cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

OCT commit

This commit is contained in:
wuhuanzheng 2019-09-06 16:41:04 +08:00
parent 0e72ae8e70
commit 60b1037916
4 changed files with 565 additions and 243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Platform/build/module.rpdb.Makefile
View File

@ -22,20 +22,20 @@ DEBUG = TRUE
PLAT_LINUX ?= TRUE PLAT_LINUX ?= TRUE
PLAT_ARM64 ?= TRUE PLAT_ARM64 ?= TRUE
VPATH = ../modules VPATH = ../modules/rpdb
# source code # source code
# set the source file, don't used .o because of ... # set the source file, don't used .o because of ...
COMMON_SRCS = ./rpdb/dpi_trie_cache.c COMMON_SRCS = dpi_trie_cache.c dpi_trie_cache_mod.c
# MRS Board Source Files # MRS Board Source Files
PLAT_LINUX_SRCS = $(COMMON_SRCS) PLAT_LINUX_SRCS = $(COMMON_SRCS)
PLAT_ARM64_SRCS = $(COMMON_SRCS) PLAT_ARM64_SRCS = $(COMMON_SRCS)
# gcc CFLAGS # gcc CFLAGS
PLAT_ARM64_CFLAGS := PLAT_ARM64_CFLAGS := -I../common/rpdb/ -I../../Common
PLAT_LINUX_CFLAGS := $(PLAT_ARM64_CFLAGS) PLAT_LINUX_CFLAGS := $(PLAT_ARM64_CFLAGS)
# this line must be at below of thus, because of... # this line must be at below of thus, because of...

3
Platform/common/rpdb/dpi_trie_cache.h
View File

@ -15,6 +15,7 @@ struct dpi_cache_node {
__u16 proto; __u16 proto;
__u16 port; __u16 port;
__u32 appid; __u32 appid;
bool ipv4;
uint64_t uptime; uint64_t uptime;
}; };
@ -24,4 +25,4 @@ struct dpi_cache_node {
@outp: truefalse @outp: truefalse
*/ */
bool dpi_cache_node_add(struct dpi_cache_node node); bool dpi_cache_node_add(struct dpi_cache_node node);
#endif #endif

109
Platform/modules/rpdb/dpi_trie_cache.c
View File

@ -7,31 +7,18 @@
#include <linux/sysctl.h> #include <linux/sysctl.h>
#include <linux/ip.h> #include <linux/ip.h>
#include <linux/ipv6.h> #include <linux/ipv6.h>
#include <linux/inet.h>
#include "dpi_trie_cache.h"
/* /*
* 120s * 300s
*/ */
int dpi_cache_node_timeout = 120; int dpi_cache_node_timeout = 300;
/*
*
*/
struct dpi_cache_node {
struct list_head list;
union {
struct in6_addr ip6;
struct in_addr ip4;
}ip;
__u16 proto;
__u16 port;
__u32 appid;
uint64_t uptime;
};
#define IPV4_ADDR (1)
#define IPV6_ADDR (2)
/* /*
* cache链表 * cache链表
@ -43,7 +30,7 @@ typedef struct pkt_info{
unsigned int srcip; unsigned int srcip;
unsigned short sport; unsigned short sport;
unsigned int dstip; unsigned int dstip;
unsigned short dport; unsigned short port;
unsigned short proto; unsigned short proto;
}pkt_info_t; }pkt_info_t;
@ -97,7 +84,6 @@ void dpi_cache_list_init(void)
return; return;
} }
/* /*
* hash值计算 * hash值计算
*/ */
@ -107,11 +93,11 @@ int dpi_cache_node_hash(struct dpi_cache_node node)
int dip = 0; int dip = 0;
pkt_info_t info; pkt_info_t info;
info.dport = node.port; info.port = node.port;
info.sport = 0; info.sport = 0;
info.srcip = 0; info.srcip = 0;
info.proto = node.proto; info.proto = node.proto;
if (node.ip.ip4.s_addr !=0 ) { if (node.ipv4 == true ) {
info.dstip = node.ip.ip4.s_addr; info.dstip = node.ip.ip4.s_addr;
} else { } else {
for (i = 0; i < 4; ++i) { for (i = 0; i < 4; ++i) {
@ -138,7 +124,7 @@ bool dpi_cache_node_compare(struct dpi_cache_node src,struct dpi_cache_node dst,
return false; return false;
} }
if(src.ip.ip4.s_addr != 0){ if(src.ipv4 == true){
if(src.ip.ip4.s_addr != dst.ip.ip4.s_addr){ if(src.ip.ip4.s_addr != dst.ip.ip4.s_addr){
return false; return false;
} }
@ -152,7 +138,8 @@ bool dpi_cache_node_compare(struct dpi_cache_node src,struct dpi_cache_node dst,
} }
if (update_appid){ if (update_appid){
