diff --git a/worker/Makefile.main_riscv b/worker/Makefile.main_riscv index 3a06a3a..67e931f 100644 --- a/worker/Makefile.main_riscv +++ b/worker/Makefile.main_riscv @@ -1,9 +1,15 @@ CC = riscv64-linux-gnu-gcc DPDK_PREFIX = ./dpdk-riscv-install +SQLITE_PREFIX = ./sqlite3-riscv-install PKG_CONFIG = env PKG_CONFIG_LIBDIR=$(DPDK_PREFIX)/lib/pkgconfig pkg-config -CFLAGS_BASE = -Iinclude -O2 $(shell $(PKG_CONFIG) --cflags libdpdk) +CFLAGS_BASE = -Iinclude/dpdk_filter -O2 $(shell $(PKG_CONFIG) --cflags libdpdk) + +DEBUG ?= 0 +ifeq ($(DEBUG),1) + CFLAGS_BASE += -DDEBUG +endif LDFLAGS = -L$(DPDK_PREFIX)/lib \ -Wl,--start-group \ @@ -13,10 +19,11 @@ LDFLAGS = -L$(DPDK_PREFIX)/lib \ -lrte_net \ -lrte_log -ldl \ -lrte_hash \ - -sqlite3 \ + -lrte_timer \ -Wl,--end-group \ - -latomic - + -latomic \ + -L$(SQLITE_PREFIX)/lib \ + -lsqlite3 SRCS = src/dpdk_filter/main.c src/dpdk_filter/net_port.c src/dpdk_filter/filtr_packets.c src/dpdk_filter/pars_packets.c src/dpdk_filter/proc_packets.c src/dpdk_filter/dns_cache.c diff --git a/worker/Makefile.main_x86 b/worker/Makefile.main_x86 index 71fd148..5d89c92 100644 --- a/worker/Makefile.main_x86 +++ b/worker/Makefile.main_x86 @@ -1,6 +1,11 @@ CC = gcc -CFLAGS_BASE = -Iinclude -O2 -msse4.2 -mpclmul -maes -LDFLAGS = -lrte_eal -lrte_ethdev -lrte_mempool -lrte_mbuf -lrte_bus_vdev -lpthread -lnuma -ldl -lrte_net -lrte_hash -lsqlite3 +CFLAGS_BASE = -Iinclude/dpdk_filter -O2 -msse4.2 -mpclmul -maes +LDFLAGS = -lrte_eal -lrte_ethdev -lrte_mempool -lrte_mbuf -lrte_bus_vdev -lpthread -lnuma -ldl -lrte_net -lrte_hash -lsqlite3 -lrte_timer + +DEBUG ?= 0 +ifeq ($(DEBUG),1) + CFLAGS_BASE += -DDEBUG +endif SRCS = src/dpdk_filter/main.c src/dpdk_filter/net_port.c src/dpdk_filter/filtr_packets.c src/dpdk_filter/pars_packets.c src/dpdk_filter/proc_packets.c src/dpdk_filter/dns_cache.c diff --git a/worker/README(DPDK FILTRING).md b/worker/README(DPDK FILTRING).md new file mode 100644 index 0000000..42f60f5 --- /dev/null +++ b/worker/README(DPDK FILTRING).md @@ -0,0 +1,55 @@ +# installing_dpdk.md +Setting up the environment for cross-compilation and installing dpdk is described in "installing_dpdk.md" on the wiki. + + + +# Create a pair of veth and TAP device + +```bash +sudo ./scripts/set_virt_dev_for_test_xdp.sh +``` +The script creates a pair veth0 - veth1 + +```bash +sudo ./scripts/set_tap_dev.sh +``` +The script creates a TAP device tap0 + + +# Project assembly +For real ports (eth0/eth1 + tap0): +```bash +make -f Makefile.main_riscv all +``` + +For virtual ports (veth0/veth1 + tap0): +```bash +make -f Makefile.main_riscv virt +``` +Defining the -DVIRT_PORTS macro switches the program to use virtual interfaces. + +Before starting, it is recommended to run the virtual device configuration script: +```bash +sudo ./scripts/set_virt_dev_for_test_xdp.sh +``` + +For debugging add DEBUG=1, example: +```bash +make -f Makefile.main_x86 virt DEBUG=1 +``` + +# Clean +```bash +make -f Makefile.main_riscv clean +``` + +# Launch +The program requires superuser rights (to work with DPDK and XDP): +```bash +sudo ./main-riscv-virt +``` + + +# Notes +The DNS cache is automatically saved to cache.db (SQLite) and restored on restart. +Periodic saving of the cache occurs every hour using DPDK timers. \ No newline at end of file diff --git a/worker/dns_sender b/worker/dns_sender deleted file mode 100755 index 770ffc9..0000000 Binary files a/worker/dns_sender and /dev/null differ diff --git a/worker/helper for association with Worker.md b/worker/helper for association with Worker.md index de73307..ca4428e 100644 --- a/worker/helper for association with Worker.md +++ b/worker/helper for association with Worker.md @@ -1,18 +1,24 @@ -REQUESTED_CLASSIFICATION структура для передачи от контроллера к воркеру: +REQUESTED_CLASSIFICATION - структура для передачи от контроллера к воркеру: + +```code struct requested_classification { - char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN] - политика - int get_trust_level - уровень доверия к сайту + char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN] + int get_trust_level } +``` +Структура для хранения категории с минимальным уровнем доверия для этой категории: -Структура