case OP_STATE_DATA: global_stat.recv_ir_tcp_pkts ++; send_len=mrl_send_to_mgw(raw_packet, thread_seq); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_tcpall_entry","send %d Bytes pkt[sip:%s,sport:%hu,dip:%s,dport:%hu]to mgw.", send_len,five_tuple.sip,five_tuple.sport,five_tuple.dip,five_tuple.dport); ret = APP_STATE_GIVEME|APP_STATE_DROPPKT; break; case OP_STATE_CLOSE: if(raw_packet != NULL) { global_stat.recv_ir_tcp_pkts ++; send_len=mrl_send_to_mgw(raw_packet, thread_seq); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_tcpall_entry","send %d Bytes pkt[sip:%s,sport:%hu,dip:%s,dport:%hu]to mgw.", send_len,five_tuple.sip,five_tuple.sport,five_tuple.dip,five_tuple.dport); } ret = APP_STATE_DROPME|APP_STATE_DROPPKT; break; default: ret = APP_STATE_DROPME | APP_STATE_FAWPKT; break; } return ret; } extern "C" char mrl_udp_entry(struct streaminfo *a_udp, void **pme, int thread_seq, void *raw_packet) { int send_len = 0; char ret = APP_STATE_GIVEME| APP_STATE_FAWPKT; struct mrl_tuple tuple; memset(&tuple,0,sizeof(struct mrl_tuple)); if(raw_packet != NULL) { mrl_get_pkt_tuple((const char* )raw_packet,&tuple); char sip[MRL_STR_IP_LEN]; memset(sip,0,MRL_STR_IP_LEN); char dip[MRL_STR_IP_LEN]; memset(dip,0,MRL_STR_IP_LEN); uint16_t sport = 0; uint16_t dport = 0; inet_ntop(AF_INET,(void *)&(a_udp->addr.tuple4_v4->saddr),sip,MRL_STR_IP_LEN); inet_ntop(AF_INET,(void *)&(a_udp->addr.tuple4_v4->daddr),dip,MRL_STR_IP_LEN); sport = ntohs(a_udp->addr.tuple4_v4->source); dport = ntohs(a_udp->addr.tuple4_v4->dest); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_udp_entry","cur udp pkt streaminfo:[sip:%s,sport:%hu,dip:%s,dport:%hu]", sip,sport,dip,dport); } switch(a_udp->pktstate){ case OP_STATE_PENDING: if(mrl_identify_detect_pkt(a_udp,(const char*)raw_packet,&tuple)) { global_stat.recv_detect_pkts ++; ret =APP_STATE_DROPME|APP_STATE_DROPPKT; } else { if(mrl_dnat_pkt_identify(a_udp,&tuple)) { global_stat.recv_ir_udp_pkts ++; send_len=mrl_send_to_mgw(raw_packet, thread_seq); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_udp_entry","send %d Bytes pkt[sip:%s,sport:%hu,dip:%s,dport:%hu]to mgw.", send_len,tuple.sip,tuple.sport,tuple.dip,tuple.dport); ret = APP_STATE_GIVEME|APP_STATE_DROPPKT; } else { if(mrl_snat_pkt_identify(a_udp,&tuple)) { global_stat.recv_ir_udp_pkts ++; send_len=mrl_send_to_mgw(raw_packet, thread_seq); ret = APP_STATE_GIVEME|APP_STATE_DROPPKT; } else { ret =APP_STATE_DROPME|APP_STATE_FAWPKT; } } } break; case OP_STATE_DATA: global_stat.recv_ir_udp_pkts ++; send_len=mrl_send_to_mgw(raw_packet, thread_seq); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_udp_entry","send %d Bytes pkt[sip:%s,sport:%hu,dip:%s,dport:%hu]to mgw.", send_len,tuple.sip,tuple.sport,tuple.dip,tuple.dport); ret = APP_STATE_GIVEME|APP_STATE_DROPPKT; break; case OP_STATE_CLOSE: if(raw_packet != NULL) { global_stat.recv_ir_udp_pkts ++; send_len=mrl_send_to_mgw(raw_packet, thread_seq); MESA_handle_runtime_log(mrl_instance.mrl_log_handle, RLOG_LV_DEBUG,"mrl_udp_entry","send %d Bytes pkt[sip:%s,sport:%hu,dip:%s,dport:%hu]to mgw.", send_len,tuple.sip,tuple.sport,tuple.dip,tuple.dport); } ret = APP_STATE_DROPME|APP_STATE_DROPPKT; break; default: ret = APP_STATE_DROPME | APP_STATE_FAWPKT; break; } return ret; }