deal_gprs_tunnel.c中增加对声明包长和剩余包长的校验，不一致的将视作错包，计算在unknown中

7 files changed, 199 insertions, 191 deletions

diff --git a/dealpkt/deal_gprs_tunnel.c b/dealpkt/deal_gprs_tunnel.c
index 99862f4..f3e10ea 100644
--- a/dealpkt/deal_gprs_tunnel.c
+++ b/dealpkt/deal_gprs_tunnel.c
@@ -1,188 +1,197 @@
-#ifdef __cplusplus

-extern "C" {

-#endif

-

-#include "stream_internal.h" 

-#include "stream_manage.h"

-#include "mesa_net.h"

-#include "sysinfo.h"

-#include "MESA_htable.h"

-

-#define GPRS_TUNNEL_PORT (2152)

-

-

-MESA_htable_handle g_gtp_info_hash[MAX_THREAD_NUM];

-

-extern int ipv4_entry(struct streaminfo_private *pfstream, const void *this_layer_data, int thread_num,

-                      unsigned char routedir, const raw_pkt_t *raw_pkt, int);

-

-extern int ipv6_entry(struct streaminfo_private *pfstream, const void *this_layer_data, int thread_num,

-                      unsigned char routedir, const raw_pkt_t *raw_pkt, int);

-

-int gtp_entry(struct streaminfo_private *pfstream_pr,void *this_layer_data,int thread_num, 

-		unsigned char routedir, const raw_pkt_t *raw_pkt, int offset_to_raw_pkt_hdr)

-{

-	/*

-		����gtp��ṹ, �ֱ��¼C2S, S2C����ĵ�ַ, 

-	*/

-    struct streamindex tmp_index;

-    struct streamindex *ptmp=&tmp_index;

-    struct streaminfo_private *pstream_pr = &ptmp->stream;

-    struct streaminfo *pstream = &pstream_pr->stream_public;

-    struct layer_addr_gtp gtpaddr;

-    const struct gtp_hdr *p_gtd_hdr;

-    int ret = PASS;

-    char *next_layer_hdr;

-    int next_layer_offset;

-    unsigned int cur_seq = 0, seq_offset = 0;

-

-

-    /* ֮ǰ�Ѿ�ͨ��Э��ʶ����ʶ���, ������entry()�ﲻ���ٴ��ж� */

-    p_gtd_hdr = (const struct gtp_hdr *)((char *)this_layer_data + sizeof(struct mesa_udp_hdr));

-

-    /* ������T-PDU���͵���������Ϣ�������治��Ϊ��GTP����*/

-    if(p_gtd_hdr->msg_type != GTP_MSG_TYPE_T_PDU)

-    {

-        sapp_runtime_log(10, "GTP layer msg_type not T_PDU, %x !\n", p_gtd_hdr->msg_type);

-        return PASS;

-    }

-    if(p_gtd_hdr->flags != 0x30 && p_gtd_hdr->flags != 0x32)

-    {

-        sapp_runtime_log(20, "GTP layer flag not 0x30, %x !\n", p_gtd_hdr->flags);

-        return PASS;

-    }

-

-    if(p_gtd_hdr->flags == 0x32)

-    {

-        cur_seq = ntohl(*(unsigned int *)(p_gtd_hdr + 1));

-        seq_offset = sizeof(unsigned int);

-    }

-

-    g_SysInputInfo[thread_num][TUNNEL_GTP]++;

-

-    memset(&tmp_index, 0, sizeof(struct streamindex));

-    memset(&gtpaddr, 0, sizeof(struct layer_addr_gtp));

-    /* GTP��ַC2S, S2C�������, �޷�����ǰ����ַ����dir, ÿ��ջ��ı������洢��source����, ��C2S����,  

-       ������ʱ, �����Ҫreverse����, ��source, dest�ߵ�, ����ֱ��memcpy�������addr.