dst.appid = src.appid; if(src.appid != -1)
dst.appid = src.appid;
dst.uptime = get_jiffies_64(); dst.uptime = get_jiffies_64();
} }
@ -186,7 +173,7 @@ bool dpi_cache_node_add(struct dpi_cache_node node)
{ {
int hash = 0; int hash = 0;
struct dpi_cache_node *pNode =NULL; struct dpi_cache_node *pNode =NULL;
if (dpi_cache_node_search(node,true)) { if (dpi_cache_node_search(node,true)) {
return true; return true;
} }
@ -197,8 +184,9 @@ bool dpi_cache_node_add(struct dpi_cache_node node)
} }
hash = dpi_cache_node_hash(node); hash = dpi_cache_node_hash(node);
memcpy((char*)pNode,(char*)&node,sizeof(node));
pNode->uptime = get_jiffies_64(); pNode->uptime = get_jiffies_64();
pNode->appid = node.appid; //printk("%s,%d,%d,%d,%d\n",__FUNCTION__,__LINE__,pNode->proto,pNode->port,pNode->ipv4);
list_add_tail(&pNode->list,&dpi_cache_head[hash]); list_add_tail(&pNode->list,&dpi_cache_head[hash]);
return true; return true;
} }
@ -209,40 +197,34 @@ bool dpi_cache_node_add(struct dpi_cache_node node)
*/ */
void dpi_cache_list_release(void) void dpi_cache_list_release(void)
{ {
struct list_head * pList = NULL;
struct dpi_cache_node *pNode = NULL;
int i = 0; int i = 0;
for (i = 0; i < TRIPLE_CAHCE_HASH_SIZE; i++){ for (i = 0; i < TRIPLE_CAHCE_HASH_SIZE; i++){
list_for_each(pList,&dpi_cache_head[i]){ while(!list_empty(&dpi_cache_head[i]))
pNode = list_entry(pList,struct dpi_cache_node,list); {
if(pNode){ list_del(dpi_cache_head[i].next);
list_del(&pNode->list);
}
} }
} }
} }
/* /*
* *
*/ */
void dpi_cache_node_timeout_func(void) void dpi_cache_node_timeout_func(void)
{ {
struct list_head * pList = NULL; struct list_head * pList = NULL;
struct list_head * n = NULL;
struct dpi_cache_node *pNode = NULL; struct dpi_cache_node *pNode = NULL;
int i = 0; int i = 0;
for (i = 0; i < TRIPLE_CAHCE_HASH_SIZE; i++){ for (i = 0; i < TRIPLE_CAHCE_HASH_SIZE; i++){
list_for_each(pList,&dpi_cache_head[i]){ list_for_each_safe(pList,(n),&dpi_cache_head[i]){
pNode = list_entry(pList,struct dpi_cache_node,list); pNode = list_entry(pList,struct dpi_cache_node,list);
//printk("%s,%d,%d\n",__FUNCTION__,__LINE__,pNode->port);
if(pNode&& if(pNode&&
(get_jiffies_64() - pNode->uptime >= dpi_cache_node_timeout)){ (get_jiffies_64() - pNode->uptime >= dpi_cache_node_timeout)){
list_del(&pNode->list); list_del(&pNode->list);
} }
} }
} }
} }
@ -251,12 +233,10 @@ void dpi_cache_node_timeout_func(void)
* *
*/ */
struct timer_list gTimer; struct timer_list gTimer;
void dpi_cache_timer_handler(unsigned long data) { void dpi_cache_timer_handler(unsigned long data) {
printk(KERN_INFO"timer pending:%d\n", timer_pending(&gTimer)); //printk(KERN_INFO"timer pending:%d\n", timer_pending(&gTimer));
dpi_cache_node_timeout_func(); dpi_cache_node_timeout_func();
mod_timer(&gTimer, jiffies+msecs_to_jiffies(dpi_cache_node_timeout*1000)); mod_timer(&gTimer, jiffies+msecs_to_jiffies(dpi_cache_node_timeout*1000));
} }
int dpi_cache_timer_init(void) { int dpi_cache_timer_init(void) {
@ -269,28 +249,55 @@ int dpi_cache_timer_init(void) {
printk(KERN_INFO"timer pending:%d\n", timer_pending(&gTimer)); printk(KERN_INFO"timer pending:%d\n", timer_pending(&gTimer));
return 0; return 0;
} }
void test_func(void)
{
struct dpi_cache_node node1,node2,node3;
node1.proto = 17;
in4_pton("192.168.1.1", strlen("192.168.1.1"), (u8*)&node1.ip.ip4, -1, NULL);
node1.port = 200;
node1.ipv4 = true;
dpi_cache_node_add(node1);
node2.proto = 17;
in4_pton("192.168.2.1", strlen("192.168.1.1"), (u8*)&node2.ip.ip4, -1, NULL);
