summaryrefslogtreecommitdiff
path: root/common/include/kni_cmsg.h
blob: 2a23563416f96f0070646b6429e69bbcc91bcf07 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

#pragma once

//#define KNI_CMSG_TLV_NR_MAX  64
struct kni_cmsg;
struct kni_cmsg_serialize_header;


enum kni_cmsg_errno{
	KNI_CMSG_INVALID_FORMAT = -1,
	KNI_CMSG_BUFF_NOT_ENOUGH = -2,
	KNI_CMSG_INVALID_TYPE = -3,
    KNI_CMSG_TYPE_UNSET = -4,
};

enum tfe_cmsg_tlv_type
{
    /* TCP restore information */
    TFE_CMSG_TCP_RESTORE_SEQ = 0x0,
    TFE_CMSG_TCP_RESTORE_ACK = 0x1,
    TFE_CMSG_TCP_RESTORE_MSS_CLIENT = 0x2,
    TFE_CMSG_TCP_RESTORE_MSS_SERVER = 0x3,
    TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT = 0x4,
    TFE_CMSG_TCP_RESTORE_WSACLE_SERVER = 0x5,
    TFE_CMSG_TCP_RESTORE_SACK_CLIENT = 0x6,
    TFE_CMSG_TCP_RESTORE_SACK_SERVER = 0x7,
    TFE_CMSG_TCP_RESTORE_TS_CLIENT = 0x8,
    TFE_CMSG_TCP_RESTORE_TS_SERVER = 0x9,
    TFE_CMSG_TCP_RESTORE_PROTOCOL = 0xa,
    TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT = 0xb,
    TFE_CMSG_TCP_RESTORE_WINDOW_SERVER = 0xc,
    TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR = 0xd, 
    TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL = 0xe,
    TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL = 0xf,

    TFE_CMSG_POLICY_ID = 0x10, // size uint64_t
    TFE_CMSG_STREAM_TRACE_ID = 0x11,
    TFE_CMSG_TCP_OPTION_PROFILE_ID,  // size int
    TFE_CMSG_DECRYPTION_PROFILE_ID,  // size int
    TFE_CMSG_KEYRING_FOR_TRUSTED_ID, // size int
    TFE_CMSG_KEYRING_FOR_UNTRUSTED,  // size int

    TFE_CMSG_SSL_INTERCEPT_STATE,		//size uint64_t, 0-passthrough, 1-intercept, 2-shutdown, referer from enum ssl_stream_action
	TFE_CMSG_SSL_UPSTREAM_LATENCY,		//size uint64_t, milisecond
	TFE_CMSG_SSL_DOWNSTREAM_LATENCY,	//size uint64_t, milisecond
	TFE_CMSG_SSL_UPSTREAM_VERSION,		//string, SSLv3 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 unknown
	TFE_CMSG_SSL_DOWNSTREAM_VERSION,   
	TFE_CMSG_SSL_PINNING_STATE,			//size uint64_t, 0-not pinning 1-pinning 2-maybe pinning
	TFE_CMSG_SSL_CERT_VERIFY,   //uint16_t
	TFE_CMSG_SSL_ERROR,	  //string
    TFE_CMSG_SRC_MAC, 
    TFE_CMSG_DST_MAC,
    
    /* TCP option information */
    TFE_CMSG_DOWNSTREAM_TCP_MSS_ENABLE,
    TFE_CMSG_DOWNSTREAM_TCP_MSS_VALUE,
    TFE_CMSG_DOWNSTREAM_TCP_NODELAY,
    TFE_CMSG_DOWNSTREAM_TCP_TTL,
    TFE_CMSG_DOWNSTREAM_TCP_KEEPALIVE,
    TFE_CMSG_DOWNSTREAM_TCP_KEEPCNT, 
    TFE_CMSG_DOWNSTREAM_TCP_KEEPIDLE,
    TFE_CMSG_DOWNSTREAM_TCP_KEEPINTVL, 
    TFE_CMSG_DOWNSTREAM_TCP_USER_TIMEOUT,

