TSG-16188 Manipulation实时发送命中策略的metric统计

author: fengweihao <[email protected]> 2024-01-16 16:03:54 +0800
committer: fengweihao <[email protected]> 2024-01-16 16:03:54 +0800
commit: 3cf47f940fc59e48522d27dfd31927d4444fc2b1 (patch)
tree: e8640fa80323c3846df8865271329a6c89510592 /plugin/business/tsg-http/src
parent: ad21a6ac3d222751ef210a5736be67d0a5112151 (diff)
1 files changed, 78 insertions, 65 deletions
diff --git a/plugin/business/tsg-http/src/tsg_http.cpp b/plugin/business/tsg-http/src/tsg_http.cpp
index 271bae2..99238b5 100644
--- a/plugin/business/tsg-http/src/tsg_http.cpp
+++ b/plugin/business/tsg-http/src/tsg_http.cpp
@@ -1353,6 +1353,82 @@ static struct manipulate_profile* get_profile_by_id(int profile_table, int profi
 	return result;
 }
 
+void proxy_send_metric_log(const struct tfe_stream * stream, struct proxy_http_ctx * ctx, unsigned int thread_id, int state)
+{
+	size_t i=0;
+	int hit_cnt=0;
+	const char *proxy_action_map[__PX_ACTION_MAX];
+	proxy_action_map[PX_ACTION_MONIT]="monitor";
+	proxy_action_map[PX_ACTION_REJECT]="deny";
+	proxy_action_map[PX_ACTION_WHITELIST]="allow";
+	const char *manipulate_action_map[]= {"redirect","block","replace","hijack","insert","edit_element","run_script"};
+	struct tfe_fieldstat_metric_t *fieldstat = (struct tfe_fieldstat_metric_t *)tfe_bussiness_resouce_get(DYNAMIC_FIELDSTAT);
+
+	for(i=0; i< ctx->n_enforce; i++)
+	{
+		fieldstat->tags[thread_id][TAG_VSYS_ID].value_int = ctx->enforce_rules[i].vsys_id;
+		fieldstat->tags[thread_id][TAG_RULE_ID].value_int = ctx->enforce_rules[i].config_id;
+		fieldstat->tags[thread_id][TAG_ACTION].value_int = PX_ACTION_MANIPULATE;
+		if(ctx->enforce_rules[i].action == PX_ACTION_MANIPULATE)
+		{
+			fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = manipulate_action_map[ctx->param->action];
+		}
+		else
+		{
+			fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = proxy_action_map[ctx->enforce_rules[i].action];
+		}
+
+		size_t c2s_byte_num = 0, s2c_byte_num =0;
+		tfe_stream_info_get(stream, INFO_FROM_DOWNSTREAM_RX_OFFSET, &c2s_byte_num, sizeof(c2s_byte_num));
+		tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &s2c_byte_num, sizeof(s2c_byte_num));
+
+		uint16_t out_size;
+		unsigned int route_dir; int ret=0;
+    	int in_bytes = 0, out_bytes = 0;
+
+		struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
+		if (cmsg != NULL)
+		{
+			ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&route_dir, sizeof(route_dir), &out_size);
+			if (ret != 0)
+			{
+				TFE_LOG_ERROR(g_proxy_rt->local_logger, "failed at fetch route_dir from cmsg: %s", strerror(-ret));
+				return;
+			}
+		}
+		int dir_is_e2i=(route_dir==69) ? 0 : 1;
+		if (dir_is_e2i == 1)
+		{
+       		in_bytes = c2s_byte_num - ctx->c2s_byte_num;
+        	out_bytes = s2c_byte_num - ctx->s2c_byte_num;
+			ctx->c2s_byte_num = c2s_byte_num;
+			ctx->s2c_byte_num = s2c_byte_num;
+		}
+		else
+		{
+			in_bytes = s2c_byte_num - ctx->c2s_byte_num;
+			out_bytes = c2s_byte_num - ctx->s2c_byte_num;
+			ctx->c2s_byte_num = s2c_byte_num;
+			ctx->s2c_byte_num = c2s_byte_num;
+		}
+		if(state == 1)
+		{
+			hit_cnt=0;
+		}
+		else
+		{
+			hit_cnt=1;
+			in_bytes=0;
+			out_bytes=0;
+		}
+		
+		tfe_fieldstat_metric_incrby(fieldstat, fieldstat->column_array[COLUMN_HIT_COUNT], hit_cnt, fieldstat->tags[thread_id], TAG_MAX - 1, thread_id);
+		tfe_fieldstat_metric_incrby(fieldstat, fieldstat->column_array[COLUMN_IN_BYTES], in_bytes/8, fieldstat->tags[thread_id], TAG_MAX - 1, thread_id);
+		tfe_fieldstat_metric_incrby(fieldstat, fieldstat->column_array[COLUMN_OUT_BYTES], out_bytes/8, fieldstat->tags[thread_id], TAG_MAX - 1, thread_id);
+	}
+	return;
+}
+
 static unsigned long long try_send_by_token(int inject_sz)
 {
 	if (g_proxy_rt->enable_rate != 1)
@@ -2750,9 +2826,7 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h
 		if(ctx->log_resp_body == NULL) ctx->log_resp_body = evbuffer_new();
 		evbuffer_add(ctx->log_resp_body, body_frag, frag_size);
 	}
-
-	tfe_stream_info_get(stream, INFO_FROM_DOWNSTREAM_RX_OFFSET, &(ctx->c2s_byte_num), sizeof(ctx->c2s_byte_num));
-	tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &(ctx->s2c_byte_num), sizeof(ctx->s2c_byte_num));
+	proxy_send_metric_log(stream, ctx, thread_id, 1);
 
 	return;
 }
@@ -2897,67 +2971,6 @@ static inline int ctx_actually_manipulate(struct proxy_http_ctx * ctx)
 	}
 }
 
