diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/dealpkt/deal_ipv4.c | 132 | ||||
| -rw-r--r-- | src/dealpkt/deal_ipv6.c | 6 | ||||
| -rw-r--r-- | src/dealpkt/deal_tcp.c | 763 | ||||
| -rw-r--r-- | src/dealpkt/deal_udp.c | 34 | ||||
| -rw-r--r-- | src/dealpkt/stream_manage.c | 23 |
5 files changed, 536 insertions, 422 deletions
diff --git a/src/dealpkt/deal_ipv4.c b/src/dealpkt/deal_ipv4.c index f42613c..720ec37 100644 --- a/src/dealpkt/deal_ipv4.c +++ b/src/dealpkt/deal_ipv4.c @@ -5,8 +5,8 @@ update log:
2012-06-28, by LiJia<[email protected]>
- ʹ��IP��Ƭ������������汾��ز��ֶ�������, ����ʹ��thread_node�ṹ��
- �������̼��ܹ�δ�仯.
+ ʹ��IP��Ƭ������������汾��ز��ֶ�������, ����ʹ��thread_node�ṹ��
+ �������̼��ܹ�δ�仯.
*/
@@ -29,7 +29,7 @@ extern "C" {
#endif
-static struct frag_manage *g_ipv4_frag_manage;
+struct frag_manage *g_ipv4_frag_manage;
static unsigned int FRAG_IP4_RANDOM;
extern int g_overlay_layer_set[__ADDR_TYPE_MAX][SAPP_SUPPORT_LAYER_NUM_MAX];
extern int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_iphdr,
@@ -54,8 +54,8 @@ static void ipv4_frag_key_free(uchar *key, uint key_size); #endif
#if IPV4_DEBUG
/* 2012-04-10 LiJia add,
- ��ICMPͷ��������ڸ��ӣ�
- ��ICMPЭ��ͷ���������������ECHO_REQUEST��ECHO_REPLAY.
+ ��ICMPͷ��������ڸ��ӣ�
+ ��ICMPЭ��ͷ���������������ECHO_REQUEST��ECHO_REPLAY.
*/
void test_print_icmp(const struct mesa_ip4_hdr *a_packet)
{
@@ -80,12 +80,12 @@ static inline int ipv4_buff_size(int tot_len) #if (0 == USE_MESA_STREAM_HASH )
/*
return value:
- 0: keyֵ��ͬ
- ����:keyֵ��ͬ
+ 0: keyֵ��ͬ
+ ����:keyֵ��ͬ
*/
static int ipv4_frag_hash_cmp(void *hash_key1, void *hash_key2)
{
-#if 0 /* ipv4_frag_key�ṹ����pad�ֶ�, �辫ȷ�Ƚ�ÿ������ */
+#if 0 /* ipv4_frag_key�ṹ����pad�ֶ�, �辫ȷ�Ƚ�ÿ������ */
return memcmp(hash_key1, hash_key2, sizeof(struct ipv4_frag_key));
#else
const struct ipv4_frag_key *ipv4_fkey1 = (const struct ipv4_frag_key *)hash_key1;
@@ -129,7 +129,7 @@ static unsigned int ipv4_frag_hash_index(void *hash_key) static int ipv4_attack_detect(struct frag_ipq *ipv4_qp)
{
- /* ����Ѿ������й�����Ϊ */
+ /* ����Ѿ������й�����Ϊ */
if(ipv4_qp->attack_flag != 0)
{
return ipv4_qp->attack_flag;
@@ -141,13 +141,13 @@ static int ipv4_attack_detect(struct frag_ipq *ipv4_qp) return IP_FRAG_IGNORE;
}
- // to do: ��������������
+ // to do: ��������������
return IP_FRAG_OK;
}
#if (0 == USE_MESA_STREAM_HASH)
-/* ���ݳ�ʱ���������ڴ� */
+/* ���ݳ�ʱ���������ڴ� */
static void ipv4_frag_mem_clean_by_time(struct frag_manage *handle)
{
struct frag_ipq *tmp, *next;
@@ -160,7 +160,7 @@ static void ipv4_frag_mem_clean_by_time(struct frag_manage *handle) frag_ipq_kill(handle, tmp);
- /* ÿ��ֻ�ͷ�һ���������ڴ棬���ⳤʱ���ڴ˺������У���������������� */
+ /* ÿ��ֻ�ͷ�һ���������ڴ棬���ⳤʱ���ڴ˺������У���������������� */
if(raw_mem_size-handle->total_mem >= IPV4_FRAG_MEM_FREE_ONCE)
{
break;
@@ -171,7 +171,7 @@ static void ipv4_frag_mem_clean_by_time(struct frag_manage *handle) }
-/* ����ռ���ڴ����������ڴ� */
+/* ����ռ���ڴ����������ڴ� */
static void ipv4_frag_mem_clean_by_size(struct frag_manage *handle)
{
struct frag_ipq *tmp, *next;
@@ -184,7 +184,7 @@ static void ipv4_frag_mem_clean_by_size(struct frag_manage *handle) frag_ipq_kill(handle, tmp);
- /* ÿ��ֻ�ͷ�һ���������ڴ棬���ⳤʱ���ڴ˺������У���������������� */
+ /* ÿ��ֻ�ͷ�һ���������ڴ棬���ⳤʱ���ڴ˺������У���������������� */
if(raw_mem_size-handle->total_mem >= IPV4_FRAG_MEM_FREE_ONCE)
{
break;
@@ -195,7 +195,7 @@ static void ipv4_frag_mem_clean_by_size(struct frag_manage *handle) }
-/* �����ڴ棬��ʱ���ռ���ڴ����� */
+/* �����ڴ棬��ʱ���ռ���ڴ����� */
static inline void ipv4_frag_mem_clean(struct frag_manage *handle)
{
ipv4_frag_mem_clean_by_time(handle);
@@ -221,10 +221,10 @@ static struct frag_ipq *ipv4_frag_queue_find(struct streaminfo *pstream, #endif
-/* IP��Ƭ���麯�����
+/* IP��Ƭ���麯�����
return value:
- NULL: ��Ƭ������δ��ɣ����Ǵ���ķ�Ƭ��;
- ��NULL: ������ɺ������IP��ͷ��ָ�룬ʹ�������Ҫfree().
+ NULL: ��Ƭ������δ��ɣ����Ǵ���ķ�Ƭ��;
+ ��NULL: ������ɺ������IP��ͷ��ָ�룬ʹ�������Ҫfree().
*/
static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_private *pfstream_pr,
const struct mesa_ip4_hdr *a_packet, int thread_num,const raw_pkt_t *raw_pkt)
@@ -249,10 +249,10 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva #endif
-#if (USE_MESA_STREAM_HASH==0) /* ����MESA_htable�Զ���ʱ��̭ */
+#if (USE_MESA_STREAM_HASH==0) /* ����MESA_htable�Զ���ʱ��̭ */
ipv4_frag_mem_clean(ip4_frag_handle);
#else
- /* ʹ��MESA_htable��, �Զ�����ʱ��̭ */
+ /* ʹ��MESA_htable��, �Զ�����ʱ��̭ */
#endif
@@ -270,7 +270,7 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva IPV4_PRINT("##### ipv4_qp: %p\n", ipv4_qp);
- /* ������� */
+ /* ������� */
attack_flag = ipv4_attack_detect(ipv4_qp);
switch(attack_flag)
{
@@ -301,6 +301,7 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva #endif
ipv4_qp->frags_num++;
+ ipv4_qp->frags_len+=raw_pkt->raw_pkt_len;
offset = ntohs(a_packet->ip_off);
flags = offset & ~IPv4_FRAG_OFFSET;
@@ -310,7 +311,7 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva ip_hl = a_packet->ip_hl * 4;
end = offset + ntohs(a_packet->ip_len) - ip_hl;
- if(NULL == ipv4_qp->private_info) /* �յ��ĵ�һ����Ƭ�� */
+ if(NULL == ipv4_qp->private_info) /* �յ��ĵ�һ����Ƭ�� */
{
IPV4_PRINT("##### ipv4 frag first pkt!\n");
ipv4_qp->private_info = frag_malloc(ip4_frag_handle, sizeof(struct ipv4_frag_private));
@@ -335,7 +336,7 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva return NULL;
}
- /* �����ж� */
+ /* �����ж� */
if((flags & IPv4_FRAG_MF) == 0)
{
/* If we already have some bits beyond end
@@ -352,7 +353,7 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva }
else
{
- if(end & 7) /* ��8�������� */
+ if(end & 7) /* ��8�������� */
{
goto err;
}
@@ -369,11 +370,11 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva {
ipv4_qp->last_in |= IP_FRAG_FIRST_IN;
IPV4_PRINT("### ipv4 frag first flag!\n");
- if(ip_hl > private_info->raw_ip_hdr_len){ /* ʵ��ͷ�����ȳ���Ԥ��ͷ������ */
- if (end + ip_hl > ipv4_qp->buf_size){ /* �Ƿ���Ҫ���仺��ռ� */
+ if(ip_hl > private_info->raw_ip_hdr_len){ /* ʵ��ͷ�����ȳ���Ԥ��ͷ������ */
+ if (end + ip_hl > ipv4_qp->buf_size){ /* �Ƿ���Ҫ���仺��ռ� */
new_buf_size = ipv4_buff_size(end + ip_hl);
new_ip4h = (struct mesa_ip4_hdr *)frag_malloc(ip4_frag_handle, new_buf_size);
- if(ipv4_qp->meat > 0){ /* meat>0, ֮ǰ�Ѿ��洢������, ͨ�������Ƿ�Ƭ����, �����յ������ķ�Ƭ�� */
+ if(ipv4_qp->meat > 0){ /* meat>0, ֮ǰ�Ѿ��洢������, ͨ�������Ƿ�Ƭ����, �����յ������ķ�Ƭ�� */
memcpy((char *)new_ip4h + ip_hl, (char *)ipv4_qp->new_iph + private_info->raw_ip_hdr_len, ipv4_qp->buf_size);
}
frag_free(ip4_frag_handle, ipv4_qp->new_iph, ipv4_qp->buf_size);
@@ -381,8 +382,8 @@ static /*@null@*/ struct mesa_ip4_hdr *process_ipv4_frag(struct streaminfo_priva ipv4_qp->buf_size = new_buf_size;
}
}
- private_info->raw_ip_hdr_len = ip_hl; /* ���µ�һ������ʵ��ͷ������ */
- memcpy(ipv4_qp->new_iph, a_packet, ip_hl); /* ������һ��IP��Ƭ��ͷ�� */
+ private_info->raw_ip_hdr_len = ip_hl; /* ���µ�һ������ʵ��ͷ������ */
+ memcpy(ipv4_qp->new_iph, a_packet, ip_hl); /* ������һ��IP��Ƭ��ͷ�� */
}
}
if(end <= offset)
@@ -551,10 +552,13 @@ found: ipv4_qp->ipfrag_list = NULL;
#endif
- /* Warning, ����frag_reassemble()��ipv4_qp����free��
- ���ԣ�Ҫ�Ƚ��������õ���Ϣ��ȡ����������ԭʼIP������.
- */
+ /* Warning, ����frag_reassemble()��ipv4_qp����free��
+ ���ԣ�Ҫ�Ƚ��������õ���Ϣ��ȡ����������ԭʼIP������.
+ */
raw_ip_len = ntohs(ipv4_qp->meat + private_info->raw_ip_hdr_len);
+ //set scratch before frag_reassemble, cause frag_reassemble will free ipq
+ ip4_frag_handle->scratch_frag_cnt=ipv4_qp->frags_num;
+ ip4_frag_handle->scratch_frag_len=ipv4_qp->frags_len;
#if USE_MESA_STREAM_HASH
new_ip4h = (struct mesa_ip4_hdr*)frag_reassemble_v4(ip4_frag_handle, ipv4_qp, &ip4_frag_key);
#else
@@ -584,20 +588,20 @@ static inline void set_ipv4_addr(struct stream_tuple4_v4 *addr, struct mesa_ip4_ {
addr->saddr = iphdr->ip_src.s_addr;
addr->daddr = iphdr->ip_dst.s_addr;
- addr->source = 0; /* �˿���Ϣ��tcp/udp������ */
- addr->dest = 0;/* �˿���Ϣ��tcp/udp������ */
+ addr->source = 0; /* �˿���Ϣ��tcp/udp������ */
+ addr->dest = 0;/* �˿���Ϣ��tcp/udp������ */
}
extern int sapp_is_overlay_layer(const struct streaminfo_private *stream_pr, const raw_pkt_t *rawpkt);
extern int stream_process_overlay_ipv4(struct streaminfo *pfstream, const struct ip* this_layer_hdr,
int thread_num,unsigned char routedir, const raw_pkt_t *raw_pkt);
-/* IPv4���ݰ���ں���, ������Ƭ�� */
+/* IPv4���ݰ���ں���, ������Ƭ�� */
int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_data, int thread_num,
unsigned char routedir, const raw_pkt_t *raw_pkt, int offset_to_raw_pkt_hdr)
{
const struct mesa_ip4_hdr *a_packet = (const struct mesa_ip4_hdr *)this_layer_data;
- struct mesa_ip4_hdr *new_iph = NULL; /* ���ԭʼ������Ƭ����ָ��ָ��������ɺ����IP�� */
+ struct mesa_ip4_hdr *new_iph = NULL; /* ���ԭʼ������Ƭ����ָ��ָ��������ɺ����IP�� */
unsigned short offset, flags;
int ret = PASS;
char need_free = 0;
@@ -608,7 +612,7 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da struct streaminfo_private *pstream_pr;
struct streaminfo *pstream;
sapp_gval_mthread_sys_stat_t *local_sys_stat = &sapp_global_val->mthread_volatile[thread_num]->sys_stat;
- /* ע��, �˴���ȡ��ǰ�㳤����ipͷ���ֶμ���ó�, ������this_layer_data- raw_pkt->raw_pkt_data, ��ΪijЩ����64�ֽڵ�С���������triler, ���������㲻һ�� */
+ /* ע��, �˴���ȡ��ǰ�㳤����ipͷ���ֶμ���ó�, ������this_layer_data- raw_pkt->raw_pkt_data, ��ΪijЩ����64�ֽڵ�С���������triler, ���������㲻һ�� */
int this_layer_len = ntohs(a_packet->ip_len);
int this_layer_is_overlay = 0;
@@ -620,9 +624,9 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da }
- /* NOTE, ע��, �м�:
- ��������������Ī�������IPv4��, ͷ���ֶβ��Ϸ�,
- �����ƽ̨coredump, ��������ѭ��, һ��Ҫ��ͷ���Ϸ��Լ��!!
+ /* NOTE, ע��, �м�:
+ ��������������Ī�������IPv4��, ͷ���ֶβ��Ϸ�,
+ �����ƽ̨coredump, ��������ѭ��, һ��Ҫ��ͷ���Ϸ��Լ��!!
*/
if(unlikely(checkipv4pkt(a_packet, raw_pkt) < 0)){
local_sys_stat->count[SAPP_STAT_DROP_IPV4]++;
@@ -647,9 +651,9 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da }
set_ipv4_addr(&addr, (struct mesa_ip4_hdr *)a_packet);
pstream->addr.paddr = &addr;
- /* ��IP��������Ϊ__ADDR_TYPE_IP_PAIR_V4, ����ϲ���TCP/UDP, ����������ΪADDR_TYPE_IPV4, �����Ipv6_over_ipv4����, ������IP���ַ���� */
+ /* ��IP��������Ϊ__ADDR_TYPE_IP_PAIR_V4, ����ϲ���TCP/UDP, ����������ΪADDR_TYPE_IPV4, �����Ipv6_over_ipv4����, ������IP���ַ���� */
pstream->addr.addrtype = __ADDR_TYPE_IP_PAIR_V4;
- pstream->addr.addrlen = sizeof(struct stream_tuple4_v4); /* ��ַ���ȹ̶�ʹ����Ԫ���ʽ��, ���������, ���˷������˿�,4�ֽڿռ� */
+ pstream->addr.addrlen = sizeof(struct stream_tuple4_v4); /* ��ַ���ȹ̶�ʹ����Ԫ���ʽ��, ���������, ���˷������˿�,4�ֽڿռ� */
pstream->addr.pkttype = PKT_TYPE_NORMAL;
pstream->addr.pktipfragtype = PKT_TYPE_NORMAL; /* 2014-12-25 lijia add */
this_layer_is_overlay = sapp_is_overlay_layer(pstream_pr, raw_pkt);
@@ -660,7 +664,7 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da pstream_pr->addr_use_as_hash = 1;
}
- /* 2012-11-01 add, ��inlineģʽ�£����overlay�㲻�����鲥��ַ */
+ /* 2012-11-01 add, ��inlineģʽ�£����overlay�㲻�����鲥��ַ */
if((g_topology_mode & __NET_CONN_GDEV) && (this_layer_is_overlay != 0)){
if(is_multicast_addr_v4(ntohl(a_packet->ip_dst.s_addr))){
local_sys_stat->count[SAPP_STAT_DROP_IPV4]++;
@@ -674,8 +678,8 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da pstream_pr->offset_to_raw_pkt_hdr = offset_to_raw_pkt_hdr;
pstream_pr->raw_pkt = raw_pkt; /* 2014-12-30 lijia add */
- /* LiJia add, ��Ϊ��ij���㷨���ⶨ��һ�������ַ�ķ���, �����ж�memcmp�Ľ�� */
-// if(memcmp(&(a_packet->ip_src.s_addr), &(a_packet->ip_dst.s_addr), sizeof(int)) >= 0){ /* ֱ���ж�, ���ٵ���memcmp���� */
+ /* LiJia add, ��Ϊ��ij���㷨���ⶨ��һ�������ַ�ķ���, �����ж�memcmp�Ľ�� */
+// if(memcmp(&(a_packet->ip_src.s_addr), &(a_packet->ip_dst.s_addr), sizeof(int)) >= 0){ /* ֱ���ж�, ���ٵ���memcmp���� */
if(a_packet->ip_src.s_addr >= a_packet->ip_dst.s_addr){
pstream_pr->layer_dir = 1;
pstream->curdir = DIR_C2S;
@@ -685,7 +689,7 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da }
if((pfstream_pr != NULL)
- && (g_overlay_layer_set[pfstream_pr->stream_public.addr.addrtype][pfstream_pr->layer_index] != 0)){ /* 2021-01-11 lijia add, overlay���pfather��ΪNULL, ������ɼ� */
+ && (g_overlay_layer_set[pfstream_pr->stream_public.addr.addrtype][pfstream_pr->layer_index] != 0)){ /* 2021-01-11 lijia add, overlay���pfather��ΪNULL, ������ɼ� */
pstream->pfather = NULL;
}else{
pstream->pfather=pfstream;
@@ -695,14 +699,14 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da pstream->routedir=routedir;
pstream->threadnum=thread_num;
- /* 2020-12-23 lijia add, ��mrtunnatģʽ, �����overlay��, ��������ͨ��� */
+ /* 2020-12-23 lijia add, ��mrtunnatģʽ, �����overlay��, ��������ͨ��� */
if(this_layer_is_overlay != 0){
ret = stream_process_overlay_ipv4(pstream, (const struct ip *)this_layer_data, thread_num, routedir, raw_pkt);
if(DROP == ret){
return DROP;
}
int next_layer_offest = offset_to_raw_pkt_hdr + (a_packet->ip_hl << 2);
- /* �����VXLANģʽ��overlay��, ����ip��Ƭ��ԭ,ֱ����ת��udp_entry */
+ /* �����VXLANģʽ��overlay��, ����ip��Ƭ��ԭ,ֱ����ת��udp_entry */
ret=dealipv4udppkt(ptmp,a_packet,thread_num,routedir,raw_pkt, next_layer_offest);
return ret;
}
@@ -722,7 +726,7 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da }
pstream->addr.pktipfragtype = PKT_TYPE_IP_FRAG;
#if USE_MESA_STREAM_HASH
- /* ��������Ƕ��ģʽ, ʹ�ñ������ṹ, ����father->stream */
+ /* ��������Ƕ��ģʽ, ʹ�ñ������ṹ, ����father->stream */
new_iph = (struct mesa_ip4_hdr *)process_ipv4_frag(&ptmp->stream, a_packet, thread_num, raw_pkt);
#else
new_iph = (struct mesa_ip4_hdr *)process_ipv4_frag(pfstream_pr, a_packet, thread_num, raw_pkt);
@@ -731,10 +735,10 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da {
local_sys_stat->count[SAPP_STAT_RCV_IPV4_FRAG]++;
local_sys_stat->length[SAPP_STAT_RCV_IPV4_FRAG]++;
- /* ��IP��Ƭ, ��δ�������, �˴�ֻ����IPFRAG,
- ���ؿ�sapp_global_single.ipentry_priority_over_ipfrag,
- ��������һ����Ƭ����, ��ȫ��IP���������, ��Ҫ�ж�sapp_global_single.ipentry_priority_over_ipfrag,
- �����ȵ���ip_entry, ����ip_frag_entry.
