Feature: scanner header definition

author: liuxueli <[email protected]> 2024-10-23 09:36:01 +0000
committer: liuxueli <[email protected]> 2024-11-27 06:36:26 +0000
commit: 659df8186f1269a57b28839182888b4ebc1528a9 (patch)
tree: 267b0ade3b6c5c5adbec9fc2e8685adceca0232e
parent: 975b584b6595e119b6ea8da392719f14799f5929 (diff)
2 files changed, 137 insertions, 0 deletions
diff --git a/include/stellar/scanner.h b/include/stellar/scanner.h
new file mode 100644
index 0000000..c8ddb72
--- /dev/null
+++ b/include/stellar/scanner.h
@@ -0,0 +1,113 @@
+#pragma once
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+  
+#include "maat.h"
+#include <stddef.h>
+
+struct scanner; 
+struct scanner *stellar_module_get_scanner(struct stellar_module_manager *mod_mgr);
+
+/*
+    @ return cm maat instance
+*/
+struct maat *scanner_get_maat_instance(struct scanner *scanner);
+
+/*
+   @ exdata/message shares the memory of policy_exdata, so we need to free the memory of policy_exdata in exdata free callback
+*/
+
+enum RULE_TYPE
+{
+  RULE_TYPE_UNKNOWN=0,
+  RULE_TYPE_SECURITY,
+  RULE_TYPE_DOS_PROTECTION,
+  RULE_TYPE_MONITOR,
+  RULE_TYPE_STATISTICS,
+  RULE_TYPE_PROXY,
+  RULE_TYPE_SHAPING,
+  RULE_TYPE_SERVICE_CHAINING,
+  RULE_TYPE_MAX
+};
+
+typedef void on_rule_callback(struct session *sess, uuid_t rule_uuids[], size_t n_rule_uuids, void *args);
+int scanner_rule_create_topic(struct stellar_module_manager *mod_mgr, enum RULE_TYPE rule_type);
+int scanner_rule_subscribe(struct stellar_module_manager *mod_mgr, enum RULE_TYPE rule_type, on_rule_callback *cb, void *args);
+
+struct policy_exdata;
+struct policy_exdata *scanner_get_policy_exdata_on_session(struct scanner *scanner, struct session *sess);
+struct policy_exdata *scanner_get_policy_exdata_on_packet(struct scanner *scanner, struct packet *pkt);
+
+size_t policy_exdata_get_cumulative_rule_count(struct policy_exdata *msg, enum RULE_TYPE rule_type);
+size_t policy_exdata_get_cumulative_rule_uuids(struct policy_exdata *msg, enum RULE_TYPE rule_type, uuid_t rule_uuids[], size_t n_rule_uuids);
+ 
+size_t policy_exdata_get_delta_rule_count(struct policy_exdata *msg, enum RULE_TYPE rule_type);
+size_t policy_exdata_get_delta_rule_uuids(struct policy_exdata *msg, enum RULE_TYPE rule_type, uuid_t rule_uuids[], size_t n_rule_uuids);
+
+enum OBJECT_TYPE
+{
+  OBJECT_TYPE_UNKNOWN=0,
+  OBJECT_TYPE_CLIENT_IP,
+  OBJECT_TYPE_SERVER_IP,
+  OBJECT_TYPE_OTHERS,
+  OBJECT_TYPE_MAX
+};
+
+size_t policy_exdata_get_cumulative_object_count(struct policy_exdata *msg, enum OBJECT_TYPE object_type);
+size_t policy_exdata_get_cumulative_hit_objects(struct policy_exdata *msg, enum OBJECT_TYPE object_type, struct maat_hit_object hit_objects[], size_t n_hit_objects);
+ 
+size_t policy_exdata_get_delta_hit_object_count(struct policy_exdata *msg, enum OBJECT_TYPE object_type);
+size_t policy_exdata_get_delta_hit_objects(struct policy_exdata *msg, enum OBJECT_TYPE object_type, struct maat_hit_object hit_objects[], size_t n_hit_objects);
+
+/*
+  @ Enforcer of security enforces security rule para by of app id dict, so need to get application id by rule id
+*/
+
+int policy_exdata_get_application_id_by_rule_uuid(struct policy_exdata *msg, uuid_t rule_uuid);
+
+/*
+  Session JSON: 
+    Application / Application Category / Application Transition / Application Content
+    Server FQDN / Server Domain / Sever FQDN tag rule_uuids (string)
+    IMEI/IMSI/Phone Number/APN
+    Client Subscriber ID
+    Client/Server ASN
+    Client/Server Country
+    Decode Path / Decode AS
+*/
+
+struct attribute_exdata;
+struct attribute_exdata *scanner_get_attribute_exdata_on_session(struct scanner *scanner, struct session *sess);