для хранения категории с минимальным уровнем доверия для этой категории +```code struct trust_categories_with_lvl { char locked_by_trust_category[CATEGORY_MAX_LEN]; int trust_lvl; } +``` +у нас есть переменные, которые получаем при инициализации воркера и заносим в структуру (периодически обновляем): -у нас есть переменные, которые получаем при инициализации воркера и заносим в структуру (периодически обновляем) +```code struct BASE_POLICY { char locked_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]; struct trust_categories_with_lvl categories_with_lvl[MAX_CATEGORIES_BY_TRUST_LVL]; @@ -20,7 +26,8 @@ struct BASE_POLICY { char allow_domains[MAX_DOMAINS][MAX_LEN_DOMEIN]; int min_trust_level; } +``` +Добавлен tap порт, по которому проходят пакеты исключений в ядро, обрабатываются и ответ отсылается на входящий порт (port_in) -Добавлен tap порт, по которому проходят пакеты исключений в ядро, обрабатываются и ответ отсылается на входящий порт (port_in) \ No newline at end of file diff --git a/worker/include/dpdk_filter/constants.h b/worker/include/dpdk_filter/constants.h index 6ae6d1d..f046259 100644 --- a/worker/include/dpdk_filter/constants.h +++ b/worker/include/dpdk_filter/constants.h @@ -1,6 +1,7 @@ #ifndef CONSTANTS_H #define CONSTANTS_H +#include #define MAX_CATEGORIES_BY_TRUST_LVL 64 #define MAX_DOMAINS 64 @@ -10,6 +11,6 @@ #define CATEGORY_MAX_LEN 64 #define DNS_CACHE_DEFAULT_TTL (7 * 24 * 60 * 60) #define LEN_LIST_EXCEPTION_PORTS 1 -extern const uint16_t LIST_EXCEPTION_PORTS[LEN_LIST_EXCEPTION_PORTS]; +extern const uint16_t LIST_EXCEPTION_PORTS[LEN_LIST_EXCEPTION_PORTS]; #endif \ No newline at end of file diff --git a/worker/include/dpdk_filter/dns_cache.h b/worker/include/dpdk_filter/dns_cache.h index 7f953f9..55cad02 100644 --- a/worker/include/dpdk_filter/dns_cache.h +++ b/worker/include/dpdk_filter/dns_cache.h @@ -6,15 +6,20 @@ #include #include #include +#include +#include #include #include -#include - -#include "../../include/dpdk_filter/constants.h" -#include "../../include/dpdk_filter/types.h" - +#include "constants.h" +#include "types.h" +void load_cache_from_sqlite(void); +void close_sqlite_cache(void); +int save_single_node_to_sqlite(const char *domain, struct node_cache *node); +void *save_all_cache_to_sqlite(void *arg); +void init_tables_sqlite_dns_cache(void); +void copy_data_from_hash_to_snapshot(struct snapshot *snapt); void init_dns_cache(void); int lookup_dns_cache(const char *domain, struct node_cache **return_node); diff --git a/worker/include/dpdk_filter/filtr_packets.h b/worker/include/dpdk_filter/filtr_packets.h index dda5332..188830b 100644 --- a/worker/include/dpdk_filter/filtr_packets.h +++ b/worker/include/dpdk_filter/filtr_packets.h @@ -1,22 +1,29 @@ #ifndef FILTR_PAK_H #define FILTR_PAK_H +#include "constants.h" #include "pars_packets.h" +#include "types.h" #include #include -#include "../../include/dpdk_filter/constants.h" -#include "../../include/dpdk_filter/types.h" -bool check_is_block(char domain[DOMAIN_MAX_LEN], char block_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]); +bool check_is_block(char domain[DOMAIN_MAX_LEN], + char block_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]); -bool check_is_allow(char domain[DOMAIN_MAX_LEN], char allow_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]); +bool check_is_allow(char domain[DOMAIN_MAX_LEN], + char allow_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]); bool check_trust_level(int get_trust_level, int min_trust_level); -bool check_categories(char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN], char locked_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]); +bool check_categories(char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN], + char locked_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]); -bool check_categories_with_lvl(struct requested_classification* req_clas, struct trust_categories_with_lvl categories_with_lvl[MAX_CATEGORIES_BY_TRUST_LVL]); +bool check_categories_with_lvl( + struct requested_classification *req_clas, + struct trust_categories_with_lvl + categories_with_lvl[MAX_CATEGORIES_BY_TRUST_LVL]); -bool main_filtring(struct