+ /* ��IP��Ƭ, ��δ�������, �˴�ֻ����IPFRAG,
+ ���ؿ�sapp_global_single.ipentry_priority_over_ipfrag,
+ ��������һ����Ƭ����, ��ȫ��IP���������, ��Ҫ�ж�sapp_global_single.ipentry_priority_over_ipfrag,
+ �����ȵ���ip_entry, ����ip_frag_entry.
*/
stream_process_ipv4_frag(pstream, (const struct ip *)a_packet, thread_num, routedir, raw_pkt);
return PASS;
@@ -749,7 +753,7 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da local_sys_stat->length[SAPP_STAT_RCV_IPV4_FRAG] += this_layer_len;
}else{
//if(0 == this_layer_is_overlay)
- { /* ��overlay����ۼ���ز���� */
+ { /* ��overlay����ۼ���ز���� */
local_sys_stat->count[SAPP_STAT_RCV_IPV4]++;
local_sys_stat->length[SAPP_STAT_RCV_IPV4] += this_layer_len;
if (routedir == sapp_global_val->config.packet_io.inbound_route_dir)
@@ -766,17 +770,17 @@ int ipv4_entry(struct streaminfo_private *pfstream_pr, const void *this_layer_da }
/* 2017-05-11 lijia add,
- �ж�IP��IPFRAG��˭�����ȵ���,
- ������ģʽ��, "����"���һ��IP��Ƭ��, �ﵽ��������ԭʼIP����Ŀ��!
+ �ж�IP��IPFRAG��˭�����ȵ���,
+ ������ģʽ��, "����"���һ��IP��Ƭ��, �ﵽ��������ԭʼIP����Ŀ��!
*/
if(unlikely(sapp_global_single.ipentry_priority_over_ipfrag != 0)){
ret = process_ipv4_pkt(ptmp, a_packet, thread_num, routedir, raw_pkt, offset_to_raw_pkt_hdr);
if((PASS == ret) && (pstream->addr.pktipfragtype & (PKT_TYPE_IP_FRAG | PKT_TYPE_IP_FRAG_LAST))){
- /* NOTE: �˴�ʹ��this_layer_data, ����������ʵ��ԭʼIP��Ƭ�� */
+ /* NOTE: �˴�ʹ��this_layer_data, ����������ʵ��ԭʼIP��Ƭ�� */
ret = stream_process_ipv4_frag(pstream, (const struct ip *)this_layer_data, thread_num, routedir, raw_pkt);
}
}else{
- /* NOTE: �˴�ʹ��this_layer_data, ����������ʵ��ԭʼIP��Ƭ�� */
+ /* NOTE: �˴�ʹ��this_layer_data, ����������ʵ��ԭʼIP��Ƭ�� */
if(pstream->addr.pktipfragtype & (PKT_TYPE_IP_FRAG | PKT_TYPE_IP_FRAG_LAST)){
ret = stream_process_ipv4_frag(pstream, (const struct ip *)this_layer_data, thread_num, routedir, raw_pkt);
}
@@ -859,15 +863,15 @@ MESA_htable_handle ipv4_frag_htable_create(void) hargs.thread_safe = 0;
hargs.recursive = 0;
hargs.hash_slot_size = 1048576;
- hargs.max_elem_num = 50000; /* TODO 1: ���Ĭ��ֵ, ���������ļ�,��ָ������Ƭ�������� !! */
+ hargs.max_elem_num = 50000; /* TODO 1: ���Ĭ��ֵ, ���������ļ�,��ָ������Ƭ�������� !! */
hargs.eliminate_type = HASH_ELIMINATE_ALGO_LRU;
hargs.expire_time = IPV4_FRAG_TIMEOUT;
hargs.key_comp = ipv4_frag_key_cmp_cb;
hargs.key2index = ipv4_frag_hash_index;
hargs.data_free = ipv4_frag_ipq_free_all;
hargs.data_expire_with_condition = NULL;
- hargs.complex_key_dup = ipv4_frag_key_dup; /* ���ڸ��ӽṹ��key����, ��copyһ����ַ���� */
- hargs.complex_key_free = ipv4_frag_key_free; /* ɾ��ʱ�ͷ�key���ڴ���Դ */
+ hargs.complex_key_dup = ipv4_frag_key_dup; /* ���ڸ��ӽṹ��key����, ��copyһ����ַ���� */
+ hargs.complex_key_free = ipv4_frag_key_free; /* ɾ��ʱ�ͷ�key���ڴ���Դ */
return MESA_htable_create(&hargs, sizeof(MESA_htable_create_args_t));
}
@@ -960,7 +964,7 @@ static inline int checkipv4pkt(const struct mesa_ip4_hdr * iph, const raw_pkt_t #if 0
switch(iph->ip_p){
- /* Ŀǰƽֻ̨�������¼���Э��, �����ݲ�֧�ֻ����쳣���ݰ� */
+ /* Ŀǰƽֻ̨�������¼���Э��, �����ݲ�֧�ֻ����쳣���ݰ� */
case IPPROTO_TCP:
case IPPROTO_UDP:
case IPPROTO_IPV6:
@@ -980,7 +984,7 @@ static inline int checkipv4pkt(const struct mesa_ip4_hdr * iph, const raw_pkt_t }
#else
ip_proto = iph->ip_p;
- if(ip_proto >= 0x8F){ /* IPЭ���ֶδ���0x8f��Ŀǰ���Ϸ� */
+ if(ip_proto >= 0x8F){ /* IPЭ���ֶδ���0x8f��Ŀǰ���Ϸ� */
sapp_runtime_log(RLOG_LV_DEBUG, "ipv4 packet check error: unknow proto: %u", ip_proto);
return -1;
}
@@ -1093,7 +1097,7 @@ static void ipv4_frag_ipq_free_all(void *data) {
struct frag_ipq *ipq = (struct frag_ipq *)data;
- /* ���������ɾ��ʱ, Ҫ�ͷ�new_iph�ڴ� */
+ /* ���������ɾ��ʱ, Ҫ�ͷ�new_iph�ڴ� */
if(ipq->new_iph){
sapp_mem_free(SAPP_MEM_DYN_IP_FRAG_PKT,ipq->thread_num, ipq->new_iph);
}
diff --git a/src/dealpkt/deal_ipv6.c b/src/dealpkt/deal_ipv6.c index c948cac..f5847e6 100644 --- a/src/dealpkt/deal_ipv6.c +++ b/src/dealpkt/deal_ipv6.c @@ -6,7 +6,7 @@ extern "C" {
#endif
-static struct frag_manage *g_ipv6_frag_manage = NULL;
+struct frag_manage *g_ipv6_frag_manage = NULL;
static unsigned int FRAG_IP6_RANDOM;
//extern int g_packet_io_thread_num;
extern void raw_frags_list_free_one(int thread_seq, void *project_req_value);
@@ -443,6 +443,7 @@ static struct mesa_ip6_hdr *ipv6_defrag(struct streaminfo_private *pstream_pr, #endif
ipv6_qp->frags_num++;
+ ipv6_qp->frags_len+=raw_pkt->raw_pkt_len;
if(NULL == ipv6_qp->private_info)
{
@@ -616,6 +617,9 @@ copy_data: int ip6_payload_len = htons(ipv6_qp->meat);
char raw_next_hdr = private_info->raw_next_hdr;
+ //set scratch before frag_reassemble, cause frag_reassemble will free ipq
+ ip6_frag_handle->scratch_frag_cnt=ipv6_qp->frags_num;
+ ip6_frag_handle->scratch_frag_len=ipv6_qp->frags_len;
#if USE_MESA_STREAM_HASH
new_ip6h = (struct mesa_ip6_hdr *)frag_reassemble_v6(ip6_frag_handle, ipv6_qp, &ip6_frag_key);
#else
diff --git a/src/dealpkt/deal_tcp.c b/src/dealpkt/deal_tcp.c index e636d30..bc6d928 100644 --- a/src/dealpkt/deal_tcp.c +++ b/src/dealpkt/deal_tcp.c @@ -1,38 +1,38 @@ /* -20120603 : 1)�Ľ������ӵIJ��� ��datalen>0�İ�ֱ�ӽ������� - 2)Ӧ�ò㲻��Ҫ�����ӣ�ת��nouse״̬��������ֱ���ͷ� +20120603 : 1)�Ľ������ӵIJ��� ��datalen>0�İ�ֱ�ӽ������� + 2)Ӧ�ò㲻��Ҫ�����ӣ�ת��nouse״̬��������ֱ���ͷ� -20140322 : 1)ԭ�����ֻ�е�����data״̬�ŷ���pdetail�Ŀռ䣻������Ϊ - ��һ�����ͷ���pdetail�Ŀռ䣬������data��ŷ���half�Ŀռ� - 2)ԭ��������ص�һЩ������ȫ������pdetail - 3) �����Ĺ������������ĵ�ַ��hash���ö���ַ���бȽ� +20140322 : 1)ԭ�����ֻ�е�����data״̬�ŷ���pdetail�Ŀռ䣻������Ϊ + ��һ�����ͷ���pdetail�Ŀռ䣬������data��ŷ���half�Ŀռ� + 2)ԭ��������ص�һЩ������ȫ������pdetail + 3) �����Ĺ������������ĵ�ַ��hash���ö���ַ���бȽ� -20140329 1)�ָ���tcpdetail��¼���ζ����ֽ���pdetail->lostlen - 2)������tcpallpktģʽ�����ڲ������������飬����ȷ��fin��rst�ȵĵ���shunx - ˳����˲���������close״̬��ֻ�ܵ���̭�� - 3)�������м�¼ÿ��İ����ֽ�����λ�õ�����Ϊʵ�ʵ����˳�� - ��¼����¼�а����˲������صİ���Ŀ����ͳϵͳ�м�¼�˴����صİ��� - -20141210 1)ȫ�����streaminfo����ؽṹ�壬ʹ�÷���ṹ��IJ�ͬ���� -20141213 1)����tcp_add_new_stream_bydata���水tcplen=0�İ������ӣ�����nouse���� - nouse���������������һ����data��������opstate=close����� - �ڶ����Ǵ�һ�����ͽ�����nouse����ʱopsate=pending, - 2) �������ڶ������nouse���������ݰ�ʱ���ָ���data������ - -20141217 1)����c2s�������ĵڶ�������ack���Ƿ������ڣ�һֱ�������飬 - Ŀǰ�汾�в����ϸ��� - - -20150114 ���ں����ĵ���˳�����ȵ���tcpall�ӿڣ������ȵ���tcp�ӿڽ����˷������� - ԭ���ȵ���tcpall�������tcp�����ֶ�syn�ش����ж��Ƿ���Ч���Ƿ����� - ���Ϊ�ȵ���tcp���ٵ���tcpall������ ����ijˮ䰹��̣�tcp�ӿڣ�����tcpall�ı�ǩ - ���ڵ���Ϊ���½���������data�����ӣ������ȵ���all���ڵ���tcp�� -20150126 ������ - ����tcp_free_stream,tcp_reset_stream�IJ�������Ϊ�ȵ���tcp���ٵ���tcpall +20140329 1)�ָ���tcpdetail��¼���ζ����ֽ���pdetail->lostlen + 2)������tcpallpktģʽ�����ڲ������������飬����ȷ��fin��rst�ȵĵ���shunx + ˳����˲���������close״̬��ֻ�ܵ���̭�� + 3)�������м�¼ÿ��İ����ֽ�����λ�õ�����Ϊʵ�ʵ����˳�� + ��¼����¼�а����˲������صİ���Ŀ����ͳϵͳ�м�¼�˴����صİ��� + +20141210 1)ȫ�����streaminfo����ؽṹ�壬ʹ�÷���ṹ��IJ�ͬ���� +20141213 1)����tcp_add_new_stream_bydata���水tcplen=0�İ������ӣ�����nouse���� + nouse���������������һ����data��������opstate=close����� + �ڶ����Ǵ�һ�����ͽ�����nouse����ʱopsate=pending, + 2) �������ڶ������nouse���������ݰ�ʱ���ָ���data������ + +20141217 1)����c2s�������ĵڶ�������ack���Ƿ������ڣ�һֱ�������飬 + Ŀǰ�汾�в����ϸ��� + + +20150114 ���ں����ĵ���˳�����ȵ���tcpall�ӿڣ������ȵ���tcp�ӿڽ����˷������� + ԭ���ȵ���tcpall�������tcp�����ֶ�syn�ش����ж��Ƿ���Ч���Ƿ����� + ���Ϊ�ȵ���tcp���ٵ���tcpall������ ����ijˮ䰹��̣�tcp�ӿڣ�����tcpall�ı�ǩ + ���ڵ���Ϊ���½���������data�����ӣ������ȵ���all���ڵ���tcp�� +20150126 ������ + ����tcp_free_stream,tcp_reset_stream�IJ�������Ϊ�ȵ���tcp���ٵ���tcpall 20150210 lqy - ����syn+ack����syn�����ݵ���������±�������seqʱҪ�ж��Ƿ��syn - nouse�����ĵ�������� - ���Ӹ��� ,syn״̬��Ҫ����tcp��״̬ + ����syn+ack����syn�����ݵ���������±�������seqʱҪ�ж��Ƿ��syn + nouse�����ĵ�������� + ���Ӹ��� ,syn״̬��Ҫ����tcp��״̬ */ #include "sapp_api.h" #include "sapp_private_api.h" @@ -56,10 +56,10 @@ int copy_ipport_union_addr(struct streaminfo *pstream_heap, struct streaminfo *p void iterate_stream_list(const struct streaminfo *stream); int del_stream_by_time(struct stream_list *plist, const struct streamindex *current_drive_index, int thread_id, enum stream_type_t type); -//int g_kill_tcp_remedy_sw = 0; /* 2016-06-21 lijia add, �Ƿ����FD���� */ +//int g_kill_tcp_remedy_sw = 0; /* 2016-06-21 lijia add, �Ƿ����FD���� */ int G_TCP_FLOW_STAT_PROJECT_ID = -1; /* 2016-07-14 lijia copy from sapp */ -int G_TCP_DEDUCE_FLOW_STAT_PROJECT_ID = -1; /* ������, ����ACK����ƶϳ��ĶԶ����۽��յ����ݳ��� */ +int G_TCP_DEDUCE_FLOW_STAT_PROJECT_ID = -1; /* ������, ����ACK����ƶϳ��ĶԶ����۽��յ����ݳ��� */ #if DEBUG static void packet_io_status_tcp_pkt_update(int tid, unsigned char tcp_flags, int payload_len); @@ -104,9 +104,9 @@ static int checkcreatlinkseq(struct streaminfo_private*pstream_pr,int this_seq) curseq=pdetail_pr->iclientseq; } //adjust by lqy 20120923 - //��һ�γ������ݣ���Ϊ������ + //��һ�γ������ݣ���Ϊ������ if(curseq==0) return 1; - //��γ���syn����һ�����ݰ����Ϊ + //��γ���syn����һ�����ݰ����Ϊ if(pdetail_pr->multisynflag==1) { if(pstream->curdir == DIR_C2S) @@ -137,7 +137,7 @@ int MESA_get_tcp_pkt_opts(const struct tcphdr *tcphdr, struct tcp_option *raw_re const unsigned char *opt; int opt_num = 0, opt_len; struct tcp_option *out_raw_result = raw_result; - int parsed_opt; /* ��ȷ������OPT��λ */ + int parsed_opt; /* ��ȷ������OPT��λ */ if((NULL == raw_result) || (res_num <= 0)){ return -1; @@ -158,10 +158,10 @@ int MESA_get_tcp_pkt_opts(const struct tcphdr *tcphdr, struct tcp_option *raw_re switch (*opt) { - case TCP_OPT_EOL: /* ��ʵ������, ����¼��ѡ�������� */ + case TCP_OPT_EOL: /* ��ʵ������, ����¼��ѡ�������� */ return opt_num; - case TCP_OPT_NOP: /* ��ʵ������, ����¼��ѡ�������� */ + case TCP_OPT_NOP: /* ��ʵ������, ����¼��ѡ�������� */ opt++; opt_len--; /* Ref: RFC 793 section 3.1 */ continue; @@ -239,7 +239,7 @@ int MESA_get_tcp_pkt_opts(const struct tcphdr *tcphdr, struct tcp_option *raw_re goto err; } out_raw_result->len -= 2; - out_raw_result->char_value = 1; /* SACKʵ��û��ֵ, �˴���ֵ��Ϊ�˱����ⲿ���ʹ�� */ + out_raw_result->char_value = 1; /* SACKʵ��û��ֵ, �˴���ֵ��Ϊ�˱����ⲿ���ʹ�� */ opt_len -= 2; parsed_opt = 1; break; @@ -267,7 +267,7 @@ int MESA_get_tcp_pkt_opts(const struct tcphdr *tcphdr, struct tcp_option *raw_re parsed_opt = 1; break; - /* ����ʶ���ݲ�������ѡ��, ���� */ + /* ����ʶ���ݲ�������ѡ��, ���� */ case TCP_OPT_SACK_EDGE: case TCP_OPT_MD5: case TCP_OPT_MULTI_PATH_TCP: @@ -277,7 +277,7 @@ int MESA_get_tcp_pkt_opts(const struct tcphdr *tcphdr, struct tcp_option *raw_re int this_opt_len; if (opt_len <= 1) - { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ + { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ goto err; } this_opt_len = opt[1]; @@ -296,7 +296,7 @@ int MESA_get_tcp_pkt_opts(const struct tcphdr *tcphdr, struct tcp_option *raw_re int this_opt_len; if (opt_len <= 1) - { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ + { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ goto err; } this_opt_len = opt[1]; @@ -336,7 +336,7 @@ int MESA_get_tcp_pkt_opts_ext(const struct tcphdr *tcphdr, struct tcp_option_ext const unsigned char *opt; int opt_num = 0, opt_len; struct tcp_option_ext *out_raw_result = raw_result; - int parsed_opt; /* ��ȷ������OPT��λ */ + int parsed_opt; /* ��ȷ������OPT��λ */ if((NULL == raw_result) || (res_num <= 0)){ return -1; @@ -357,10 +357,10 @@ int MESA_get_tcp_pkt_opts_ext(const struct tcphdr *tcphdr, struct tcp_option_ext switch (*opt) { - case TCP_OPT_EOL: /* ��ʵ������, ����¼��ѡ�������� */ + case TCP_OPT_EOL: /* ��ʵ������, ����¼��ѡ�������� */ return opt_num; - case TCP_OPT_NOP: /* ��ʵ������, ����¼��ѡ�������� */ + case TCP_OPT_NOP: /* ��ʵ������, ����¼��ѡ�������� */ opt++; opt_len--; /* Ref: RFC 793 section 3.1 */ continue; @@ -438,7 +438,7 @@ int MESA_get_tcp_pkt_opts_ext(const struct tcphdr *tcphdr, struct tcp_option_ext goto err; } out_raw_result->len -= 2; - out_raw_result->char_value = 1; /* SACKʵ��û��ֵ, �˴���ֵ��Ϊ�˱����ⲿ���ʹ�� */ + out_raw_result->char_value = 1; /* SACKʵ��û��ֵ, �˴���ֵ��Ϊ�˱����ⲿ���ʹ�� */ opt_len -= 2; parsed_opt = 1; break; @@ -485,7 +485,7 @@ int MESA_get_tcp_pkt_opts_ext(const struct tcphdr *tcphdr, struct tcp_option_ext } break; - /* ����ʶ���ݲ�������ѡ��, ���� */ + /* ����ʶ���ݲ�������ѡ��, ���� */ case TCP_OPT_SACK_EDGE: case TCP_OPT_MD5: case TCP_OPT_RIVER_PROBE: @@ -494,7 +494,7 @@ int MESA_get_tcp_pkt_opts_ext(const struct tcphdr *tcphdr, struct tcp_option_ext int this_opt_len; if (opt_len <= 1) - { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ + { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ goto err; } this_opt_len = opt[1]; @@ -513,7 +513,7 @@ int MESA_get_tcp_pkt_opts_ext(const struct tcphdr *tcphdr, struct tcp_option_ext int this_opt_len; if (opt_len <= 1) - { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ + { /* ��ǰѡ���Ϊ0, ��ʣ��ѡ���ֻ��һ���ֽ�, ��ѡ�����ͷ�0��1, �����! */ goto err; } this_opt_len = opt[1]; @@ -600,8 +600,8 @@ static char tcp_processallpkt( struct streaminfo *pstream, const void *this_iphd } -/* LiJia comment: ������½�����, ��resetflag=0, ����pindexָ��ջ����ڴ�; - �������Ԫ������, ����pindexָ�������ڴ�; +/* LiJia comment: ������½�����, ��resetflag=0, ����pindexָ��ջ����ڴ�; + �������Ԫ������, ����pindexָ�������ڴ�; */ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, const void *this_iphdr, struct mesa_tcp_hdr *this_tcphdr,int datalen,int resetflag, const raw_pkt_t *raw_pkt) @@ -613,7 +613,7 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, struct streaminfo *pstream; struct tcpdetail *pdetail=NULL; struct tcpdetail_private *pdetail_pr=NULL; - int need_reverse = 0; /* copy��ַʱ, �Ƿ���Ҫ��src, dst�ߵ� */ + int need_reverse = 0; /* copy��ַʱ, �Ƿ���Ҫ��src, dst�ߵ� */ if ((this_tcphdr->th_flags & TH_SYN) && !