summaryrefslogtreecommitdiff
path: root/plugin/business/doh/src/doh.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'plugin/business/doh/src/doh.cpp')
-rw-r--r--plugin/business/doh/src/doh.cpp108
1 files changed, 41 insertions, 67 deletions
diff --git a/plugin/business/doh/src/doh.cpp b/plugin/business/doh/src/doh.cpp
index f0370ed..f09ac0f 100644
--- a/plugin/business/doh/src/doh.cpp
+++ b/plugin/business/doh/src/doh.cpp
@@ -118,7 +118,7 @@ static cJSON *doh_get_answer_records(struct doh_ctx *ctx, cJSON *object, int qty
return NULL;
}
-void doh_action_param_free_cb(int table_id, void **ad, long argl, void *argp)
+void doh_action_param_free_cb(const char *table_name, void **ad, long argl, void *argp)
{
if(*ad==NULL)
{
@@ -135,14 +135,14 @@ void doh_action_param_free_cb(int table_id, void **ad, long argl, void *argp)
pthread_mutex_unlock(&(param->lock));
pthread_mutex_destroy(&(param->lock));
- if(param->hit_rule.srv_def_large)
- FREE(&(param->hit_rule.srv_def_large))
+ if(param->hit_rule.action_parameter)
+ FREE(&(param->hit_rule.action_parameter))
FREE(&(param));
return;
}
-static void doh_get_cheat_data(long long p_result, int qtype, struct doh_ctx *ctx, const char *str_stream_info)
+static void doh_get_cheat_data(uuid_t p_result, int qtype, struct doh_ctx *ctx, const char *str_stream_info)
{
int i;
int answer_size = 0;
@@ -150,28 +150,24 @@ static void doh_get_cheat_data(long long p_result, int qtype, struct doh_ctx *ct
cJSON *item = NULL;
cJSON *object = NULL;
cJSON *answer_array = NULL;
- int table_id=0;
- table_id=maat_get_table_id(g_doh_conf->maat, "PXY_CTRL_COMPILE_PLUGIN");
- if(table_id < 0)
- {
- return;
- }
- struct doh_action_param *get_ex_param=(struct doh_action_param *)maat_plugin_table_get_ex_data(g_doh_conf->maat, table_id, (const char *)&p_result, sizeof(p_result));
+ char result_str[UUID_STRING_SIZE]={0};
+ uuid_unparse(p_result, result_str);
+ struct doh_action_param *get_ex_param=(struct doh_action_param *)maat_plugin_table_get_ex_data(g_doh_conf->maat, "PXY_CTRL_RULE_PLUGIN", result_str, strlen(result_str));
if(get_ex_param==NULL)
{
return;
}
struct doh_maat_rule_t *hit_rule = &(get_ex_param->hit_rule);
- if(hit_rule==NULL || hit_rule->srv_def_large==NULL)
+ if(hit_rule==NULL || hit_rule->action_parameter==NULL)
{
goto end;
}
memcpy(ctx->result, hit_rule, sizeof(struct doh_maat_rule_t));
- TFE_LOG_INFO(g_doh_conf->local_logger, "%s hit %lld %s", str_stream_info, p_result, hit_rule->srv_def_large);
+ TFE_LOG_INFO(g_doh_conf->local_logger, "%s hit %s %s", str_stream_info, result_str, hit_rule->action_parameter);
- object = cJSON_Parse(hit_rule->srv_def_large);
+ object = cJSON_Parse(hit_rule->action_parameter);
if (object == NULL)
{
goto end;
@@ -240,26 +236,25 @@ end:
}
}
-static long long doh_fetch_rule(long long *result, int result_num)
+static int doh_fetch_rule(uuid_t *result, uuid_t p_result, int result_num)
{
- int i = 0;
- long long p_result = 0;
+ uuid_clear(p_result);
- for (i = 0; i < result_num && i < MAX_SCAN_RESULT; i++)
+ for (int i = 0; i < result_num && i < MAX_SCAN_RESULT; i++)
{
- if (p_result == 0)
+ if (uuid_is_null(p_result) == 1)
{
- p_result = result[i];
+ uuid_copy(p_result, result[i]);
continue;
}
- if (result[i] > p_result)
+ if(uuid_compare(result[i], p_result) > 0)
{
- p_result = result[i];
+ uuid_copy(p_result, result[i]);
}
}
- return p_result;
+ return 0;
}
static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http_session *session, struct doh_ctx *ctx, char *qname, int qtype)
@@ -268,8 +263,9 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
int scan_ret = 0;
size_t n_hit_result;
struct ipaddr sapp_addr;
- long long p_result = 0;
- long long result[MAX_SCAN_RESULT];
+ uuid_t p_result;
+ uuid_t result[MAX_SCAN_RESULT]={0};
+ char result_str[UUID_STRING_SIZE]={0};
scan_ret = tfe_scan_subscribe_id(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->local_logger);
if (scan_ret > 0)
@@ -287,27 +283,29 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
const char *host = session->req->req_spec.host;
if (host)
{
- scan_ret = maat_scan_string(g_doh_conf->maat, g_doh_conf->tables[TYPE_HOST].id,host, strlen(host),
+ scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN", host, strlen(host),
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
- TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit host: %s scan ret: %d policy_id: %lld addr: %s",
- g_doh_conf->tables[TYPE_HOST].name, host, scan_ret, result[hit_cnt], stream->str_stream_info);
+ memset(result_str, 0, sizeof(result_str));
+ uuid_unparse(result[hit_cnt], result_str);
+ TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit host: %s scan ret: %d policy_id: %s addr: %s",
+ "ATTR_SERVER_FQDN", host, scan_ret, result_str, stream->str_stream_info);
hit_cnt += n_hit_result;
}
else
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit host: %s scan ret: %d addr: %s",
- g_doh_conf->tables[TYPE_HOST].name, host, scan_ret, stream->str_stream_info);
+ "ATTR_SERVER_FQDN", host, scan_ret, stream->str_stream_info);
}
- scan_ret = maat_scan_not_logic(g_doh_conf->maat, g_doh_conf->tables[TYPE_HOST].id,
+ scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
- scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->tables[TYPE_HOST].id, g_doh_conf->local_logger);
+ scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->local_logger);
if (scan_ret > 0)
{
hit_cnt += scan_ret;
@@ -344,7 +342,7 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
}
// scan appid
long long app_id = 8006;
- scan_ret = tfe_scan_app_id(result, ctx->scan_mid, hit_cnt, app_id, g_doh_conf->tables[TYPE_APPID].id);
+ scan_ret = tfe_scan_app_id(result, ctx->scan_mid, hit_cnt, app_id);
if(scan_ret > 0)
{
hit_cnt += scan_ret;
@@ -355,22 +353,24 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
{
hit_cnt += scan_ret;
}
-
+
// scan qname
- scan_ret = maat_scan_string(g_doh_conf->maat, g_doh_conf->tables[TYPE_QNAME].id, qname, strlen(qname),
+ scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_DOH_QNAME", qname, strlen(qname),
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
- TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit domain: %s scan ret: %d qtype: %d policy_id: %lld addr: %s",
- g_doh_conf->tables[TYPE_QNAME].name, qname, scan_ret, qtype, result[hit_cnt], stream->str_stream_info);
+ memset(result_str, 0, sizeof(result_str));
+ uuid_unparse(result[hit_cnt], result_str);
+ TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit domain: %s scan ret: %d qtype: %d policy_id: %s addr: %s",
+ "ATTR_DOH_QNAME", qname, scan_ret, qtype, result_str, stream->str_stream_info);
hit_cnt += n_hit_result;
}
else
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit domain: %s scan ret: %d addr: %s",
- g_doh_conf->tables[TYPE_QNAME].name, qname, scan_ret, stream->str_stream_info);
+ "ATTR_DOH_QNAME", qname, scan_ret, stream->str_stream_info);
}
- scan_ret = maat_scan_not_logic(g_doh_conf->maat, g_doh_conf->tables[TYPE_QNAME].id,
+ scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_DOH_QNAME",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -379,8 +379,8 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
if (hit_cnt)
{
- p_result = doh_fetch_rule(result, hit_cnt);
- if (p_result != 0)
+ doh_fetch_rule(result, p_result, hit_cnt);
+ if (uuid_is_null(p_result) != 1)
{
ctx->result_num = 1;
ctx->result = ALLOC(struct doh_maat_rule_t, ctx->result_num);
@@ -389,26 +389,6 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
}
}
-static int doh_maat_init(const char *profile, const char *section)
-{
- g_doh_conf->maat = tfe_get_maat_handle();
- MESA_load_profile_string_def(profile, section, "table_appid", g_doh_conf->tables[TYPE_APPID].name, TFE_STRING_MAX, "ATTR_APP_ID");
- MESA_load_profile_string_def(profile, section, "table_qname", g_doh_conf->tables[TYPE_QNAME].name, TFE_STRING_MAX, "ATTR_DOH_QNAME");
- MESA_load_profile_string_def(profile, section, "table_host", g_doh_conf->tables[TYPE_HOST].name, TFE_STRING_MAX, "ATTR_SERVER_FQDN");
-
- for (int i = 0; i < TYPE_MAX; i++)
- {
- g_doh_conf->tables[i].id = maat_get_table_id(g_doh_conf->maat, g_doh_conf->tables[i].name);
- if (g_doh_conf->tables[i].id < 0)
- {
- TFE_LOG_ERROR(g_doh_conf->local_logger, "maat_get_table_id failed, table_name: %s", g_doh_conf->tables[i].name);
- return -1;
- }
- }
-
- return 0;
-}
-
static void doh_gc_cb(evutil_socket_t fd, short what, void *arg)
{
int i = 0;
@@ -664,12 +644,6 @@ int doh_on_init(struct tfe_proxy *proxy)
TFE_LOG_ERROR(NULL, "Doh init kafka failed.");
goto error;
}
-
- if (doh_maat_init(profile, "maat") != 0)
- {
- TFE_LOG_ERROR(NULL, "Doh init maat failed.");
- goto error;
- }
TFE_LOG_INFO(g_doh_conf->local_logger, "Doh init success.");
success:
@@ -838,7 +812,7 @@ void doh_send_metric_log(const struct tfe_stream * stream, struct doh_ctx *ctx,
}
fieldstat->tags[thread_id][TAG_VSYS_ID].value_longlong = ctx->result->vsys_id;
- fieldstat->tags[thread_id][TAG_RULE_ID].value_longlong = ctx->result->config_id;
+ fieldstat->tags[thread_id][TAG_RULE_ID].value_str = ctx->result->config_uuid_string;
fieldstat->tags[thread_id][TAG_ACTION].value_longlong = 48;
fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = "redirect";
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 16:36:41 +0000