summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--bin/tsg_log_field.conf7
-rw-r--r--src/tsg_send_log.cpp153
-rw-r--r--src/tsg_send_log_internal.h4
3 files changed, 162 insertions, 2 deletions
diff --git a/bin/tsg_log_field.conf b/bin/tsg_log_field.conf
index c6a2075..f0ac338 100644
--- a/bin/tsg_log_field.conf
+++ b/bin/tsg_log_field.conf
@@ -135,4 +135,9 @@ STRING intercept_client_side_version 121
STRING intercept_error 122
STRING intercept_passthrough_reason 123
LONG sce_profile_ids 124
-LONG shaping_profile_ids 125 \ No newline at end of file
+LONG shaping_profile_ids 125
+STRING common_protocol_label 126
+STRING common_in_src_mac 127
+STRING common_in_dest_mac 128
+STRING common_out_src_mac 129
+STRING common_out_dest_mac 130 \ No newline at end of file
diff --git a/src/tsg_send_log.cpp b/src/tsg_send_log.cpp
index 6e3e65f..5a70345 100644
--- a/src/tsg_send_log.cpp
+++ b/src/tsg_send_log.cpp
@@ -779,6 +779,156 @@ static int mac_to_string(unsigned char *mac, char *buff)
return 0;
}
+//I2E: outcoming
+int direction_I2E(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct layer_addr *mac_addr, unsigned char dir)
+{
+ if(mac_addr==NULL)
+ {
+ return 0;
+ }
+
+ char src_mac_string[32]={0};
+ char dst_mac_string[32]={0};
+ char default_mac[6]={0,0,0,0,0,0};
+
+ switch(dir)
+ {
+ case DIR_C2S: // C2S and I2E = outcoming
+ mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ break;
+ case DIR_S2C: // S2C and I2E = incoming
+ mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ break;
+ case DIR_DOUBLE: // first pkt
+ mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+
+ if((memcmp(mac_addr->mac->dst_addr.h_source, default_mac, 6))==0)
+ {
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ }
+ else
+ {
+ mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ }
+ break;
+ default:
+ break;
+ }
+
+ return 0;
+}
+
+//E2I: outcoming
+int direction_E2I(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct layer_addr *mac_addr, unsigned char dir)
+{
+ if(mac_addr==NULL)
+ {
+ return 0;
+ }
+
+ char src_mac_string[32]={0};
+ char dst_mac_string[32]={0};
+ char default_mac[6]={0,0,0,0,0,0};
+ switch(dir)
+ {
+ case DIR_C2S: // C2S and E2I = incoming
+ mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ break;
+ case DIR_S2C: // S2C and E2I = outcoming
+ mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ break;
+ case DIR_DOUBLE: // first pkt
+ mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+
+ if((memcmp(mac_addr->mac->dst_addr.h_source, default_mac, 6))==0)
+ {
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ }
+ else
+ {
+ mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
+ mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
+ TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
+ }
+ break;
+ default:
+ break;
+ }
+
+ return 0;
+}
+
+static int set_mac(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
+{
+ struct layer_addr *mac_addr=NULL;
+ struct streaminfo *ptmp = (struct streaminfo *)a_stream;
+
+ while(ptmp)
+ {
+ switch(ptmp->addr.addrtype)
+ {
+ case ADDR_TYPE_MAC:
+ mac_addr=&(ptmp->addr);
+ break;
+ default:
+ break;
+ }
+
+ ptmp=ptmp->pfather;
+ }
+
+ const struct session_runtime_action_context *srt_action_context=session_runtime_action_context_get(a_stream);
+ if(srt_action_context==NULL)
+ {
+ return 0;
+ }
+
+ char direction=srt_action_context_get_direction(srt_action_context);
+ if(direction>0)
+ {
+ switch(direction)
+ {
+ case 'E':
+ direction_I2E(_instance, _handle, mac_addr, a_stream->dir);
+ break;
+ case 'I':
+ direction_E2I(_instance, _handle, mac_addr, a_stream->dir);
+ break;
+ default:
+ return 0;
+ }
+
+ return 1;
+ }
+
+ return 0;
+}
+
+
static int set_link_mac(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct layer_addr_mac *mac, Value *tunnel_object)
{
int flag=0;
@@ -1651,7 +1801,8 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle
set_packet_bytes(_instance, _handle, a_stream);
set_session_attributes(_instance, _handle, a_stream);
set_lua_scripts_result(_instance, _handle, a_stream);
-
+
+ set_mac(_instance, _handle, a_stream);
set_session_flags(_instance, _handle, a_stream);
set_l4_protocol(_instance, _handle, a_stream);
diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h
index beae77e..e214ff1 100644
--- a/src/tsg_send_log_internal.h
+++ b/src/tsg_send_log_internal.h
@@ -150,6 +150,10 @@ enum LOG_FIELD_ID
LOG_COMMON_SCE_PROFILE_IDS,
LOG_COMMON_SHAPING_PROFILE_IDS,
LOG_COMMON_L4_PROTOCOL_LABEL,
+ LOG_COMMON_INCOMING_SRC_MAC,
+ LOG_COMMON_INCOMING_DST_MAC,
+ LOG_COMMON_OUTCOMING_SRC_MAC,
+ LOG_COMMON_OUTCOMING_DST_MAC,
LOG_COMMON_MAX
};
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 17:13:06 +0000