(this_tcphdr->th_flags & TH_ACK) @@ -631,12 +631,12 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, { //runtime_log(RLOG_LV_FATAL, "[tcp_add_new_stream_bysyn]:","tcpflags=:%0x\n",this_tcphdr->th_flags); //adjust by lqy 20130530 - //ֻ�е����ν���ʱֱ�ӷ��� + //ֻ�е����ν���ʱֱ�ӷ��� if(resetflag==0) return NULL; } if(likely(0 == resetflag)){ - /* �˺���copy������pindex�ṹ, ��addr��ַ��������һ���ڴ�, ���Բ�û��copy, ʵ�ʻ�����pindexָ����ڴ���� */ + /* �˺���copy������pindex�ṹ, ��addr��ַ��������һ���ڴ�, ���Բ�û��copy, ʵ�ʻ�����pindexָ����ڴ���� */ pindex_tcp=malloc_and_copy_streamindex(threadnum, pindex); //memcpy(pindex_tcp,pindex,sizeof(struct streamindex)); @@ -644,18 +644,18 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, pstream = &pstream_pr->stream_public; /* 2014-11-13 lijia modify */ - if(DIR_C2S == createdir){ /* ��ǰ��ַ��TCP�������Ϸ���C->S���䷽�� */ + if(DIR_C2S == createdir){ /* ��ǰ��ַ��TCP�������Ϸ���C->S���䷽�� */ if(1 == pstream_pr->layer_dir){ - pstream_pr->stream_dir = 1; /* �ڵ�ַ�������, ��"���ַ�ǿͻ���"�����෴ */ + pstream_pr->stream_dir = 1; /* �ڵ�ַ�������, ��"���ַ�ǿͻ���"�����෴ */ }else{ pstream_pr->stream_dir = 0; } need_reverse = 0; pstream_pr->stream_c2s_route_dir = raw_pkt->route_dir; }else{ - need_reverse = 1; /* ���뽫��ַ����ߵ�, �����ȡ��ַ�ṹʱ, src�̶�ָ�����ϵ�Դ��ַ */ + need_reverse = 1; /* ���뽫��ַ����ߵ�, �����ȡ��ַ�ṹʱ, src�̶�ָ�����ϵ�Դ��ַ */ if(1 == pstream_pr->layer_dir){ - /* ��Ϊ��copy_stream_info_to_heap()�л�����ַ�ߵ�, ���Դ˴��ͺ�"���ַ�ǿͻ���"������ͬ�� */ + /* ��Ϊ��copy_stream_info_to_heap()�л�����ַ�ߵ�, ���Դ˴��ͺ�"���ַ�ǿͻ���"������ͬ�� */ pstream_pr->stream_dir = 0; }else{ pstream_pr->stream_dir = 1; @@ -665,9 +665,9 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, #if USE_RBTREE_INSTEAD_LIST /* note: - ��Ϊ����rbtreeʱ��Ҫ���������������Ƚ�, ����ȷ������left����right��֧, - ���ڱ�����˵, layer_dir����û��������, ��Ҫ���ں��������Ƚϵ�ַ��С, - ���Խ�layer_dir = stream_dir; + ��Ϊ����rbtreeʱ��Ҫ���������������Ƚ�, ����ȷ������left����right��֧, + ���ڱ�����˵, layer_dir����û��������, ��Ҫ���ں��������Ƚϵ�ַ��С, + ���Խ�layer_dir = stream_dir; */ pstream_pr->layer_dir = pstream_pr->stream_dir; #endif @@ -682,11 +682,11 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, #if SAPP_INSECTICIDE iterate_stream_list(pstream); #endif - /* 2016-07-25 lijia add, ��¼��ǰ����ײ���������, ÿ����ֻ�ڴ���ʱ��һ�μ��� */ + /* 2016-07-25 lijia add, ��¼��ǰ����ײ���������, ÿ����ֻ�ڴ���ʱ��һ�μ��� */ get_stream_carry_tunnel_type(pstream, NULL, &pstream_pr->stream_low_layer_tunnel_type); #if 0 - /* TCP��洢����ָ��, ��ʵ��ַ���ݴ洢��IP��, ����� */ + /* TCP��洢����ָ��, ��ʵ��ַ���ݴ洢��IP��, ����� */ //set_stream_addr(pindex_tcp->stream.pfather, this_tcphdr->th_sport, this_tcphdr->th_dport, &pindex_tcp->stream.addr); //set_stream_addr(pindex_tcp->stream.pfather, this_tcphdr->th_sport, this_tcphdr->th_dport, &pindex_tcp->stream); @@ -702,7 +702,7 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, memset(pdetail_pr,0,sizeof(struct tcpdetail_private)); pdetail->createtime=g_CurrentTime; pstream_pr->stream_create_timestamp_ms=g_CurrentTime_ms; - //adjust by lqy 20140515 ֻ���½�ʱ���� + //adjust by lqy 20140515 ֻ���½�ʱ���� if(createdir==DIR_S2C){ pdetail->clientpktnum++; pdetail->clientbytes+= datalen; /* 2014-12-19 lijia add, for SYN pkt append data */ @@ -720,15 +720,15 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, else { /* TODO 1: - �����������, ��ò�ʹ��ԭ����streamindex�ṹ, free��������һ���µ�, - ����ʹstreamindex��ַ��ԭ����һ��, ��Ҫ����DEBUG. + �����������, ��ò�ʹ��ԭ����streamindex�ṹ, free��������һ���µ�, + ����ʹstreamindex��ַ��ԭ����һ��, ��Ҫ����DEBUG. */ pindex_tcp = pindex; pstream_pr = &pindex_tcp->stream; pstream = &pstream_pr->stream_public; pdetail_pr = (struct tcpdetail_private *)pstream->pdetail; pdetail = (struct tcpdetail *)pdetail_pr; - // add by lqy 20150107, ���ü��� + // add by lqy 20150107, ���ü��� if (createdir == DIR_S2C) { pdetail->clientpktnum = 1; @@ -747,13 +747,13 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, pstream_pr->has_duplicate_pkt = 0; pdetail_pr->drop_stream_flag = 0; - /* ���Ӹ���, ��������һ���µ�streamid */ + /* ���Ӹ���, ��������һ���µ�streamid */ pindex_tcp->stream.global_stream_id = get_global_stream_id(threadnum); pindex_tcp->stream.stream_trace_id=0; pdetail->createtime=g_CurrentTime; pstream_pr->stream_create_timestamp_ms=g_CurrentTime_ms; - /* ��������, �����ж�һ��ddos ״̬ */ + /* ��������, �����ж�һ��ddos ״̬ */ if(pstream_pr->create_dir_by_well_known_port != 1) { pstream_pr->under_ddos_bypass = packet_io_under_ddos_should_bypass(threadnum); @@ -783,7 +783,7 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, pstream->dir=createdir; pstream->curdir=createdir; - //δ����ȫ���ӿ�ģʽ�£�ֱ�ӹر�, add by lqy 20141213 + //δ����ȫ���ӿ�ģʽ�£�ֱ�ӹر�, add by lqy 20141213 if(tcp_support_all==TCP_SUPPORT_ENTRYALL_OFF) { pstream->pktstate=OP_STATE_CLOSE; @@ -797,17 +797,17 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, if(createdir==DIR_S2C) { - //��ʱ������ʼ��seq + //��ʱ������ʼ��seq pdetail_pr->iclientseq =ntohl (this_tcphdr->th_seq) + 1; pdetail_pr->iserverseq=ntohl (this_tcphdr->th_ack); - //pdetail->clientpkt++; //adjust by lqy 20140515 ֻ���½�ʱ���� + //pdetail->clientpkt++; //adjust by lqy 20140515 ֻ���½�ʱ���� pdetail_pr->S2C_first_ack_seq = pdetail_pr->iserverseq; } else if(createdir==DIR_C2S) { - pdetail_pr->iclientseq = 0; /* 2017-12-06 lijia add, ��ʱS2C�����ISN��δ��ȡ�� */ + pdetail_pr->iclientseq = 0; /* 2017-12-06 lijia add, ��ʱS2C�����ISN��δ��ȡ�� */ pdetail_pr->iserverseq=ntohl (this_tcphdr->th_seq)+1; - //pdetail->serverpkt++; //adjust by lqy 20140515 ֻ���½�ʱ���� + //pdetail->serverpkt++; //adjust by lqy 20140515 ֻ���½�ʱ���� pdetail_pr->C2S_first_ack_seq = ntohl (this_tcphdr->th_ack); } pdetail->lastmtime=g_CurrentTime; @@ -816,14 +816,14 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, pstream->stream_state=TCP_SYN_STATE; if(pstream_pr->under_ddos_bypass){ - /* bypass״̬�������κβ��, ������project, parse_tcp_option�Ȳ��������Ժ�����,�Խ�Լcpu��Դ */ + /* bypass״̬�������κβ��, ������project, parse_tcp_option�Ȳ��������Ժ�����,�Խ�Լcpu��Դ */ pstream->stream_state=TCP_NOUSE_STATE; streamaddlist(pindex_tcp,&(G_MESA_GLOBAL_STREAM[threadnum]->tcpList[pstream->stream_state])); return pindex_tcp; } streamaddlist(pindex_tcp,&(G_MESA_GLOBAL_STREAM[threadnum]->tcpList[pstream->stream_state])); - /* LiJia add, ijЩ��Ŀ����Ӧ�ó�ʼ��, ���ǩ��ԭʼIP��Ƭ�б��� */ + /* LiJia add, ijЩ��Ŀ����Ӧ�ó�ʼ��, ���ǩ��ԭʼIP��Ƭ�б��� */ pstream_pr->pproject = project_requirement_create(SAPP_MEM_DYN_TCP_PROJECT, pstream->threadnum); pstream_pr->stream_bridge = stream_bridge_create_per_stream(SAPP_MEM_DYN_TCP_BRIDGE, pstream->threadnum); @@ -833,51 +833,75 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, memset(pdetail_pr->flow_stat, 0, sizeof(struct tcp_flow_stat)); project_req_add_struct(pstream, G_TCP_FLOW_STAT_PROJECT_ID, pdetail_pr->flow_stat); + int frag_cnt = 0; + int frag_len = 0; + stream_get_scratch_frag_stat(pstream, &frag_cnt, &frag_len); + if(0 == resetflag){ if(DIR_C2S == pstream->curdir){ pdetail_pr->flow_stat->C2S_syn_pkt++; - pdetail_pr->flow_stat->C2S_all_pkt++; - pdetail_pr->flow_stat->C2S_all_byte += datalen; - pdetail_pr->flow_stat->C2S_all_byte_raw += MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->C2S_ip_fragment_pkt++; + pdetail_pr->flow_stat->C2S_ip_fragment_pkt+=MAX(1,frag_cnt); + pdetail_pr->flow_stat->C2S_all_pkt+= MAX(1,frag_cnt); + pdetail_pr->flow_stat->C2S_all_byte += MAX(datalen, frag_len); + pdetail_pr->flow_stat->C2S_all_byte_raw += MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes, frag_len); } + else + { + pdetail_pr->flow_stat->C2S_all_pkt++; + pdetail_pr->flow_stat->C2S_all_byte += datalen; + pdetail_pr->flow_stat->C2S_all_byte_raw += + MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes, 0); + } }else{ pdetail_pr->flow_stat->S2C_syn_pkt++; - pdetail_pr->flow_stat->S2C_all_pkt++; - pdetail_pr->flow_stat->S2C_all_byte += datalen; - pdetail_pr->flow_stat->S2C_all_byte_raw += MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->S2C_ip_fragment_pkt++; + pdetail_pr->flow_stat->S2C_ip_fragment_pkt+=MAX(1,frag_cnt); + pdetail_pr->flow_stat->S2C_all_pkt+=MAX(1,frag_cnt); + pdetail_pr->flow_stat->S2C_all_byte += MAX(datalen, frag_len); + pdetail_pr->flow_stat->S2C_all_byte_raw += MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,frag_len); + } + else + { + pdetail_pr->flow_stat->S2C_all_pkt++; + pdetail_pr->flow_stat->S2C_all_byte += datalen; + pdetail_pr->flow_stat->S2C_all_byte_raw += MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); } } }else{ if(DIR_C2S == pstream->curdir){ pdetail_pr->flow_stat->C2S_syn_pkt = 1; - pdetail_pr->flow_stat->C2S_all_pkt = 1; - pdetail_pr->flow_stat->C2S_all_byte = datalen; - pdetail_pr->flow_stat->C2S_all_byte_raw = MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->C2S_ip_fragment_pkt=1; + pdetail_pr->flow_stat->C2S_all_pkt += MAX(1,frag_cnt); + pdetail_pr->flow_stat->C2S_all_byte = MAX(datalen, frag_len); + pdetail_pr->flow_stat->C2S_all_byte_raw = MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes, frag_len); + pdetail_pr->flow_stat->C2S_ip_fragment_pkt+= MAX(1,frag_cnt); } else { + pdetail_pr->flow_stat->C2S_all_pkt = 1; + pdetail_pr->flow_stat->C2S_all_byte = datalen; + pdetail_pr->flow_stat->C2S_all_byte_raw = MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); pdetail_pr->flow_stat->C2S_ip_fragment_pkt=0; } }else{ pdetail_pr->flow_stat->S2C_syn_pkt = 1; - pdetail_pr->flow_stat->S2C_all_pkt = 1; - pdetail_pr->flow_stat->S2C_all_byte = datalen; - pdetail_pr->flow_stat->S2C_all_byte_raw = MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); + if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->S2C_ip_fragment_pkt=1; + pdetail_pr->flow_stat->S2C_all_pkt += MAX(1,frag_cnt); + pdetail_pr->flow_stat->S2C_all_byte = MAX(datalen, frag_len); + pdetail_pr->flow_stat->S2C_all_byte_raw = MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,frag_len); + pdetail_pr->flow_stat->S2C_ip_fragment_pkt+= MAX(1,frag_cnt); } else { + pdetail_pr->flow_stat->S2C_all_pkt = 1; + pdetail_pr->flow_stat->S2C_all_byte = datalen; + pdetail_pr->flow_stat->S2C_all_byte_raw = MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); pdetail_pr->flow_stat->S2C_ip_fragment_pkt=0; } } @@ -892,7 +916,7 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, if(DIR_S2C == createdir){ pdetail_pr->S2C_first_ack_seq = ntohl(this_tcphdr->th_ack); }else{ - ; /* SYN��ľ��ACK, ���� */ + ; /* SYN��ľ��ACK, ���� */ } } @@ -911,10 +935,10 @@ static struct streamindex *tcp_add_new_stream_bysyn(struct streamindex *pindex, } /* - 1)ԭ�����Ϊû��syn������£�ֱ�ӿ���һ�����ݰ��������� - 2) Ϊ�˼���ȫ���ӿڣ�����û�����ݵİ�Ҳ���������ӽ���NOUSE ״̬ + 1)ԭ�����Ϊû��syn������£�ֱ�ӿ���һ�����ݰ��������� + 2) Ϊ�˼���ȫ���ӿڣ�����û�����ݵİ�Ҳ���������ӽ���NOUSE ״̬ - 2015-06-10 lijia add "resetflag", ��������ʱ��̭�½�����. + 2015-06-10 lijia add "resetflag", ��������ʱ��̭�½�����. */ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, struct mesa_tcp_hdr *this_tcphdr, int datalen, int resetflag, const raw_pkt_t * raw_pkt) @@ -950,7 +974,7 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, iterate_stream_list(pstream); #endif - /* 2016-07-25 lijia add, ��¼��ǰ����ײ���������, ÿ����ֻ�ڴ���ʱ��һ�μ��� */ + /* 2016-07-25 lijia add, ��¼��ǰ����ײ���������, ÿ����ֻ�ڴ���ʱ��һ�μ��� */ get_stream_carry_tunnel_type(pstream, NULL, &pstream_pr->stream_low_layer_tunnel_type); pstream->dir=createdir; @@ -962,24 +986,24 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, #if USE_RBTREE_INSTEAD_LIST if(1 == pstream_pr->layer_dir){ - pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ + pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ //((struct streaminfo_private *)pstream->pfather)->stream_dir = ((struct streaminfo_private *)pstream->pfather)->layer_dir; //set_stream_addr(pstream->pfather, this_tcphdr->th_sport, this_tcphdr->th_dport, pstream); }else{ - pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ - //((struct streaminfo_private *)pstream->pfather)->stream_dir = ((struct streaminfo_private *)pstream->pfather)->layer_dir ^ 1; /* IP�㴴�����ķ����뵱ǰ�����䷽���෴ */ + pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ + //((struct streaminfo_private *)pstream->pfather)->stream_dir = ((struct streaminfo_private *)pstream->pfather)->layer_dir ^ 1; /* IP�㴴�����ķ����뵱ǰ�����䷽���෴ */ //set_stream_addr(pstream->pfather, this_tcphdr->th_dport, this_tcphdr->th_sport, pstream); } /* note: - ��Ϊ����rbtreeʱ��Ҫ���������������Ƚ�, ����ȷ������left����right��֧, - ���ڱ�����˵, layer_dir����û��������, ��Ҫ���ں��������Ƚϵ�ַ��С, - ��data��������, layer_dir = 1; + ��Ϊ����rbtreeʱ��Ҫ���������������Ƚ�, ����ȷ������left����right��֧, + ���ڱ�����˵, layer_dir����û��������, ��Ҫ���ں��������Ƚϵ�ַ��С, + ��data��������, layer_dir = 1; */ pstream_pr->layer_dir = 1; #endif - hash_add_stream(pindex_tcp); /* ���resetflag=1, ˵�������Ӹ���, tcp_reset_stream()û�д�hash����ɾ��, Ҳ�Ͳ����ظ������� */ + hash_add_stream(pindex_tcp); /* ���resetflag=1, ˵�������Ӹ���, tcp_reset_stream()û�д�hash����ɾ��, Ҳ�Ͳ����ظ������� */ }else{ pindex_tcp=pindex; pstream_pr=&(pindex_tcp->stream); @@ -1007,11 +1031,11 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, pstream_pr->stream_c2s_route_dir = raw_pkt->route_dir; } pstream_pr->stream_killed_flag = 0; - /* ���Ӹ���, ��������һ���µ�streamid */ + /* ���Ӹ���, ��������һ���µ�streamid */ pindex_tcp->stream.global_stream_id = get_global_stream_id(threadnum); pindex_tcp->stream.stream_trace_id=0; - /* ���Ӹ���, �����ж�һ��ddos ״̬ */ + /* ���Ӹ���, �����ж�һ��ddos ״̬ */ if(pstream_pr->create_dir_by_well_known_port != 1) { pstream_pr->under_ddos_bypass = packet_io_under_ddos_should_bypass(threadnum); @@ -1022,9 +1046,9 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, pstream->curdir=createdir; //pindex_tcp->stream.stream_dir=pindex_tcp->stream.layer_dir; - //�����ݱ���ֱ�ӽ���data״̬, by lqy 20141213 + //�����ݱ���ֱ�ӽ���data״̬, by lqy 20141213 //if(datalen>0) - //�����ĵ��Dz���������־�ı���adjust by lqy 20150215 + //�����ĵ��Dz���������־�ı���adjust by lqy 20150215 if((datalen>0) && (!