node2.port = 200;
node2.ipv4 = true;
dpi_cache_node_add(node2);
node3.proto = 17;
in6_pton("2a01:198:603:0:396e:4789:8e99:890f", strlen("2a01:198:603:0:396e:4789:8e99:890f"), (u8*)&node3.ip.ip6, -1, NULL);
node3.port = 200;
node3.ipv4 = false;
dpi_cache_node_add(node3);
return;
}
void dpi_cache_timer_exit(void) { void dpi_cache_timer_exit(void) {
printk(KERN_INFO"%s jiffies:%ld\n", __func__, jiffies); printk(KERN_INFO"%s jiffies:%ld\n", __func__, jiffies);
del_timer(&gTimer); del_timer(&gTimer);
} }
int dpi_cahce_module_init(void) static int __init dpi_cahce_module_init(void)
{ {
dpi_cache_timer_init();
dpi_cache_list_init(); dpi_cache_list_init();
return 1; dpi_cache_timer_init();
//test_func();
return 0;
} }
int dpi_cache_module_exit(void) static void __exit dpi_cache_module_exit(void)
{ {
dpi_cache_timer_exit(); dpi_cache_timer_exit();
dpi_cache_list_release(); dpi_cache_list_release();
return 1;
} }
module_init(dpi_cahce_module_init); module_init(dpi_cahce_module_init);
module_exit(dpi_cache_timer_exit); module_exit(dpi_cache_module_exit);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("rpdb process module");
MODULE_AUTHOR("wuhuanzheng");

690
Platform/user/rpdb/rpdb.c
View File

@ -1,3 +1,5 @@
#include <pthread.h>
#include <unistd.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
@ -5,25 +7,28 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <sys/types.h> #include <sys/types.h>
#include <regex.h> #include <regex.h>
#include "list.h" #include "list.h"
#include "rpdb.h"
#if 0
rm -fr /tmp/nf_conntrack*
cp -fr /proc/net/nf_conntrack /tmp/nf_conntrack
cat /tmp/nf_conntrack |awk -F ' ' '{print $4}'|xargs -I {} echo {} >> /tmp/nf_conntrack_proto;
cat /tmp/nf_conntrack |awk -F ' ' '{print $7}' | awk -F '=' '{print $2}' |xargs -I {} echo {} >> /tmp/nf_conntrack_dip;
cat /tmp/nf_conntrack |awk -F ' ' '{print $9}' | awk -F '=' '{print $2}' |xargs -I {} echo {} >> /tmp/nf_conntrack_dport;
paste /tmp/nf_conntrack_proto /tmp/nf_conntrack_dip /tmp/nf_conntrack_dport | xargs -I {} echo {} >>/tmp/dpi_triple1;
sort -k2n /tmp/dpi_triple1 | uniq > /tmp/dpi_triple
#endif
struct rpdb_mark { struct rpdb_mark {
struct list_head list; struct list_head list;
union { union {
struct in6_addr ip6; struct in6_addr ip6;
struct in_addr ip4; struct in_addr ip4;
}ip; }ip;
bool ipv4;
int mark; int mark;
}; };
char rt_table[11][128]= { char rt_table[11][128]= {
"# reserved values", "# reserved values",
"#", "#",
@ -40,7 +45,7 @@ char rt_table[11][128]= {
#define RT_TABLES_PATH ("/etc/iproute2/rt_tables") #define RT_TABLES_PATH ("/etc/iproute2/rt_tables")
#define IPV4_PATTERN "^([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5])$" #define IPV4_PATTERN "^([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5]).([0-9]|[1-9][0-9]|1[0-9]{1,2}|2[0-4][0-9]|25[0-5])$"
#define IPV6_PATTERN "^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$" #define IPV6_PATTERN "^\s*((([0-9A-Fa-f]{1,4}:){7}(([0-9A-Fa-f]{1,4})|:))|(([0-9A-Fa-f]{1,4}:){6}(:|((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})|(:[0-9A-Fa-f]{1,4})))|(([0-9A-Fa-f]{1,4}:){5}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){4}(:[0-9A-Fa-f]{1,4}){0,1}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){0,2}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){0,3}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(([0-9A-Fa-f]{1,4}:)(:[0-9A-Fa-f]{1,4}){0,4}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(:(:[0-9A-Fa-f]{1,4}){0,5}((:((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|((:[0-9A-Fa-f]{1,4}){1,2})))|(((25[0-5]|2[0-4]\d|[01]?\d{1,2})(\.(25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})))(%.+)?\s*$"