-     */

-    memcpy(&gtpaddr.source, p_gtd_hdr, sizeof(struct gtp_hdr));

-    gtpaddr.src_seq = cur_seq;

-    pstream->curdir = DIR_C2S;

-

-    

-    pstream->addr.paddr = &gtpaddr;

-    pstream->addr.addrtype = ADDR_TYPE_GPRS_TUNNEL;

-    pstream->addr.addrlen = sizeof(struct layer_addr_gtp); /* �˴�ʹ�ýṹ�峤�� */

-

-    pstream_pr->addr_use_as_hash = 0;//��ַ������hash�ȶԣ��������

-    pstream_pr->need_update_opposite_addr = 1;//��Ҫ���¶Բ���Ϣ

-

-    pstream_pr->offset_to_raw_pkt_hdr = (unsigned short)offset_to_raw_pkt_hdr;

-    pstream_pr->raw_pkt = raw_pkt;

-    pstream_pr->layer_dir = pfstream_pr->layer_dir;  

-

-    pstream->pfather=&pfstream_pr->stream_public;

-    pstream->type=STREAM_TYPE_NON;

-    pstream->routedir=routedir;

-    pstream->threadnum=(UCHAR)thread_num;

-

-    next_layer_hdr = (char *)p_gtd_hdr + sizeof(struct gtp_hdr) + seq_offset;

-    next_layer_offset = offset_to_raw_pkt_hdr + sizeof(struct gtp_hdr) + seq_offset;

-

-    if((*next_layer_hdr & 0xF0) == 0x40)

-    {

-        ret = ipv4_entry(pstream_pr,next_layer_hdr,thread_num,routedir,raw_pkt, next_layer_offset);

-    }

-    else if((*next_layer_hdr & 0xF0) == 0x60)

-    {

-        ret = ipv6_entry(pstream_pr,next_layer_hdr,thread_num,routedir,raw_pkt, next_layer_offset);

-    }

-    else

-    {

-        sapp_runtime_log(20, "GTP next layer not IPv4 or IPv6, drop pkt !\n");

-        return PASS;

-    }

-    return ret;

-}

-

-

-static int identify_gtp(const struct streaminfo *pstream,const char *payload, unsigned int payload_len)

-{

-    if (payload_len >= sizeof(struct gtp_hdr))

-    {

-        unsigned int gtp_u = (2152);

-        unsigned int gtp_c = (2123);

-        unsigned int gtp_v0 = (3386);

-

-        unsigned short dest = 0, source = 0;

-

-        if (pstream->addr.addrtype == __ADDR_TYPE_IP_PAIR_V6

-            || pstream->addr.addrtype == ADDR_TYPE_IPV6) {

-            dest = ntohs(pstream->addr.ipv6->dest);

-            source = ntohs(pstream->addr.ipv6->source);

-        } else {

-            dest = ntohs(pstream->addr.ipv4->dest);

-            source = ntohs(pstream->addr.ipv4->source);

-        }

-

-        if ((source == gtp_u) || (dest == gtp_u) || (source == gtp_c)

-            || (dest == gtp_c) || (source == gtp_v0) || (dest == gtp_v0)) {

-            struct gtp_hdr *gtp =

-                    (struct gtp_hdr *) payload;

-            unsigned short gtp_version = (gtp->flags & 0xE0) >> 5;

-

-            if ((gtp_version == 0) || (gtp_version == 1) || (gtp_version == 2)) {

-                unsigned short message_len = ntohs(gtp->len);

-

-                if (message_len == (payload_len - sizeof(struct gtp_hdr))) {

-                    return 1;

-                }

-            }

-        }

-    }

-    return 0;

-}

-

-/*

-	���ò��, 

-	����ʶ��ǰUDP���Ƿ�������.

-	���������, ��streaminfo_private->stream_carry_up_layer_tunnel_type�����ñ��.

-*/

-char udp_gtp_identify_entry(const struct streaminfo *pstream, const void *this_hdr, const void *raw_pkt, void **pme)

-{

-#if 0

-	if(pstream->addr.addrtype == ADDR_TYPE_IPV4)

-	{

-		if(ntohs(pstream->addr.tuple4_v4->dest) == GPRS_TUNNEL_PORT && ntohs(pstream->addr.tuple4_v4->source) == GPRS_TUNNEL_PORT)

-        {

-            struct streaminfo_private *pstream_pr = (struct streaminfo_private *)pstream;

-            pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL;

-        }

-	}

-    else if(pstream->addr.addrtype == ADDR_TYPE_IPV6)

-    {

-        if(ntohs(pstream->addr.tuple4_v6->dest) == GPRS_TUNNEL_PORT && ntohs(pstream->addr.tuple4_v6->source) == GPRS_TUNNEL_PORT)

-        {

-            struct streaminfo_private *pstream_pr = (struct streaminfo_private *)pstream;

-            pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL;

-        }

-    }

-    else

-        ;

-#else

-    struct streaminfo_private *pstream_pr = (struct streaminfo_private *)pstream;