(this_tcphdr->th_flags & TH_FIN)) && (!(this_tcphdr->th_flags & TH_RST))) { pstream->stream_state=TCP_DATA_STATE; @@ -1034,7 +1058,7 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, pstream->stream_state=TCP_NOUSE_STATE; } - /* TCP��洢����ָ��, ��ʵ��ַ���ݴ洢��IP��, ����� */ + /* TCP��洢����ָ��, ��ʵ��ַ���ݴ洢��IP��, ����� */ //set_stream_addr(pindex_tcp->stream.pfather, this_tcphdr->th_sport, this_tcphdr->th_dport, &pindex_tcp->stream.addr); //set_stream_addr(pindex_tcp->stream.pfather, this_tcphdr->th_sport, this_tcphdr->th_dport, &pindex_tcp->stream); @@ -1042,12 +1066,12 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, set_stream_addr(pindex_tcp->stream.pfather, this_tcphdr->th_sport, this_tcphdr->th_dport, &pindex_tcp->stream); #else /* 2014-12-16 lijia modify */ if(1 == pstream_pr->layer_dir){ - pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ + pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ //((struct streaminfo_private *)pstream->pfather)->stream_dir = ((struct streaminfo_private *)pstream->pfather)->layer_dir; //set_stream_addr(pstream->pfather, this_tcphdr->th_sport, this_tcphdr->th_dport, pstream); }else{ - pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ - //((struct streaminfo_private *)pstream->pfather)->stream_dir = ((struct streaminfo_private *)pstream->pfather)->layer_dir ^ 1; /* IP�㴴�����ķ����뵱ǰ�����䷽���෴ */ + pstream_pr->stream_dir = 1; /* ��Ϊ�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ + //((struct streaminfo_private *)pstream->pfather)->stream_dir = ((struct streaminfo_private *)pstream->pfather)->layer_dir ^ 1; /* IP�㴴�����ķ����뵱ǰ�����䷽���෴ */ //set_stream_addr(pstream->pfather, this_tcphdr->th_dport, this_tcphdr->th_sport, pstream); } #endif @@ -1070,7 +1094,7 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, pdetail_pr->link_state=STREAM_LINK_DATA; if(pstream_pr->under_ddos_bypass){ - /* bypass״̬�������κβ��, ������project, bridge,parse_opt,��ʼ��half_stream�Ȳ��������Ժ����� */ + /* bypass״̬�������κβ��, ������project, bridge,parse_opt,��ʼ��half_stream�Ȳ��������Ժ����� */ pstream->stream_state=TCP_NOUSE_STATE; streamaddlist(pindex_tcp,&(G_MESA_GLOBAL_STREAM[threadnum]->tcpList[pstream->stream_state])); return pindex_tcp; @@ -1079,14 +1103,14 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, streamaddlist(pindex_tcp,&(G_MESA_GLOBAL_STREAM[threadnum]->tcpList[pstream->stream_state])); //if(datalen>0) - //�����ĵ��Dz���������־�ı���adjust by lqy 20150325 + //�����ĵ��Dz���������־�ı���adjust by lqy 20150325 if((datalen>0) && (!(this_tcphdr->th_flags & TH_FIN)) && (!(this_tcphdr->th_flags & TH_RST))) { if(pstream->dir==DIR_C2S) { pdetail_pr->pserver=(struct half_tcpstream *)sapp_mem_malloc(SAPP_MEM_DYN_TCP_HALF_STREAM, threadnum,sizeof(struct half_tcpstream)); memset(pdetail_pr->pserver,0,sizeof(struct half_tcpstream)); - //������ + //������ pdetail_pr->pserver->first_data_seq=(ntohl (this_tcphdr->th_seq) ); /* 2014-07-31 LiJia add, for set one stream unorder number */ pdetail_pr->pserver->maxunorder = tcp_default_unorder; @@ -1095,17 +1119,17 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, { pdetail_pr->pclient=(struct half_tcpstream *)sapp_mem_malloc(SAPP_MEM_DYN_TCP_HALF_STREAM,threadnum,sizeof(struct half_tcpstream)); memset(pdetail_pr->pclient,0,sizeof(struct half_tcpstream)); - //������ + //������ pdetail_pr->pclient->first_data_seq=(ntohl (this_tcphdr->th_seq) ); /* 2014-07-31 LiJia add, for set one stream unorder number */ pdetail_pr->pclient->maxunorder = tcp_default_unorder; } } - else //�����ݵ������¼��ʱseqֵ + else //�����ݵ������¼��ʱseqֵ { if(createdir==DIR_S2C) { - //��ʱ������ʼ��seq + //��ʱ������ʼ��seq pdetail_pr->iclientseq =ntohl (this_tcphdr->th_seq) ; pdetail_pr->iserverseq=ntohl (this_tcphdr->th_ack); @@ -1118,7 +1142,7 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, } pstream->pdetail=(void *)pdetail_pr; - /* 2014-03-26 LiJia add, ijЩ��Ŀ����Ӧ�ó�ʼ��, ���ǩ��ԭʼIP��Ƭ�б��� */ + /* 2014-03-26 LiJia add, ijЩ��Ŀ����Ӧ�ó�ʼ��, ���ǩ��ԭʼIP��Ƭ�б��� */ pstream_pr->pproject = project_requirement_create(SAPP_MEM_DYN_TCP_PROJECT,threadnum); pstream_pr->stream_bridge = stream_bridge_create_per_stream(SAPP_MEM_DYN_TCP_BRIDGE,pstream->threadnum); @@ -1128,34 +1152,45 @@ static struct streamindex *tcp_add_new_stream_bydata(struct streamindex *pindex, memset(pdetail_pr->flow_stat, 0, sizeof(struct tcp_flow_stat)); project_req_add_struct(pstream, G_TCP_FLOW_STAT_PROJECT_ID, pdetail_pr->flow_stat); + int frag_cnt = 0, frag_len = 0; + stream_get_scratch_frag_stat(pstream, &frag_cnt, &frag_len); + if(resetflag != 0){ if(pstream->curdir == DIR_C2S){ - pdetail_pr->flow_stat->C2S_all_pkt = 1; - pdetail_pr->flow_stat->C2S_all_byte = datalen; - pdetail_pr->flow_stat->C2S_all_byte_raw =MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); + if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->C2S_ip_fragment_pkt=1; + pdetail_pr->flow_stat->C2S_all_pkt = MAX(1, frag_cnt); + pdetail_pr->flow_stat->C2S_all_byte = MAX(datalen, frag_len); + pdetail_pr->flow_stat->C2S_all_byte_raw =MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,frag_len); + pdetail_pr->flow_stat->C2S_ip_fragment_pkt=MAX(1, frag_cnt); } else { + pdetail_pr->flow_stat->C2S_all_pkt = 1; + pdetail_pr->flow_stat->C2S_all_byte = datalen; + pdetail_pr->flow_stat->C2S_all_byte_raw =MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); pdetail_pr->flow_stat->C2S_ip_fragment_pkt=0; } }else{ - pdetail_pr->flow_stat->S2C_all_pkt = 1; - pdetail_pr->flow_stat->S2C_all_byte = datalen; - pdetail_pr->flow_stat->S2C_all_byte_raw = MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes,0); + if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->S2C_ip_fragment_pkt=1; + pdetail_pr->flow_stat->S2C_all_pkt = MAX(1, frag_cnt); + pdetail_pr->flow_stat->S2C_all_byte = MAX(datalen, frag_len); + pdetail_pr->flow_stat->S2C_all_byte_raw = MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes,frag_len); + pdetail_pr->flow_stat->S2C_ip_fragment_pkt=MAX(1, frag_cnt); } else { + pdetail_pr->flow_stat->S2C_all_pkt = 1; + pdetail_pr->flow_stat->S2C_all_byte = datalen; + pdetail_pr->flow_stat->S2C_all_byte_raw = MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes,0); pdetail_pr->flow_stat->S2C_ip_fragment_pkt=0; } } } - /* NOTE, tcp_data������stream_process_tcp()���ۼ� */ + /* NOTE, tcp_data������stream_process_tcp()���ۼ� */ } if(G_TCP_DEDUCE_FLOW_STAT_PROJECT_ID != -1){ @@ -1213,9 +1248,9 @@ static void tcp_change_stream_todata(struct streamindex *pindex,struct mesa_tcp_ if(NULL == pdetail_pr->pserver){ pdetail_pr->pserver=(struct half_tcpstream *)sapp_mem_malloc(SAPP_MEM_DYN_TCP_HALF_STREAM,threadnum,sizeof(struct half_tcpstream)); memset(pdetail_pr->pserver,0,sizeof(struct half_tcpstream)); - //������ + //������ pdetail_pr->pserver->first_data_seq=pdetail_pr->iserverseq; - /* pdetail_pr->iserverseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ + /* pdetail_pr->iserverseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ /* 2014-10-20 LiJia add, for set one stream unorder number */ pdetail_pr->pserver->maxunorder = tcp_default_unorder; @@ -1226,9 +1261,9 @@ static void tcp_change_stream_todata(struct streamindex *pindex,struct mesa_tcp_ if(NULL == pdetail_pr->pclient){ pdetail_pr->pclient=(struct half_tcpstream *)sapp_mem_malloc(SAPP_MEM_DYN_TCP_HALF_STREAM,threadnum,sizeof(struct half_tcpstream)); memset(pdetail_pr->pclient,0,sizeof(struct half_tcpstream)); - //������ + //������ pdetail_pr->pclient->first_data_seq=pdetail_pr->iclientseq; - /* pdetail_pr->iclientseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ + /* pdetail_pr->iclientseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ /* 2014-10-20 LiJia add, for set one stream unorder number */ pdetail_pr->pclient->maxunorder = tcp_default_unorder; @@ -1252,7 +1287,7 @@ static void tcp_free_half(struct half_tcpstream *phalf,int threadnum) //phalf = NULL; } -/* ������֤pindex�Ƿ���plist�� */ +/* ������֤pindex�Ƿ���plist�� */ static int inline stream_in_timeout_list(const struct streamindex *pindex, const struct stream_list *plist) { if(timeout_pending((struct timeout *)&(pindex->timeout))) @@ -1274,8 +1309,8 @@ static void tcp_change_stream_tonouse(struct streamindex *pindex) plist=&(G_MESA_GLOBAL_STREAM[threadnum]->tcpList[pstream->stream_state]); /* 2017-01-03 lijia add, - �����tcp_reset_stream()����ջ��, ������tcp_change_stream_tonouse, - pindex�Ѿ����Ƴ���ǰ����list, �����ټ���ִ��streamleavlist��streamaddlist��. + �����tcp_reset_stream()����ջ��, ������tcp_change_stream_tonouse, + pindex�Ѿ����Ƴ���ǰ����list, �����ټ���ִ��streamleavlist��streamaddlist��. */ if(stream_in_timeout_list(pindex, plist) == 0){ return; @@ -1300,16 +1335,16 @@ static void tcp_change_stream_tonouse(struct streamindex *pindex) pdetail_pr->pserver = NULL; } /* 2017-12-20 lijia add, - ��FIN������������NOUSE״̬, - deal_tcp_stream()ÿ�ζ���TCP_SYN_STATE��TCP_DATA_STATE״̬, - ����TCP_NOUSE_STATE״̬�µ�����̭��ȥ, - ���Դ˴���ɨ��һ��TCP_NOUSE_STATE�ij�ʱ��. + ��FIN������������NOUSE״̬, + deal_tcp_stream()ÿ�ζ���TCP_SYN_STATE��TCP_DATA_STATE״̬, + ����TCP_NOUSE_STATE״̬�µ�����̭��ȥ, + ���Դ˴���ɨ��һ��TCP_NOUSE_STATE�ij�ʱ��. */ del_stream_by_time(plist, pindex, threadnum, STREAM_TYPE_TCP); } -/* ���������tcp�����Ѿ�������, ����Ϊ��TCP_ALL���, ����ʵ�ʻ�����free, ���������ջ���TIMEOUT��KICKOUT���� */ +/* ���������tcp�����Ѿ�������, ����Ϊ��TCP_ALL���, ����ʵ�ʻ�����free, ���������ջ���TIMEOUT��KICKOUT���� */ static inline void tcp_update_should_close_reason_stat(int tid) { sapp_gval_mthread_sys_stat_t *local_sys_stat; @@ -1377,56 +1412,56 @@ int tcp_free_stream(struct streamindex *pindex, const void *this_ip_hdr, const v plist=&(G_MESA_GLOBAL_STREAM[threadnum]->tcpList[pstream->stream_state]); /* TODO 1, - free��ƽ̨��time, list_lruԭ��, ��ʱ����������free, - ����Dz������CLOSEME, ��ֻ�ͷ����pdetail�ڴ�, ���Խ�tcp���ṹ����, Ϊ��FD���ȹ���. + free��ƽ̨��time, list_lruԭ��, ��ʱ����������free, + ����Dz������CLOSEME, ��ֻ�ͷ����pdetail�ڴ�, ���Խ�tcp���ṹ����, Ϊ��FD���ȹ���. - ���Ϊ��������: - tcp_lite_free(); //ֻfree data, ���������ṹ + ���Ϊ��������: + tcp_lite_free(); //ֻfree data, ���������ṹ - tcp_struct_free(); //free Ӧ�ò����� + tcp_struct_free(); //free Ӧ�ò����� - tcp_thorough_free(); // del_stream_by_time(), streamaddlist()ʱ������������Ⱥ���Ҫ����, ������free - // ����tcp_light_free(); tcp_struct_free();�������� + tcp_thorough_free(); // del_stream_by_time(), streamaddlist()ʱ������������Ⱥ���Ҫ����, ������free + // ����tcp_light_free(); tcp_struct_free();�������� TODO 1: - ����ڵ���tcp_deal_unorder()��, �������������kill_tcp, Ӧ���ж�stream_killed_flag���, - ���stream_killed_flag=1, ������İ����ٴ���, ֱ��tcp_free_half()�ͷ�. + ����ڵ���tcp_deal_unorder()��, �������������kill_tcp, Ӧ���ж�stream_killed_flag���, + ���stream_killed_flag=1, ������İ����ٴ���, ֱ��tcp_free_half()�ͷ�. */ - /* 2014-07-24 lijia add, ������ǰ��������� */ - saved_curdir = pstream->curdir; /* 2015-11-16 LiJia add, ���浱ǰ������, �����������Ҫ�ָ���ǰֵ */ + /* 2014-07-24 lijia add, ������ǰ��������� */ + saved_curdir = pstream->curdir; /* 2015-11-16 LiJia add, ���浱ǰ������, �����������Ҫ�ָ���ǰֵ */ if(pclient && (pclient->unorderlist != NULL)){ - pstream->curdir = DIR_S2C; /* ��ʱ�� */ + pstream->curdir = DIR_S2C; /* ��ʱ�� */ tcp_deal_unorder(pindex, pstream, pclient, pserver, !CHECK_ORDER_DATA); } if(pserver && (pserver->unorderlist != NULL)){ - pstream->curdir = DIR_C2S; /* ��ʱ�� */ + pstream->curdir = DIR_C2S; /* ��ʱ�� */ tcp_deal_unorder(pindex, pstream, pserver, pclient, !CHECK_ORDER_DATA); } pstream->curdir = saved_curdir; - pstream_pr->raw_pkt = raw_pkt; /* �������ʱ��̭, ��ֵΪNULL; �����RST������̭, Ϊ��ʵԭʼ�� */ + pstream_pr->raw_pkt = raw_pkt; /* �������ʱ��̭, ��ֵΪNULL; �����RST������̭, Ϊ��ʵԭʼ�� */ if(pstream->stream_state==TCP_DATA_STATE) { if(pdetail_pr->apme!=NULL) { pstream->opstate=OP_STATE_CLOSE; - //tcp stream �ص� + //tcp stream �ص� pkt_ret = stream_process_tcp(pstream, this_ip_hdr, transport_hdr, raw_pkt,&(pdetail_pr->apme),&(pstream->opstate)); pdetail_pr->apme=NULL; } } - //�����κ�״̬�ص�ȫ�������������� + //�����κ�״̬�ص�ȫ�������������� if(pdetail_pr->pAllpktpme!