-void proxy_send_metric_log(const struct tfe_stream * stream, struct proxy_http_ctx * ctx, unsigned int thread_id)
-{
-	size_t i=0;
-	const char *proxy_action_map[__PX_ACTION_MAX];
-	proxy_action_map[PX_ACTION_MONIT]="monitor";
-	proxy_action_map[PX_ACTION_REJECT]="deny";
-	proxy_action_map[PX_ACTION_WHITELIST]="allow";
-	const char *manipulate_action_map[]= {"redirect","block","replace","hijack","insert","edit_element","run_script"};
-	struct tfe_fieldstat_metric_t *fieldstat = (struct tfe_fieldstat_metric_t *)tfe_bussiness_resouce_get(DYNAMIC_FIELDSTAT);
-
-	for(i=0; i< ctx->n_enforce; i++)
-	{
-		fieldstat->tags[thread_id][TAG_VSYS_ID].value_int = ctx->enforce_rules[i].vsys_id;
-		fieldstat->tags[thread_id][TAG_RULE_ID].value_int = ctx->enforce_rules[i].config_id;
-		fieldstat->tags[thread_id][TAG_ACTION].value_int = PX_ACTION_MANIPULATE;
-		if(ctx->enforce_rules[i].action == PX_ACTION_MANIPULATE)
-		{
-			fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = manipulate_action_map[ctx->param->action];
-		}
-		else
-		{
-			fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = proxy_action_map[ctx->enforce_rules[i].action];
-		}
-
-		size_t c2s_byte_num = 0, s2c_byte_num =0;
-		tfe_stream_info_get(stream, INFO_FROM_DOWNSTREAM_RX_OFFSET, &c2s_byte_num, sizeof(c2s_byte_num));
-		tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &s2c_byte_num, sizeof(s2c_byte_num));
-
-		uint16_t out_size;
-		unsigned int route_dir; int ret=0;
-    	int in_bytes = 0, out_bytes = 0;
-
-		struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
-		if (cmsg != NULL)
-		{
-			ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&route_dir, sizeof(route_dir), &out_size);
-			if (ret != 0)
-			{
-				TFE_LOG_ERROR(g_proxy_rt->local_logger, "failed at fetch route_dir from cmsg: %s", strerror(-ret));
-				return;
-			}
-		}
-		int dir_is_e2i=(route_dir==69) ? 0 : 1;
-		if (dir_is_e2i == 1)
-		{
-       		in_bytes = c2s_byte_num;
-        	out_bytes = s2c_byte_num;
-		}
-		else
-		{
-			in_bytes = s2c_byte_num;
-			out_bytes = c2s_byte_num;
-		}
-
-		tfe_fieldstat_metric_incrby(fieldstat, fieldstat->column_array[COLUMN_HIT_COUNT], 1, fieldstat->tags[thread_id], TAG_MAX - 1, thread_id);
-		tfe_fieldstat_metric_incrby(fieldstat, fieldstat->column_array[COLUMN_IN_BYTES], in_bytes, fieldstat->tags[thread_id], TAG_MAX - 1, thread_id);
-		tfe_fieldstat_metric_incrby(fieldstat, fieldstat->column_array[COLUMN_OUT_BYTES], out_bytes, fieldstat->tags[thread_id], TAG_MAX - 1, thread_id);
-	}
-	return;
-}
-
 void proxy_on_http_end(const struct tfe_stream * stream,
 	const struct tfe_http_session * session, unsigned int thread_id, void ** pme)
 {
@@ -3014,7 +3027,7 @@ void proxy_on_http_end(const struct tfe_stream * stream,
 				ATOMIC_INC(&(g_proxy_rt->stat_val[STAT_ACTION_MONIT]));
 			}
 		}
-		proxy_send_metric_log(stream, ctx, thread_id);
+		proxy_send_metric_log(stream, ctx, thread_id, 0);
 	}
 
 	if(ctx->rep_ctx && ctx->rep_ctx->actually_replaced==1)
author	fengweihao <[email protected]>	2024-01-16 16:03:54 +0800
committer	fengweihao <[email protected]>	2024-01-16 16:03:54 +0800
commit	3cf47f940fc59e48522d27dfd31927d4444fc2b1 (patch)
tree	e8640fa80323c3846df8865271329a6c89510592 /plugin/business/tsg-http/src
parent	ad21a6ac3d222751ef210a5736be67d0a5112151 (diff)