1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
|
/* Copyright (C) 2011,2012 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
* Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
/**
* \file
*
* \author Eric Leblond <eric@regit.org>
*/
#ifndef __SOURCE_AFP_H__
#define __SOURCE_AFP_H__
#ifndef HAVE_PACKET_FANOUT /* not defined if linux/if_packet.h trying to force */
#define HAVE_PACKET_FANOUT 1
#define PACKET_FANOUT 18
#define PACKET_FANOUT_HASH 0
#define PACKET_FANOUT_LB 1
#define PACKET_FANOUT_CPU 2
#define PACKET_FANOUT_ROLLOVER 3
#define PACKET_FANOUT_RND 4
#define PACKET_FANOUT_QM 5
#define PACKET_FANOUT_FLAG_ROLLOVER 0x1000
#define PACKET_FANOUT_FLAG_DEFRAG 0x8000
#else /* HAVE_PACKET_FANOUT */
#include <linux/if_packet.h>
#endif /* HAVE_PACKET_FANOUT */
#include "queue.h"
#ifdef HAVE_PACKET_EBPF
#define AFP_MODE_XDP_BYPASS 1
#define AFP_MODE_EBPF_BYPASS 2
struct ebpf_timeout_config {
const char *pinned_maps_name;
uint16_t cpus_count;
uint8_t mode;
uint8_t flags;
};
#endif
/* value for flags */
#define AFP_NEED_PEER (1 << 0)
// (1<<1) vacant
#define AFP_SOCK_PROTECT (1<<2)
#define AFP_EMERGENCY_MODE (1<<3)
#define AFP_TPACKET_V3 (1<<4)
#define AFP_VLAN_IN_HEADER (1<<5)
#define AFP_MMAP_LOCKED (1<<6)
#define AFP_BYPASS (1<<7)
#define AFP_XDPBYPASS (1<<8)
#define AFP_COPY_MODE_NONE 0
#define AFP_COPY_MODE_TAP 1
#define AFP_COPY_MODE_IPS 2
#define AFP_IFACE_NAME_LENGTH 48
/* In kernel the allocated block size is allocated using the formula
* page_size << order. So default value is using the same formula with
* an order of 3 which guarantee we have some room in the block compared
* to standard frame size */
#define AFP_BLOCK_SIZE_DEFAULT_ORDER 3
typedef struct AFPIfaceConfig_
{
char iface[AFP_IFACE_NAME_LENGTH];
/* number of threads */
int threads;
/* socket buffer size */
int buffer_size;
/* ring size in number of packets */
int ring_size;
/* block size for tpacket_v3 in */
int block_size;
/* block timeout for tpacket_v3 in milliseconds */
int block_timeout;
/* cluster param */
uint16_t cluster_id;
int cluster_type;
/* promisc mode */
int promisc;
/* misc use flags including ring mode */
unsigned int flags;
uint8_t copy_mode;
ChecksumValidationMode checksum_mode;
const char *bpf_filter;
const char *ebpf_lb_file;
int ebpf_lb_fd;
const char *ebpf_filter_file;
int ebpf_filter_fd;
const char *xdp_filter_file;
int xdp_filter_fd;
uint8_t xdp_mode;
const char *out_iface;
#ifdef HAVE_PACKET_EBPF
struct ebpf_timeout_config ebpf_t_config;
#endif
SC_ATOMIC_DECLARE(unsigned int, ref);
void (*DerefFunc)(void *);
} AFPIfaceConfig;
/**
* \ingroup afppeers
* @{
*/
typedef struct AFPPeer_ {
SC_ATOMIC_DECLARE(int, socket);
SC_ATOMIC_DECLARE(int, sock_usage);
SC_ATOMIC_DECLARE(int, if_idx);
SC_ATOMIC_DECLARE(uint64_t, send_errors);
int flags;
SCMutex sock_protect;
int turn; /**< Field used to store initialisation order. */
SC_ATOMIC_DECLARE(uint8_t, state);
struct AFPPeer_ *peer;
TAILQ_ENTRY(AFPPeer_) next;
char iface[AFP_IFACE_NAME_LENGTH];
} AFPPeer;
/**
* \brief per packet AF_PACKET vars
*
* This structure is used y the release data system and is cleaned
* up by the AFPV_CLEANUP macro below.
*/
typedef struct AFPPacketVars_
{
void *relptr;
AFPPeer *peer; /**< Sending peer for IPS/TAP mode */
/** Pointer to ::AFPPeer used for capture. Field is used to be able
* to do reference counting.
*/
AFPPeer *mpeer;
uint8_t copy_mode;
uint16_t vlan_tci;
#ifdef HAVE_PACKET_EBPF
int v4_map_fd;
int v6_map_fd;
unsigned int nr_cpus;
#endif
} AFPPacketVars;
#ifdef HAVE_PACKET_EBPF
#define AFPV_CLEANUP(afpv) \
do { \
(afpv)->relptr = NULL; \
(afpv)->copy_mode = 0; \
(afpv)->vlan_tci = 0; \
(afpv)->peer = NULL; \
(afpv)->mpeer = NULL; \
(afpv)->v4_map_fd = -1; \
(afpv)->v6_map_fd = -1; \
} while (0)
#else
#define AFPV_CLEANUP(afpv) \
do { \
(afpv)->relptr = NULL; \
(afpv)->copy_mode = 0; \
(afpv)->vlan_tci = 0; \
(afpv)->peer = NULL; \
(afpv)->mpeer = NULL; \
} while (0)
#endif
/**
* @}
*/
void TmModuleReceiveAFPRegister (void);
void TmModuleDecodeAFPRegister (void);
TmEcode AFPPeersListInit(void);
TmEcode AFPPeersListCheck(void);
void AFPPeersListClean(void);
int AFPGetLinkType(const char *ifname);
int AFPIsFanoutSupported(uint16_t cluster_id);
#endif /* __SOURCE_AFP_H__ */
|