=NULL) { pstream->pktstate=OP_STATE_CLOSE; - //tcp stream �ص� + //tcp stream �ص� #if 0 pkt_ret = stream_process_tcp_allpkt(pstream, this_ip_hdr, transport_hdr, raw_pkt,&(pdetail_pr->pAllpktpme),&(pstream->pktstate)); #else - /* 2017-12-13 lijia modify, TCPALL��Ϊ�ȵ���, ������tcp_free_stream��, ���ֻ��TCPALL���������CLOSE״̬, ���ٸ�ԭʼ��, ָ��̶�ΪNULL, ������ظ��� */ + /* 2017-12-13 lijia modify, TCPALL��Ϊ�ȵ���, ������tcp_free_stream��, ���ֻ��TCPALL���������CLOSE״̬, ���ٸ�ԭʼ��, ָ��̶�ΪNULL, ������ظ��� */ pkt_ret = stream_process_tcp_allpkt(pstream, this_ip_hdr, transport_hdr, raw_pkt, &(pdetail_pr->pAllpktpme),&(pstream->pktstate)); #endif pdetail_pr->pAllpktpme=NULL; @@ -1446,7 +1481,7 @@ int tcp_free_stream(struct streamindex *pindex, const void *this_ip_hdr, const v tcp_free_half(pserver, threadnum); pserver = NULL; } - /* �����������ٴӽṹ���Ƴ�, ��Ϊ���ò��ʱ, ���ܻ����stream_set_single_stream_timeout(), �������ǰ����LRU�����е�λ�� */ + /* �����������ٴӽṹ���Ƴ�, ��Ϊ���ò��ʱ, ���ܻ����stream_set_single_stream_timeout(), �������ǰ����LRU�����е�λ�� */ streamleavlist(pindex, plist); hash_del_stream(pindex); @@ -1458,7 +1493,7 @@ int tcp_free_stream(struct streamindex *pindex, const void *this_ip_hdr, const v - if(pstream_pr->set_special_timeout != 0){ /* ���Ӷ��г�ʱʱ��, ���ټ��� */ + if(pstream_pr->set_special_timeout != 0){ /* ���Ӷ��г�ʱʱ��, ���ټ��� */ sapp_global_mthread[threadnum].tcp_stream_special_timeout_num--; } @@ -1516,7 +1551,7 @@ static int tcp_reset_stream(struct streamindex *pindex,const void *this_iphdr, int ret = 0; sapp_gval_mthread_sys_stat_t *local_sys_stat = &sapp_global_val->mthread_volatile[threadnum]->sys_stat; - //add by lqy 20150107 ���˼��� + //add by lqy 20150107 ���˼��� if(pstream->curdir==DIR_S2C) { pdetail->clientpktnum--; @@ -1552,8 +1587,8 @@ static int tcp_reset_stream(struct streamindex *pindex,const void *this_iphdr, plist=&(G_MESA_GLOBAL_STREAM[threadnum]->tcpList[pstream->stream_state]); - /* 2014-07-24 lijia add, ������ǰ��������� */ - saved_curdir = pstream->curdir; /* 2015-11-16 LiJia add, ���浱ǰ������, �����������Ҫ�ָ���ǰֵ */ + /* 2014-07-24 lijia add, ������ǰ��������� */ + saved_curdir = pstream->curdir; /* 2015-11-16 LiJia add, ���浱ǰ������, �����������Ҫ�ָ���ǰֵ */ if(pdetail_pr->pclient && pdetail_pr->pclient->unorderlist != NULL){ pstream->curdir = DIR_S2C; tcp_deal_unorder(pindex, pstream, pdetail_pr->pclient, pdetail_pr->pserver, !CHECK_ORDER_DATA); @@ -1562,13 +1597,13 @@ static int tcp_reset_stream(struct streamindex *pindex,const void *this_iphdr, pstream->curdir = DIR_C2S; tcp_deal_unorder(pindex, pstream, pdetail_pr->pserver, pdetail_pr->pclient, !CHECK_ORDER_DATA); } - /* tcp_deal_unorder()�������ܻ���pstream_pr->raw_pkt, �˴��ָ�raw_pkt */ + /* tcp_deal_unorder()�������ܻ���pstream_pr->raw_pkt, �˴��ָ�raw_pkt */ pstream_pr->raw_pkt = raw_pkt; pstream->curdir = saved_curdir; /* 2015-02-04 lijia add, - �Ƚ�������ʱ������Ԫ��������̭, ��ǰ��������Ϊ������ԭʼ��, - ������˵��ò���������MESA_kill_xxx, ������pstream_pr->raw_pkt = NULL. + �Ƚ�������ʱ������Ԫ��������̭, ��ǰ��������Ϊ������ԭʼ��, + ������˵��ò���������MESA_kill_xxx, ������pstream_pr->raw_pkt = NULL. */ const raw_pkt_t *saved_raw_pkt = pstream_pr->raw_pkt; pstream_pr->raw_pkt = NULL; @@ -1597,7 +1632,7 @@ static int tcp_reset_stream(struct streamindex *pindex,const void *this_iphdr, if(pdetail_pr->pAllpktpme!=NULL) { pstream->pktstate=OP_STATE_CLOSE; - //tcp stream �ص� + //tcp stream �ص� stream_process_tcp_allpkt(pstream,NULL,NULL,NULL,&(pdetail_pr->pAllpktpme),&(pstream->pktstate)); pdetail_pr->pAllpktpme=NULL; } @@ -1609,16 +1644,16 @@ static int tcp_reset_stream(struct streamindex *pindex,const void *this_iphdr, - /* �����������ٴӽṹ���Ƴ�, ��Ϊ���ò��ʱ, ���ܻ����stream_set_single_stream_timeout(), �������ǰ����LRU�����е�λ�� */ + /* �����������ٴӽṹ���Ƴ�, ��Ϊ���ò��ʱ, ���ܻ����stream_set_single_stream_timeout(), �������ǰ����LRU�����е�λ�� */ streamleavlist(pindex, plist); - /* �ָ�֮ǰ�洢��raw_pkt */ + /* �ָ�֮ǰ�洢��raw_pkt */ pstream_pr->raw_pkt = saved_raw_pkt; - pstream_pr->syn_opt_num = 0; /* ���ѡ����� */ - pstream_pr->synack_opt_num = 0; /* ���ѡ����� */ + pstream_pr->syn_opt_num = 0; /* ���ѡ����� */ + pstream_pr->synack_opt_num = 0; /* ���ѡ����� */ if(pstream_pr->syn_opt_array){ sapp_mem_free(SAPP_MEM_DYN_TCP_SYN_OPT, threadnum, pstream_pr->syn_opt_array); pstream_pr->syn_opt_array = NULL; @@ -1648,7 +1683,7 @@ static int tcp_reset_stream(struct streamindex *pindex,const void *this_iphdr, } if (pstream_pr->set_special_timeout != 0) - { /* ���Ӷ��г�ʱʱ��, ���ټ��� */ + { /* ���Ӷ��г�ʱʱ��, ���ټ��� */ sapp_global_mthread[threadnum].tcp_stream_special_timeout_num--; } if(this_tcphdr->th_flags & TH_SYN){ @@ -1659,7 +1694,7 @@ static int tcp_reset_stream(struct streamindex *pindex,const void *this_iphdr, tcp_add_new_stream_bydata(pindex,this_tcphdr,datalen,REUSE_OLD_LINK, raw_pkt); ret = 1; }else{ - /* 20190506 lijia add, reset֮�������������, ֱ��free�� */ + /* 20190506 lijia add, reset֮�������������, ֱ��free�� */ hash_del_stream(pindex); if(pstream->pdetail != NULL) { @@ -1732,14 +1767,14 @@ static int tcp_deal_syn_stream(struct streamindex *pindex,const raw_pkt_t *raw_p { if (thisack == curseq) { - pstream->dir = DIR_DOUBLE; /* ����dir */ + pstream->dir = DIR_DOUBLE; /* ����dir */ pdetail_pr->link_state = STREAM_LINK_RESET; tcp_free_stream(pindex, this_iphdr, this_tcphdr, raw_pkt); return PASS; } } else - //������������������ + //������������������ if (thisack == curseq) { pstream->dir = DIR_DOUBLE; @@ -1756,11 +1791,11 @@ static int tcp_deal_syn_stream(struct streamindex *pindex,const raw_pkt_t *raw_p return PASS; } } - else //ͬ������ + else //ͬ������ { pdetail_pr->C2S_ack_seq = thisack; pdetail_pr->last_c2s_pkt_rcv_time = ABBR_CURRENT_TIME_MS; - //������ + //������ if (thisseq == curseq) { if ((this_tcphdr->th_flags & TH_RST) && (datalen == 0)) @@ -1769,8 +1804,8 @@ static int tcp_deal_syn_stream(struct streamindex *pindex,const raw_pkt_t *raw_p tcp_free_stream(pindex, this_iphdr, this_tcphdr, raw_pkt); return PASS; } - // add by lqy 20130802 �����������������е������� - //�������ڶ���ack + // add by lqy 20130802 �����������������е������� + //�������ڶ���ack else if ((this_tcphdr->th_flags == TH_ACK) && (datalen == 0)) { pdetail_pr->tcpstateflag = TCP_SYN_RECV; @@ -1796,7 +1831,7 @@ static int tcp_deal_syn_stream(struct streamindex *pindex,const raw_pkt_t *raw_p pdetail_pr->last_c2s_pkt_rcv_time = ABBR_CURRENT_TIME_MS; if ((this_tcphdr->th_flags & TH_RST) && (datalen == 0)) { - pstream->dir = DIR_DOUBLE; /* ����dir */ + pstream->dir = DIR_DOUBLE; /* ����dir */ pdetail_pr->link_state = STREAM_LINK_RESET; tcp_free_stream(pindex, this_iphdr, this_tcphdr, raw_pkt); return PASS; @@ -1811,10 +1846,10 @@ static int tcp_deal_syn_stream(struct streamindex *pindex,const raw_pkt_t *raw_p return PASS; } } - else //ͬ������ + else //ͬ������ { pdetail_pr->last_s2c_pkt_rcv_time = ABBR_CURRENT_TIME_MS; - //����rst + //����rst if ((thisseq == curseq) && (this_tcphdr->th_flags & TH_RST) && (datalen == 0)) { @@ -1824,7 +1859,7 @@ static int tcp_deal_syn_stream(struct streamindex *pindex,const raw_pkt_t *raw_p } } } - // add by lqy 20130805 ˫�����������������������data�� + // add by lqy 20130805 ˫�����������������������data�� else if (pstream->dir == DIR_DOUBLE) { if ((pdetail_pr->tcpstateflag == TCP_SYN_RECV) && (curdir == DIR_C2S)) @@ -1836,11 +1871,11 @@ static int tcp_deal_syn_stream(struct streamindex *pindex,const raw_pkt_t *raw_p } } } - //syn�ش� + //syn�ش� /* TODO, - ��Ԫ����ͬ������SYN��, ��Ҫ��һ���ж�SEQ�Ƿ�һ�²������ش�, ��������Ԫ������, - ��Ҫreset. + ��Ԫ����ͬ������SYN��, ��Ҫ��һ���ж�SEQ�Ƿ�һ�²������ش�, ��������Ԫ������, + ��Ҫreset. */ if(this_tcphdr->th_flags == TH_SYN) { @@ -1868,32 +1903,32 @@ static void tcp_half_handle_ack_and_seq(struct half_tcpstream *phalf, struct mes rcv = phalf; - //���տ�ʼ��ack_seq��Ϊ0����ʱֱ�ӽ���ͷ��ack_seq��ֵ��rcv->ack_seq + //���տ�ʼ��ack_seq��Ϊ0����ʱֱ�ӽ���ͷ��ack_seq��ֵ��rcv->ack_seq if (0 == *cur_half_stream_ack) *cur_half_stream_ack = ntohl(this_tcphdr->th_ack); else { ackdiff = (int)(ntohl (this_tcphdr->th_ack) - *cur_half_stream_ack); -#if 0 /* 20160930 lijia modify, �������뾯�� */ - if (ackdiff > 0 || ackdiff < -(2 << 30)) //��ֹ�ش�����Խ������� +#if 0 /* 20160930 lijia modify, �������뾯�� */ + if (ackdiff > 0 || ackdiff < -(2 << 30)) //��ֹ�ش�����Խ������� #else - if (ackdiff > 0 || ackdiff < (int)0x80000000) //��ֹ�ش�����Խ������� + if (ackdiff > 0 || ackdiff < (int)0x80000000) //��ֹ�ش�����Խ������� #endif { *cur_half_stream_ack = ntohl (this_tcphdr->th_ack); } } - //ͬ�� + //ͬ�� if (0 == rcv->seq) rcv->seq = ntohl(this_tcphdr->th_seq); else { seqdiff = (int)(ntohl(this_tcphdr->th_seq) - rcv->seq); -#if 0 /* 20160930 lijia modify, �������뾯��, ʹ��������0x80000000 */ +#if 0 /* 20160930 lijia modify, �������뾯��, ʹ��������0x80000000 */ if (seqdiff > 0 || seqdiff < -(2 << 30)) #else - if (seqdiff > 0 || seqdiff < (int)0x80000000) //��ֹ�ش�����Խ������� + if (seqdiff > 0 || seqdiff < (int)0x80000000) //��ֹ�ش�����Խ������� #endif { rcv->seq = ntohl(this_tcphdr->th_seq); @@ -1948,7 +1983,7 @@ static int tcp_deal_ack(struct streaminfo *a_tcp,struct mesa_tcp_hdr *this_tcphd { phalf=pdetail_pr->pclient; phother=pdetail_pr->pserver; - /* 2017-08-02 lijia modify, ��¼�����һ��ACK��, ��ack_seqһ����Լ�����������Բ���������� */ + /* 2017-08-02 lijia modify, ��¼�����һ��ACK��, ��ack_seqһ����Լ�����������Բ���������� */ if(0 == pdetail_pr->S2C_first_ack_seq){ pdetail_pr->S2C_first_ack_seq = ntohl (this_tcphdr->th_ack); } @@ -1959,12 +1994,12 @@ static int tcp_deal_ack(struct streaminfo *a_tcp,struct mesa_tcp_hdr *this_tcphd { phalf=pdetail_pr->pserver; phother=pdetail_pr->pclient; - /* 2017-08-02 lijia add, C2S��������ȡ�Զ�ISN */ + /* 2017-08-02 lijia add, C2S��������ȡ�Զ�ISN */ if((0 == pdetail_pr->iclientseq) - &&(ntohl(this_tcphdr->th_seq) == pdetail_pr->iserverseq)){ /* C2S����SYN����ĵ�һ��ACK�� */ + &&(ntohl(this_tcphdr->th_seq) == pdetail_pr->iserverseq)){ /* C2S����SYN����ĵ�һ��ACK�� */ pdetail_pr->iclientseq = ntohl (this_tcphdr->th_ack); } - /* 2017-08-02 lijia modify, ��¼�����һ��ACK��, ��ack_seqһ����Լ�����������Բ���������� */ + /* 2017-08-02 lijia modify, ��¼�����һ��ACK��, ��ack_seqһ����Լ�����������Բ���������� */ if(0 == pdetail_pr->C2S_first_ack_seq){ pdetail_pr->C2S_first_ack_seq = ntohl (this_tcphdr->th_ack); } @@ -1972,23 +2007,23 @@ static int tcp_deal_ack(struct streaminfo *a_tcp,struct mesa_tcp_hdr *this_tcphd cur_half_stream_ack = &pdetail_pr->C2S_ack_seq; } - /* 2017-08-03 lijia add, ������, ������ack�ƶϳ��Բ�������Ӧ���յ������� */ + /* 2017-08-03 lijia add, ������, ������ack�ƶϳ��Բ�������Ӧ���յ������� */ if(DIR_C2S == a_tcp->dir){ pdetail = a_tcp->ptcpdetail; //pdetail->clientbytes = pdetail_pr->C2S_ack_seq - pdetail_pr->C2S_first_ack_seq; if(G_TCP_DEDUCE_FLOW_STAT_PROJECT_ID != -1){ - pdetail_pr->deduce_flow_stat->C2S_data_byte = pdetail->serverbytes; /* ���������˸������ṹ���еı��� */ - pdetail_pr->deduce_flow_stat->C2S_data_pkt = pdetail->serverpktnum;/* ���������˸������ṹ���еı��� */ + pdetail_pr->deduce_flow_stat->C2S_data_byte = pdetail->serverbytes; /* ���������˸������ṹ���еı��� */ + pdetail_pr->deduce_flow_stat->C2S_data_pkt = pdetail->serverpktnum;/* ���������˸������ṹ���еı��� */ - pdetail_pr->deduce_flow_stat->S2C_all_byte = pdetail_pr->C2S_ack_seq - pdetail_pr->C2S_first_ack_seq; /* �ƶϳ��Ľ��, all��data��һ����, ��û��pkt */ - pdetail_pr->deduce_flow_stat->S2C_data_byte = pdetail_pr->C2S_ack_seq - pdetail_pr->C2S_first_ack_seq; /* �ƶϳ��Ľ��, all��data��һ����, ��û��pkt */ + pdetail_pr->deduce_flow_stat->S2C_all_byte = pdetail_pr->C2S_ack_seq - pdetail_pr->C2S_first_ack_seq; /* �ƶϳ��Ľ��, all��data��һ����, ��û��pkt */ + pdetail_pr->deduce_flow_stat->S2C_data_byte = pdetail_pr->C2S_ack_seq - pdetail_pr->C2S_first_ack_seq; /* �ƶϳ��Ľ��, all��data��һ����, ��û��pkt */ } }else if(DIR_S2C == a_tcp->dir){ pdetail = a_tcp->ptcpdetail; //pdetail->serverbytes = pdetail_pr->C2S_ack_seq - pdetail_pr->C2S_first_ack_seq; if(G_TCP_DEDUCE_FLOW_STAT_PROJECT_ID != -1){ - pdetail_pr->deduce_flow_stat->S2C_data_byte = pdetail->clientbytes; /* ���������˸������ṹ���еı��� */ - pdetail_pr->deduce_flow_stat->S2C_data_pkt = pdetail->clientpktnum;/* ���������˸������ṹ���еı��� */ + pdetail_pr->deduce_flow_stat->S2C_data_byte = pdetail->clientbytes; /* ���������˸������ṹ���еı��� */ + pdetail_pr->deduce_flow_stat->S2C_data_pkt = pdetail->clientpktnum;/* ���������˸������ṹ���еı��� */ pdetail_pr->deduce_flow_stat->C2S_all_byte = pdetail_pr->S2C_ack_seq - pdetail_pr->S2C_first_ack_seq; pdetail_pr->deduce_flow_stat->C2S_data_byte = pdetail_pr->S2C_ack_seq - pdetail_pr->S2C_first_ack_seq; @@ -2033,19 +2068,19 @@ static void tcp_set_new_data(struct streaminfo *a_tcp,struct half_tcpstream * if(is_ctrl_pkt==0) { - //��һ��������Ŀ������ش������dz��ȱ�ԭ���� + //��һ��������Ŀ������ش������dz��ȱ�ԭ���� if(this_seq< EXP_SEQ) { havelen = EXP_SEQ - this_seq; if (datalen - havelen > 0) { - //20150225 ��¼�ص��ij��� + //20150225 ��¼�ص��ij��� pdetail_pr->tcpoverlen=havelen; len_new= datalen - havelen; pdata_new=data+havelen; } } - else //����ı��� + else //����ı��� { len_new=datalen; pdata_new=data; @@ -2104,12 +2139,12 @@ static void tcp_set_new_data(struct streaminfo *a_tcp,struct half_tcpstream * /* LiJia add, to do: - �����Ϊ��������, 1,2,3,4,x,6, ��5��������, ��6����������, - �����6��������������Ϣ, ��Ҫkill_tcp, - ����5��������ʱ, streaminfo��洢�Ķ��ǵ�5��������Ϣ, - Ȼ���ٴ��������е�6����������, ��ʱ����kill_tcp, ��ز����Dz��Ե�, - ʵ�ʵ�seq��ackʹ�õ��ǵ�5������! - Ӧ��ʹ��buf_unorder�е�seq��ack, �����ǵ�ǰ����ԭʼ��. + �����Ϊ��������, 1,2,3,4,x,6, ��5��������, ��6����������, + �����6��������������Ϣ, ��Ҫkill_tcp, + ����5��������ʱ, streaminfo��洢�Ķ��ǵ�5��������Ϣ, + Ȼ���ٴ��������е�6����������, ��ʱ����kill_tcp, ��ز����Dz��Ե�, + ʵ�ʵ�seq��ackʹ�õ��ǵ�5������! + Ӧ��ʹ��buf_unorder�е�seq��ack, �����ǵ�ǰ����ԭʼ��. */ #if 0 int tcp_save_unorder(struct streaminfo *a_tcp,struct half_tcpstream *rcv,char *rawdata,int rawlen,struct mesa_tcp_hdr *this_tcphdr,int tcpdatalen) @@ -2229,7 +2264,7 @@ static int tcp_deal_unorder(struct streamindex *pindex,struct streaminfo *a_tcp, if (after (unorder_packet->seq + unorder_packet->tcpdatalen+unorder_packet->fin+unorder_packet->rst, EXP_SEQ)) { - /* 2015-01-13 lijia add, ��������������kill_tcp��inject��غ���, ��Ҫ����ԭʼ����Ϣ */ + /* 2015-01-13 lijia add, ��������������kill_tcp��inject��غ���, ��Ҫ����ԭʼ����Ϣ */ update_stream_list_raw_pkt_pointer(a_tcp_pr, &unorder_packet->raw_pkt); if(unorder_packet->rst )//add by lqy 20100805) @@ -2252,14 +2287,14 @@ static int tcp_deal_unorder(struct streamindex *pindex,struct streaminfo *a_tcp, stream_process_tcp(a_tcp,unorder_packet->this_ip_hdr, unorder_packet->this_tcp_hdr, &(unorder_packet->raw_pkt),&(pdetail_pr->apme),&(a_tcp->opstate)); } a_tcp->addr.pkttype=tmpktype; - /* 2016-05-12 lijia add, ��������������unorder_list����BUG, �˴�Ӧ��������nouse״̬ */ + /* 2016-05-12 lijia add, ��������������unorder_list����BUG, �˴�Ӧ��������nouse״̬ */ if(STREAM_LINK_DATA == last_link_state){ tcp_update_should_close_reason_stat(a_tcp->threadnum); tcp_change_stream_tonouse(pindex); ret = DROP; goto done; } - /* ��Ϊ������update_stream_list_raw_pkt_pointer, �˴����ܷ���, �Ȼָ�ԭʼ��ָ�� */ + /* ��Ϊ������update_stream_list_raw_pkt_pointer, �˴����ܷ���, �Ȼָ�ԭʼ��ָ�� */ ret = PASS; goto done; } @@ -2277,13 +2312,13 @@ static int tcp_deal_unorder(struct streamindex *pindex,struct streaminfo *a_tcp, orderflag = CHECK_ORDER_DATA; } - //get tcp��data��len + //get tcp��data��len tcp_set_new_data(a_tcp,rcv,snd,(u_char *)(unorder_packet->tcpdata), unorder_packet->tcpdatalen,unorder_packet->seq,unorder_packet->fin, 0); if(unorder_packet->tcpdatalen >0) { - /* 2021-04-29 lijia add, ���������Kill_tcp,����������MSO_DROP_STREAM, �������ݴ�������, Ҳ���ٵ��ò�� */ + /* 2021-04-29 lijia add, ���������Kill_tcp,����������MSO_DROP_STREAM, �������ݴ�������, Ҳ���ٵ��ò�� */ if((0 == a_tcp_pr->stream_killed_flag) && (0 == pdetail_pr->drop_stream_flag)){ tmpktype=a_tcp->addr.pkttype; a_tcp->addr.pkttype = PKT_TYPE_TCPREORDER; @@ -2303,13 +2338,13 @@ static int tcp_deal_unorder(struct streamindex *pindex,struct streaminfo *a_tcp, tcp_clear_newdata(a_tcp,rcv); } - //���ֵ���Ϣ���������� + //���ֵ���Ϣ���������� //if(ret!