✨feat(tcpdump.c): 新增classify过滤参数

--classify in|forward|inject|drop|error
--enable_classify_watermark  record classify type in src mac address

2 files changed, 150 insertions, 46 deletions

diff --git a/src/mesa_pkt_dump.h b/src/mesa_pkt_dump.h
index 7dedb4b..28b8d6b 100644
--- a/src/mesa_pkt_dump.h
+++ b/src/mesa_pkt_dump.h
@@ -1,46 +1,54 @@
-#ifndef _MESA_PKT_DUMP_H_
-#define _MESA_PKT_DUMP_H_ 1
-
-#define MESA_PKT_DUM_H_VER (20181115)
-
-
-/* 
-	����DPDK-3.0, PFRINGģʽ��, ������ռ����ʱ, ͨ��ƽ̨ʵʱ����.
-*/
-
-#define PKT_DUMP_HDR_MAGIC	(0x44554D50) /* 'MESA' */
-
-enum pkt_dump_opt_t{
-	PKT_DUMP_OPT_RCV_PORT,
-	PKT_DUMP_OPT_BPF_FILTER,
-	PKT_DUMP_OPT_DATA_OFFSET,
-	PKT_DUMP_OPT_THREAD_INDEX,
-	PKT_DUMP_OPT_ACK, /* sapp���ظ�tcpdump_mesa��ack�� */
-	PKT_DUMP_OPT_PERCEPTIVE, /* �������ģʽ, ���Է��ֶ������� */
-	PKT_DUMP_OPT_GREEDY_SEEK,  /* ƫ�Ƶ����ڲ�IP, ��������ģʽ�²���BUG */ 
-};
-
-/* ������, �����Ժ�������ϵͳ��ARM, PowerPC, MIPS����ֲ */
-struct pkt_dump_opt{
-	unsigned short opt_type;
-	unsigned short opt_len;
-	/* actual opt value */
-}__attribute__((packed, aligned(1)));
-
-/* ��������ǰ��������Ϣ, ������, �����Ժ�������ϵͳ��ARM, PowerPC, MIPS����ֲ */
-struct pkt_dump_handshake{
-	unsigned int magic;   /* �̶�Ϊ0x44554D50, 'DUMP' */
-	unsigned int version; /* �����ж�˫���İ汾��, һ��Ϊ����20170106�� */
-	unsigned int opt_num; /* ����ѡ�������, �籾�˽��ն˿ں�, BPF��������, ����offsetֵ�ȵ� */
-}__attribute__((packed, aligned(1)));
-
-
-struct perceptive_info{
-	unsigned char thread_id;
-	unsigned char pad;
-	unsigned int pkt_seq; /* ��0��ʼ�ۼ�, ���seq�пն�, ˵����������ж��˶��ٰ� */
-}__attribute__((packed, aligned(1)));
-
-
-#endif
-
+#ifndef _MESA_PKT_DUMP_H_

+#define _MESA_PKT_DUMP_H_ 1

+

+#define MESA_PKT_DUM_H_VER (20201102)

+

+/* 

+	����DPDK-3.0, PFRINGģʽ��, ������ռ����ʱ, ͨ��ƽ̨ʵʱ����.

+*/

+

+#define PKT_DUMP_HDR_MAGIC	(0x44554D50)

+

+/* ֧�ְ�Bitλ�� */

+enum _pkt_classify{

+	PKT_CLASSIFY_IN			= 0x01,  /* DMAC ascii��ֵ: I */

+	PKT_CLASSIFY_FORWARD	= 0x02,  /* DMAC ascii��ֵ: F */

+	PKT_CLASSIFY_INJECT		= 0x04,  /* DMAC ascii��ֵ: J */

+	PKT_CLASSIFY_DROP		= 0x08,  /* DMAC ascii��ֵ: D */

+	PKT_CLASSIFY_ERROR		= 0x10,  /* DMAC ascii��ֵ: E */

+};