#define RPDP_MARK_HASH_DEPTH (1024) #define RPDP_MARK_HASH_DEPTH (1024)
static int gRpdbMark = 0; static int gRpdbMark = 0;
@ -48,49 +53,54 @@ static int gRpdbMark = 0;
/* /*
* mark hash listsave mark * mark hash listsave mark
*/ */
struct list_head gRpdbMarkList[RPDP_MARK_HASH_DEPTH] = {0}; static struct list_head gRpdbMarkList[RPDP_MARK_HASH_DEPTH] = {0};
static int gRpdbTableIndex = 1; /* 1 - 252 */
static pthread_mutex_t mutex;
#define IPV4_ADDR (1)
#define IPV6_ADDR (2)
struct rpdb_stat{
char table_name[256];
int index;
};
struct rpdb_stat rpdbstat[256] = {0};
/* /*
popen popen
*/ */
void print_result(FILE *fp)
void
print_result(FILE *fp)
{ {
char buf[100]; char buf[100];
if(!fp) { if(!fp)
return; {
} return;
printf("\n>>>\n"); }
memset(buf, 0, sizeof(buf));
fgets(buf, sizeof(buf) - 1, fp) ; memset(buf, 0, sizeof(buf));
fgets(buf, sizeof(buf) - 1, fp);
printf("%s", buf);
printf("%s", buf); return;
printf("\n<<<\n");
} }
int rpdb_popen(char *cmd) int rpdb_popen(char *cmd)
{ {
FILE *fp = NULL; FILE *fp = NULL;
fp = popen(cmd, "r");
if(!fp)
{
perror("popen");
exit(EXIT_FAILURE);
}
print_result(fp);
pclose(fp);
return 0;
}
int rpdb_system(char *cmd)
fp = NULL; {
fp = popen(cmd, "r"); return system(cmd);
if(!fp)
{
perror("popen");
exit(EXIT_FAILURE);
}
print_result(fp);
pclose(fp);
sleep(1);
return 0;
} }
/* /*
@ -100,8 +110,11 @@ bool rpdb_init_route()
{ {
FILE *fp = NULL; FILE *fp = NULL;
int i = 0; int i = 0;
char cmd[256] = {0};
system("echo > /etc/iproute2/rt_tables"); /*
*/
rpdb_popen("echo > /etc/iproute2/rt_tables");
fp = fopen(RT_TABLES_PATH,"w"); fp = fopen(RT_TABLES_PATH,"w");
if (fp) if (fp)
{ {
@ -117,6 +130,20 @@ bool rpdb_init_route()
fclose(fp); fclose(fp);
/*
ip rule
*/
memset(cmd,0,sizeof(cmd));
sprintf(cmd,"%s","ip rule|grep fwmark|awk -F ' ' '{print $7}'|xargs -I {} ip rule del table {}");
rpdb_system(cmd);
/*
flush
*/
memset(cmd,0,sizeof(cmd));
sprintf(cmd,"%s","ip route flush cache");
rpdb_system(cmd);
/* /*
@ -126,136 +153,160 @@ bool rpdb_init_route()
INIT_LIST_HEAD(&gRpdbMarkList[i]); INIT_LIST_HEAD(&gRpdbMarkList[i]);
} }
memset((char*)&rpdbstat,0,256*sizeof(struct rpdb_stat));
pthread_mutex_init(&mutex, NULL);
return true; return true;
} }
int rpdb_calc(char *name,int flag)
static int gRpdbTableIndex = 1; /* 1 - 252 */
#define RPDB_TABLE_ADD (0)
#define RPDB_TABLE_DEL (1)
bool rpdb_add_delete_table(const char* gateway,const char *tbl_name,int op)
{ {
char table_name[128] = {0};
char line_cnt[1024] = {0};
FILE *fp = NULL;
FILE *fp_tmp = NULL;
bool ret = false;
int i = 0; int i = 0;
int cn_num = 0; int j = 0;
if (tbl_name == NULL) int flag1 = 0;
{
memset(table_name,0,sizeof(table_name));
sprintf(table_name,"table_%s",gateway);
}
else
{
if (strlen(tbl_name) < 1) /* 检查name的合法性*/
{
memset(table_name,0,sizeof(table_name));
sprintf(table_name,"%s",tbl_name);
}
else
{
return false;
}
}
fp = fopen(RT_TABLES_PATH,"ra+");
if (NULL == fp)
{
return false;
}
else
{
while(!feof(fp)) /* 遍历文件每一行,查找 路由表是否存在 */
{
memset(line_cnt,0,1024);
fgets(line_cnt,1024,fp);
if(strstr(line_cnt,table_name))
{
if (op == RPDB_TABLE_ADD)
{
fclose(fp);
return true;
}
}
}
}
/* /*
*/ */
if (op == RPDB_TABLE_ADD) for (i = 0; i < 256; i++)
{ {
if (gRpdbTableIndex > 252) if (strcmp(name,rpdbstat[i].table_name) == 0)
{ {