requested_classification* req_clas, struct BASE_POLICY* policy, char domain[DOMAIN_MAX_LEN]); +bool main_filtring(struct requested_classification *req_clas, + struct BASE_POLICY *policy, char domain[DOMAIN_MAX_LEN]); #endif \ No newline at end of file diff --git a/worker/include/dpdk_filter/net_port.h b/worker/include/dpdk_filter/net_port.h index e34f8b1..ebe9224 100644 --- a/worker/include/dpdk_filter/net_port.h +++ b/worker/include/dpdk_filter/net_port.h @@ -1,18 +1,15 @@ #ifndef AF_XDP_PORT_H #define AF_XDP_PORT_H +#include "types.h" #include #include -#include "../../include/dpdk_filter/types.h" - - struct net_port *init_struct_tap_port(const char *tap_iface_name, - struct rte_mempool *mbuf_pool); - + struct rte_mempool *mbuf_pool); struct net_port *init_struct_af_xdp_port(const char *iface_name, - struct rte_mempool *mbuf_pool); + struct rte_mempool *mbuf_pool); int net_port_init(struct net_port *port); diff --git a/worker/include/dpdk_filter/pars_packets.h b/worker/include/dpdk_filter/pars_packets.h index d319225..7d72726 100644 --- a/worker/include/dpdk_filter/pars_packets.h +++ b/worker/include/dpdk_filter/pars_packets.h @@ -1,12 +1,10 @@ #ifndef PARS_PAK_H #define PARS_PAK_H +#include "constants.h" +#include "types.h" #include #include -#include "../../include/dpdk_filter/constants.h" -#include "../../include/dpdk_filter/types.h" - - void parsing_pakage(struct rte_mbuf *paket, struct info_of_pakage *info_pac); diff --git a/worker/include/dpdk_filter/proc_packets.h b/worker/include/dpdk_filter/proc_packets.h index c7f7737..aafc1de 100644 --- a/worker/include/dpdk_filter/proc_packets.h +++ b/worker/include/dpdk_filter/proc_packets.h @@ -1,24 +1,20 @@ #ifndef PROC_PAK_H #define PROC_PAK_H -#include "../../include/dpdk_filter/net_port.h" -#include "../../include/dpdk_filter/filtr_packets.h" -#include "../../include/dpdk_filter/pars_packets.h" -#include "../../include/dpdk_filter/constants.h" -#include "../../include/dpdk_filter/types.h" +#include "constants.h" +#include "filtr_packets.h" +#include "net_port.h" +#include "pars_packets.h" +#include "types.h" #include #include #include #include #include - - - - - -void pakage_processing(struct net_port *port_in, - struct net_port *port_out, struct net_port *port_exception, uint16_t queue_number, - uint16_t nb_pkts, struct rte_mbuf **pkts, struct BASE_POLICY* policy); +void pakage_processing(struct net_port *port_in, struct net_port *port_out, + struct net_port *port_exception, uint16_t queue_number, + uint16_t nb_pkts, struct rte_mbuf **pkts, + struct BASE_POLICY *policy); #endif \ No newline at end of file diff --git a/worker/include/dpdk_filter/types.h b/worker/include/dpdk_filter/types.h index d056e50..366d543 100644 --- a/worker/include/dpdk_filter/types.h +++ b/worker/include/dpdk_filter/types.h @@ -2,8 +2,27 @@ #define TYPES_H #include "constants.h" -#include #include +#include + +#ifdef DEBUG +#define LOG_INFO(info, ...) \ + fprintf(stdout, "[INFO] %s: %d: " info "\n", __func__, __LINE__, \ + ##__VA_ARGS__) + +#define LOG_ERROR(error, ...) \ + fprintf(stdout, "[ERROR] %s: %d: " error "\n", __func__, __LINE__, \ + ##__VA_ARGS__) + +#else +#define LOG_INFO(info, ...) \ + do { \ + } while (0) + +#define LOG_ERROR(error, ...) \ + fprintf(stdout, "[ERROR] %s: %d: " error "\n", __func__, __LINE__, \ + ##__VA_ARGS__) +#endif struct net_port { uint16_t port_id; @@ -20,24 +39,24 @@ struct info_of_pakage { }; struct trust_categories_with_lvl { - char locked_by_trust_category[CATEGORY_MAX_LEN]; - int trust_lvl; + char locked_by_trust_category[CATEGORY_MAX_LEN]; + int trust_lvl; }; struct BASE_POLICY { char locked_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]; - struct trust_categories_with_lvl categories_with_lvl[MAX_CATEGORIES_BY_TRUST_LVL]; + struct trust_categories_with_lvl + categories_with_lvl[MAX_CATEGORIES_BY_TRUST_LVL]; char block_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]; char allow_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]; int min_trust_level; }; struct requested_classification { - char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]; - int get_trust_level; + char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]; + int get_trust_level; }; - struct node_cache { char categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]; bool solution_is_send; @@ -47,5 +66,9 @@ struct node_cache { char *key_domain; }; +struct snapshot { + struct node_cache node; + char domain[DOMAIN_MAX_LEN]; +}; #endif diff --git a/worker/scripts/set_tap_dev.sh b/worker/scripts/set_tap_dev.sh new file mode 100755 index 0000000..cb0cb03 --- /dev/null +++ b/worker/scripts/set_tap_dev.