From f14d0bcdd230c85fb68814e64f72f3b10051befa Mon Sep 17 00:00:00 2001 From: yangwei Date: Tue, 9 Jul 2024 19:23:40 +0800 Subject: ✨ feat(skip_gtp_layer): set defalut as 0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/config/config_parse.cpp | 1 + src/dealpkt/deal_udp.c | 118 +++++++++++++++++++++++--------------------- 2 files changed, 63 insertions(+), 56 deletions(-) (limited to 'src') diff --git a/src/config/config_parse.cpp b/src/config/config_parse.cpp index f6679a0..9d4230e 100644 --- a/src/config/config_parse.cpp +++ b/src/config/config_parse.cpp @@ -1887,6 +1887,7 @@ int sapp_parse_config(void) tomlc99_wrap_load_int_def(ABBR_CFG_FILE_MAIN_ENTRY, (char *)"PROTOCOL_FEATURE", (char *)"skip_not_ip_layer_over_eth", (int *)&pconfig->protocol_feature.skip_not_ip_layer_over_eth, 0); tomlc99_wrap_load_int_def(ABBR_CFG_FILE_MAIN_ENTRY, (char *)"PROTOCOL_FEATURE", (char *)"reverse_ethernet_addr", (int *)&pconfig->protocol_feature.reverse_ethernet_addr_enabled, 1); tomlc99_wrap_load_int_def(ABBR_CFG_FILE_MAIN_ENTRY, (char *)"PROTOCOL_FEATURE", (char *)"skip_gtp_S_PN_E_field_for_inject", (int *)&pconfig->protocol_feature.skip_gtp_S_PN_E_field_for_inject, 1); + tomlc99_wrap_load_int_def(ABBR_CFG_FILE_MAIN_ENTRY, (char *)"PROTOCOL_FEATURE", (char *)"skip_gtp_layer", (int *)&pconfig->protocol_feature.skip_gtp_layer, 0); tomlc99_wrap_load_int_def(ABBR_CFG_FILE_MAIN_ENTRY, (char *)"PROTOCOL_FEATURE", (char *)"ipv4_reassembly_enabled", (int *)&pconfig->protocol_feature.ipv4_reassembly_enabled, 1); diff --git a/src/dealpkt/deal_udp.c b/src/dealpkt/deal_udp.c index 9eb5301..5a3a3e5 100644 --- a/src/dealpkt/deal_udp.c +++ b/src/dealpkt/deal_udp.c @@ -1,7 +1,7 @@ /* 20120603 : -20130530 :Ôö¼ÓÇ¿ÖÆudpÁ÷ÌÔÌ­¹¦ÄÜ£¬ +20130530 :����ǿ��udp����̭���ܣ� */ #include "sapp_api.h" #include "sapp_pkt_stat.h" @@ -131,7 +131,7 @@ static void udp_change_stream_state(struct streamindex *pindex, struct mesa_udp_ } #if SAPP_INSECTICIDE -/* 2017-02-09 ÁÙʱÌí¼Ó´úÂë, ÔÚÏß·¢ÏÖĪÃûÆäÃîBUG, ÏÈÅжÏstream->pfatherÖ¸ÕëÂÒµÄBUG, Ò²²»ÖªµÀÄÄ°ÑpfatherдÂÒÁË */ +/* 2017-02-09 ��ʱ���Ӵ���, ���߷���Ī������BUG, ���ж�stream->pfatherָ���ҵ�BUG, Ҳ��֪���İ�pfather��� */ void iterate_stream_list(const struct streaminfo *stream) { char tmp_buf[8]; @@ -190,15 +190,15 @@ static struct streamindex *udp_add_new_stream(struct streamindex *pindex, iterate_stream_list(pstream_udp); #endif - /* 2016-07-25 lijia add, ¼Ç¼µ±Ç°Á÷×îµ×²ãËíµÀÀàÐÍ, ÿ¸öÁ÷Ö»ÔÚ´´½¨Ê±×öÒ»´Î¼´¿É */ + /* 2016-07-25 lijia add, ��¼��ǰ����ײ���������, ÿ����ֻ�ڴ���ʱ��һ�μ��� */ get_stream_carry_tunnel_type(pstream_udp, NULL, &pstream_udp_pr->stream_low_layer_tunnel_type); if(1 == pstream_udp_pr->layer_dir){ - pstream_udp_pr->stream_dir = 1; /* ÒòΪUDPÊÇ°´DATA½¨Á¬½Ó, ËùÒÔstream_dir¿Ï¶¨ºÍĬÈϹæÔòÏàͬ */ + pstream_udp_pr->stream_dir = 1; /* ��ΪUDP�ǰ�DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ //((struct streaminfo_private *)(pstream_udp->pfather))->stream_dir = ((struct streaminfo_private *)(pstream_udp->pfather))->layer_dir; //set_stream_addr(pstream_udp, this_udphdr->uh_sport, this_udphdr->uh_dport); }else{ - pstream_udp_pr->stream_dir = 1; /* ÒòΪÊÇUDP°´DATA½¨Á¬½Ó, ËùÒÔstream_dir¿Ï¶¨ºÍĬÈϹæÔòÏàͬ */ + pstream_udp_pr->stream_dir = 1; /* ����UDP��DATA������, ����stream_dir�϶���Ĭ�Ϲ�����ͬ */ //((struct streaminfo_private *)(pstream_udp->pfather))->stream_dir =((struct streaminfo_private *)(pstream_udp->pfather))->layer_dir ^ 1; //set_stream_addr(pstream_udp, this_udphdr->uh_dport, this_udphdr->uh_sport); } @@ -227,14 +227,14 @@ static struct streamindex *udp_add_new_stream(struct streamindex *pindex, pdetail->lastmtime=g_CurrentTime; if(pstream_udp_pr->under_ddos_bypass){ - /* bypass״̬²»µ÷ÓÃÈκβå¼þ, ºóÐøµÄproject, bridge,³õʼ»¯half_streamµÈ²Ù×÷¶¼¿ÉÒÔºöÂÔÁË */ + /* bypass״̬�������κβ��, ������project, bridge,��ʼ��half_stream�Ȳ��������Ժ����� */ sapp_global_val->mthread_volatile[threadnum]->sys_stat.count[SAPP_STAT_UDP_BYPASS_STREAM]++; cycle_pkt_dump_by_classify(threadnum, raw_pkt, PKT_CLASSIFY_BYPASS); sapp_runtime_log(RLOG_LV_INFO, "UDP stream:%s under ddos bypass!", printaddr(&pstream_udp->addr, threadnum)); return pindex_udp; } - /* 2014-03-26 LiJia add, ijЩÏîÄ¿ÌØÊâÓ¦Óóõʼ»¯, Èç±êÇ©¡¢Ô­Ê¼IP·ÖƬÁбíµÈ */ + /* 2014-03-26 LiJia add, ijЩ��Ŀ����Ӧ�ó�ʼ��, ���ǩ��ԭʼIP��Ƭ�б��� */ pstream_udp_pr->pproject = project_requirement_create(SAPP_MEM_DYN_UDP_PROJECT, threadnum); pstream_udp_pr->stream_bridge = stream_bridge_create_per_stream(SAPP_MEM_DYN_UDP_BRIDGE,threadnum); @@ -315,12 +315,12 @@ void udp_free_stream(struct streamindex *pindex) ((raw_pkt_t *)pstream_pr->raw_pkt)->prepend_list=NULL; } - pstream_pr->raw_pkt = NULL; /* 2015-02-04 lijia add, ²»ÄÜÒò´Ëµ÷Óöø´¥·¢MESA_kill_xxx */ + pstream_pr->raw_pkt = NULL; /* 2015-02-04 lijia add, ������˵��ö�����MESA_kill_xxx */ if(pdetail_pr->apme!