return false; if (flag == RPDB_ROUTE_ADD)
}
memset(line_cnt,0,1024);
sprintf(line_cnt,"%d %s",gRpdbTableIndex,table_name);
printf("RPDB_TABLE_ADD:%s\n",line_cnt);
fprintf(fp,"%s\n",line_cnt);
fclose(fp);
gRpdbTableIndex++;
return true;
}
if (op == RPDB_TABLE_DEL)
{
fp = fopen(RT_TABLES_PATH,"r+");
if (NULL == fp)
{
return false;
}
else
{
fp_tmp = fopen("/tmp/rt_tables","w");
if (fp_tmp == NULL) return false;
while(!feof(fp)) /* 遍历文件每一行,查找 路由表是否存在 */
{ {
memset(line_cnt,0,1024); rpdbstat[i].index++;
fgets(line_cnt,1024,fp); }
if(!strstr(line_cnt,table_name)) else if(flag == RPDB_ROUTE_DEL)
{
rpdbstat[i].index--;
}
if(rpdbstat[i].index == 0)
memset(rpdbstat[i].table_name,0,sizeof(rpdbstat[i].table_name));
flag1 = 1;
break;
}
}
/*
name
*/
if (flag1 == 0)
{
for (j = 0; j < 256; j++)
{
if (flag == RPDB_ROUTE_ADD)
{
if(!rpdbstat[j].table_name[0])
{ {
fprintf(fp_tmp,"%s",line_cnt); strcpy(rpdbstat[j].table_name,name);
} rpdbstat[j].index = 1;
//printf("%s,%d,index:%d,%s\n",__FUNCTION__,__LINE__,rpdbstat[j].index,rpdbstat[j].table_name);
return rpdbstat[j].index;
}
} }
fclose(fp);
fclose(fp_tmp);
system("cp -fr /tmp/rt_tables /etc/iproute2/rt_tables");
} }
} }
return true;
} }
int rpdb_get_index(char* name)
{
int i = 0;
for (i = 0; i < 256; i++)
{
if (strcmp(name,rpdbstat[i].table_name) == 0)
{
return rpdbstat[i].index;
}
}
return 0;
}
#if 0
inet_pton(AF_INET6, "2a01:198:603:0:396e:4789:8e99:890f", &ip);
printf("0x%x%x%x%x\n", htonl(ip.s6_addr32[0]),htonl(ip.s6_addr32[1]),htonl(ip.s6_addr32[2]),htonl(ip.s6_addr32[3]));
inet_pton(AF_INET6, "2a01:198:603:0::", &ip);
printf("0x%x%x%x%x\n", htonl(ip.s6_addr32[0]),htonl(ip.s6_addr32[1]),htonl(ip.s6_addr32[2]),htonl(ip.s6_addr32[3]));
#endif
int is_valid_ipv4(char *ipv4)
{
struct in_addr addr;
if(ipv4 == NULL)
return 0;
if(inet_pton(AF_INET, ipv4, (void *)&addr) == 1)
{
return 1;
}
return 0;
}
int is_valid_ipv6(char *ipv6)
{
struct in6_addr addr6;
if(ipv6 == NULL)
return 0;
if(inet_pton(AF_INET6, ipv6, (void *)&addr6) == 1)
{
return 1;
}
return 0;
}
/* /*
* ip地址是否合法 * ip地址是否合法
*/ */
#if 0
int rpdb_ipaddr_match(char *ip_addr,int flag) int rpdb_ipaddr_match(char *ip_addr,int flag)
{ {
regex_t reg; regex_t reg;
regmatch_t match[1]; regmatch_t match[1];
int retval = 0; int retval = 0;
if (flag == 1) if (flag == IPV4_ADDR)
{ {
retval = regcomp(&reg, IPV4_PATTERN, REG_EXTENDED | REG_NEWLINE); retval = regcomp(&reg, IPV4_PATTERN, REG_EXTENDED | REG_NEWLINE);
} }
else else if(flag == IPV6_ADDR)
{ {
retval = regcomp(&reg, IPV6_PATTERN, REG_EXTENDED | REG_NEWLINE); retval = regcomp(&reg, IPV6_PATTERN, REG_EXTENDED | REG_NEWLINE);
} }
else
{
return -1;
}
retval = regexec(&reg,ip_addr, sizeof match / sizeof match[0], match, 0); retval = regexec(&reg,ip_addr, sizeof match / sizeof match[0], match, 0);
printf("%s is %s\n", ip_addr, retval == 0 ? "legal" : "illegal"); printf("%s is %s\n", ip_addr, retval == 0 ? "legal" : "illegal");
regfree(&reg); regfree(&reg);
return retval; if (retval == 0)
return 1;
else
return 0;
}
#endif
/*
1 -
0 -
*/
int rpdb_ipaddr_match(char *ip_addr,int flag)
{
if (flag == IPV4_ADDR)
{
return is_valid_ipv4(ip_addr);
}
else if (flag == IPV6_ADDR)
{
return is_valid_ipv6(ip_addr);
}
return 0;
} }
@ -264,7 +315,7 @@ int rpdb_ip_hash(struct rpdb_mark node)
int ip_value = 0; int ip_value = 0;
int hash = 0; int hash = 0;
int i = 0; int i = 0;
if (node.ip.ip4.s_addr !=0 ) if (node.ip.ip4.s_addr != 0 )
{ {
ip_value = node.ip.ip4.s_addr; ip_value = node.ip.ip4.s_addr;
} }