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +TAP="tap0" + +sudo ip tuntap add $TAP mode tap +sudo ip link set $TAP up +sudo ip addr add 10.0.3.1/24 dev $TAP \ No newline at end of file diff --git a/worker/src/dpdk_filter/af_xdp_port.c b/worker/src/dpdk_filter/af_xdp_port.c deleted file mode 100644 index 25ecb7d..0000000 --- a/worker/src/dpdk_filter/af_xdp_port.c +++ /dev/null @@ -1,176 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "../../include/dpdk_filter/af_xdp_port.h" - -#define RX_RING_SIZE 1024 -#define TX_RING_SIZE 1024 - -int find_port_by_dev_name(const char *dev_name, uint16_t *port_id_dev) { - uint16_t count_ports = rte_eth_dev_count_avail(); - struct rte_eth_dev_info dev_info; - char name[64]; - - for (uint16_t port_id = 0; port_id < count_ports; port_id++) { - int ret = rte_eth_dev_info_get(port_id, &dev_info); - - if (ret) { - printf("[ERROR] Failed to retrieve the contextual information of an " - "Ethernet device: %s\n", - strerror(-ret)); - return ret; - } - - if (rte_eth_dev_get_name_by_port(port_id, name) == 0 && - strcmp(name, dev_name) == 0) { - *port_id_dev = port_id; - return 0; - } - } - return -1; -} - -struct af_xdp_port *init_struct_af_xdp_port(const char *iface_name, - struct rte_mempool *mbuf_pool) { - struct af_xdp_port *port = calloc(1, sizeof(struct af_xdp_port)); - if (!port) { - printf("[ERROR] Failed to allocate memory for struct af_xdp_port\n"); - return NULL; - } - - snprintf(port->dev_args, sizeof(port->dev_args), - "iface=%s,start_queue=0,queue_count=1", iface_name); - snprintf(port->dev_name, sizeof(port->dev_name), "net_af_xdp_%s", iface_name); - strncpy(port->iface_name, iface_name, sizeof(port->iface_name) - 1); - port->iface_name[sizeof(port->iface_name) - 1] = '\0'; - port->mbuf_pool = mbuf_pool; - port->port_id = -1; - - return port; -} - -int af_xdp_port_init(struct af_xdp_port *port) { - int ret; - struct rte_eth_conf port_conf = {0}; - const char *dev_name = port->dev_name; - uint16_t port_id; - - ret = rte_vdev_init(dev_name, port->dev_args); - - if (ret < 0) { - printf("[ERROR] Failed to create vdev: %s\n", strerror(-ret)); - return ret; - } - - ret = find_port_by_dev_name(port->dev_name, &port_id); - if (ret) { - printf("no port was found that has the same vdev name. vdev = %s", - port->dev_name); - rte_vdev_uninit(dev_name); - return -1; - } - - port->port_id = port_id; - - if (!rte_eth_dev_is_valid_port(port_id)) { - printf("[ERROR] Port %u is not valid\n", port_id); - rte_vdev_uninit(dev_name); - return -EINVAL; - } - - ret = rte_eth_dev_configure(port_id, 1, 1, &port_conf); - if (ret < 0) { - printf("[ERROR] Failed to configure port: %s\n", strerror(-ret)); - rte_vdev_uninit(dev_name); - return ret; - } - - ret = rte_eth_rx_queue_setup(port_id, 0, RX_RING_SIZE, - rte_eth_dev_socket_id(port_id), NULL, - port->mbuf_pool); - if (ret < 0) { - printf("[ERROR] Failed to setup RX queue: %s\n", strerror(-ret)); - rte_vdev_uninit(dev_name); - return ret; - } - - ret = rte_eth_tx_queue_setup(port_id, 0, TX_RING_SIZE, - rte_eth_dev_socket_id(port_id), NULL); - - if (ret < 0) { - printf("[ERROR] Failed to setup TX queue: %s\n", strerror(-ret)); - rte_vdev_uninit(dev_name); - return ret; - } - - printf("Port %u initialized\n", port_id); - return 0; -} - -int af_xdp_port_start(uint16_t port_id) { - int ret; - - ret = rte_eth_dev_start(port_id); - if (ret < 0) { - printf("[ERROR] Failed to start: %s\n", strerror(-ret)); - return ret; - } - - ret = rte_eth_promiscuous_enable(port_id); - if (ret) { - printf("[ERROR] Failed to enable receipt in promiscuous mode for an " - "Ethernet device: %s\n", - strerror(-ret)); - return ret; - } - - printf("Port %u started\n", port_id); - return 0; -} - -void af_xdp_port_destroy(struct