    TFE_CMSG_UPSTREAM_TCP_MSS_ENABLE,
    TFE_CMSG_UPSTREAM_TCP_MSS_VALUE,
    TFE_CMSG_UPSTREAM_TCP_NODELAY,
    TFE_CMSG_UPSTREAM_TCP_TTL,
    TFE_CMSG_UPSTREAM_TCP_KEEPALIVE,
    TFE_CMSG_UPSTREAM_TCP_KEEPCNT,
    TFE_CMSG_UPSTREAM_TCP_KEEPIDLE,
    TFE_CMSG_UPSTREAM_TCP_KEEPINTVL, 
    TFE_CMSG_UPSTREAM_TCP_USER_TIMEOUT,

    TFE_CMSG_HIT_NO_INTERCEPT, // size uint8_t
    TFE_CMSG_TCP_PASSTHROUGH,
    TFE_CMSG_TCP_DECRYPTED_TRAFFIC_STEERING,

    // share session attribute
    TFE_CMSG_SRC_SUB_ID,              // string max size 256
    TFE_CMSG_DST_SUB_ID,              // string max size 256
    TFE_CMSG_SRC_ASN,                 // string max size 64
    TFE_CMSG_DST_ASN,                 // string max size 64
    TFE_CMSG_SRC_ORGANIZATION,        // string max size 256
    TFE_CMSG_DST_ORGANIZATION,        // string max size 256
    // TFE_CMSG_SRC_IP_LOCATION_COUNTRY, // string max size 256
    // TFE_CMSG_DST_IP_LOCATION_COUNTRY, // string max size 256
    // TFE_CMSG_SRC_IP_LOCATION_PROVINE, // string max size 256
    // TFE_CMSG_DST_IP_LOCATION_PROVINE, // string max size 256
    // TFE_CMSG_SRC_IP_LOCATION_CITY,    // string max size 256
    // TFE_CMSG_DST_IP_LOCATION_CITY,    // string max size 256
    // TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION,
    // TFE_CMSG_DST_IP_LOCATION_SUBDIVISION,
    TFE_CMSG_SRC_IP_LOCATION,         //string max size 256 * 4
    TFE_CMSG_DST_IP_LOCATION,
    //ja3 fingerprint
    TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT,
    //fqdn cat id 
    TFE_CMSG_FQDN_CAT_ID_NUM,                // uint32_t
    TFE_CMSG_FQDN_CAT_ID_VAL,                // string max size 8 * sizeof(uint32_t)
    //cmsg common_direction
    TFE_CMSG_COMMON_DIRECTION,
    TFE_CMSG_SSL_PASSTHROUGH_REASON,
    TFE_CMSG_POLICY_VSYS_ID, // unsigned int
    //cmsg tlv max
    KNI_CMSG_TLV_NR_MAX,
};

extern const char * tfe_cmsg_tlv_type_to_string[KNI_CMSG_TLV_NR_MAX];


struct kni_cmsg* kni_cmsg_init();
void kni_cmsg_destroy(struct kni_cmsg *cmsg);
int kni_cmsg_get(struct kni_cmsg *cmsg, uint16_t type, uint16_t *size, unsigned char **pvalue);
int kni_cmsg_set(struct kni_cmsg *cmsg, uint16_t type, const unsigned char *value, uint16_t size);
uint16_t kni_cmsg_serialize_size_get(struct kni_cmsg *cmsg);
int kni_cmsg_serialize(struct kni_cmsg *cmsg, unsigned char *buff, uint16_t bufflen, uint16_t *serialize_len);
int kni_cmsg_deserialize(const unsigned char *data, uint16_t len, struct kni_cmsg** pcmsg);

void tfe_cmsg_enum_to_string();
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 19:25:57 +0000