@ -287,14 +338,28 @@ int rpdb_ip_hash(struct rpdb_mark node)
bool rpdb_mark_node_compare(struct rpdb_mark node1,struct rpdb_mark node2) bool rpdb_mark_node_compare(struct rpdb_mark node1,struct rpdb_mark node2)
{ {
if (node1.ip.ip4.s_addr == node2.ip.ip4.s_addr) int i = 0;
if (node1.ipv4 == true)
{ {
return true; if (node1.ip.ip4.s_addr == node2.ip.ip4.s_addr)
{
return true;
}
else
{
return false;
}
} }
else else
{ {
return false; for (i = 0; i < 4; i++){
if (node1.ip.ip6.s6_addr32[i] != node2.ip.ip6.s6_addr32[i]){
return false;
}
}
} }
return true;
} }
@ -309,9 +374,9 @@ struct rpdb_mark * rpdb_mark_search(struct rpdb_mark node)
list_for_each(pList,&gRpdbMarkList[hash]) { list_for_each(pList,&gRpdbMarkList[hash]) {
pNode = list_entry(pList,struct rpdb_mark,list); pNode = list_entry(pList,struct rpdb_mark,list);
printf("%s,%d,%d,%d\n",__FUNCTION__,__LINE__,pNode->ip.ip4.s_addr,pNode->mark); //printf("%s,%d,%d,%d\n",__FUNCTION__,__LINE__,pNode->ip.ip4.s_addr,pNode->mark);
if (rpdb_mark_node_compare(node,*pNode)){ if (rpdb_mark_node_compare(node,*pNode)){
printf("%s,%d,mark = %d\n",__FUNCTION__,__LINE__,pNode->mark); //printf("%s,%d,mark = %d\n",__FUNCTION__,__LINE__,pNode->mark);
return pNode; return pNode;
} }
} }
@ -344,7 +409,7 @@ int rpdb_mark_hash_add(struct rpdb_mark node)
node.mark = ++gRpdbMark; node.mark = ++gRpdbMark;
memcpy((char*)pNode,(char*)&node,sizeof(struct rpdb_mark)); memcpy((char*)pNode,(char*)&node,sizeof(struct rpdb_mark));
printf("%s,%d,%d,%d\n",__FUNCTION__,__LINE__,pNode->ip.ip4.s_addr,pNode->mark); //printf("%s,%d,%d,%d\n",__FUNCTION__,__LINE__,pNode->ip.ip4.s_addr,pNode->mark);
/* /*
*/ */
@ -357,7 +422,7 @@ int rpdb_mark_hash_add(struct rpdb_mark node)
/* /*
* mark * mark
*/ */
int rpdb_gen_mark(const char* gateway) int rpdb_gen_mark(char* gateway)
{ {
in_addr_t addr; in_addr_t addr;
if (NULL == gateway) if (NULL == gateway)
@ -367,19 +432,140 @@ int rpdb_gen_mark(const char* gateway)
addr = inet_addr(gateway); addr = inet_addr(gateway);
struct rpdb_mark node; struct rpdb_mark node;
node.ip.ip4.s_addr = addr; node.ipv4 = false;
if(rpdb_ipaddr_match(gateway,IPV4_ADDR) == 1)
{
node.ip.ip4.s_addr = addr;
node.ipv4 = true;
}
else if(rpdb_ipaddr_match(gateway,IPV6_ADDR) == 1)
{
inet_pton(AF_INET6, gateway, (void *)&node.ip.ip6);
node.ipv4 = false;
}
else
{
return -1;
}
return rpdb_mark_hash_add(node); return rpdb_mark_hash_add(node);
} }
/* int rpdb_add_route(char *gateway,char *table_name)
*
*/
bool rpdb_add_route(const char* gateway,const char *tbl_name)
{ {
char cmd[256] = {0}; char cmd[256] = {0};
int status = 0; char cmd1[256] = {0};
char table_name[128] = {0}; int ret = 0;
int mark = 0; int mark = 0;
if(rpdb_ipaddr_match(gateway,IPV6_ADDR) == 1)
{
sprintf(cmd,"ip -6 route add default via %s table %s",gateway,table_name);
sprintf(cmd1,"ip -6 route del default via %s table %s",gateway,table_name);
}
else
{
sprintf(cmd,"ip route add default via %s table %s",gateway,table_name);
sprintf(cmd1,"ip route del default via %s table %s",gateway,table_name);
}
/*先删除之前可能存在的路由,否则添加路由可能会报错*/
rpdb_system(cmd1);
/*添加路由*/
ret = rpdb_system(cmd);
printf("%s,%d,ret=%d,%s\n",__FUNCTION__,__LINE__,ret,cmd);
if(ret != 0)
{
return -1;
}
mark = rpdb_gen_mark(gateway);
memset(cmd,0,sizeof(cmd));
sprintf(cmd,"ip rule add fwmark %d table %s",mark,table_name);
ret = rpdb_system(cmd);
if (ret != 0)
return -1;
/*
*/
memset(cmd,0,sizeof(cmd));
sprintf(cmd,"%s","ip route flush cache");
ret = rpdb_system(cmd);
if (ret != 0)
return -1;