af_xdp_port *port) { - if (!port) - return; - free(port); -} - -void af_xdp_port_close(struct af_xdp_port *port) { - - if (!port) - return; - - int ret; - uint16_t port_id = port->port_id; - - ret = rte_eth_dev_stop(port_id); - if (ret) { - printf("[ERROR] Failed to stop an Ethernet device: %s\n", strerror(-ret)); - return; - } - - ret = rte_eth_dev_close(port_id); - if (ret) { - printf("[ERROR] Failed to close a stopped Ethernet device: %s\n", - strerror(-ret)); - return; - } - - ret = rte_vdev_uninit(port->dev_name); - if (ret) { - printf("[ERROR] Failed to uninitialize a driver: %s\n", strerror(-ret)); - return; - } - - port->port_id = -1; - printf("Port %u closed\n", port_id); -} \ No newline at end of file diff --git a/worker/src/dpdk_filter/dns_cache.c b/worker/src/dpdk_filter/dns_cache.c index 4427e1f..cdeb868 100644 --- a/worker/src/dpdk_filter/dns_cache.c +++ b/worker/src/dpdk_filter/dns_cache.c @@ -1,4 +1,10 @@ -#include "../../include/dpdk_filter/dns_cache.h" +#include "dns_cache.h" +#include +#include +#include + +static sqlite3 *cache_table; +static rte_spinlock_t cache_spinlock = RTE_SPINLOCK_INITIALIZER; static struct rte_hash *dns_hash; static struct rte_hash_parameters hash_params = { @@ -8,6 +14,369 @@ static struct rte_hash_parameters hash_params = { .hash_func = rte_jhash, .extra_flag = RTE_HASH_EXTRA_FLAGS_EXT_TABLE, }; +static struct rte_timer cache_save_timer; +static uint64_t save_interval_cycles; + +static int insert_loaded_node(const char *domain, struct node_cache *node) { + char *key_copy = rte_malloc("dns_key(domain)", DOMAIN_MAX_LEN, 0); + if (!key_copy) { + LOG_ERROR("Failed to allocate key for loaded node"); + return -ENOMEM; + } + + strncpy(key_copy, domain, DOMAIN_MAX_LEN); + key_copy[DOMAIN_MAX_LEN - 1] = '\0'; + node->key_domain = key_copy; + + rte_spinlock_lock(&cache_spinlock); + int ret = rte_hash_add_key_data(dns_hash, key_copy, node); + rte_spinlock_unlock(&cache_spinlock); + + if (ret < 0) { + LOG_ERROR("Failed to insert loaded node into hash: %s", strerror(-ret)); + rte_free(key_copy); + return ret; + } + return 0; +} + +void load_cache_from_sqlite(void) { + if (!dns_hash) { + LOG_ERROR("Hash table not initialized for loading"); + return; + } + if (!cache_table) { + LOG_ERROR("SQLite connection not open for loading"); + return; + } + + uint64_t now_cycles = rte_get_timer_cycles(); + uint64_t hz = rte_get_timer_hz(); + + const char *sql = "SELECT domain, solution_is_send, trust_lvl, timestamp, " + "ttl_seconds FROM main_table;"; + + sqlite3_stmt *stmt = NULL; + int ret = sqlite3_prepare_v2(cache_table, sql, -1, &stmt, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to prepare SELECT from main_table: %s", + sqlite3_errmsg(cache_table)); + return; + } + + int loaded = 0; + int expired = 0; + + while (sqlite3_step(stmt) == SQLITE_ROW) { + const char *domain = (const char *)sqlite3_column_text(stmt, 0); + int solution_is_send = sqlite3_column_int(stmt, 1); + int trust_lvl = sqlite3_column_int(stmt, 2); + uint64_t timestamp = (uint64_t)sqlite3_column_int64(stmt, 3); + uint32_t ttl_seconds = (uint32_t)sqlite3_column_int(stmt, 4); + + uint64_t age_seconds = (now_cycles - timestamp) / hz; + if (age_seconds >= ttl_seconds) { + expired++; + continue; + } + + struct node_cache *node = + rte_malloc("loaded_node_cache", sizeof(struct node_cache), 0); + if (!node) { + LOG_ERROR("Failed to allocate node for domain %s", domain); + continue; + } + + node->solution_is_send = solution_is_send ? true : false; + node->trust_lvl = trust_lvl; + node->timestamp = timestamp; + node->ttl_seconds = ttl_seconds; + + const char *sql_cat = + "SELECT certain_category FROM categories_table WHERE domain = ?;"; + sqlite3_stmt *stmt_cat = NULL; + int rc_cat = sqlite3_prepare_v2(cache_table, sql_cat, -1, &stmt_cat, NULL); + if (rc_cat != SQLITE_OK) { + LOG_ERROR("Failed to prepare categories SELECT: %s", + sqlite3_errmsg(cache_table)); + rte_free(node); + continue; + } + + sqlite3_bind_text(stmt_cat, 1, domain, -1, SQLITE_STATIC); + + int cat_idx = 0; + while (sqlite3_step(stmt_cat) == SQLITE_ROW && cat_idx < MAX_CATEGORIES) { + const unsigned char *cat_text = sqlite3_column_text(stmt_cat, 0); + if (cat_text) { + strncpy(node->categories[cat_idx], (const char *)cat_text, + CATEGORY_MAX_LEN - 1); + node->categories[cat_idx][CATEGORY_MAX_LEN - 1] = '\0'; + } else { + node->categories[cat_idx][0] = '\0'; + } + cat_idx++; + } + + sqlite3_finalize(stmt_cat); + + if (insert_loaded_node(domain, node) == 0) { + loaded++; + } else { + rte_free(node); + } + } + + ret = sqlite3_finalize(stmt); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to delete prepared statement: %s", + sqlite3_errmsg(cache_table)); + return; + } + LOG_INFO("Loaded %d records from SQLite, %d expired skipped", loaded, + expired); +} + +static void cache_save_timer_cb(struct rte_timer *tim, void *arg) { + (void)tim; + (void)arg; + + LOG_INFO("Periodic cache saving to SQLite."); + + pthread_t tid; + if (pthread_create(&tid, NULL, save_all_cache_to_sqlite, NULL) != 0) { + LOG_ERROR("Failed to create save thread"); + return; + } + + pthread_detach(tid); +} + +void close_sqlite_cache(void) { + if (cache_table) { + int ret = sqlite3_close(cache_table); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed close SQLite connection: %s", + sqlite3_errmsg(cache_table)); + } + } + cache_table = NULL; +} + +int save_single_node_to_sqlite(const char *domain, struct node_cache *node) { + sqlite3_stmt *stmt = NULL; + int ret; + + const char *sql_main = + "INSERT OR REPLACE INTO main_table " + "(domain, solution_is_send, trust_lvl, timestamp, ttl_seconds) " + "VALUES (?, ?, ?, ?, ?)"; + + ret = sqlite3_prepare_v2(cache_table, sql_main, -1, &stmt, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to prepare main_table insert: %s", + sqlite3_errmsg(cache_table)); + sqlite3_finalize(stmt); + return ret; + } + + sqlite3_bind_text(stmt, 1, domain, -1, SQLITE_STATIC); + sqlite3_bind_int(stmt, 2, node->solution_is_send ? 1 : 0); + sqlite3_bind_int(stmt, 3, node->trust_lvl); + sqlite3_bind_int64(stmt, 4, (sqlite3_int64)node->timestamp); + sqlite3_bind_int(stmt, 5, (int)node->ttl_seconds); + + ret = sqlite3_step(stmt); + if (ret != SQLITE_DONE) { + LOG_ERROR("Failed to insert into main_table: %s", + sqlite3_errmsg(cache_table)); + sqlite3_finalize(stmt); + return ret; + } + + ret = sqlite3_finalize(stmt); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to delete prepared statement: %s", + sqlite3_errmsg(cache_table)); + return ret; + } + + const char *sql_del = "DELETE FROM categories_table WHERE domain = ?"; + ret = sqlite3_prepare_v2(cache_table, sql_del, -1, &stmt, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to prepare delete: %s", sqlite3_errmsg(cache_table)); + sqlite3_finalize(stmt); + return ret; + } + + sqlite3_bind_text(stmt, 1, domain, -1, SQLITE_STATIC); + ret = sqlite3_step(stmt); + if (ret != SQLITE_DONE) { + LOG_ERROR("Failed to delete old categories: %s", + sqlite3_errmsg(cache_table)); + sqlite3_finalize(stmt); + return ret; + } + + ret = sqlite3_finalize(stmt); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to delete prepared statement: %s", + sqlite3_errmsg(cache_table)); + return ret; + } + + const char *sql_cat = + "INSERT INTO categories_table (domain, certain_category) VALUES (?, ?)"; + ret = sqlite3_prepare_v2(cache_table, sql_cat, -1, &stmt, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to prepare categories insert: %s", + sqlite3_errmsg(cache_table)); + return ret; + } + + for (int i = 0; i < MAX_CATEGORIES; i++) { + if (strlen(node->categories[i]) == 0) { + break; + } + + sqlite3_bind_text(stmt, 1, domain, -1, SQLITE_STATIC); + sqlite3_bind_text(stmt, 2, node->categories[i], -1, SQLITE_STATIC); + + ret = sqlite3_step(stmt); + if (ret != SQLITE_DONE) { + LOG_ERROR("Failed to prepare categories_table insert: %s", + sqlite3_errmsg(cache_table)); + sqlite3_finalize(stmt); + return ret; + } + + ret = sqlite3_reset(stmt); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to reset prepared statement: %s", + sqlite3_errmsg(cache_table)); + sqlite3_finalize(stmt); + return ret; + } + } + + ret = sqlite3_finalize(stmt); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to delete prepared statement: %s", + sqlite3_errmsg(cache_table)); + return ret; + } + + return SQLITE_OK; +} + +void copy_data_from_hash_to_snapshot(struct