=PASS) - /* 2015-01-16 lijia modify, ����ģʽ��, ���������Kill_tcp(), �����᷵��DROP, Ϊ������������Կ��Կ����˰� */ + /* 2015-01-16 lijia modify, ����ģʽ��, ���������Kill_tcp(), �����᷵��DROP, Ϊ������������Կ��Կ����˰� */ //if((ret!=PASS) || (a_tcp_pr->stream_killed_flag != 0)) - if((a_tcp_pr->stream_killed_flag != 0) || (pdetail_pr->drop_stream_flag != 0)) /* 2015-11-02 lqy modify, ������������жϷ���ֵ */ + if((a_tcp_pr->stream_killed_flag != 0) || (pdetail_pr->drop_stream_flag != 0)) /* 2015-11-02 lqy modify, ������������жϷ���ֵ */ { - /* ��Ϊ������update_stream_list_raw_pkt_pointer, �˴����ܷ���, �Ȼָ�ԭʼ��ָ�� */ + /* ��Ϊ������update_stream_list_raw_pkt_pointer, �˴����ܷ���, �Ȼָ�ԭʼ��ָ�� */ goto done; } } @@ -2380,7 +2415,7 @@ static int tcp_deal_data(struct streamindex *pindex,const void *this_iphdr,const if (!after (this_seq, EXP_SEQ)) { - //�������ݰ� + //�������ݰ� if (after(this_seq + datalen + (this_tcphdr->th_flags & TH_FIN), EXP_SEQ)) { @@ -2390,16 +2425,16 @@ static int tcp_deal_data(struct streamindex *pindex,const void *this_iphdr,const ret=stream_process_tcp(pstream,this_iphdr,(const void *)this_tcphdr, raw_pkt,&(pdetail_pr->apme),&(pstream->opstate)); //tcp_clear_newdata(pstream,rcv); /* 2016-09-12 lijia move to outside if(datalen > 0) */ } - tcp_clear_newdata(pstream,rcv); /* 2016-09-12 lijia move to here, ����datalen�Ƿ�>0, ��Ϊ������tcp_set_new_data, ����Ҫ����clear */ + tcp_clear_newdata(pstream,rcv); /* 2016-09-12 lijia move to here, ����datalen�Ƿ�>0, ��Ϊ������tcp_set_new_data, ����Ҫ����clear */ -#if 0 /* lqy 2015-11-02 modify, ��������Ĵ������, ��Ӱ�쵱ǰ���ķ���ֵ */ +#if 0 /* lqy 2015-11-02 modify, ��������Ĵ������, ��Ӱ�쵱ǰ���ķ���ֵ */ if(ret==PASS) { ret = tcp_deal_unorder(pindex,pstream,rcv,snd,CHECK_ORDER_DATA); } #else - /* 2020-04-24 lijia modify, ���ret=stream_process_tcp����ֵ��DROP, tcp_deal_unorder()����ֵ��PASS, ��ǰ������PASS, �����CT��! */ + /* 2020-04-24 lijia modify, ���ret=stream_process_tcp����ֵ��DROP, tcp_deal_unorder()����ֵ��PASS, ��ǰ������PASS, �����CT��! */ ret_unorder = tcp_deal_unorder(pindex,pstream,rcv,snd,CHECK_ORDER_DATA); #endif if((DROP == ret_unorder) || (DROP == ret)){ @@ -2407,11 +2442,11 @@ static int tcp_deal_data(struct streamindex *pindex,const void *this_iphdr,const } return ret; } - //����ԭ����������ݰ��Ƿ��Ѿ������д��� + //����ԭ����������ݰ��Ƿ��Ѿ������д��� } else { - //�������ݰ����� + //�������ݰ����� tcp_save_unorder(pstream,rcv,this_iphdr,raw_pkt,this_tcphdr,tcpdata, datalen); if(rcv->unorder_cnt > rcv->maxunorder) { @@ -2424,9 +2459,9 @@ static int tcp_deal_data(struct streamindex *pindex,const void *this_iphdr,const /* 2017-10-16 lijia add, - �ж�NOUSE״̬��, �յ�SYN, SYN/ACK�������Ԫ������, ���������ش�, �������۵��µ�ʱ�����. + �ж�NOUSE״̬��, �յ�SYN, SYN/ACK�������Ԫ������, ���������ش�, �������۵��µ�ʱ�����. TODO: - ���ӳ�ʱ�ж�, ����ͳ�Ʒ���, ��������Ԫ������ͨ������30������. + ���ӳ�ʱ�ж�, ����ͳ�Ʒ���, ��������Ԫ������ͨ������30������. */ static inline int tcp_tuple4_reuse(const struct streaminfo *pstream, const struct tcpdetail_private *pdetail_pr, const struct mesa_tcp_hdr *this_tcphdr) { @@ -2450,7 +2485,7 @@ static inline int tcp_tuple4_reuse(const struct streaminfo *pstream, const struc /* lijia 2017-12-06 add */ if((1 == is_reuse) && (sapp_global_val->config.stream.tcp.tuple4_reuse_time_interval > 0)){ if(pdetail_pr->tcpdetail_public.createtime + sapp_global_val->config.stream.tcp.tuple4_reuse_time_interval >= (UINT64)g_CurrentTime){ - is_reuse = 0; /* ��Ԫ����ͬ, ����Ų�ͬ�����������ʱ��̫��, һ��30������, ���ƹ��������� */ + is_reuse = 0; /* ��Ԫ����ͬ, ����Ų�ͬ�����������ʱ��̫��, һ��30������, ���ƹ��������� */ } } @@ -2502,7 +2537,7 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd pcurhalf->pktcout++; curseq=pcurhalf->first_data_seq + pcurhalf->count_ideal ; thisseq=ntohl (this_tcphdr->th_seq); - //�ش������� + //�ش������� //if((thisseq<curseq)&&(thisseq+datalen<=curseq)&&(!(this_tcphdr->th_flags & TH_SYN))){ // modify by lqy 20150325 if(before(thisseq,curseq)&&before(thisseq+datalen,curseq+1)&&(!(th_flags & TH_SYN))){ pstream->addr.pkttype = PKT_TYPE_TCPRETRANS; @@ -2532,7 +2567,7 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd //syn+rst drop packet if(th_flags & TH_SYN) return PASS; - //�����rst���� + //�����rst���� //if((thisseq-curseq<=1)&&(datalen==0)) if(before(thisseq, curseq+2)&&(datalen==0))//modify by lqy 20150325 { @@ -2556,13 +2591,13 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd return PASS; } - //�����rst���ģ��������δ�������ᶪ���������Ѿ���������������� + //�����rst���ģ��������δ�������ᶪ���������Ѿ���������������� } - //���Ӹ��� + //���Ӹ��� if (th_flags & TH_SYN) { - //syn�ش� add by lqy 20100808 + //syn�ش� add by lqy 20100808 if((datalen>0) || ((UINT32)thisseq+1 == rcv->first_data_seq) || ((UINT32)thisseq==rcv->first_data_seq)) { pstream->addr.pkttype = PKT_TYPE_TCPRETRANS; @@ -2579,11 +2614,11 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd return PASS; }else{ /* 2017-12-19 lijia add, - ��SYN�ش�, Ҫ�жϳ�ʱʱ��, �پ����Ƿ���Ԫ���������õ�ǰ���� , - ������һ���յ���, ��������3��, ������̫��������Ԫ������, - ��Ϊ�Ƕ�������. + ��SYN�ش�, Ҫ�жϳ�ʱʱ��, �پ����Ƿ���Ԫ���������õ�ǰ���� , + ������һ���յ���, ��������3��, ������̫��������Ԫ������, + ��Ϊ�Ƕ�������. - ��������ͳ��ֵ, ��Ԫ�������������ӵ�ʱ����һ���ڷ��Ӽ�. + ��������ͳ��ֵ, ��Ԫ�������������ӵ�ʱ����һ���ڷ��Ӽ�. */ if(tcp_tuple4_reuse(pstream, pdetail_pr, this_tcphdr) == 0){ return PASS; @@ -2591,7 +2626,7 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd } //adjust by lqy 20150107 //if(thisseq==rcv->first_data_seq) return PASS; - //add by lqy 20110507 syn�����ݵ���Ϊ�ǹ������� + //add by lqy 20110507 syn�����ݵ���Ϊ�ǹ������� //if(datalen>0) return PASS; //return PASS; if(th_flags & TH_RST) @@ -2602,21 +2637,21 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd pdetail_pr->link_state=STREAM_LINK_REUSE_BYSYN; pstream->opstate= OP_STATE_CLOSE; -#if 0 //del by lqy 20150107 tcp_reset_stream����������������� +#if 0 //del by lqy 20150107 tcp_reset_stream����������������� ret=stream_process_tcp(pstream,raw_pkt,&(pdetail_pr->apme),&(pstream->opstate)); #endif tcp_reset_stream(pindex,this_iphdr,this_tcphdr,datalen,raw_pkt); return PASS; } - if(datalen + (th_flags & TH_FIN) +(th_flags & TH_RST)> 0)//����TCP���� + if(datalen + (th_flags & TH_FIN) +(th_flags & TH_RST)> 0)//����TCP���� { tcpdata=(unsigned char*)(this_tcphdr) + 4 * this_tcphdr->th_off; ret=tcp_deal_data(pindex,this_iphdr,raw_pkt,this_tcphdr,tcpdata,datalen); -/* 2016-05-12 lijia modify, ��������������unorder_list����BUG, ��ǰ������Ѿ���CLOSE״̬, �˴�Ӧ������return, ���ü���ִ�� */ +/* 2016-05-12 lijia modify, ��������������unorder_list����BUG, ��ǰ������Ѿ���CLOSE״̬, �˴�Ӧ������return, ���ü���ִ�� */ - //���ϲ�ر����ӣ����ߴ������������rst���� + //���ϲ�ر����ӣ����ߴ������������rst���� if((pstream->opstate==OP_STATE_CLOSE)&&(pdetail_pr->link_state!=STREAM_LINK_RESET)) { tcp_change_stream_tonouse(pindex); @@ -2626,12 +2661,12 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd if(ret==DROP) return DROP; } - //add by lqy 20120922 �ϲ���Ҫack����Ϣʱ�ϴ��������ݵı��� + //add by lqy 20120922 �ϲ���Ҫack����Ϣʱ�ϴ��������ݵı��� else if(pdetail_pr->needackflag!=0) { ret=stream_process_tcp(pstream,this_iphdr,this_tcphdr, raw_pkt,&(pdetail_pr->apme),&(pstream->opstate)); - //���ϲ�ر����ӣ����ߴ������������rst���� - /* 2017-08-01 lijia modify, ��Ҫ�ж�TCPALL���״̬, ����ֻ����TCPALL���ʱ, opstate�Ѿ���CLOSE��, ��������NOUSE̬ */ + //���ϲ�ر����ӣ����ߴ������������rst���� + /* 2017-08-01 lijia modify, ��Ҫ�ж�TCPALL���״̬, ����ֻ����TCPALL���ʱ, opstate�Ѿ���CLOSE��, ��������NOUSE̬ */ if((pstream->opstate==OP_STATE_CLOSE) && (OP_STATE_CLOSE == pstream->pktstate) &&(pdetail_pr->link_state!=STREAM_LINK_RESET)) @@ -2662,13 +2697,13 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd pdetail_pr->link_state=STREAM_LINK_CLOSE; finclose=1; } - //��������ݵ�rst����Ҫ�ر� + //��������ݵ�rst����Ҫ�ر� if ((th_flags & TH_RST)&&(thisseq==curseq) &&(datalen!=0)) { pdetail_pr->link_state=STREAM_LINK_RESET; finclose=1; } - /* 2015-11-12 lijia add, ������RST, FIN���������� */ + /* 2015-11-12 lijia add, ������RST, FIN���������� */ if(pdetail_pr->ignore_rst_fin != 0){ finclose = 0; } @@ -2677,7 +2712,7 @@ static int tcp_deal_data_stream(struct streamindex *pindex,const void *this_iphd pstream->opstate = OP_STATE_CLOSE; ret=stream_process_tcp(pstream,this_iphdr,this_tcphdr, raw_pkt,&(pdetail_pr->apme),&(pstream->opstate)); - //adjust by lqy �����ȫ�����յĺ�������ʱ + //adjust by lqy �����ȫ�����յĺ�������ʱ if(pstream->pktstate!=OP_STATE_CLOSE) { tcp_update_should_close_reason_stat(pstream->threadnum); @@ -2700,7 +2735,7 @@ static int tcp_deal_nouse_stream(struct streamindex *pindex,const void *this_iph struct tcpdetail_private *pdetail_pr=(struct tcpdetail_private *)pstream->pdetail; //add by lqy 20141213 - //����ǿ�ack���������ӣ�Ӧ�ò�δ������,��ָ������������з��� + //����ǿ�ack���������ӣ�Ӧ�ò�δ������,��ָ������������з��� //if((pstream->opstate == OP_STATE_PENDING) && (datalen>0)) //modify by lqy 20150325 if((pstream->opstate == OP_STATE_PENDING) && (datalen>0) @@ -2713,10 +2748,10 @@ static int tcp_deal_nouse_stream(struct streamindex *pindex,const void *this_iph } - //fin��rst���п����������ģ�����ڴ˴���̭�����������п��ܻ����ȥ�������ݽ������ӣ���˲���̭ + //fin��rst���п����������ģ�����ڴ˴���̭�����������п��ܻ����ȥ�������ݽ������ӣ���˲���̭ - //���Ӹ��� add by lqy 20150210 �������Ӻ��������ʱ�ָܻ���data������ - //add by lqy 20130822 �������а������յĺ�������ʱ������������̭ + //���Ӹ��� add by lqy 20150210 �������Ӻ��������ʱ�ָܻ���data������ + //add by lqy 20130822 �������а������յĺ�������ʱ������������̭ if (this_tcphdr->th_flags & TH_SYN) { if(1 == tcp_tuple4_reuse(pstream, pdetail_pr, this_tcphdr)){ @@ -2773,33 +2808,48 @@ static char tcp_process_newstreambydata(struct streamindex *pindex_tcp,const voi pdetail->serverbytes+=tcplen; pdetail->serverpktnum++; } + int frag_cnt = 0, frag_len = 0; + stream_get_scratch_frag_stat(pstream, &frag_cnt, &frag_len); if(G_TCP_FLOW_STAT_PROJECT_ID != -1){ if(DIR_S2C == pstream->curdir){ - pdetail_pr->flow_stat->S2C_all_pkt++; - pdetail_pr->flow_stat->S2C_all_byte += tcplen; - pdetail_pr->flow_stat->S2C_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->C2S_ip_fragment_pkt++; + pdetail_pr->flow_stat->S2C_all_pkt+=MAX(1, frag_cnt); + pdetail_pr->flow_stat->S2C_all_byte += MAX(tcplen, frag_len); + pdetail_pr->flow_stat->S2C_all_byte_raw += MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes, frag_len); + pdetail_pr->flow_stat->S2C_ip_fragment_pkt+=MAX(1, frag_cnt); + } + else + { + pdetail_pr->flow_stat->S2C_all_pkt++; + pdetail_pr->flow_stat->S2C_all_byte += tcplen; + pdetail_pr->flow_stat->S2C_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; } }else{ - pdetail_pr->flow_stat->C2S_all_pkt++; - pdetail_pr->flow_stat->C2S_all_byte += tcplen; - pdetail_pr->flow_stat->C2S_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; + if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->S2C_ip_fragment_pkt++; + pdetail_pr->flow_stat->C2S_all_pkt+=MAX(1, frag_cnt); + pdetail_pr->flow_stat->C2S_all_byte += MAX(tcplen, frag_len); + pdetail_pr->flow_stat->C2S_all_byte_raw += MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes, frag_len); + pdetail_pr->flow_stat->C2S_ip_fragment_pkt+=MAX(1, frag_cnt); + } + else + { + pdetail_pr->flow_stat->C2S_all_pkt++; + pdetail_pr->flow_stat->C2S_all_byte += tcplen; + pdetail_pr->flow_stat->C2S_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; } } } - //�½����ӱ����ȵ���all���� + //�½����ӱ����ȵ���all���� ret=tcp_processallpkt(pstream,this_iphdr,this_tcphdr,tcplen,raw_pkt); if(DROP == ret){ /* 2016-06-08 lijia add, - for HMD, ������й���ǰ����kill, �������ٵ��ú������. + for HMD, ������й���ǰ����kill, �������ٵ��ú������. */ return DROP; } @@ -2829,7 +2879,7 @@ static int deal_tcp_stream_dup_pkt_check(int tid, struct streaminfo_private *pst if ((ADDR_TYPE_IPV4 == pstream_pr->stream_public.addr.addrtype) && (dup_pkt_para->dup_pkt_distinguish_ipv4_tcp || dup_pkt_para->dup_pkt_distinguish_all_inject)) { - // ����ԭʼ�����, ֻ�ж�ǰN����, ���û�����ظ�����, ����Ϊ�Ժ�Ķ������ظ���! + // ����ԭʼ�����, ֻ�ж�ǰN����, ���û�����ظ�����, ����Ϊ�Ժ�Ķ������ظ���! if((0 == pstream_pr->has_duplicate_pkt) && (ptcpdetail_pr->tcpdetail_public.clientpktnum+ptcpdetail_pr->tcpdetail_public.serverpktnum >= dup_pkt_para->first_packets)){ dup_check_enabled = 0; @@ -2838,7 +2888,7 @@ static int deal_tcp_stream_dup_pkt_check(int tid, struct streaminfo_private *pst } } - /* 24.04: ����IPv6��˵, ��Ϊ��֧��ԭʼ�����ظ����, ����ע���ʶ��Ҳ��֧�ֿ���·��. */ + /* 24.04: ����IPv6��˵, ��Ϊ��֧��ԭʼ�����ظ����, ����ע���ʶ��Ҳ��֧�ֿ���·��. */ if ((ADDR_TYPE_IPV6 == pstream_pr->stream_public.addr.addrtype) && (dup_pkt_para->dup_pkt_distinguish_all_inject != 0)) { @@ -2864,9 +2914,9 @@ static int deal_tcp_tfo(struct streaminfo *pstream, const void *this_iphdr, stru if(NULL == pdetail_pr->pserver){ pdetail_pr->pserver=(struct half_tcpstream *)sapp_mem_malloc(SAPP_MEM_DYN_TCP_HALF_STREAM,pstream->threadnum,sizeof(struct half_tcpstream)); memset(pdetail_pr->pserver,0,sizeof(struct half_tcpstream)); - //������ + //������ pdetail_pr->pserver->first_data_seq=pdetail_pr->iserverseq; - /* pdetail_pr->iserverseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ + /* pdetail_pr->iserverseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ /* 2014-10-20 LiJia add, for set one stream unorder number */ pdetail_pr->pserver->maxunorder = tcp_default_unorder; @@ -2879,9 +2929,9 @@ static int deal_tcp_tfo(struct streaminfo *pstream, const void *this_iphdr, stru if(NULL == pdetail_pr->pclient){ pdetail_pr->pclient=(struct half_tcpstream *)sapp_mem_malloc(SAPP_MEM_DYN_TCP_HALF_STREAM,pstream->threadnum,sizeof(struct half_tcpstream)); memset(pdetail_pr->pclient,0,sizeof(struct half_tcpstream)); - //������ + //������ pdetail_pr->pclient->first_data_seq=pdetail_pr->iclientseq; - /* pdetail_pr->iclientseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ + /* pdetail_pr->iclientseq=0; */ /* 2016-04-27 lijia modify, ���ڻ�ȡ��ǰ����ISN */ /* 2014-10-20 LiJia add, for set one stream unorder number */ pdetail_pr->pclient->maxunorder = tcp_default_unorder; @@ -2895,7 +2945,7 @@ static int deal_tcp_tfo(struct streaminfo *pstream, const void *this_iphdr, stru return ret; } -/* LiJia comment: pstreamָ��ջ����ڴ� */ +/* LiJia comment: pstreamָ��ջ����ڴ� */ //int deal_tcp_stream(struct streamindex *pstream,struct mesa_tcp_hdr *this_tcphdr,int tcplen,const void *rawippkt,int iplen) static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, struct mesa_tcp_hdr *this_tcphdr, int tcplen,const raw_pkt_t *raw_pkt, int offset_to_raw_pkt_hdr) @@ -2908,12 +2958,12 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s struct streaminfo_private *pstream_pr = &pindex->stream; struct streaminfo *pstream = &pstream_pr->stream_public; int try_to_update_addr_info = 0; - int call_tcpall_after_reset = 0; /* 2019-10-18 lijia modify, ��ǰ����reset֮��,��֤�ȵ���tcpall,�ٵ���tcp */ + int call_tcpall_after_reset = 0; /* 2019-10-18 lijia modify, ��ǰ����reset֮��,��֤�ȵ���tcpall,�ٵ���tcp */ sapp_gval_mthread_sys_stat_t *local_sys_stat = &sapp_global_val->mthread_volatile[pstream->threadnum]->sys_stat; pindex_tcp = findstreamindex (pindex, raw_pkt); if(unlikely(!pindex_tcp)){ - /* ÿ�������װ�������, Ҳ����֪�Ƿ��ظ�, ��Ҫ����bloom filter */ + /* ÿ�������װ�������, Ҳ����֪�Ƿ��ظ�, ��Ҫ����bloom filter */ if((ADDR_TYPE_IPV4 == pstream->addr.addrtype) && sapp_global_val->config.packet_io.dup_pkt_para.dup_pkt_distinguish_ipv4_tcp){ sapp_dup_pkt_mark_l4(pstream, this_iphdr, (const void *)this_tcphdr); @@ -2956,13 +3006,13 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s else { /* 2017-12-07 lijia add, - TCPRFC�涨, �����ӻ�δ�����������, �յ��Զ˵����ݰ�, ��Ӧ��RST�����Ϊ0, - ���һ�����ĵ�һ����, ���Ǹ�seq=0��RST��, ��ʱ����������, ������. + TCPRFC�涨, �����ӻ�δ�����������, �յ��Զ˵����ݰ�, ��Ӧ��RST�����Ϊ0, + ���һ�����ĵ�һ����, ���Ǹ�seq=0��RST��, ��ʱ����������, ������. */ if((this_tcphdr->th_flags & TH_RST) && (0 == this_tcphdr->th_seq)){ return PASS; } - //add by lqy 20141213ȫ���ӿ��²���tcplen=0�İ������� + //add by lqy 20141213ȫ���ӿ��²���tcplen=0�İ������� if((tcplen==0)&&(tcp_support_all==TCP_SUPPORT_ENTRYALL_OFF)) return PASS; if(TCP_CTEAT_LINK_BYDATA & tcp_creatlink_model ) @@ -2974,7 +3024,7 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s pstream_pr = &pindex_tcp->stream; pstream = &pstream_pr->stream_public; pstream_pr->raw_pkt = raw_pkt; //add by lijia 20171206 - //add by lqy 20150114 �½��������ӱ����ȵ���all���� + //add by lqy 20150114 �½��������ӱ����ȵ���all���� if(pstream_pr->under_ddos_bypass) { local_sys_stat->count[SAPP_STAT_TCP_BYPASS_STREAM]++; @@ -3012,7 +3062,7 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s // pindex_tcp->stream.offset_to_raw_pkt_hdr = (char *)this_tcphdr - (char *)raw_pkt->raw_pkt_data; //pstream_pr->offset_to_raw_pkt_hdr = offset_to_raw_pkt_hdr; pstream_pr->raw_pkt = raw_pkt; /* 2014-12-30 lijia add */ - /* 2015-11-04 lijia add, IP��Ƭ������, pstreamָ�������еĽṹ, pindexΪջ�ﵱǰ���ṹ */ + /* 2015-11-04 lijia add, IP��Ƭ������, pstreamָ�������еĽṹ, pindexΪջ�ﵱǰ���ṹ */ pstream->addr.pktipfragtype = pindex->stream.stream_public.addr.pktipfragtype; } @@ -3020,11 +3070,11 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s pdetail =(struct tcpdetail *)(&pdetail_pr->tcpdetail_public); - /* ddos bypass���ȼ���� */ + /* ddos bypass���ȼ���� */ if(pstream_pr->under_ddos_bypass){ local_sys_stat->count[SAPP_STAT_TCP_BYPASS_PKTS]++; local_sys_stat->length[SAPP_STAT_TCP_BYPASS_BYTES]+= tcplen; - /* ����ddos����ʱֻ�DZ�������, �����ò����ԼCPU, �������ж�������, �����Ƿ���PASS */ + /* ����ddos����ʱֻ�DZ�������, �����ò����ԼCPU, �������ж�������, �����Ƿ���PASS */ cycle_pkt_dump_by_classify(pstream->threadnum, raw_pkt, PKT_CLASSIFY_BYPASS); return PASS; } @@ -3032,9 +3082,9 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s - /* 2014-10-11 lijia add, Fd������ƽ̨ʵ�� */ + /* 2014-10-11 lijia add, Fd������ƽ̨ʵ�� */ if(unlikely(pstream_pr->stream_killed_flag != 0) && raw_pkt->is_ctrl_pkt==0){ - if((pdetail_pr->auto_remedy_flag != 0) && (tcplen > 0)){ /* ��ֹflood����, ֻ�д����ݵİ��ŷ�RST */ + if((pdetail_pr->auto_remedy_flag != 0) && (tcplen > 0)){ /* ��ֹflood����, ֻ�д����ݵİ��ŷ�RST */ sapp_runtime_log(RLOG_LV_DEBUG, "TCP stream: %s, kill_tcp remedy, curdir:%d, send RST pkt.", printaddr(&pstream->addr, pstream->threadnum), pstream->curdir); pstream_pr->plugin_process_context=1; @@ -3048,16 +3098,16 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s tcp_processallpkt(pstream,this_iphdr,this_tcphdr,tcplen,raw_pkt); } #endif - //return DROP; /* 2019-11-20 lijia modify, kill_tcp��Ĭ����Ϊ����DROP, ֻ����rst��, �Ƿ�ȡ����drop_stream_flag */ + //return DROP; /* 2019-11-20 lijia modify, kill_tcp��Ĭ����Ϊ����DROP, ֻ����rst��, �Ƿ�ȡ����drop_stream_flag */ } /* 2021-05-18 lijia close ipv6 dup pkt check: - IPv6��Ϊû��Ipid�ֶ�, ������������Ӧ�ò��ش����ظ�����, �����˻ᵼ�¶�������CT, ���Բ�֧��!!! + IPv6��Ϊû��Ipid�ֶ�, ������������Ӧ�ò��ش����ظ�����, �����˻ᵼ�¶�������CT, ���Բ�֧��!!! - ����IPv6���������: - 1)��������˴�������, �ش�����ʶ������ظ����Ļ�, sapp��ֱ��PASS��, ʵ���Ǹ�������ʵͨ��˫������, û�о���tfe����, ���ܾͶ�����. - 2)���������firewall��drop����, ��һ��drop�ɹ���, ��Ӧ�ò���ش�, �ش�����ʶ������ظ����Ļ�, sapp��ֱ��PASS��, ����CT. + ����IPv6���������: + 1)��������˴�������, �ش�����ʶ������ظ����Ļ�, sapp��ֱ��PASS��, ʵ���Ǹ�������ʵͨ��˫������, û�о���tfe����, ���ܾͶ�����. + 2)���������firewall��drop����, ��һ��drop�ɹ���, ��Ӧ�ò���ش�, �ش�����ʶ������ظ����Ļ�, sapp��ֱ��PASS��, ����CT. */ if(raw_pkt->is_ctrl_pkt==0 && deal_tcp_stream_dup_pkt_check(pstream->threadnum, pstream_pr, pdetail_pr, (const struct mesa_ip4_hdr *)this_iphdr, this_tcphdr) != 0){ @@ -3083,7 +3133,7 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s } } -// ����kill remedy��drop stream���ظ�������sappֱ�Ӵ��������������ϵ�sid,����ת����service chain����������SF������ +// ����kill remedy��drop stream���ظ�������sappֱ�Ӵ��������������ϵ�sid,����ת����service chain����������SF������ if(pstream_pr->sid_append_list != NULL) { ((raw_pkt_t *)raw_pkt)->append_list=pstream_pr->sid_append_list; @@ -3100,7 +3150,7 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s if(pstream->curdir==DIR_S2C) { - if(pdetail->clientpktnum == 0) /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ + if(pdetail->clientpktnum == 0) /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ { try_to_update_addr_info = 1; } @@ -3109,7 +3159,7 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s } else { - if(pdetail->serverpktnum == 0) /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ + if(pdetail->serverpktnum == 0) /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ { try_to_update_addr_info = 1; } @@ -3123,25 +3173,40 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s (struct streaminfo_private *)(pindex->stream.pfather_pr), pstream->curdir); } - /* flow_stat��ȫ����״̬��¼, �������ش����������� */ + int frag_cnt = 0, frag_len = 0; + stream_get_scratch_frag_stat(pstream, &frag_cnt, &frag_len); + + /* flow_stat��ȫ����״̬��¼, �������ش����������� */ if(G_TCP_FLOW_STAT_PROJECT_ID != -1 && raw_pkt->is_ctrl_pkt == 0){ if(DIR_C2S == pstream->curdir){ pdetail_pr->flow_stat->C2S_syn_pkt+=((this_tcphdr->th_flags & TH_SYN) ? 1 : 0); - pdetail_pr->flow_stat->C2S_all_pkt++; - pdetail_pr->flow_stat->C2S_all_byte += tcplen; - pdetail_pr->flow_stat->C2S_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->C2S_ip_fragment_pkt++; + pdetail_pr->flow_stat->C2S_all_pkt+=MAX(1, frag_cnt); + pdetail_pr->flow_stat->C2S_all_byte +=MAX(1, frag_cnt); + pdetail_pr->flow_stat->C2S_all_byte_raw += MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes, frag_len); + pdetail_pr->flow_stat->C2S_ip_fragment_pkt+=MAX(1, frag_cnt); + } + else + { + pdetail_pr->flow_stat->C2S_all_pkt++; + pdetail_pr->flow_stat->C2S_all_byte += tcplen; + pdetail_pr->flow_stat->C2S_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; } }else{ pdetail_pr->flow_stat->S2C_syn_pkt+=((this_tcphdr->th_flags & TH_SYN) ? 1 : 0); - pdetail_pr->flow_stat->S2C_all_pkt++; - pdetail_pr->flow_stat->S2C_all_byte += tcplen; - pdetail_pr->flow_stat->S2C_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; if(pstream->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->S2C_ip_fragment_pkt++; + pdetail_pr->flow_stat->S2C_all_pkt+=MAX(1, frag_cnt); + pdetail_pr->flow_stat->S2C_all_byte +=MAX(1, frag_cnt); + pdetail_pr->flow_stat->S2C_all_byte_raw +=MAX(raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes, frag_len); + pdetail_pr->flow_stat->S2C_ip_fragment_pkt+=MAX(1, frag_cnt); + } + else + { + pdetail_pr->flow_stat->S2C_all_pkt++; + pdetail_pr->flow_stat->S2C_all_byte += tcplen; + pdetail_pr->flow_stat->S2C_all_byte_raw += raw_pkt->raw_pkt_len - raw_pkt->overlay_layer_bytes; } } } @@ -3166,13 +3231,13 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s pstream_pr->ip_ttl_s2c = pindex->stream.ip_ttl_c2s; /* Not a mistake, that's it! */ } - /* note: reset�����ü���, ����clientbytes+=, clientpktnum++����֮�� */ + /* note: reset�����ü���, ����clientbytes+=, clientpktnum++����֮�� */ if(1 == lrustream(pindex_tcp)){ ret = tcp_reset_stream(pindex_tcp, this_iphdr,this_tcphdr, tcplen,raw_pkt); if(0 == ret){ return PASS; } - /* �����tcp_reset_stream()�½���ʱ, ��������bypass��־, �˴�ֱ�ӷ���, �����ٵ���tcp_processallpkt */ + /* �����tcp_reset_stream()�½���ʱ, ��������bypass��־, �˴�ֱ�ӷ���, �����ٵ���tcp_processallpkt */ if(pstream_pr->under_ddos_bypass){ return PASS; } @@ -3215,10 +3280,10 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s else if (pstream->stream_state == TCP_SYN_STATE) { ret = tcp_deal_syn_stream(pindex_tcp, raw_pkt, this_iphdr, this_tcphdr, tcplen); - // �������ı��ģ����������к�̴��� + // �������ı��ģ����������к�̴��� if (DROP == ret) { - // return PASS;//�����к�̴��������DZ��뷵��PASS������������ + // return PASS;//�����к�̴��������DZ��뷵��PASS������������ ret = PASS; goto fun_exit; } @@ -3228,7 +3293,7 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s // ret=tcp_deal_data_stream(pindex_tcp,rawippkt,iplen,this_tcphdr,tcplen); ret = tcp_deal_data_stream(pindex_tcp, this_iphdr, raw_pkt, this_tcphdr, tcplen); } - // add by lqy 20150215 �½����Ӹտ�ʼ�������� + // add by lqy 20150215 �½����Ӹտ�ʼ�������� else { pindex_tcp->stream.stream_public.addr.pkttype = PKT_TYPE_TCPUNORDER; @@ -3241,18 +3306,18 @@ static int deal_tcp_stream(struct streamindex *pindex, const void *this_iphdr, s } } - /* �����tcp_deal_nouse_stream(),tcp_deal_data_stream()������, ���ù�tcp_reset_stream()���õ�ǰ��ʱ, - ���ɱ�������bypass��־, �˴�Ҫֱ�ӷ���, �����ٵ���stream_process_tcp_allpkt() + /* �����tcp_deal_nouse_stream(),tcp_deal_data_stream()������, ���ù�tcp_reset_stream()���õ�ǰ��ʱ, + ���ɱ�������bypass��־, �˴�Ҫֱ�ӷ���, �����ٵ���stream_process_tcp_allpkt() */ if(pstream_pr->under_ddos_bypass){ return ret; } pdetail_pr =(struct tcpdetail_private*)(pstream->pdetail); - //adjust by lqy 20150107 Ϊ�˷�ֹSYN�ؽ�����ʱSYN�ڵ�һ�������� + //adjust by lqy 20150107 Ϊ�˷�ֹSYN�ؽ�����ʱSYN�ڵ�һ�������� if((pdetail_pr != NULL) && (0 == call_tcpall_after_reset) && pindex_tcp && (pstream->pktstate!