diff options
| -rw-r--r-- | common/include/kni_cmsg.h | 18 | ||||
| -rw-r--r-- | common/src/kni_cmsg.cpp | 18 | ||||
| -rw-r--r-- | entry/src/kni_entry.cpp | 92 |
3 files changed, 33 insertions, 95 deletions
diff --git a/common/include/kni_cmsg.h b/common/include/kni_cmsg.h index 7958f49..2a23563 100644 --- a/common/include/kni_cmsg.h +++ b/common/include/kni_cmsg.h @@ -82,14 +82,16 @@ enum tfe_cmsg_tlv_type TFE_CMSG_DST_ASN, // string max size 64 TFE_CMSG_SRC_ORGANIZATION, // string max size 256 TFE_CMSG_DST_ORGANIZATION, // string max size 256 - TFE_CMSG_SRC_IP_LOCATION_COUNTRY, // string max size 256 - TFE_CMSG_DST_IP_LOCATION_COUNTRY, // string max size 256 - TFE_CMSG_SRC_IP_LOCATION_PROVINE, // string max size 256 - TFE_CMSG_DST_IP_LOCATION_PROVINE, // string max size 256 - TFE_CMSG_SRC_IP_LOCATION_CITY, // string max size 256 - TFE_CMSG_DST_IP_LOCATION_CITY, // string max size 256 - TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, - TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, + // TFE_CMSG_SRC_IP_LOCATION_COUNTRY, // string max size 256 + // TFE_CMSG_DST_IP_LOCATION_COUNTRY, // string max size 256 + // TFE_CMSG_SRC_IP_LOCATION_PROVINE, // string max size 256 + // TFE_CMSG_DST_IP_LOCATION_PROVINE, // string max size 256 + // TFE_CMSG_SRC_IP_LOCATION_CITY, // string max size 256 + // TFE_CMSG_DST_IP_LOCATION_CITY, // string max size 256 + // TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, + // TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, + TFE_CMSG_SRC_IP_LOCATION, //string max size 256 * 4 + TFE_CMSG_DST_IP_LOCATION, //ja3 fingerprint TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, //fqdn cat id diff --git a/common/src/kni_cmsg.cpp b/common/src/kni_cmsg.cpp index 98954c0..67dc868 100644 --- a/common/src/kni_cmsg.cpp +++ b/common/src/kni_cmsg.cpp @@ -242,14 +242,16 @@ void tfe_cmsg_enum_to_string() tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_ASN] = "TFE_CMSG_DST_ASN"; tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_ORGANIZATION] = "TFE_CMSG_SRC_ORGANIZATION"; tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_ORGANIZATION] = "TFE_CMSG_DST_ORGANIZATION"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_COUNTRY] = "TFE_CMSG_SRC_IP_LOCATION_COUNTRY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_COUNTRY] = "TFE_CMSG_DST_IP_LOCATION_COUNTRY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_PROVINE] = "TFE_CMSG_SRC_IP_LOCATION_PROVINE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_PROVINE] = "TFE_CMSG_DST_IP_LOCATION_PROVINE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_CITY] = "TFE_CMSG_SRC_IP_LOCATION_CITY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_CITY] = "TFE_CMSG_DST_IP_LOCATION_CITY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION] = "TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_SUBDIVISION] = "TFE_CMSG_DST_IP_LOCATION_SUBDIVISION"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_COUNTRY] = "TFE_CMSG_SRC_IP_LOCATION_COUNTRY"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_COUNTRY] = "TFE_CMSG_DST_IP_LOCATION_COUNTRY"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_PROVINE] = "TFE_CMSG_SRC_IP_LOCATION_PROVINE"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_PROVINE] = "TFE_CMSG_DST_IP_LOCATION_PROVINE"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_CITY] = "TFE_CMSG_SRC_IP_LOCATION_CITY"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_CITY] = "TFE_CMSG_DST_IP_LOCATION_CITY"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION] = "TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION"; + // tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION_SUBDIVISION] = "TFE_CMSG_DST_IP_LOCATION_SUBDIVISION"; + tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION] = "TFE_CMSG_SRC_IP_LOCATION"; + tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION] = "TFE_CMSG_DST_IP_LOCATION"; tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT] = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT"; tfe_cmsg_tlv_type_to_string[TFE_CMSG_FQDN_CAT_ID_NUM] = "TFE_CMSG_FQDN_CAT_ID_NUM"; diff --git a/entry/src/kni_entry.cpp b/entry/src/kni_entry.cpp index a7beeb1..a5f2484 100644 --- a/entry/src/kni_entry.cpp +++ b/entry/src/kni_entry.cpp @@ -515,71 +515,25 @@ static int session_attr_ip_location_cmsg_set(const struct session_runtime_attrib const struct location_info *server_location = srt_attribute_get_server_ip_location(session_attr); do{ - if(client_location == NULL) + if(client_location == NULL || client_location->full_location == NULL) { - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION, (const unsigned char*)empty_arr, 0, pmeinfo); if(ret < 0) break; } else { - client_location->country_full == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)client_location->country_full, strlen(client_location->country_full), pmeinfo); - if(ret < 0) break; - - client_location->province_full == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)client_location->province_full, strlen(client_location->province_full), pmeinfo); - if(ret < 0) break; - - client_location->city_full == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)client_location->city_full, strlen(client_location->city_full), pmeinfo); - if(ret < 0) break; - - client_location->subdivision_addr == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)client_location->subdivision_addr, strlen(client_location->subdivision_addr), pmeinfo); + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION, (const unsigned char*)client_location->full_location, (uint16_t)client_location->full_location_len, pmeinfo); if(ret < 0) break; } - if(server_location == NULL) + if(server_location == NULL || server_location->full_location == NULL) { - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION, (const unsigned char*)empty_arr, 0, pmeinfo); if(ret < 0) break; } else { - server_location->country_full == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)server_location->country_full, strlen(server_location->country_full), pmeinfo); - if(ret < 0) break; - - server_location->province_full == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)server_location->province_full, strlen(server_location->province_full), pmeinfo); - if(ret < 0) break; - - server_location->city_full == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)server_location->city_full, strlen(server_location->city_full), pmeinfo); - if(ret < 0) break; - - server_location->subdivision_addr == NULL - ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) - :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)server_location->subdivision_addr, strlen(server_location->subdivision_addr), pmeinfo); + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION, (const unsigned char*)server_location->full_location, (uint16_t)server_location->full_location_len, pmeinfo); if(ret < 0) break; } }while(0); @@ -1320,20 +1274,10 @@ static struct session_runtime_attribute * kni_pull_session_attribute_results(str } else { - if(client_location->country_full == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location country is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location country is: %s,stream traceid = %s",client_location->country_full,pmeinfo->stream_traceid); - - if(client_location->province_full == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location province is NULL,stream traceid = %s", pmeinfo->stream_traceid); + if(client_location->full_location == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip full location is NULL,stream traceid = %s",pmeinfo->stream_traceid); else - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location province is: %s,stream traceid = %s", client_location->province_full, pmeinfo->stream_traceid); - - if(client_location->city_full == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location city is NULL,stream traceid = %s", pmeinfo->stream_traceid); - else - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location city is: %s,stream traceid = %s", client_location->city_full, pmeinfo->stream_traceid); + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip full location is: %s, stream traceid = %s",client_location->full_location, pmeinfo->stream_traceid); } const struct location_info *server_location = srt_attribute_get_server_ip_location(session_attr); @@ -1343,20 +1287,10 @@ static struct session_runtime_attribute * kni_pull_session_attribute_results(str } else { - if(server_location->country_full == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location country is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location country is: %s,stream traceid = %s",server_location->country_full, pmeinfo->stream_traceid); - - if(server_location->province_full == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location province is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location province is: %s,stream traceid = %s", server_location->province_full, pmeinfo->stream_traceid); - - if(server_location->city_full == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location city is NULL,stream traceid = %s",pmeinfo->stream_traceid); + if(server_location->full_location == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip full location is NULL,stream traceid = %s",pmeinfo->stream_traceid); else - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location city is: %s,stream traceid = %s", server_location->city_full, pmeinfo->stream_traceid); + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip full location is: %s, stream traceid = %s",server_location->full_location, pmeinfo->stream_traceid); } const char *ja3_fingerprint = srt_attribute_get_ja3_fingerprint(session_attr); @@ -2254,7 +2188,7 @@ static char close_opstate(const struct streaminfo *stream, struct pme_info *pmei // tuple2stream_htable_del(stream, thread_seq); // } set_proxy_metric_value_by_packet(stream, &(pmeinfo->proxy_metric_value)); - if(pmeinfo->is_dynamic_bypass != 1) + if(pmeinfo->is_dynamic_bypass != 1 && pmeinfo->intcp_error == 0) { MESA_htable_search(g_kni_handle->traceid2pme_htable, (const unsigned char*)pmeinfo->stream_traceid, strnlen(pmeinfo->stream_traceid, sizeof(pmeinfo->stream_traceid))); |