-    if(1 == identify_gtp(pstream, (char *)this_hdr+sizeof(struct mesa_udp_hdr), 

-    					pstream_pr->raw_pkt->raw_pkt_len - ((const char *)this_hdr - (const char*)pstream_pr->raw_pkt->raw_pkt_data) - sizeof(struct mesa_udp_hdr)))

-    {

-        pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL;

-    }

-#endif

-	return APP_STATE_DROPME; /* ÿ����ֻ����һ����, �����Ƿ�GTP����, ���������ٴ����� */

-}

-

-

-#ifdef __cplusplus

-}

-#endif

-

-

+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stream_internal.h" 
+#include "stream_manage.h"
+#include "mesa_net.h"
+#include "sysinfo.h"
+#include "MESA_htable.h"
+
+#define GPRS_TUNNEL_PORT (2152)
+
+
+MESA_htable_handle g_gtp_info_hash[MAX_THREAD_NUM];
+
+extern int ipv4_entry(struct streaminfo_private *pfstream, const void *this_layer_data, int thread_num,
+                      unsigned char routedir, const raw_pkt_t *raw_pkt, int);
+
+extern int ipv6_entry(struct streaminfo_private *pfstream, const void *this_layer_data, int thread_num,
+                      unsigned char routedir, const raw_pkt_t *raw_pkt, int);
+
+int gtp_entry(struct streaminfo_private *pfstream_pr,void *this_layer_data,int thread_num, 
+		unsigned char routedir, const raw_pkt_t *raw_pkt, int offset_to_raw_pkt_hdr)
+{
+	/*
+		����gtp��ṹ, �ֱ��¼C2S, S2C����ĵ�ַ, 
+	*/
+    struct streamindex tmp_index;
+    struct streamindex *ptmp=&tmp_index;
+    struct streaminfo_private *pstream_pr = &ptmp->stream;
+    struct streaminfo *pstream = &pstream_pr->stream_public;
+    struct layer_addr_gtp gtpaddr;
+    const struct gtp_hdr *p_gtd_hdr;
+    int ret = PASS;
+    char *next_layer_hdr;
+    int next_layer_offset;
+    unsigned int cur_seq = 0, seq_offset = 0;
+
+
+    /* ֮ǰ�Ѿ�ͨ��Э��ʶ����ʶ���, ������entry()�ﲻ���ٴ��ж� */
+    p_gtd_hdr = (const struct gtp_hdr *)((char *)this_layer_data + sizeof(struct mesa_udp_hdr));
+
+    /* ������T-PDU���͵���������Ϣ�������治��Ϊ��GTP����*/
+    if(p_gtd_hdr->msg_type != GTP_MSG_TYPE_T_PDU)
+    {
+        sapp_runtime_log(10, "GTP layer msg_type not T_PDU, %x !\n", p_gtd_hdr->msg_type);
+        return PASS;
+    }
+    if(p_gtd_hdr->flags != 0x30 && p_gtd_hdr->flags != 0x32)
+    {
+        sapp_runtime_log(20, "GTP layer flag not 0x30, %x !\n", p_gtd_hdr->flags);
+        return PASS;
+    }
+
+    if(p_gtd_hdr->flags == 0x32)
+    {
+        cur_seq = ntohl(*(unsigned int *)(p_gtd_hdr + 1));
+        seq_offset = sizeof(unsigned int);
+    }
+
+    g_SysInputInfo[thread_num][TUNNEL_GTP]++;
+
+    memset(&tmp_index, 0, sizeof(struct streamindex));
+    memset(&gtpaddr, 0, sizeof(struct layer_addr_gtp));
+    /* GTP��ַC2S, S2C�������, �޷�����ǰ����ַ����dir, ÿ��ջ��ı������洢��source����, ��C2S����,  
+       ������ʱ, �����Ҫreverse����, ��source, dest�ߵ�, ����ֱ��memcpy�������addr.
+     */
+    memcpy(&gtpaddr.source, p_gtd_hdr, sizeof(struct gtp_hdr));
+    gtpaddr.src_seq = cur_seq;
+    pstream->curdir = DIR_C2S;
+
+    
+    pstream->addr.paddr = &gtpaddr;
+    pstream->addr.addrtype = ADDR_TYPE_GPRS_TUNNEL;
+    pstream->addr.addrlen = sizeof(struct layer_addr_gtp); /* �˴�ʹ�ýṹ�峤�� */
+
+    pstream_pr->addr_use_as_hash = 0;//��ַ������hash�ȶԣ��������
+    pstream_pr->need_update_opposite_addr = 1;//��Ҫ���¶Բ���Ϣ
+