printf("%s,%d,ret=%d,%s\n",__FUNCTION__,__LINE__,ret,cmd);
return 0;
}
int rpdb_del_route(char *gateway,char *table_name)
{
char cmd[256] = {0};
int ret = 0;
if (strstr(":",gateway))
{
sprintf(cmd,"ip -6 route del default via %s table %s",gateway,table_name);
}
else
{
sprintf(cmd,"ip route del default via %s table %s",gateway,table_name);
}
ret = rpdb_system(cmd);
if (ret != 0)
return -1;
memset(cmd,0,sizeof(cmd));
sprintf(cmd,"ip rule del table %s",table_name);
ret = rpdb_system(cmd);
if (ret != 0)
return -1;
/*
*/
memset(cmd,0,sizeof(cmd));
sprintf(cmd,"%s","ip route flush cache");
ret = rpdb_system(cmd);
if (ret != 0)
return -1;
printf("%s,%d,ret=%d,%s\n",__FUNCTION__,__LINE__,ret,cmd);
return 0;
}
/*
nexthop对应的策略数
*/
int rpdb_add_delete_table(char *gateway,char* tbl_name,int op)
{
char line_cnt[1024] = {0};
FILE *fp = NULL;
FILE *fp_tmp = NULL;
bool ret = false;
int i = 0;
int cn_num = 0;
int index = 0;
int mark = 0;
char table_name[256] = {0};
int flag = 0;
/*
ip地址是否合法
*/
if((rpdb_ipaddr_match(gateway,IPV6_ADDR) == 0)&&
(rpdb_ipaddr_match(gateway,IPV4_ADDR) == 0))
{
printf("ipv addr invalid:%s\n",gateway);
return -1;
}
/*
*/
if (tbl_name == NULL) if (tbl_name == NULL)
{ {
memset(table_name,0,sizeof(table_name)); memset(table_name,0,sizeof(table_name));
@ -387,44 +573,156 @@ bool rpdb_add_route(const char* gateway,const char *tbl_name)
} }
else else
{ {
if (strlen(tbl_name) < 1) /* 检查name的合法性*/ if (strlen(tbl_name) > 1) /* 检查name的合法性*/
{ {
memset(table_name,0,sizeof(table_name)); memset(table_name,0,sizeof(table_name));
sprintf(table_name,"%s",tbl_name); sprintf(table_name,"%s",tbl_name);
} }
else else
{ {
return false; return -1;
}
}
printf("tbl_name:%s\n",table_name);
mark = rpdb_gen_mark(gateway);
index = rpdb_get_index(table_name);
printf("%s,%d,index=%d\n",__FUNCTION__,__LINE__,index);
fp = fopen(RT_TABLES_PATH,"ra+");
if (NULL == fp)
{
return -1;
}
/*
*/
if (op == RPDB_ROUTE_ADD)
{
while(!feof(fp)) /* 遍历文件每一行,查找 路由表是否存在 */
{
memset(line_cnt,0,1024);
fgets(line_cnt,1024,fp);
if(strstr(line_cnt,table_name))
{
rpdb_calc(table_name,RPDB_ROUTE_ADD);
fclose(fp);
return mark;
}
}
if (gRpdbTableIndex > 252)
{
return -1;
}
memset(line_cnt,0,1024);
sprintf(line_cnt,"%d %s",gRpdbTableIndex,table_name);
fprintf(fp,"%s\n",line_cnt);
fclose(fp);
gRpdbTableIndex++;
if(0 == rpdb_add_route(gateway,table_name))
{
rpdb_calc(table_name,RPDB_ROUTE_ADD);
return mark;
}
else
{
/*
*/
fp = fopen(RT_TABLES_PATH,"ra+");
if(NULL == fp) return -1;
fp_tmp = fopen("/tmp/rt_tables","w");
if (fp_tmp == NULL) return -1;
while(!feof(fp)) /* 遍历文件每一行,查找 路由表是否存在 */
{
memset(line_cnt,0,1024);
fgets(line_cnt,1024,fp);
if(!strstr(line_cnt,table_name))
{
fprintf(fp_tmp,"%s",line_cnt);
}
}
fclose(fp);
fclose(fp_tmp);
system("cp -fr /tmp/rt_tables /etc/iproute2/rt_tables");
return -1;
} }
} }
if (rpdb_add_delete_table(gateway,tbl_name,RPDB_TABLE_ADD) == false) if (op == RPDB_ROUTE_DEL)
{ {
return false; if(index < 1)
} {
return -1;
if (strstr(":",gateway)) }
{
sprintf(cmd,"ip -6 route add default via %s table %s",gateway,table_name); if(index > 1)
} {
else rpdb_calc(table_name,RPDB_ROUTE_DEL);
{ return mark;
sprintf(cmd,"ip route add default via %s table %s",gateway,table_name); }
}
fp = fopen(RT_TABLES_PATH,"r+");
if (NULL == fp)
{
return -1;
}
else
{
fp_tmp = fopen("/tmp/rt_tables","w");
if (fp_tmp == NULL) return -1;
while(!feof(fp)) /* 遍历文件每一行,查找 路由表是否存在 */
{
memset(line_cnt,0,1024);
fgets(line_cnt,1024,fp);
if(!strstr(line_cnt,table_name))
{