+struct attribute_exdata *scanner_get_attribute_exdata_on_packet(struct scanner *scanner, struct packet *pkt);
+
+void attribute_exdata_get0_application(struct attribute_exdata *msg, char **application, size_t *application_sz);
+void attribute_exdata_get0_application_category(struct attribute_exdata *msg, char **application_category, size_t *application_category_sz);
+void attribute_exdata_get0_application_transition(struct attribute_exdata *msg, char **application_transition, size_t *application_transition_sz);
+void attribute_exdata_get0_application_content(struct attribute_exdata *msg, char **application_content, size_t *application_content_sz);
+void attribute_exdata_get0_server_fqdn(struct attribute_exdata *msg, char **server_fqdn, size_t *server_fqdn_sz);
+void attribute_exdata_get0_server_domain(struct attribute_exdata *msg, char **server_domain, size_t *server_domain_sz);
+void attribute_exdata_get0_imei(struct attribute_exdata *msg, char **imei, size_t *imei_sz);
+void attribute_exdata_get0_imsi(struct attribute_exdata *msg, char **imsi, size_t *imsi_sz);
+void attribute_exdata_get0_phone_number(struct attribute_exdata *msg, char **phone_number, size_t *phone_number_sz);
+void attribute_exdata_get0_apn(struct attribute_exdata *msg, char **apn, size_t *apn_sz);
+void attribute_exdata_get0_client_subscriber_id(struct attribute_exdata *msg, char **client_subscriber_id, size_t *client_subscriber_id_sz);
+void attribute_exdata_get0_client_asn(struct attribute_exdata *msg, char **client_asn, size_t *client_asn_sz);  // for dos enforcer
+void attribute_exdata_get0_server_asn(struct attribute_exdata *msg, char **server_asn, size_t *server_asn_sz);
+void attribute_exdata_get0_client_country(struct attribute_exdata *msg, char **client_country, size_t *client_country_sz);
+void attribute_exdata_get0_server_country(struct attribute_exdata *msg, char **server_country, size_t *server_country_sz);
+void attribute_exdata_get0_decode_path(struct attribute_exdata *msg, char **decode_path, size_t *decode_path_sz);
+void attribute_exdata_get0_decode_as(struct attribute_exdata *msg, char **decode_as, size_t *decode_as_sz);
+
+long long attribute_exdata_get0_client_asn_id(struct attribute_exdata *msg);  // for statistics enforcer and recorder
+long long attribute_exdata_get0_server_asn_id(struct attribute_exdata *msg);
+
+size_t attribute_exdata_get0_client_ip_tag_rule_uuids(struct attribute_exdata *msg, uuid_t tag_uuids[], size_t n_tag_uuids);
+size_t attribute_exdata_get0_server_ip_tag_rule_uuids(struct attribute_exdata *msg, uuid_t tag_uuids[], size_t n_tag_uuids);
+size_t attribute_exdata_get0_server_fqdn_tag_rule_uuids(struct attribute_exdata *msg, uuid_t tag_uuids[], size_t n_tag_uuids);
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/scanner/scanner.c b/scanner/scanner.c
new file mode 100644
index 0000000..d7ed950
--- /dev/null
+++ b/scanner/scanner.c
@@ -0,0 +1,24 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "uthash/utarray.h"
+
+#include "scanner.h"
+
+#define PLOLICY_MESSAGE_MAGIC   0x12121212
+
+struct policy_exdata
+{
+    int magic;
+    UT_array *rule_delta[RULE_TYPE_MAX];
+    UT_array *rule_cumulative[RULE_TYPE_MAX];
+    UT_array *object_delta[OBJECT_TYPE_MAX];
+    UT_array *object_cumulative[OBJECT_TYPE_MAX];
+};
+
+
+struct attribute_exdata
+{
+    
+};
+\ No newline at end of file
author	liuxueli <[email protected]>	2024-10-23 09:36:01 +0000
committer	liuxueli <[email protected]>	2024-11-27 06:36:26 +0000
commit	659df8186f1269a57b28839182888b4ebc1528a9 (patch)
tree	267b0ade3b6c5c5adbec9fc2e8685adceca0232e
parent	975b584b6595e119b6ea8da392719f14799f5929 (diff)