+    pstream_pr->offset_to_raw_pkt_hdr = (unsigned short)offset_to_raw_pkt_hdr;
+    pstream_pr->raw_pkt = raw_pkt;
+    pstream_pr->layer_dir = pfstream_pr->layer_dir;  
+
+    pstream->pfather=&pfstream_pr->stream_public;
+    pstream->type=STREAM_TYPE_NON;
+    pstream->routedir=routedir;
+    pstream->threadnum=(UCHAR)thread_num;
+
+    next_layer_hdr = (char *)p_gtd_hdr + sizeof(struct gtp_hdr) + seq_offset;
+    next_layer_offset = offset_to_raw_pkt_hdr + sizeof(struct gtp_hdr) + seq_offset;
+
+    if((*next_layer_hdr & 0xF0) == 0x40)
+    {
+        int left_pkt_len = raw_pkt->raw_pkt_len - next_layer_offset;
+        struct iphdr  *ip4_hdr = (struct iphdr *)next_layer_hdr;
+        if(left_pkt_len < 20 || ntohs(ip4_hdr->tot_len) > left_pkt_len)
+        {
+            g_SysInputInfo[thread_num][PKT_UNKNOWN]++;
+            g_SysInputInfo[thread_num][PKT_UNKNOWN_LEN] += raw_pkt->raw_pkt_len;
+            sapp_runtime_log(20, "illegal left Ipv4 len %d, total len %d!\n", left_pkt_len, ntohs(ip4_hdr->tot_len));
+            return DROP;
+        }
+        ret = ipv4_entry(pstream_pr,next_layer_hdr,thread_num,routedir,raw_pkt, next_layer_offset);
+    }
+    else if((*next_layer_hdr & 0xF0) == 0x60)
+    {
+        ret = ipv6_entry(pstream_pr,next_layer_hdr,thread_num,routedir,raw_pkt, next_layer_offset);
+    }
+    else
+    {
+        sapp_runtime_log(20, "GTP next layer not IPv4 or IPv6, drop pkt !\n");
+        return PASS;
+    }
+    return ret;
+}
+
+
+static int identify_gtp(const struct streaminfo *pstream,const char *payload, unsigned int payload_len)
+{
+    if (payload_len >= sizeof(struct gtp_hdr))
+    {
+        unsigned int gtp_u = (2152);
+        unsigned int gtp_c = (2123);
+        unsigned int gtp_v0 = (3386);
+
+        unsigned short dest = 0, source = 0;
+
+        if (pstream->addr.addrtype == __ADDR_TYPE_IP_PAIR_V6
+            || pstream->addr.addrtype == ADDR_TYPE_IPV6) {
+            dest = ntohs(pstream->addr.ipv6->dest);
+            source = ntohs(pstream->addr.ipv6->source);
+        } else {
+            dest = ntohs(pstream->addr.ipv4->dest);
+            source = ntohs(pstream->addr.ipv4->source);
+        }
+
+        if ((source == gtp_u) || (dest == gtp_u) || (source == gtp_c)
+            || (dest == gtp_c) || (source == gtp_v0) || (dest == gtp_v0)) {
+            struct gtp_hdr *gtp =
+                    (struct gtp_hdr *) payload;
+            unsigned short gtp_version = (gtp->flags & 0xE0) >> 5;
+
+            if ((gtp_version == 0) || (gtp_version == 1) || (gtp_version == 2)) {
+                unsigned short message_len = ntohs(gtp->len);
+
+                if (message_len == (payload_len - sizeof(struct gtp_hdr))) {
+                    return 1;
+                }
+            }
+        }
+    }
+    return 0;
+}
+
+/*
+	���ò��, 
+	����ʶ��ǰUDP���Ƿ�������.
+	���������, ��streaminfo_private->stream_carry_up_layer_tunnel_type�����ñ��.
+*/
+char udp_gtp_identify_entry(const struct streaminfo *pstream, const void *this_hdr, const void *raw_pkt, void **pme)
+{
+#if 0
+	if(pstream->addr.addrtype == ADDR_TYPE_IPV4)
+	{
+		if(ntohs(pstream->addr.tuple4_v4->dest) == GPRS_TUNNEL_PORT && ntohs(pstream->addr.tuple4_v4->source) == GPRS_TUNNEL_PORT)
+        {