=NULL) { pstream->opstate=OP_STATE_CLOSE; - //udp stream »Øµ÷ + //udp stream �ص� pstream->pktstate=OP_STATE_CLOSE; // add by lijia 20141202 stream_process_udp(pstream,NULL,NULL,NULL,&(pdetail_pr->apme),&(pstream->opstate)); udp_cleardata(pstream); @@ -352,7 +352,7 @@ void udp_free_stream(struct streamindex *pindex) pstream->pdetail=NULL; - if(pstream_pr->set_special_timeout != 0){ /* Á´½Ó¶ÀÓг¬Ê±Ê±¼ä, ¼õÉÙ¼ÆÊý */ + if(pstream_pr->set_special_timeout != 0){ /* ���Ӷ��г�ʱʱ��, ���ټ��� */ sapp_global_mthread[threadnum].udp_stream_special_timeout_num--; } @@ -378,8 +378,8 @@ void udp_free_stream(struct streamindex *pindex) } //add by lqy 20130530 -// ¸ù¾ÝÉ趨µÄʱ¼äÇ¿ÖÆÌÔÌ­¸´ÓõÄËÄÔª×éÐÅÏ¢ -// return 1 ½øÐÐÁËÖØÖã¬0 δ½øÐÐÖØÖà +// �����趨��ʱ��ǿ����̭���õ���Ԫ����Ϣ +// return 1 ���������ã�0 ������� static int udp_reset_stream(struct streamindex *pindex) { struct stream_list *plist; @@ -396,7 +396,7 @@ static int udp_reset_stream(struct streamindex *pindex) threadnum = pstream->threadnum; sapp_gval_mthread_sys_stat_t *local_sys_stat = &sapp_global_val->mthread_volatile[threadnum]->sys_stat; - // ÇåÀíÒÔÇ°µÄµ÷ÓÃÐÅÏ¢ + // ������ǰ�ĵ�����Ϣ plist = &(G_MESA_GLOBAL_STREAM[threadnum]->udpList[pstream->stream_state]); streamleavlist(pindex, plist); // pstream->stream.opstate=OP_STATE_CLOSE; @@ -437,7 +437,7 @@ static int udp_reset_stream(struct streamindex *pindex) pstream_pr->pproject = project_requirement_create(SAPP_MEM_DYN_UDP_PROJECT, threadnum); pstream_pr->stream_bridge = stream_bridge_create_per_stream(SAPP_MEM_DYN_UDP_BRIDGE, threadnum); - /* 2015-12-28 lijia add, Á÷ÖØÖÃ, ´ÓÐÂÉêÇëÄÚ´æ */ + /* 2015-12-28 lijia add, ������, ���������ڴ� */ if (G_UDP_FLOW_STAT_PROJECT_ID != -1) { pdetail_pr->flow_stat = (struct udp_flow_stat *)sapp_mem_malloc(SAPP_MEM_DYN_UDP_FLOW_STAT, threadnum, sizeof(struct udp_flow_stat)); @@ -445,7 +445,7 @@ static int udp_reset_stream(struct streamindex *pindex) project_req_add_struct(pstream, G_UDP_FLOW_STAT_PROJECT_ID, pdetail_pr->flow_stat); } - // ÖØÖÃËùÓÐ״̬ + // ��������״̬ memset(pdetail, 0, sizeof(struct udpdetail)); // pstream->stream.opstate=OP_STATE_PENDING; pstream->opstate = OP_STATE_PENDING; @@ -488,12 +488,12 @@ static int dealipv4udppkt_dup_check(int tid, struct streaminfo_private *pstream_ int is_dup_pkt = 0; int dup_check_enabled = 0; - /* vxlan²ãµÄ±£»îÐÅÏ¢²»ÓÃʶ±ðÖظ´°ü, ÒòΪʵ²âijЩinline device»ò½»»»°å·¢³öµÄ±£»î°üÈ«ÊÇÒ»ÑùµÄ, udp checksumÊÇ0, ipidÒ²²»±ä */ + /* vxlan��ı�����Ϣ����ʶ���ظ���, ��Ϊʵ��ijЩinline device�ò½»»ï¿½ï¿½å·¢ï¿½ï¿½ï¿½Ä±ï¿½ï¿½ï¿½ï¿½È«ï¿½ï¿½Ò»ï¿½ï¿½ï¿½ï¿½, udp checksum��0, ipidҲ���� */ if(is_overlay_udp_layer){ return 0; } - /* ËíµÀЭÒéµÄÍâ²ãUDP²»Ê¶±ðÖظ´Á÷Á¿ */ + /* ����������UDP��ʶ���ظ����� */ if(STREAM_TUNNLE_NON != pstream_pr->stream_carry_up_layer_tunnel_type){ return 0; } @@ -502,7 +502,7 @@ static int dealipv4udppkt_dup_check(int tid, struct streaminfo_private *pstream_ if(dup_pkt_para->dup_pkt_distinguish_ipv4_udp || dup_pkt_para->dup_pkt_distinguish_all_inject) { - // ¶ÔÓÚԭʼÊäÈë°ü, Ö»ÅжÏÇ°N¸ö°ü, Èç¹ûû·¢ÏÖÖظ´Á÷Á¿, ¾ÍÈÏΪÒÔºóµÄ¶¼²»ÊÇÖظ´°ü! + // ����ԭʼ�����, ֻ�ж�ǰN����, ���û�����ظ�����, ����Ϊ�Ժ�Ķ������ظ���! if((0 == pstream_pr->has_duplicate_pkt) && (pdetail_pr->udpdetail_public.clientpktnum+pdetail_pr->udpdetail_public.serverpktnum >= dup_pkt_para->first_packets)){ dup_check_enabled = 0; @@ -533,7 +533,7 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ struct udpdetail_private *pdetail_pr=NULL; struct streaminfo_private *pstream_pr=&(pindex->stream); struct streaminfo *pstream=&(pstream_pr->stream_public); - struct streaminfo_private *stack_stream_pr = &(pindex->stream); /* 2016-11-24 lijia add, Èç¹ûÊÇl2tp, teredoËíµÀ, ʹÓÃÕ»ÀïµÄÖ¸Õë */ + struct streaminfo_private *stack_stream_pr = &(pindex->stream); /* 2016-11-24 lijia add, �����l2tp, teredo����, ʹ��ջ���ָ�� */ int next_layer_offset; void *tmpme=NULL; int hlen=0; @@ -549,12 +549,12 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ udph = (struct mesa_udp_hdr *) ((char*)this_iphdr +hlen ); ulen = ntohs (udph->uh_ulen); - local_sys_stat->count_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index]++; /* udpºÍipËã×÷Ò»²ã */ - local_sys_stat->length_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index] += ulen; /* udpºÍipËã×÷Ò»²ã */ + local_sys_stat->count_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index]++; /* udp��ip����һ�� */ + local_sys_stat->length_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index] += ulen; /* udp��ip����һ�� */ if(raw_pkt->is_ctrl_pkt==0) { - /* 2015-12-29 lijia modify, ijЩUDP°üûÓиºÔØÊý¾Ý, ûÓÐÒâÒå, Ö±½Ó¶ªÆú */ + /* 2015-12-29 lijia modify, ijЩUDP��û�и�������, û������, ֱ�Ӷ��� */ if(unlikely(iplen - hlen < ulen || ulen <= (int)sizeof (struct mesa_udp_hdr))){ return PASS; } @@ -579,7 +579,7 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ is_overlay_udp_layer = sapp_is_overlay_layer(pstream_pr, raw_pkt); - if(0 == is_overlay_udp_layer){ /* ·Çoverlay²ã²ÅÀÛ¼ÓÏà¹Ø²ã¼ÆÊý */ + if(0 == is_overlay_udp_layer){ /* ��overlay����ۼ���ز���� */ local_sys_stat->count[SAPP_STAT_RCV_UDP]++; local_sys_stat->length[SAPP_STAT_RCV_UDP]+=datalen; if (routedir == sapp_global_val->config.packet_io.inbound_route_dir) @@ -601,10 +601,10 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ sizeof(struct mesa_udp_hdr),raw_pkt->is_ctrl_pkt)) { pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL; - return