+

+enum pkt_dump_opt_t{

+	PKT_DUMP_OPT_RCV_PORT,

+	PKT_DUMP_OPT_BPF_FILTER,

+	PKT_DUMP_OPT_DATA_OFFSET,

+	PKT_DUMP_OPT_THREAD_INDEX,	

+	PKT_DUMP_OPT_ACK, /* sapp���ظ�tcpdump_mesa��ack�� */

+	PKT_DUMP_OPT_PERCEPTIVE, /* �������ģʽ, ���Է��ֶ������� */	

+	PKT_DUMP_OPT_GREEDY_SEEK,  /* ƫ�Ƶ����ڲ�IP, ��������ģʽ�²���BUG */ 

+	PKT_DUMP_OPT_CLASSIFY, /* short����, ������Դ����,  ������� enum _pkt_classify, ���û��ָ���˲���, Ĭ��ֵΪPKT_CLASSIFY_IN */

+	PKT_DUMP_OPT_CLASSIFY_WATERMARK, /* char����, 0��1, ������Դˮӡ,������ֵ����dmac,�˲������޸������ԭʼ��, ����, Ĭ�Ϲر�  */

+};

+

+/* ������, �����Ժ�������ϵͳ��ARM, PowerPC, MIPS����ֲ */

+struct pkt_dump_opt{

+	unsigned short opt_type;

+	unsigned short opt_len;

+	/* actual opt value */

+}__attribute__((packed, aligned(1)));

+

+/* ��������ǰ��������Ϣ, ������, �����Ժ�������ϵͳ��ARM, PowerPC, MIPS����ֲ */

+struct pkt_dump_handshake{

+	unsigned int magic;   /* �̶�Ϊ0x44554D50, 'DUMP' */

+	unsigned int version; /* �����ж�˫���İ汾��, һ��Ϊ����20170106�� */

+	unsigned int opt_num; /* ����ѡ�������, �籾�˽��ն˿ں�, BPF��������, ����offsetֵ�ȵ� */

+}__attribute__((packed, aligned(1)));

+

+struct perceptive_info{

+	unsigned char thread_id;

+	unsigned char pad;

+	unsigned int pkt_seq; /* ��0��ʼ�ۼ�, ���seq�пն�, ˵����������ж��˶��ٰ� */

+}__attribute__((packed, aligned(1)));

+

+#endif

+

diff --git a/src/tcpdump.c b/src/tcpdump.c
index d244e92..2ead29e 100644
--- a/src/tcpdump.c
+++ b/src/tcpdump.c
@@ -55,6 +55,8 @@ static int dump_to_file_flag = 0; /* 是否有-w 参数, 原有标准的WFileNam
 static int has_device_flag = 0; /* 是否有-i, -r参数, 原有标准的device变量是main()的局部变量, 不方便使用, 使用此变量表示是否从某个网卡捕包 */
 static int has_bpf_filter_flag = 0; /* 是否有正确的BPF过滤条件 */
 extern int treat_vlan_as_mac_in_mac_sw;
+static short pkt_classify_flag = 0;
+static char pkt_classify_watermark_sw = 0;
 
 #endif
 
@@ -532,6 +534,8 @@ show_devices_and_exit (void)
 
 #if MESA_DUMP
 #define OPTION_VLAN_AS_MAC_IN_MAC	131 /* 短参数不够用了, 增加长参数 */
+#define OPTION_PKT_CLASSIFY	132 /* 增加长参数包类型，定义见PKT_DUMP_OPT_CLASSIFY */
+#define OPTION_PKT_CLASSIFY_WATERMARK	133 /* PKT_DUMP_OPT_CLASSIFY_WATERMARK */
 #endif
 
 static const struct option longopts[] = {
@@ -575,6 +579,8 @@ static const struct option longopts[] = {
 	{ "version", no_argument, NULL, OPTION_VERSION },
 #if MESA_DUMP 
 	{ "vlan-as-mac-in-mac", no_argument, NULL, OPTION_VLAN_AS_MAC_IN_MAC },	
+	{ "classify", required_argument, NULL, OPTION_PKT_CLASSIFY },	
+	{ "enable_classify_watermark", no_argument, NULL, OPTION_PKT_CLASSIFY_WATERMARK },	
 #endif
 	{ NULL, 0, NULL, 0 }
 };
@@ -1058,6 +1064,16 @@ static int MESA_dump_start(unsigned short udp_rcv_port, unsigned short sapp_cmd_
 		opt_num++;
 	}
 