+            struct streaminfo_private *pstream_pr = (struct streaminfo_private *)pstream;
+            pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL;
+        }
+	}
+    else if(pstream->addr.addrtype == ADDR_TYPE_IPV6)
+    {
+        if(ntohs(pstream->addr.tuple4_v6->dest) == GPRS_TUNNEL_PORT && ntohs(pstream->addr.tuple4_v6->source) == GPRS_TUNNEL_PORT)
+        {
+            struct streaminfo_private *pstream_pr = (struct streaminfo_private *)pstream;
+            pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL;
+        }
+    }
+    else
+        ;
+#else
+    struct streaminfo_private *pstream_pr = (struct streaminfo_private *)pstream;
+    if(1 == identify_gtp(pstream, (char *)this_hdr+sizeof(struct mesa_udp_hdr), 
+    					pstream_pr->raw_pkt->raw_pkt_len - ((const char *)this_hdr - (const char*)pstream_pr->raw_pkt->raw_pkt_data) - sizeof(struct mesa_udp_hdr)))
+    {
+        pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL;
+    }
+#endif
+	return APP_STATE_DROPME; /* ÿ����ֻ����һ����, �����Ƿ�GTP����, ���������ٴ����� */
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+
diff --git a/dealpkt/deal_mpls.c b/dealpkt/deal_mpls.c
index 910a6d1..16d3914 100644
--- a/dealpkt/deal_mpls.c
+++ b/dealpkt/deal_mpls.c
@@ -101,7 +101,6 @@ int mpls_uc_entry(struct streaminfo_private *pfstream_pr,const void *this_layer_
         {
             int left_pkt_len = raw_pkt->raw_pkt_len - next_layer_offset;
 			if(left_pkt_len < 20 || ntohs(ip4_hdr->tot_len) > left_pkt_len)
-            //if(left_pkt_len < 20)
 			{
                 g_SysInputInfo[thread_num][PKT_UNKNOWN]++;
                 g_SysInputInfo[thread_num][PKT_UNKNOWN_LEN] += raw_pkt->raw_pkt_len;
diff --git a/run/platform_lib/packet_io_marsio.so b/run/platform_lib/packet_io_marsio.so
index c657f0d..e32fef3 100644
--- a/run/platform_lib/packet_io_marsio.so
+++ b/run/platform_lib/packet_io_marsio.so
diff --git a/run/plug/business/g_device_plug/g_device_plug.so b/run/plug/business/g_device_plug/g_device_plug.so
index ff61dfc..01d4b4a 100644
--- a/run/plug/business/g_device_plug/g_device_plug.so
+++ b/run/plug/business/g_device_plug/g_device_plug.so
diff --git a/run/plug/business/test_app/test_app.inf b/run/plug/business/test_app/test_app.inf
index 8f675c0..f5b9087 100644
--- a/run/plug/business/test_app/test_app.inf
+++ b/run/plug/business/test_app/test_app.inf
@@ -38,11 +38,11 @@ FUNC_FLAG=ALL
 #FUNC_NAME=test_inet_addr_list_addr
 #FUNC_NAME=test_layer_addr_ntop
 #FUNC_NAME=KILL_STREAM_FEEDBACK
-FUNC_NAME=KILL_STREAM
+#FUNC_NAME=KILL_STREAM
 #FUNC_NAME=TEST_STREAM
 #FUNC_NAME=KEEP_STREAM
 #FUNC_NAME=test_get_pkt_tcp_opts
-#FUNC_NAME=testtcpApp_2
+FUNC_NAME=testtcpApp_2
 #FUNC_NAME=test_print_mac
 #FUNC_NAME=tcp_data_dump
 #FUNC_NAME=test_get_stream_tcp_opts
diff --git a/run/plug/business/test_app/test_app_sapp.so b/run/plug/business/test_app/test_app_sapp.so
index ea6ec36..39e57b5 100644
--- a/run/plug/business/test_app/test_app_sapp.so
+++ b/run/plug/business/test_app/test_app_sapp.so
diff --git a/run/plug/business/test_app/trace_delay.so b/run/plug/business/test_app/trace_delay.so
index 1280d8f..104b25d 100644
--- a/run/plug/business/test_app/trace_delay.so
+++ b/run/plug/business/test_app/trace_delay.so