gtp_entry(stack_stream_pr, udph, thread_num, routedir, raw_pkt, next_layer_offset); + if(sapp_global_val->config.protocol_feature.skip_gtp_layer==1)return gtp_entry(stack_stream_pr, udph, thread_num, routedir, raw_pkt, next_layer_offset); } //add by lqy 20130530 - // udpÓв»¿ªÆôÁ÷»¹Ô­µÄ¹¦ÄÜÐèÇó£¬Ö±½Ó°´µ¥°üµ¥Á÷´¦Àí + // udp�в���������ԭ�Ĺ�������ֱ�Ӱ������������� if(unlikely(0 ==udp_stream_table_size)) { struct udpdetail_private detail_pr; @@ -612,7 +612,7 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ pdetail = (struct udpdetail *)&detail_pr; pstream_pr->offset_to_ip_hdr = (char *)udph - (char *)this_iphdr; - /* µ¥°ü¼¶, ¼Ù¶¨Ô´¶Ë¿Ú´óµÄΪClient */ + /* ������, �ٶ�Դ�˿ڴ��ΪClient */ //if(memcmp(&udph->uh_sport, &udph->uh_dport, sizeof(short)) >= 0){ if(ntohs(udph->uh_sport) >= ntohs(udph->uh_dport)){ pstream->curdir=DIR_C2S; @@ -676,7 +676,7 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ return PASS; } } - // add by lqy Ö»Óе±Á´½ÓδÖØÖÃʱ½øÐÐlru + // add by lqy ֻ�е�����δ����ʱ����lru else { if (lrustream(a_index) == 1) @@ -685,10 +685,10 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ } } - /* NOTE: ¸üÐÂpstreamÖ¸Õë, Ö¸Ïò¶ÑÖд洢µÄÄÚ´æ */ + /* NOTE: ����pstreamָ��, ָ����д洢���ڴ� */ pstream_pr=&(a_index->stream); pstream=&(pstream_pr->stream_public); - //pstream->addr.pktipfragtype = pstream->stream_public.addr.pktipfragtype; /* 2015-11-04 lijia add, IP·ÖƬÀàÐ͸üР*/ + //pstream->addr.pktipfragtype = pstream->stream_public.addr.pktipfragtype; /* 2015-11-04 lijia add, IP��Ƭ���͸��� */ pdetail_pr=(struct udpdetail_private *)(pstream->pdetail); pstream->pudpdetail->lastmtime=(long)g_CurrentTime; @@ -717,7 +717,7 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ return DROP; } - // ¶ÔÓÚkill remedy£¬drop streamºÍÖظ´Á÷Á¿£¬sappÖ±½Ó´¦Àí£¬²»ÔÙ×·¼ÓÁ÷ÉϵÄsid,±ÜÃâת·¢µ½service chainÉÏÒýÆðÆäËûSFµÄÆçÒå + // ����kill remedy��drop stream���ظ�������sappֱ�Ӵ���������׷�����ϵ�sid,����ת����service chain����������SF������ if (pstream_pr->sid_append_list != NULL) { ((raw_pkt_t *)raw_pkt)->append_list = pstream_pr->sid_append_list; @@ -734,11 +734,11 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ if(pstream->curdir==DIR_S2C){ - if(pdetail_pr->udpdetail_public.clientpktnum == 0){ /* µ±Ç°·½ÏòµÄµÚÒ»¸ö°ü, ³¢ÊÔ¸üеײãËíµÀµÄµ¥ÏòµØÖ·ÐÅÏ¢(ÈçMPLS, GTP) */ + if(pdetail_pr->udpdetail_public.clientpktnum == 0){ /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ try_to_update_addr_info = 1; } }else{ - if(pdetail_pr->udpdetail_public.serverpktnum == 0){ /* µ±Ç°·½ÏòµÄµÚÒ»¸ö°ü, ³¢ÊÔ¸üеײãËíµÀµÄµ¥ÏòµØÖ·ÐÅÏ¢(ÈçMPLS, GTP) */ + if(pdetail_pr->udpdetail_public.serverpktnum == 0){ /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ try_to_update_addr_info = 1; } } @@ -776,7 +776,7 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ ret = vxlan_entry(stack_stream_pr, (char *)udph+sizeof(struct mesa_udp_hdr), thread_num, routedir, raw_pkt, next_layer_offset); udp_cleardata(pstream); pstream_pr->packet_process_context=0; - /* overlay UDP²ã²»ÔÙ¼ÌÐøºóÐøµÄËíµÀ¼ì²â */ + /* overlay UDP�㲻�ټ���������������� */ return ret; } else @@ -807,7 +807,7 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ } } - if(unlikely(DROP == ret)){ /* ²å¼þ·µ»ØDROP²»ÔÙ½øÐкóÐø´¦Àí */ + if(unlikely(DROP == ret)){ /* �������DROP���ٽ��к������� */ return DROP; } pstream_pr->packet_process_context=1; @@ -829,6 +829,10 @@ int dealipv4udppkt(struct streamindex *pindex, const struct mesa_ip4_hdr * this_ } } + if(pstream_pr->stream_carry_up_layer_tunnel_type & STREAM_TUNNEL_GPRS_TUNNEL){ + ret = gtp_entry(stack_stream_pr, udph, thread_num, routedir, raw_pkt, next_layer_offset); + } + pstream_pr->packet_process_context=0; if(DROP == ret){ sapp_runtime_log(RLOG_LV_DEBUG, "UDP stream: %s, curdir:%d, return DROP.", printaddr(&pstream->addr, pstream->threadnum), pstream->curdir); @@ -854,8 +858,8 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe iplen = ntohs (a_packet->ip6_payload_len); ulen = ntohs (udph->uh_ulen); - local_sys_stat->count_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index]++; /* udpºÍipËã×÷Ò»²ã */ - local_sys_stat->length_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index] += ulen; /* udpºÍipËã×÷Ò»²ã */ + local_sys_stat->count_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index]++; /* udp��ip����һ�� */ + local_sys_stat->length_per_layer[ADDR_TYPE_UDP][pstream_pr->layer_index] += ulen; /* udp��ip����һ�� */ if(unlikely(iplen < ulen || ulen <= (int)sizeof (struct mesa_udp_hdr))){ return PASS; @@ -877,7 +881,7 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe pstream->addr.addrlen=sizeof(struct layer_addr_udp); pstream_pr->addr_use_as_hash = 0; //ptmp->stream.p_layer_header = udph; -/* IP, UDP²ãºÏ²¢ºó, ²»ÔÙ¸üÐÂUDP²ãµÄoffset_to_raw_pkt_hdr */ +/* IP, UDP��ϲ���, ���ٸ���UDP���offset_to_raw_pkt_hdr */ #if 0 pstream_pr->offset_to_raw_pkt_hdr = offset_to_raw_pkt_hdr; #endif @@ -898,14 +902,14 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe sizeof(struct mesa_udp_hdr), raw_pkt->is_ctrl_pkt)) { pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNEL_GPRS_TUNNEL; - return gtp_entry(pstream_pr, udph, thread_num, routedir, raw_pkt, next_layer_offset); + if(sapp_global_val->config.protocol_feature.skip_gtp_layer==1)return