fprintf(fp_tmp,"%s",line_cnt);
}
else
{
flag = 1;
/*
*/
if(0 == rpdb_del_route(gateway,table_name))
{
rpdb_calc(table_name,RPDB_ROUTE_DEL);
}
}
}
printf("%s\n",cmd); fclose(fp);
rpdb_popen(cmd); fclose(fp_tmp);
system("cp -fr /tmp/rt_tables /etc/iproute2/rt_tables");
if (flag == 1)
{
return mark;
}
else
{
return -1;
}
}
}
}
/*
*
*/
mark = rpdb_gen_mark(gateway); int rpdb_add_del_route(char* gateway,char *tbl_name,int opt)
memset(cmd,0,sizeof(cmd)); {
sprintf(cmd,"ip rule add fwmark %d table %s",mark,table_name); return rpdb_add_delete_table(gateway,tbl_name,opt);
printf("%s\n",cmd);
rpdb_popen(cmd);
return 0;
} }
#if 0
int main() int main()
{ {
//ipaddr_match("192.168.1.1",1); //ipaddr_match("192.168.1.1",1);
@ -432,20 +730,12 @@ int main()
//ipaddr_match("192.168.1.300",1); //ipaddr_match("192.168.1.300",1);
//ipaddr_match("2000:0:0:0:0:0:0:1 ",2); //ipaddr_match("2000:0:0:0:0:0:0:1 ",2);
//ipaddr_match("fe80:0000:0000:0000:0204:61ff:fe9d:ffffff15",2); rpdb_ipaddr_match("fe80:0000:0000:0000:0204:61ff:fe9d:f5",2);
struct rpdb_mark mark_value; struct rpdb_mark mark_value;
struct rpdb_mark mark_value1; struct rpdb_mark mark_value1;
in_addr_t addr; in_addr_t addr;
rpdb_init_route(); rpdb_init_route();
rpdb_add_delete_table("1.1.2.1",NULL,RPDB_TABLE_ADD); addr = inet_addr("table_2006.6.6.6");
rpdb_add_delete_table("1.1.2.1",NULL,RPDB_TABLE_ADD);
rpdb_add_delete_table("1.2.2.1",NULL,RPDB_TABLE_ADD);
rpdb_add_delete_table("2.1.2.1",NULL,RPDB_TABLE_ADD);
rpdb_add_delete_table("2.1.2.1",NULL,RPDB_TABLE_DEL);
//rpdb_add_delete_table("2.1.2.1",NULL,RPDB_TABLE_DEL);
//rpdb_add_delete_table("1.1.2.1",NULL,RPDB_TABLE_DEL);
addr = inet_addr("2006.6.6.6");
mark_value.ip.ip4.s_addr = addr; mark_value.ip.ip4.s_addr = addr;
rpdb_mark_hash_add(mark_value); rpdb_mark_hash_add(mark_value);
rpdb_mark_hash_add(mark_value); rpdb_mark_hash_add(mark_value);
@ -458,11 +748,35 @@ int main()
rpdb_mark_hash_add(mark_value1); rpdb_mark_hash_add(mark_value1);
/*
rpdb_add_route("1.2.3.3",NULL); 192.168.221.2
rpdb_add_route("2.2.4.3",NULL); */
rpdb_add_route("3.2.4.3",NULL); printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2",NULL,RPDB_ROUTE_ADD));
rpdb_add_route("4.2.4.3",NULL); printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2","test_table",RPDB_ROUTE_ADD));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2",NULL,RPDB_ROUTE_DEL));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2","test_table",RPDB_ROUTE_DEL));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2",NULL,RPDB_ROUTE_ADD));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2","test_table",RPDB_ROUTE_ADD));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2",NULL,RPDB_ROUTE_DEL));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2","test_table",RPDB_ROUTE_DEL));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2",NULL,RPDB_ROUTE_ADD));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2","test_table",RPDB_ROUTE_ADD));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2",NULL,RPDB_ROUTE_DEL));
printf("~~~~~~%d\n",rpdb_add_del_route("192.168.221.2","test_table",RPDB_ROUTE_DEL));
/*
*/
printf("~~~~~~%d\n",rpdb_add_del_route("172.168.221.2",NULL,RPDB_ROUTE_ADD));
printf("~~~~~~%d\n",rpdb_add_del_route("112.168.221.2",NULL,RPDB_ROUTE_ADD));
/*
IP地址
*/
printf("~~~~~~%d\n",rpdb_add_del_route("392.168.221.2",NULL,RPDB_ROUTE_ADD));
printf("~~~~~~%d\n",rpdb_add_del_route("2a01:198:603:0:396e:4789:8e99:890f",NULL,RPDB_ROUTE_ADD));
return 0; return 0;
} }
#endif