diff options
| -rw-r--r-- | common/include/kni_cmsg.h | 1 | ||||
| -rw-r--r-- | entry/include/tsg/tsg_rule.h | 1 | ||||
| -rw-r--r-- | entry/include/tsg_rule.h | 1 | ||||
| -rw-r--r-- | entry/src/kni_entry.cpp | 29 |
4 files changed, 31 insertions, 1 deletions
diff --git a/common/include/kni_cmsg.h b/common/include/kni_cmsg.h index 29527a4..3716f72 100644 --- a/common/include/kni_cmsg.h +++ b/common/include/kni_cmsg.h @@ -28,6 +28,7 @@ enum tfe_cmsg_tlv_type TFE_CMSG_TCP_RESTORE_PROTOCOL = 0xa, TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT = 0xb, TFE_CMSG_TCP_RESTORE_WINDOW_SERVER = 0xc, + TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR = 0xd, TFE_CMSG_POLICY_ID = 0x10, TFE_CMSG_STREAM_TRACE_ID = 0x11, diff --git a/entry/include/tsg/tsg_rule.h b/entry/include/tsg/tsg_rule.h index 37a6cbf..1b9192a 100644 --- a/entry/include/tsg/tsg_rule.h +++ b/entry/include/tsg/tsg_rule.h @@ -37,6 +37,7 @@ typedef enum _tsg_protocol PROTO_SIP, PROTO_BGP, PROTO_STREAMING_MEDIA, + PROTO_SSH, PROTO_MAX }tsg_protocol_t; diff --git a/entry/include/tsg_rule.h b/entry/include/tsg_rule.h index 37a6cbf..1b9192a 100644 --- a/entry/include/tsg_rule.h +++ b/entry/include/tsg_rule.h @@ -37,6 +37,7 @@ typedef enum _tsg_protocol PROTO_SIP, PROTO_BGP, PROTO_STREAMING_MEDIA, + PROTO_SSH, PROTO_MAX }tsg_protocol_t; diff --git a/entry/src/kni_entry.cpp b/entry/src/kni_entry.cpp index 8d13b48..a639a32 100644 --- a/entry/src/kni_entry.cpp +++ b/entry/src/kni_entry.cpp @@ -402,7 +402,8 @@ static unsigned char* kni_cmsg_serialize_header_new(struct pme_info *pmeinfo, st void *logger = g_kni_handle->local_logger; uint16_t bufflen = 0, serialize_len = 0; unsigned char *buff = NULL; - uint8_t protocol_type = pmeinfo->protocol == PROTO_SSL ? 0x1 : 0x0; + //uint8_t protocol_type = pmeinfo->protocol == PROTO_SSL ? 0x1 : 0x0; + uint8_t protocol_type = 0x0; struct kni_cmsg *cmsg = kni_cmsg_init(); char *trace_id = NULL; uint32_t seq = pktinfo->tcphdr->seq; @@ -411,9 +412,31 @@ static unsigned char* kni_cmsg_serialize_header_new(struct pme_info *pmeinfo, st uint16_t server_mss = htons(pmeinfo->server_tcpopt.mss); uint16_t client_window = htons(pmeinfo->client_window); uint16_t server_window = htons(pmeinfo->server_window); + unsigned char stream_curdir = stream->curdir; + if(stream_curdir == DIR_S2C) + { + seq = pktinfo->tcphdr->ack_seq; + ack = pktinfo->tcphdr->seq; + } + char src_mac[6] = {0}; char dst_mac[6] = {0}; int policy_id; + + switch(pmeinfo->protocol) + { + case PROTO_SSL: + protocol_type = 0x1; + break; + + case PROTO_SSH: + protocol_type = 0x2; + break; + + default: + protocol_type = 0x0; + + } //seq int ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_TCP_RESTORE_SEQ, (const unsigned char*)&seq, 4, pmeinfo); if(ret < 0) goto error_out; @@ -456,6 +479,9 @@ static unsigned char* kni_cmsg_serialize_header_new(struct pme_info *pmeinfo, st //server window ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_TCP_RESTORE_WINDOW_SERVER, (const unsigned char*)&server_window, 2, pmeinfo); if(ret < 0) goto error_out; + //current packet direction + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, (const unsigned char*)&stream_curdir, 1, pmeinfo); + if(ret < 0) goto error_out; //maat policy id policy_id = pmeinfo->policy_id; ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_POLICY_ID, (const unsigned char*)&policy_id, sizeof(policy_id), pmeinfo); @@ -998,6 +1024,7 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei if(pmeinfo->protocol == PROTO_HTTP){ FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_HTTP_STM], 0, FS_OP_ADD, 1); } + //dup_traffic_stm if(pmeinfo->has_dup_traffic == 1){ FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_DUP_TFC_STM], 0, FS_OP_ADD, 1); |