gtp_entry(pstream_pr, udph, thread_num, routedir, raw_pkt, next_layer_offset); } //add by lqy 20130530 - // udpÓв»¿ªÆôÁ÷»¹Ô­µÄ¹¦ÄÜÐèÇó£¬Ö±½Ó°´µ¥°üµ¥Á÷´¦Àí + // udp�в���������ԭ�Ĺ�������ֱ�Ӱ������������� if(unlikely(0 == udp_stream_table_size)) { - /* µ¥°ü¼¶, ¼Ù¶¨Ô´¶Ë¿Ú´óµÄΪClient */ + /* ������, �ٶ�Դ�˿ڴ��ΪClient */ if(memcmp(&udph->uh_sport, &udph->uh_dport, sizeof(short)) >= 0){ pstream->curdir=DIR_C2S; pstream_pr->layer_dir = 1; @@ -965,7 +969,7 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe } } - /* NOTE: ¸üÐÂpstreamÖ¸Õë, Ö¸Ïò¶ÑÖд洢µÄÄÚ´æ */ + /* NOTE: ����pstreamָ��, ָ����д洢���ڴ� */ pstream_pr=&(a_index->stream); pstream=&(pstream_pr->stream_public); pdetail_pr=(struct udpdetail_private *)(pstream->pdetail); @@ -981,15 +985,15 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe /* 2021-05-18 lijia close ipv6 original dup pkt check: - IPv6ÒòΪûÓÐIpid×Ö¶Î, ÎÞ·¨Çø±ðÕæÕýµÄÓ¦ÓòãÖØ´«ºÍÖظ´Á÷Á¿, ¿ªÆôÁ˻ᵼÖ¶ÏÍø»òÕßCT, ËùÒÔ²»Ö§³ÖԭʼÁ÷Á¿Ê¶±ð! + IPv6��Ϊû��Ipid�ֶ�, �޷�����������Ӧ�ò��ش����ظ�����, �����˻ᵼ�¶�������CT, ���Բ�֧��ԭʼ����ʶ��! - ¶ÔÓÚIPv6µÄÁ½ÖÖÇé¿ö: - 1)Èç¹û¿ªÆôÁË´úÀí²ßÂÔ, ÖØ´«°ü±»Ê¶±ð³ÉÁËÖظ´°üµÄ»°, sapp¾ÍÖ±½ÓPASSÁË, ʵ¼ÊÄǸö°üÊÇÕæʵͨÐÅË«·½·¢µÄ, ûÓо­¹ýtfe´¦Àí, ¿ÉÄܾͶÏÍøÁË. - 2)Èç¹û¿ªÆôÁËfirewallµÄdrop²ßÂÔ, µÚÒ»´Îdrop³É¹¦ÁË, µ«Ó¦Óòã»áÖØ´«, ÖØ´«°ü±»Ê¶±ð³ÉÁËÖظ´°üµÄ»°, sapp¾ÍÖ±½ÓPASSÁË, µ¼ÖÂCT. + ����IPv6���������: + 1)��������˴�������, �ش�����ʶ������ظ����Ļ�, sapp��ֱ��PASS��, ʵ���Ǹ�������ʵͨ��˫������, û�о���tfe����, ���ܾͶ�����. + 2)���������firewall��drop����, ��һ��drop�ɹ���, ��Ӧ�ò���ش�, �ش�����ʶ������ظ����Ļ�, sapp��ֱ��PASS��, ����CT. - µ«ÊÇ, ÒªÖ§³Ö×¢ÈëÁ÷Á¿Ê¶±ð!! + ����, Ҫ֧��ע������ʶ��!! - 24.04: ¶ÔÓÚIPv6À´Ëµ, ÒòΪ²»Ö§³ÖԭʼÁ÷Á¿Öظ´¼ì²â, ËùÒÔ×¢Èë°üʶ±ðÒ²²»Ö§³Ö¿ìËÙ·¾¶. + 24.04: ����IPv6��˵, ��Ϊ��֧��ԭʼ�����ظ����, ����ע���ʶ��Ҳ��֧�ֿ���·��. */ if((sapp_global_val->config.packet_io.dup_pkt_para.dup_pkt_distinguish_all_inject != 0) && (sapp_dup_pkt_identify(thread_num, pstream_pr, a_packet, udph, 0) != 0)){ @@ -1022,11 +1026,11 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe } if(pstream->curdir==DIR_S2C){ - if(pdetail_pr->udpdetail_public.clientpktnum == 0){ /* µ±Ç°·½ÏòµÄµÚÒ»¸ö°ü, ³¢ÊÔ¸üеײãËíµÀµÄµ¥ÏòµØÖ·ÐÅÏ¢(ÈçMPLS, GTP) */ + if(pdetail_pr->udpdetail_public.clientpktnum == 0){ /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ try_to_update_addr_info = 1; } }else{ - if(pdetail_pr->udpdetail_public.serverpktnum == 0){ /* µ±Ç°·½ÏòµÄµÚÒ»¸ö°ü, ³¢ÊÔ¸üеײãËíµÀµÄµ¥ÏòµØÖ·ÐÅÏ¢(ÈçMPLS, GTP) */ + if(pdetail_pr->udpdetail_public.serverpktnum == 0){ /* ��ǰ����ĵ�һ����, ���Ը��µײ������ĵ����ַ��Ϣ(��MPLS, GTP) */ try_to_update_addr_info = 1; } } @@ -1037,13 +1041,13 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe pstream_pr->packet_process_context=1; udp_change_stream_state(a_index,udph, raw_pkt, offset_to_raw_pkt_hdr); pstream_pr->packet_process_context=0; - /* ¸üÐÂpstreamÖ¸Õë */ + /* ����pstreamָ�� */ pstream_pr=&(a_index->stream); pstream=&(pstream_pr->stream_public); update_polling_inject_context(SAPP_MEM_DYN_UDP_POLLING_RAW_PKT, pstream_pr, raw_pkt); -/* IP, UDP²ãºÏ²¢ºó, ²»ÔÙ¸üÐÂUDP²ãµÄoffset_to_raw_pkt_hdr */ +/* IP, UDP��ϲ���, ���ٸ���UDP���offset_to_raw_pkt_hdr */ #if 0 pstream_pr->offset_to_raw_pkt_hdr = offset_to_raw_pkt_hdr; #endif @@ -1098,9 +1102,11 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe } } + if(pstream_pr->stream_carry_up_layer_tunnel_type & STREAM_TUNNEL_GPRS_TUNNEL){ + ret = gtp_entry(pstream_pr, udph, thread_num, routedir, raw_pkt, next_layer_offset); + } - - /* TODO 2, »ùÓÚIPv6µÄUDP port 1701 L2TPЭÒé */ + /* TODO 2, ����IPv6��UDP port 1701 L2TP�� */ pstream_pr->packet_process_context=0; if(DROP == ret){ sapp_runtime_log(RLOG_LV_DEBUG, "UDP stream: %s, curdir:%d, return DROP.", printaddr(&pstream->addr, pstream->threadnum), pstream->curdir); @@ -1109,7 +1115,7 @@ int dealipv6udppkt(struct streamindex *pindex,const struct mesa_ip6_hdr *a_packe return ret; } -/* lijia comment: a_packet¿ÉÄÜÊÇÕæʵԭʼ°ü, Ò²¿ÉÄÜÊÇmallocµÄIPÖØ×é°ü, ¿¿addr.pkttypeÇø·Ö */ +/* lijia comment: a_packet��������ʵԭʼ��, Ҳ������malloc��IP�����, ��addr.pkttype���� */ int process_ipv4_pkt (struct streamindex *pfindex,const struct mesa_ip4_hdr * a_packet,int thread_num, unsigned char routedir, const raw_pkt_t *raw_pkt, int offset_to_raw_pkt_hdr) { @@ -1173,7 +1179,7 @@ int process_ipv4_pkt (struct streamindex *pfindex,const struct mesa_ip4_hdr * a_ break; case IPPROTO_ICMP: -#if 0 /* 2017-05-19 lijia modify, GDEV±£»îתµ½g_device_plug²å¼þÖÐʵÏÖ, ƽ̨ÄÚ²¿²»ÔÙ´¦Àí */ +#if 0 /* 2017-05-19 lijia modify, GDEV����ת��g_device_plug�����ʵ��, ƽ̨�ڲ����ٴ��� */ ((raw_pkt_t *)raw_pkt)->offset_to_raw_pkt_hdr = next_layer_offest; ret = icmp_entry(pfstream_pr,next_layer_hdr,thread_num,routedir,raw_pkt, next_layer_offest); #endif @@ -1224,7 +1230,7 @@ char udp_teredo_identify_entry(const struct streaminfo *pstream, const void *thi pstream_pr->stream_carry_up_layer_tunnel_type |= STREAM_TUNNLE_TEREDO; } - return APP_STATE_DROPME; /* ÿ¸öÁ÷Ö»¿´µÚÒ»¸ö°ü, ²»¹ÜÊÇ·ñteredoËíµÀ, ºóÐø¶¼²»ÔÙ´¦ÀíÁË */ + return APP_STATE_DROPME; /* ÿ����ֻ����һ����, �����Ƿ�teredo����, ���������ٴ����� */ } -- cgit v1.2.3