+	if(pkt_classify_flag != 0)
+	{
+		opt_num++;
+	}
+
+	if(pkt_classify_watermark_sw != 0)
+	{
+		opt_num++;
+	}
+
 	/************** pkt handshake *************/
 	pkt_hdr.magic = htonl(PKT_DUMP_HDR_MAGIC);
 	pkt_hdr.version = htonl(20180119); /* 之前sapp对20180119版本做了严格校验, 此处向后兼容, 先固定用此值, 以后更新sapp后, 不再校验版本 */
@@ -1155,6 +1171,36 @@ static int MESA_dump_start(unsigned short udp_rcv_port, unsigned short sapp_cmd_
 		}
 	}
 
+	/************** pkt classify *************/
+	if(pkt_classify_flag != 0){
+		short t = pkt_classify_flag;
+		opt.opt_type = htons(PKT_DUMP_OPT_CLASSIFY);
+		opt.opt_len = htons(sizeof(short));
+		ret = write(tcp_cmd_fd, &opt, sizeof(opt));
+		if (ret < 0)
+		{
+			printf("connection down!\n");
+			exit(1);
+		}
+		t = htons(t);
+		ret = write(tcp_cmd_fd, &t, sizeof(short));
+		if (ret < 0)
+		{
+			printf("connection down!\n");
+			exit(1);
+		}
+	}
+	/************** pkt classify watermark*************/
+	if(pkt_classify_watermark_sw != 0){
+		opt.opt_type = htons(PKT_DUMP_OPT_CLASSIFY_WATERMARK);
+		opt.opt_len = 0;
+		ret = write(tcp_cmd_fd, &opt, sizeof(opt));
+		if(ret < 0){
+			printf("connection down!\n");
+			exit(1);
+		}
+	}
+
 	/********** after send opt, start recv sapp ACK *******/
 	if(pkt_dump_recv_ack(tcp_cmd_fd) < 0){
 		printf("connection down!\n");
@@ -1312,6 +1358,42 @@ done:
 
 	return;
 }
+
+
+
+static short get_pkt_classify_optarg(const char *optarg)
+{
+    char *p_arg = strdup(optarg);
+    short pkt_classify_flag = 0;
+    char *section, *save_ptr;
+    section = strtok_r(p_arg, "|", &save_ptr);
+    if(section == NULL)
+    {
+        section = p_arg;
+    }
+    do {
+        if (strcasecmp(section, "in") == 0)
+                pkt_classify_flag |=  PKT_CLASSIFY_IN;
+        else if (strcasecmp(section, "forward") == 0)
+                pkt_classify_flag |=  PKT_CLASSIFY_FORWARD;
+        else if (strcasecmp(section, "inject") == 0)
+                pkt_classify_flag |=   PKT_CLASSIFY_INJECT;
+        else if (strcasecmp(section, "drop") == 0)
+                pkt_classify_flag |=   PKT_CLASSIFY_DROP;
+        else if (strcasecmp(section, "error") == 0)
+                pkt_classify_flag |=   PKT_CLASSIFY_ERROR;
+        else
+        {
+            return 0;
+        }
+
+    }
+    while((section=strtok_r(NULL, "|", &save_ptr)));
+
+    free(p_arg);
+    return pkt_classify_flag;
+}
+
 #endif
 
 static struct bpf_program fcode; /* lijia modify, 做为全局变量, 其他函数中调用 */
@@ -1845,6 +1927,16 @@ main(int argc, char **argv)
 		case OPTION_VLAN_AS_MAC_IN_MAC:
 			treat_vlan_as_mac_in_mac_sw = 1;
 		break;
+		case OPTION_PKT_CLASSIFY:
+			pkt_classify_flag = get_pkt_classify_optarg(optarg);
+			if(pkt_classify_flag == 0)	
+			{
+				error("unknown classify `%s', must be in|forward|inject|drop|error", optarg);
+			}
+			break;
+		case OPTION_PKT_CLASSIFY_WATERMARK:
+			pkt_classify_watermark_sw = 1;
+		break;
 #endif
 
 		default:
@@ -3243,6 +3335,10 @@ print_usage(void)
 "\t\t[ -P port ] to assign sapp recv command port.\n");
 	(void)fprintf(stderr,
 "\t\t[ --vlan-as-mac-in-mac ] force VLAN to be analysed as MAC-IN-MAC format.\n");
+	(void)fprintf(stderr,
+"\t\t[ --classify in|forward|inject|drop|error ]. specify packet capture classifier by direction and operation\n");
+	(void)fprintf(stderr,
+"\t\t[ --enable_classify_watermark ]. enable record classify type in src mac address\n");
 #endif
 }
 /*