=OP_STATE_CLOSE)) { - //ȫ���ӿ��õ�������ָ��ǰ����ԭʼ���� + //ȫ���ӿ��õ�������ָ��ǰ����ԭʼ���� if(tcplen == 0) { pdetail->pdata = NULL; @@ -3295,7 +3360,7 @@ fun_exit: /* lijia 2015-01-12 add this_iphdr, - �����IP��Ƭ����İ�, ������ʽ�Ĵ���IP��ͷ, ����ֻ��tcp_hdr��raw_hdr, ����ȡ������IP��ͷ. + �����IP��Ƭ����İ�, ������ʽ�Ĵ���IP��ͷ, ����ֻ��tcp_hdr��raw_hdr, ����ȡ������IP��ͷ. */ static int dealtcppkt(struct streamindex *pfindex, const void *this_iphdr, struct mesa_tcp_hdr *this_tcphdr, int thread_num,unsigned char routedir, int tcpdatalen, const raw_pkt_t *raw_packet, int offset_to_raw_pkt_hdr) @@ -3306,7 +3371,7 @@ static int dealtcppkt(struct streamindex *pfindex, const void *this_iphdr, struc //struct layer_addr *tcp_stream_addr; #endif - /* IPPORT-union�汾, IP��TCP��ʹ��ͬһ��index�ṹ, ��ֱ��ͨ��IP�㴫�ݵ�pfindex */ + /* IPPORT-union�汾, IP��TCP��ʹ��ͬһ��index�ṹ, ��ֱ��ͨ��IP�㴫�ݵ�pfindex */ //struct streamindex tmp_tcp_stream; //struct streamindex *ptmp=&tmp_tcp_stream; struct streaminfo_private *pstream_pr = (struct streaminfo_private *)(&pfindex->stream); @@ -3332,7 +3397,7 @@ static int dealtcppkt(struct streamindex *pfindex, const void *this_iphdr, struc pstream->addr.pkttype = PKT_TYPE_NORMAL;//add by lqy 20151222, init pkttype - pstream_pr->addr_use_as_hash = 1; /* ��Ԫ����Ϣ����IP�� */ + pstream_pr->addr_use_as_hash = 1; /* ��Ԫ����Ϣ����IP�� */ // ptmp->stream.p_layer_header = this_tcphdr; //ptmp->stream.offset_to_raw_pkt_hdr = (char *)this_tcphdr - (char *)raw_packet->raw_pkt_data; pstream_pr->offset_to_ip_hdr = (char *)this_tcphdr - (char *)this_iphdr; @@ -3341,14 +3406,14 @@ static int dealtcppkt(struct streamindex *pfindex, const void *this_iphdr, struc pstream->routedir=routedir; pstream->threadnum=thread_num; - local_sys_stat->count_per_layer[ADDR_TYPE_TCP][pstream_pr->layer_index]++; /* tcp��ip����һ�� */ - local_sys_stat->length_per_layer[ADDR_TYPE_TCP][pstream_pr->layer_index] += tcpdatalen + this_tcphdr->th_off*4; /* tcp��ip����һ�� */ + local_sys_stat->count_per_layer[ADDR_TYPE_TCP][pstream_pr->layer_index]++; /* tcp��ip����һ�� */ + local_sys_stat->length_per_layer[ADDR_TYPE_TCP][pstream_pr->layer_index] += tcpdatalen + this_tcphdr->th_off*4; /* tcp��ip����һ�� */ //return deal_tcp_stream(ptmp,this_tcphdr,tcpdatalen,raw_packet,raw_len); return deal_tcp_stream(pfindex,this_iphdr, this_tcphdr,tcpdatalen, raw_packet, offset_to_raw_pkt_hdr); } -/* lijia comment: this_iphdr��������ʵԭʼ��, Ҳ������malloc��IP�����, ��addr.pkttype���� */ +/* lijia comment: this_iphdr��������ʵԭʼ��, Ҳ������malloc��IP�����, ��addr.pkttype���� */ int dealipv4tcppkt(struct streamindex *pfindex, const struct mesa_ip4_hdr *this_iphdr,int thread_num, unsigned char routedir, const raw_pkt_t *raw_pkt, int offset_to_raw_pkt_hdr) { @@ -3376,8 +3441,8 @@ int dealipv4tcppkt(struct streamindex *pfindex, const struct mesa_ip4_hdr *this_ } - /* lijia 2016-06-15 add, �����Ż�, ������ACK�� */ -#if HIGH_PERF /* ������ģʽ���Զ�����ACK */ + /* lijia 2016-06-15 add, �����Ż�, ������ACK�� */ +#if HIGH_PERF /* ������ģʽ���Զ�����ACK */ if((0 == datalen) && (TH_ACK == this_tcphdr->th_flags)){ return PASS; } @@ -3489,7 +3554,7 @@ void set_tcp_takeoverflag(struct streaminfo *pstream,int flag) /* - ԭʼ��������: etc/well_known_port.conf + ԭʼ��������: etc/well_known_port.conf return value: 0 : not found in well known port array; 1: in well known port array; @@ -3525,8 +3590,8 @@ static int is_well_known_port(int stream_type, unsigned short port_host_order) /* - 2021-06-08֮ǰ, ����udp��tcp��SYN�������, ���ǰ�"��˿��ǿͻ���"����ȷ�����ķ���, - 2021-06-08֮��, �����жϹ�֪�˿�, ����80, 8088, 53�ȶ˿ڵ�, ��Ϊ�Ƿ����. + 2021-06-08֮ǰ, ����udp��tcp��SYN�������, ���ǰ�"��˿��ǿͻ���"����ȷ�����ķ���, + 2021-06-08֮��, �����жϹ�֪�˿�, ����80, 8088, 53�ȶ˿ڵ�, ��Ϊ�Ƿ����. return value: 0 : not found in well known port array; @@ -3539,15 +3604,15 @@ static int adjust_stream_dir_by_well_known_ports(unsigned char stream_type,UINT1 ret = is_well_known_port(stream_type,dport_host); if(ret != 0){ - return DIR_C2S; /* dport���й���, ��C2S���� */ + return DIR_C2S; /* dport���й���, ��C2S���� */ } ret = is_well_known_port(stream_type,sport_host); if(ret != 0){ - return DIR_S2C; /* sport���й���, ��S2C���� */ + return DIR_S2C; /* sport���й���, ��S2C���� */ } - /* �����˿ڶ�û������well known port, ��֮ǰ���ж���, "��˿��ǿͻ���"���� */ + /* �����˿ڶ�û������well known port, ��֮ǰ���ж���, "��˿��ǿͻ���"���� */ return 0; } @@ -3561,8 +3626,8 @@ int set_transport_addr(struct streaminfo *this_stream, int enable_well_known_por if(__ADDR_TYPE_IP_PAIR_V4 == this_addr->addrtype){ struct stream_tuple4_v4 *ip4_addr = this_addr->tuple4_v4; - /* ���ö˿�, ��IP-PORT-union�汾��port˳����Ϊlayer_dir�IJ���, - ͬʱ����layer_dir, ���ڼ���HASHʱ, ��ַ����˳�� */ + /* ���ö˿�, ��IP-PORT-union�汾��port˳����Ϊlayer_dir�IJ���, + ͬʱ����layer_dir, ���ڼ���HASHʱ, ��ַ����˳�� */ if(enable_well_known_port){ dir_by_well_known_port = adjust_stream_dir_by_well_known_ports(this_stream->type, ntohs(sport), ntohs(dport)); } @@ -3577,7 +3642,7 @@ int set_transport_addr(struct streaminfo *this_stream, int enable_well_known_por this_stream_pr->create_dir_by_well_known_port = 1; }else{ if(ntohs(sport) > ntohs(dport)){ - this_stream_pr->layer_dir = 1; /* ���˿�˳�������Ԫ��layer_dir */ + this_stream_pr->layer_dir = 1; /* ���˿�˳�������Ԫ��layer_dir */ this_stream->curdir = DIR_C2S; }else{ if(unlikely(sport == dport)){ @@ -3596,7 +3661,7 @@ int set_transport_addr(struct streaminfo *this_stream, int enable_well_known_por } ip4_addr->source = sport; ip4_addr->dest = dport; - this_addr->addrtype = ADDR_TYPE_IPV4; /* ����pappƽ̨, ��������Ԫ��ʹ��'ADDR_TYPE_IPV4��ʾ' */ + this_addr->addrtype = ADDR_TYPE_IPV4; /* ����pappƽ̨, ��������Ԫ��ʹ��'ADDR_TYPE_IPV4��ʾ' */ this_addr->addrlen = sizeof(struct stream_tuple4_v4); }else if(__ADDR_TYPE_IP_PAIR_V6 == this_addr->addrtype){ struct stream_tuple4_v6 *ip6_addr = this_addr->tuple4_v6; @@ -3634,7 +3699,7 @@ int set_transport_addr(struct streaminfo *this_stream, int enable_well_known_por ip6_addr->source = sport; ip6_addr->dest = dport; - this_addr->addrtype = ADDR_TYPE_IPV6; /* ����pappƽ̨, ��������Ԫ��ʹ��'ADDR_TYPE_IPV6��ʾ' */ + this_addr->addrtype = ADDR_TYPE_IPV6; /* ����pappƽ̨, ��������Ԫ��ʹ��'ADDR_TYPE_IPV6��ʾ' */ this_addr->addrlen = sizeof(struct stream_tuple4_v6); }else{ assert(0); @@ -3646,7 +3711,7 @@ int set_transport_addr(struct streaminfo *this_stream, int enable_well_known_por -/* 2014-12-30 lijia add, ��������Ϊһ������ṹ, ����Ϊ��ȡ��ַ��ʵ�ʽṹ, ����֮ */ +/* 2014-12-30 lijia add, ��������Ϊһ������ṹ, ����Ϊ��ȡ��ַ��ʵ�ʽṹ, ����֮ */ struct streaminfo *skip_proxy_phony_stream(struct streaminfo *a_tcp) { int proxy_layer_num = 0; @@ -3684,26 +3749,26 @@ static struct buf_unorder *tcp_save_unorder_pkt(struct streaminfo *a_tcp,const v //carry_ip_stream = skip_proxy_phony_stream(a_tcp->pfather); carry_ip_stream = skip_proxy_phony_stream(a_tcp); - /* �洢ԭʼ�� */ + /* �洢ԭʼ�� */ memcpy(&(uo_packet->raw_pkt), stack_raw_pkt, sizeof(raw_pkt_t)); uo_packet->raw_pkt.raw_pkt_data = sapp_mem_malloc(SAPP_MEM_DYN_TCP_UNORDER,a_tcp->threadnum, stack_raw_pkt->raw_pkt_len); memcpy((void *)uo_packet->raw_pkt.raw_pkt_data, stack_raw_pkt->raw_pkt_data, stack_raw_pkt->raw_pkt_len); - /* iphdr���������: - 1)��IP��Ƭ��: - ֻ��洢������ԭʼ��, �����Ķ���ָ������, ֻ��freeһ��; - 2)IP����İ�: - �洢������ԭʼ��(���һ����Ƭ), �������malloc��IP��, ����ʹ��ָ������; + /* iphdr���������: + 1)��IP��Ƭ��: + ֻ��洢������ԭʼ��, �����Ķ���ָ������, ֻ��freeһ��; + 2)IP����İ�: + �洢������ԭʼ��(���һ����Ƭ), �������malloc��IP��, ����ʹ��ָ������; */ #if 0 - if(carry_ip_stream->addr.pktipfragtype & PKT_TYPE_IPREBUILD){ + #else - /* ��ΪIPv4�п��ܶ��Ƕ��, ����: MAC->IPv4->UDP->IPv6->IPv4->TCP->APP, - ���ܽ��жϵ�ǰ����IPv4���Ƿ��Ƿ�Ƭ, ��ײ��IPv4��Ҳ������Դ��IP��Ƭ����İ�. - ����, ʹ��ԭʼ��ָ��͵�ǰIPͷָ��ľ���ֵƫ�����ж�, - �����İ�, ��ǰ��ͷ��ԭʼ��ͷ�ĵ�ַƫ�����϶���MTU��Χ��, - ���������MTU, ��ǰIP���϶�����malloc��, ����Ƭ����İ�. + /* ��ΪIPv4�п��ܶ��Ƕ��, ����: MAC->IPv4->UDP->IPv6->IPv4->TCP->APP, + ���ܽ��жϵ�ǰ����IPv4���Ƿ��Ƿ�Ƭ, ��ײ��IPv4��Ҳ������Դ��IP��Ƭ����İ�. + ����, ʹ��ԭʼ��ָ��͵�ǰIPͷָ��ľ���ֵƫ�����ж�, + �����İ�, ��ǰ��ͷ��ԭʼ��ͷ�ĵ�ַƫ�����϶���MTU��Χ��, + ���������MTU, ��ǰIP���϶�����malloc��, ����Ƭ����İ�. */ if(labs((char *)this_iphdr - (char *)stack_raw_pkt->raw_pkt_data) > MTU_MAX){ #endif @@ -3735,7 +3800,7 @@ static struct buf_unorder *tcp_save_unorder_pkt(struct streaminfo *a_tcp,const v uo_packet->urg = (this_tcphdr->th_flags & TH_URG); uo_packet->urg_ptr = ntohs (this_tcphdr->th_urp); - /* IP��Ƭ����ָ���ƶ���pakiet�ṹ��, ��ȫ�ֵ�G_IP_FRAG_LIST[tid]ָ���ÿ�, ���ⱻip_entry���ͷ� */ + /* IP��Ƭ����ָ���ƶ���pakiet�ṹ��, ��ȫ�ֵ�G_IP_FRAG_LIST[tid]ָ���ÿ�, ���ⱻip_entry���ͷ� */ uo_packet->ipfrag_list = raw_ip_frag_list_global_move_pkt(a_tcp); a_tcp->addr.pkttype = PKT_TYPE_TCPUNORDER;//add by lqy 20151222, mark unorder @@ -3778,15 +3843,15 @@ static int get_ip_pkt_tot_len(struct streaminfo *ipinfo, const void *this_iphdr) } /* 2015-01-13 lijia add, - ��Ϊkill_xxxϵ�к���ʹ��stream_pr�ṹ�е�raw_pktָ��, - ����������������ij����, ����kill_xxxϵ�к���, - ��ʱ�� + ��Ϊkill_xxxϵ�к���ʹ��stream_pr�ṹ�е�raw_pktָ��, + ����������������ij����, ����kill_xxxϵ�к���, + ��ʱ�� */ static inline void update_stream_list_raw_pkt_pointer(struct streaminfo_private *a_tcp_pr, const raw_pkt_t *raw_pkt) { a_tcp_pr->raw_pkt = raw_pkt; - /* TODO 3: �Ƿ���Ҫ�ݹ�Ľ�a_tcp->pfather->raw_pktҲȫ������?! */ + /* TODO 3: �Ƿ���Ҫ�ݹ�Ľ�a_tcp->pfather->raw_pktҲȫ������?! */ return; } @@ -3798,7 +3863,7 @@ static void tcp_flow_stat_free(int thread_seq, void *project_req_value) } -/* 2015-12-25 lijia add, for TCP/UDP����ͳ�� */ +/* 2015-12-25 lijia add, for TCP/UDP����ͳ�� */ int tcp_flow_stat_init(void) { int project_req_id; @@ -3807,7 +3872,7 @@ int tcp_flow_stat_init(void) if(project_req_id >= 0){ G_TCP_FLOW_STAT_PROJECT_ID = project_req_id; }else{ - /* �����ļ�û��'tcp_flow_stat'��, �رմ˹��� */ + /* �����ļ�û��'tcp_flow_stat'��, �رմ˹��� */ G_TCP_FLOW_STAT_PROJECT_ID = -1; } @@ -3815,7 +3880,7 @@ int tcp_flow_stat_init(void) if(project_req_id >= 0){ G_TCP_DEDUCE_FLOW_STAT_PROJECT_ID = project_req_id; }else{ - /* �����ļ�û��'tcp_flow_stat'��, �رմ˹��� */ + /* �����ļ�û��'tcp_flow_stat'��, �رմ˹��� */ G_TCP_DEDUCE_FLOW_STAT_PROJECT_ID = -1; } diff --git a/src/dealpkt/deal_udp.c b/src/dealpkt/deal_udp.c index 917d420..dc4231c 100644 --- a/src/dealpkt/deal_udp.c +++ b/src/dealpkt/deal_udp.c @@ -7,6 +7,8 @@ extern "C" { #endif +#include "ip_reassembly.h" + extern int udp_stream_table_size; extern int raw_ip_frag_list_stream_attach(struct streaminfo *stream); extern int raw_ip_frag_list_stream_detach(struct streaminfo *stream); @@ -54,6 +56,9 @@ static void udp_change_stream_state(struct streamindex *pindex, struct mesa_udp_ return ; } + int frag_cnt = 0, frag_len = 0; + stream_get_scratch_frag_stat(a_udp, &frag_cnt, &frag_len); + if(a_udp->curdir==DIR_C2S) { pdetail->serverpktnum++; @@ -62,12 +67,18 @@ static void udp_change_stream_state(struct streamindex *pindex, struct mesa_udp_ a_udp->dir=DIR_DOUBLE; } if(G_UDP_FLOW_STAT_PROJECT_ID != -1 && raw_pkt->is_ctrl_pkt == 0){ - pdetail_pr->flow_stat->C2S_pkt++; - pdetail_pr->flow_stat->C2S_byte += datalen; - pdetail_pr->flow_stat->C2S_all_byte_raw +=MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); if(a_udp->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->C2S_ip_fragment_pkt=1; + pdetail_pr->flow_stat->C2S_pkt+=MAX(1, frag_cnt); + pdetail_pr->flow_stat->C2S_byte += MAX(datalen, frag_len); + pdetail_pr->flow_stat->C2S_all_byte_raw +=MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,frag_len); + pdetail_pr->flow_stat->C2S_ip_fragment_pkt+=MAX(1, frag_cnt); + } + else + { + pdetail_pr->flow_stat->C2S_pkt++; + pdetail_pr->flow_stat->C2S_byte += datalen; + pdetail_pr->flow_stat->C2S_all_byte_raw +=MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); } } } @@ -80,12 +91,19 @@ static void udp_change_stream_state(struct streamindex *pindex, struct mesa_udp_ } if(G_UDP_FLOW_STAT_PROJECT_ID != -1 && raw_pkt->is_ctrl_pkt == 0){ - pdetail_pr->flow_stat->S2C_pkt++; - pdetail_pr->flow_stat->S2C_byte += datalen; - pdetail_pr->flow_stat->S2C_all_byte_raw += MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); + if(a_udp->addr.pktipfragtype & PKT_TYPE_IPREBUILD) { - pdetail_pr->flow_stat->S2C_ip_fragment_pkt=1; + pdetail_pr->flow_stat->S2C_pkt+=MAX(1, frag_cnt); + pdetail_pr->flow_stat->S2C_byte += MAX(datalen, frag_len); + pdetail_pr->flow_stat->S2C_all_byte_raw += MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,frag_len); + pdetail_pr->flow_stat->S2C_ip_fragment_pkt+=MAX(1, frag_cnt); + } + else + { + pdetail_pr->flow_stat->S2C_pkt++; + pdetail_pr->flow_stat->S2C_byte += datalen; + pdetail_pr->flow_stat->S2C_all_byte_raw += MAX(raw_pkt->raw_pkt_len-raw_pkt->overlay_layer_bytes,0); } } diff --git a/src/dealpkt/stream_manage.c b/src/dealpkt/stream_manage.c index 6b10eb9..860275a 100644 --- a/src/dealpkt/stream_manage.c +++ b/src/dealpkt/stream_manage.c @@ -42,6 +42,29 @@ static inline void update_stream_status(UCHAR threadnum, UCHAR type, UCHAR strea int project_requirement_global_init(void); static inline void __do_streamleavlist(struct streamindex *pindex,struct stream_list *plist); +#include "ip_reassembly.h" +extern struct frag_manage *g_ipv4_frag_manage; +extern struct frag_manage *g_ipv6_frag_manage; + +inline void stream_get_scratch_frag_stat(struct streaminfo *pstream, int *frag_cnt, int *frag_len) +{ + if(g_ipv4_frag_manage == NULL || g_ipv6_frag_manage == NULL)return; + if (pstream == NULL || frag_cnt == NULL || frag_len == NULL)return; + struct frag_manage *thread_frag_manage = NULL; + if (pstream->addr.addrtype == ADDR_TYPE_IPV4) + { + thread_frag_manage=&g_ipv4_frag_manage[pstream->threadnum]; + } + if (pstream->addr.addrtype == ADDR_TYPE_IPV6) + { + thread_frag_manage=&g_ipv6_frag_manage[pstream->threadnum]; + + } + *frag_cnt = thread_frag_manage->scratch_frag_cnt; + *frag_len = thread_frag_manage->scratch_frag_len; + return; +} + int tcp_stream_table_size=0; int udp_stream_table_size=0; int tcpstate_num[MAX_TCP_STATE]={8000,2000,4000}; |