summaryrefslogtreecommitdiff
path: root/src/tsg_rule.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/tsg_rule.cpp')
-rw-r--r--src/tsg_rule.cpp100
1 files changed, 95 insertions, 5 deletions
diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp
index 0ecf975..0e8b50f 100644
--- a/src/tsg_rule.cpp
+++ b/src/tsg_rule.cpp
@@ -96,6 +96,33 @@ static int get_fqdn_len(char *domain)
return fqdn_len;
}
+static int copy_id(int *dst_id, int dst_id_num, int *src_id, int src_id_num)
+{
+ int num=MIN(dst_id_num, src_id_num);
+ memcpy(dst_id, src_id, num);
+
+ return num;
+}
+
+static int copy_vlan_id(struct mirrored_vlan *vlan, int vlan_num, int vlan_id, int *compile_id, int compile_id_num)
+{
+ int i=0;
+
+ for(i=0; i<vlan_num; i++)
+ {
+ if(vlan[i].vlan_id==vlan_id)
+ {
+ vlan[i].compile_id_num+=copy_id(vlan[i].compile_id, MAX_RESULT_NUM-vlan[i].compile_id_num, compile_id, compile_id_num);
+ return 0;
+ }
+ }
+
+ vlan[vlan_num].vlan_id=vlan_id;
+ vlan[vlan_num].compile_id_num=copy_id(vlan[vlan_num].compile_id, MAX_RESULT_NUM, compile_id, compile_id_num);
+
+ return 1;
+}
+
static int sort_category_id(const void * a, const void * b)
{
struct _fqdn_category_t *x = (struct _fqdn_category_t *) a;
@@ -601,10 +628,11 @@ static struct compile_user_region *parse_monitor_user_region(cJSON *object)
struct compile_user_region *user_region=(struct compile_user_region *)calloc(1, sizeof(struct compile_user_region));
mirror_item=cJSON_GetObjectItem(object, "packet_mirror");
if(mirror_item)
- {
+ {
+ user_region->method_type=TSG_METHOD_TYPE_MIRRORED;
user_region->mirror=(struct monitor_user_region *)calloc(1, sizeof(struct monitor_user_region));
get_integer_from_json(mirror_item, "enable", &(user_region->mirror->enabled));
- get_integer_from_json(mirror_item, "mirror_vlan", &(user_region->mirror->mirror_vlan_id));
+ get_integer_from_json(mirror_item, "mirror_vlan", &(user_region->mirror->vlan_id));
}
return user_region;
@@ -2059,12 +2087,12 @@ struct compile_user_region *tsg_get_compile_user_region(const Maat_feather_t maa
return ((struct compile_user_region *)Maat_rule_get_ex_data(g_tsg_maat_feather, result, g_tsg_para.table_id[TABLE_SECURITY_COMPILE]));
}
-int tsg_get_vlan_id_by_monitor_rule(Maat_feather_t maat_feather, struct Maat_rule_t *result, int result_num, int *vlan_id, int vlan_id_num)
+int tsg_get_vlan_id_by_monitor_rule(Maat_feather_t maat_feather, struct Maat_rule_t *result, int result_num, struct mirrored_vlan *vlan, int vlan_num)
{
int i=0,count=0;
struct compile_user_region *user_region=NULL;
- for(i=0; i<result_num && count<vlan_id_num; i++)
+ for(i=0; i<result_num && count<vlan_num; i++)
{
if(result[i].action!=TSG_ACTION_MONITOR)
{
@@ -2074,7 +2102,7 @@ int tsg_get_vlan_id_by_monitor_rule(Maat_feather_t maat_feather, struct Maat_rul
user_region=tsg_get_compile_user_region(maat_feather, &(result[i]));
if(user_region!=NULL)
{
- vlan_id[count++]=user_region->mirror->mirror_vlan_id;
+ count+=copy_vlan_id(vlan, count, user_region->mirror->vlan_id, &(result[i].config_id), 1);
tsg_free_compile_user_region(&(result[i]), user_region);
user_region=NULL;
}
@@ -2083,3 +2111,65 @@ int tsg_get_vlan_id_by_monitor_rule(Maat_feather_t maat_feather, struct Maat_rul
return count;
}
+int tsg_set_vlan_id_to_tcpall(const struct streaminfo *a_stream, struct tcpall_context **context, struct mirrored_vlan *vlan, int vlan_num, int thread_seq)
+{
+ int i=0;
+
+ if(vlan==NULL || vlan_num<=0)
+ {
+ return 0;
+ }
+
+ struct tcpall_context * _context=(struct tcpall_context *)get_struct_project(a_stream, g_tsg_para.tcpall_project_id);
+ if(_context==NULL)
+ {
+ _context=(struct tcpall_context *)dictator_malloc(thread_seq, sizeof(struct tcpall_context));
+ memset(_context, 0, sizeof(struct tcpall_context));
+ _context->method_type=TSG_METHOD_TYPE_MIRRORED;
+
+ _context->vlan=(struct mirrored_vlan *)dictator_malloc(thread_seq, sizeof(struct mirrored_vlan)*MAX_RESULT_NUM);
+ memset(_context->vlan, 0, sizeof(struct mirrored_vlan));
+
+ set_struct_project(a_stream, g_tsg_para.tcpall_project_id, (void *)_context);
+ }
+
+ if(_context->method_type==TSG_METHOD_TYPE_MIRRORED)
+ {
+ for(i=0; i<vlan_num; i++)
+ {
+ _context->vlan_num+=copy_vlan_id(_context->vlan, _context->vlan_num, vlan[i].vlan_id, vlan[i].compile_id, vlan[i].compile_id_num);
+ }
+
+ (*context)=_context;
+ return 1;
+ }
+
+ return 0;
+}
+
+int tsg_set_bucket_to_tcpall(const struct streaminfo *a_stream, struct tcpall_context **context, struct leaky_bucket *bucket, int thread_seq)
+{
+ struct tcpall_context *_context=(struct tcpall_context *)get_struct_project(a_stream, g_tsg_para.tcpall_project_id);
+ if(_context==NULL)
+ {
+ _context=(struct tcpall_context *)dictator_malloc(thread_seq, sizeof(struct tcpall_context));
+ memset(_context, 0, sizeof(struct tcpall_context));
+ set_struct_project(a_stream, g_tsg_para.tcpall_project_id, (void *)_context);
+ }
+ else
+ {
+ if(_context->method_type==TSG_METHOD_TYPE_MIRRORED && _context->vlan)
+ {
+ _context->vlan_num=0;
+ dictator_free(thread_seq, _context->vlan);
+ _context->vlan=NULL;
+ }
+ }
+
+ _context->method_type=TSG_METHOD_TYPE_RATE_LINIT;
+ _context->bucket=bucket;
+
+ return 0;
+}
+
+
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 15:48:21 +0000