diff options
| author | fengweihao <[email protected]> | 2023-12-08 18:12:53 +0800 |
|---|---|---|
| committer | fengweihao <[email protected]> | 2023-12-08 18:12:53 +0800 |
| commit | b801ca9d3b652c9aa494cb3b3fb2e0a5fbe31731 (patch) | |
| tree | 991624d47cb56565ea2409e43de580d2736cf732 /plugin/business/doh | |
| parent | f1bf75367902e1e1ad20a96a6ed1aed528f89d6d (diff) | |
TSG-17840 Proxy适配日志结构变更v4.8.50-20231208
Diffstat (limited to 'plugin/business/doh')
| -rw-r--r-- | plugin/business/doh/src/logger.cpp | 77 |
1 files changed, 37 insertions, 40 deletions
diff --git a/plugin/business/doh/src/logger.cpp b/plugin/business/doh/src/logger.cpp index 88526de..b9f986c 100644 --- a/plugin/business/doh/src/logger.cpp +++ b/plugin/business/doh/src/logger.cpp @@ -328,25 +328,20 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c common_obj = cJSON_CreateObject(); cur_time = time(NULL); - cJSON_AddNumberToObject(common_obj, "common_start_time", cur_time); - cJSON_AddNumberToObject(common_obj, "common_end_time", cur_time); + cJSON_AddNumberToObject(common_obj, "start_timestamp_ms", cur_time); + cJSON_AddNumberToObject(common_obj, "end_timestamp_ms", cur_time); cJSON_AddStringToObject(common_obj, "doh_version", app_proto[http->major_version]); - cJSON_AddStringToObject(common_obj, "common_schema_type", "DoH"); + cJSON_AddStringToObject(common_obj, "decoded_as", "DoH"); char opt_val[24] = { 0 }; - uint16_t opt_out_size; unsigned int common_direction=0; + uint16_t opt_out_size; struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream); if (cmsg != NULL) { int ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_STREAM_TRACE_ID, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size); if (ret == 0) { - cJSON_AddStringToObject(common_obj, "common_stream_trace_id", opt_val); - } - ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&common_direction, sizeof(common_direction), &opt_out_size); - if (ret==0) - { - cJSON_AddNumberToObject(common_obj, "common_direction", common_direction); //0:域内->域外,1:域外->域内,描述的是CLIENT_IP信息 + cJSON_AddStringToObject(common_obj, "session_id", opt_val); } } @@ -371,24 +366,22 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c switch (addr->addrtype) { case TFE_ADDR_STREAM_TUPLE4_V4: - cJSON_AddNumberToObject(common_obj, "common_address_type", 4); + cJSON_AddNumberToObject(common_obj, "address_type", 4); inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str)); inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str)); - cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str); - cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str); - cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v4->source)); - cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v4->dest)); - cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv4_TCP"); + cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str); + cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str); + cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source)); + cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest)); break; case TFE_ADDR_STREAM_TUPLE4_V6: - cJSON_AddNumberToObject(common_obj, "common_address_type", 6); + cJSON_AddNumberToObject(common_obj, "address_type", 6); inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str)); inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str)); - cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str); - cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str); - cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v6->source)); - cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v6->dest)); - cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv6_TCP"); + cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str); + cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str); + cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source)); + cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest)); break; default: break; @@ -397,20 +390,21 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c tfe_stream_info_get(stream, INFO_FROM_DOWNSTREAM_RX_OFFSET, &c2s_byte_num, sizeof(c2s_byte_num)); tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &s2c_byte_num, sizeof(s2c_byte_num)); - cJSON_AddNumberToObject(common_obj, "common_link_id", 0); - cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3); //1:c2s, 2:s2c, 3:double - cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->kafka_logger->local_ip_str); - cJSON_AddNumberToObject(common_obj, "common_t_vsys_id", handle->kafka_logger->t_vsys_id); - cJSON_AddNumberToObject(common_obj, "common_vsys_id", ctx->vsys_id); - cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id); - cJSON_AddStringToObject(common_obj, "common_device_id", handle->device_id); - cJSON_AddNumberToObject(common_obj, "common_c2s_byte_num", c2s_byte_num); - cJSON_AddNumberToObject(common_obj, "common_s2c_byte_num", s2c_byte_num); + cJSON_AddNumberToObject(common_obj, "out_link_id", 0); + cJSON_AddNumberToObject(common_obj, "in_link_id", 0); + cJSON_AddStringToObject(common_obj, "sled_ip", handle->kafka_logger->local_ip_str); + cJSON_AddNumberToObject(common_obj, "t_vsys_id", handle->kafka_logger->t_vsys_id); + cJSON_AddNumberToObject(common_obj, "vsys_id", ctx->vsys_id); + cJSON_AddStringToObject(common_obj, "device_id", handle->device_id); + cJSON_AddNumberToObject(common_obj, "sent_bytes", c2s_byte_num); + cJSON_AddNumberToObject(common_obj, "received_bytes", s2c_byte_num); cJSON_AddStringToObject(common_obj, "doh_url", http->req->req_spec.url); cJSON_AddStringToObject(common_obj, "doh_host", http->req->req_spec.host); + cJSON_AddStringToObject(common_obj, "server_fqdn", http->req->req_spec.host); + if(handle->effective_device_tag) { - cJSON_AddStringToObject(common_obj, "common_device_tag", handle->effective_device_tag); + cJSON_AddStringToObject(common_obj, "device_tag", handle->effective_device_tag); } for (size_t i = 0; i < sizeof(req_fields) / sizeof(struct json_spec); i++) @@ -432,19 +426,19 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c if (ctx->location_client) { - cJSON_AddStringToObject(common_obj, "common_client_location", ctx->location_client); + cJSON_AddStringToObject(common_obj, "client_geolocation", ctx->location_client); } if (ctx->location_server) { - cJSON_AddStringToObject(common_obj, "common_server_location", ctx->location_server); + cJSON_AddStringToObject(common_obj, "server_geolocation", ctx->location_server); } if (ctx->asn_client) { - cJSON_AddStringToObject(common_obj, "common_client_asn", ctx->asn_client); + cJSON_AddStringToObject(common_obj, "client_asn", ctx->asn_client); } if (ctx->asn_server) { - cJSON_AddStringToObject(common_obj, "common_server_asn", ctx->asn_server); + cJSON_AddStringToObject(common_obj, "server_asn", ctx->asn_server); } add_dns_info_to_log(common_obj, dns_info); @@ -462,11 +456,14 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c continue; } + cJSON *proxy_rule_list=NULL; + int config_id[1]={0}; + per_hit_obj = cJSON_Duplicate(common_obj, 1); - cJSON_AddNumberToObject(per_hit_obj, "common_policy_id", result[i].config_id); - cJSON_AddNumberToObject(per_hit_obj, "common_service", result[i].service_id); - cJSON_AddNumberToObject(per_hit_obj, "common_action", LG_ACTION_MANIPULATE); - cJSON_AddStringToObject(per_hit_obj, "common_sub_action", "redirect"); + config_id[0]=result[i].config_id; + proxy_rule_list = cJSON_CreateIntArray(config_id, 1); + cJSON_AddItemToObject(per_hit_obj, "proxy_rule_list", proxy_rule_list); + cJSON_AddStringToObject(per_hit_obj, "proxy_action", "redirect"); log_payload = cJSON_PrintUnformatted(per_hit_obj); |