snapshot *snapt) { + + int i = 0; + uint32_t next = 0; + const void *key; + void *data; + + rte_spinlock_lock(&cache_spinlock); + + while (rte_hash_iterate(dns_hash, &key, &data, &next) >= 0) { + + strncpy(snapt[i].domain, (const char *)key, DOMAIN_MAX_LEN - 1); + snapt[i].domain[DOMAIN_MAX_LEN - 1] = '\0'; + + struct node_cache *orig = (struct node_cache *)data; + memcpy(&snapt[i].node, orig, sizeof(struct node_cache)); + + i++; + } + + rte_spinlock_unlock(&cache_spinlock); +} + +void *save_all_cache_to_sqlite(void *arg) { + (void)arg; + if (!dns_hash) { + LOG_ERROR("Hash table is not initialized"); + return NULL; + } + + if (!cache_table) { + LOG_ERROR("SQLite connection is not open"); + return NULL; + } + + uint32_t count = rte_hash_count(dns_hash); + struct snapshot *snapt = malloc(count * sizeof(struct snapshot)); + copy_data_from_hash_to_snapshot(snapt); + + int ret; + + ret = sqlite3_exec(cache_table, "BEGIN TRANSACTION;", NULL, NULL, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to exec BEGIN TRANSACTION: %s", + sqlite3_errmsg(cache_table)); + return NULL; + } + + int records = 0; + int errors = 0; + for (int i = 0; i < count; i++) { + if (save_single_node_to_sqlite(snapt[i].domain, &snapt[i].node) == + SQLITE_OK) + records++; + else + errors++; + } + + ret = sqlite3_exec(cache_table, "COMMIT;", NULL, NULL, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to exec COMMIT: %s", sqlite3_errmsg(cache_table)); + return NULL; + } + + free(snapt); + LOG_INFO("Saved %d records to SQLite, %d errors", count, errors); + return NULL; +} + +void init_tables_sqlite_dns_cache(void) { + int ret = sqlite3_open("cache.db", &cache_table); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to open cache.db"); + return; + } + + const char *create_main_table = "CREATE TABLE IF NOT EXISTS main_table(" + "domain TEXT PRIMARY KEY, " + "solution_is_send INT NOT NULL, " + "trust_lvl INT NOT NULL, " + "timestamp INT NOT NULL, " + "ttl_seconds INT NOT NULL)"; + + ret = sqlite3_exec(cache_table, create_main_table, NULL, NULL, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to create table 'main_table'"); + return; + } + + const char *create_categories_table = + "CREATE TABLE IF NOT EXISTS categories_table(" + "domain TEXT NOT NULL, " + "certain_category TEXT NOT NULL, " + "PRIMARY KEY (domain, certain_category), " + "FOREIGN KEY (domain) REFERENCES main_table(domain))"; + + ret = sqlite3_exec(cache_table, create_categories_table, NULL, NULL, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to create table 'categories_table'"); + return; + } + + ret = + sqlite3_exec(cache_table, "PRAGMA foreign_keys = ON;", NULL, NULL, NULL); + if (ret != SQLITE_OK) { + LOG_ERROR("Failed to include foreign_keys"); + } +} void init_dns_cache(void) { if (dns_hash) @@ -15,11 +384,23 @@ void init_dns_cache(void) { dns_hash = rte_hash_create(&hash_params); if (!dns_hash) { - printf("[ERROR] Failed to create DNS cache hash table\n"); + LOG_ERROR("Failed to create DNS cache hash table"); + return; } + + init_tables_sqlite_dns_cache(); + + load_cache_from_sqlite(); + + rte_timer_init(&cache_save_timer); + save_interval_cycles = rte_get_timer_hz() * 3600; + + rte_timer_reset(&cache_save_timer, save_interval_cycles, PERIODICAL, + rte_lcore_id(), cache_save_timer_cb, NULL); } int lookup_dns_cache(const char *domain, struct node_cache **return_node) { + rte_spinlock_lock(&cache_spinlock); int ret = rte_hash_lookup_data(dns_hash, domain, (void **)return_node); if (ret >= 0 && *return_node) { @@ -31,23 +412,26 @@ int lookup_dns_cache(const char *domain, struct node_cache **return_node) { int ret_del = rte_hash_del_key(dns_hash, domain); if (ret_del < 0) { - printf("[ERROR] Failed to deleting an obsolete hashtable value\n"); + LOG_ERROR("Failed to deleting an obsolete hashtable value"); + rte_spinlock_unlock(&cache_spinlock); return -ENOENT; } rte_free((*return_node)->key_domain); rte_free(*return_node); *return_node = NULL; + rte_spinlock_unlock(&cache_spinlock); return -ENOENT; } } + rte_spinlock_unlock(&cache_spinlock); return ret; } void add_to_dns_cache(const char *domain, struct node_cache *node) { char *key_copy = rte_malloc("dns_key(domain)", DOMAIN_MAX_LEN, 0); if (!key_copy) { - printf("[ERROR] Failed to allocate memory for key cache\n"); + LOG_ERROR("Failed to allocate memory for key cache"); rte_free(node); return; } @@ -57,9 +441,12 @@ void add_to_dns_cache(const char *domain, struct node_cache *node) { node->ttl_seconds = DNS_CACHE_DEFAULT_TTL; node->key_domain = key_copy; + rte_spinlock_lock(&cache_spinlock); int ret = rte_hash_add_key_data(dns_hash, key_copy, node); + rte_spinlock_unlock(&cache_spinlock); + if (ret) { - printf("[ERROR] Failed to add key data in hash table\n"); + LOG_ERROR("Failed to add key data in hash table"); rte_free(key_copy); rte_free(node); } @@ -72,7 +459,7 @@ void free_dns_cache(void) { uint32_t next = 0; const void *key; void *data; - + rte_spinlock_lock(&cache_spinlock); while (rte_hash_iterate(dns_hash, &key, &data, &next) >= 0) { if (data) { @@ -85,5 +472,13 @@ void free_dns_cache(void) { } rte_hash_free(dns_hash); + + close_sqlite_cache(); dns_hash = NULL; -} \ No newline at end of file + + rte_spinlock_unlock(&cache_spinlock); + int ret = rte_timer_stop(&cache_save_timer); + if (!ret) { + LOG_ERROR("Failed to stopping timer"); + } +} diff --git a/worker/src/dpdk_filter/filtr_packets.c b/worker/src/dpdk_filter/filtr_packets.c index a6aeadd..b856e9c 100644 --- a/worker/src/dpdk_filter/filtr_packets.c +++ b/worker/src/dpdk_filter/filtr_packets.c @@ -1,7 +1,8 @@ -#include "../../include/dpdk_filter/filtr_packets.h" -#include "../../include/dpdk_filter/pars_packets.h" +#include "filtr_packets.h" +#include "pars_packets.h" -bool check_is_block(char domain[DOMAIN_MAX_LEN], char block_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]) { +bool check_is_block(char domain[DOMAIN_MAX_LEN], + char block_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]) { for (int i = 0; i < MAX_DOMAINS; i++) { if (strcmp(block_domains[i], domain) == 0) { @@ -12,7 +13,8 @@ bool check_is_block(char domain[DOMAIN_MAX_LEN], char block_domains[MAX_DOMAINS] return false; } -bool check_is_allow(char domain[DOMAIN_MAX_LEN], char allow_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]) { +bool check_is_allow(char domain[DOMAIN_MAX_LEN], + char allow_domains[MAX_DOMAINS][DOMAIN_MAX_LEN]) { for (int i = 0; i < MAX_DOMAINS; i++) { if (strcmp(allow_domains[i], domain) == 0) { @@ -32,57 +34,68 @@ bool check_trust_level(int get_trust_level, int min_trust_level) { return true; } -bool check_categories(char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN], char locked_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]) { - +bool check_categories( + char get_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN], + char locked_categories[MAX_CATEGORIES][CATEGORY_MAX_LEN]) { + for (int i = 0; i < MAX_CATEGORIES; i++) { for (int j = 0; j < MAX_CATEGORIES; j++) { if (strcmp(get_categories[i], locked_categories[j]) == 0) { return false; } } - } + } return true; } - -bool check_categories_with_lvl(struct requested_classification* req_clas, struct trust_categories_with_lvl categories_with_lvl[MAX_CATEGORIES_BY_TRUST_LVL]) { +bool check_categories_with_lvl( + struct requested_classification *req_clas, + struct trust_categories_with_lvl + categories_with_lvl[MAX_CATEGORIES_BY_TRUST_LVL]) { for (int i = 0; i < MAX_CATEGORIES; i++) { for (int j = 0; j < MAX_CATEGORIES; j++) { - if (strcmp(req_clas->get_categories[j], categories_with_lvl[i].locked_by_trust_category) == 0 && req_clas->get_trust_level < categories_with_lvl[i].trust_lvl) { - return false; + if (strcmp(req_clas->get_categories[j], + categories_with_lvl[i].locked_by_trust_category) == 0 && + req_clas->get_trust_level < categories_with_lvl[i].trust_lvl) { + return false; } - } - } + } + } return true; } -bool main_filtring(struct requested_classification* req_clas, struct BASE_POLICY* policy, char domain[DOMAIN_MAX_LEN]) { +bool main_filtring(struct requested_classification *req_clas, + struct BASE_POLICY *policy, char domain[DOMAIN_MAX_LEN]) { if (check_is_block(domain, policy->block_domains) == true) { - printf("This domain is blocked"); + LOG_INFO("This domain is blocked"); return false; } if (check_is_allow(domain, policy->allow_domains) == true) { - printf("This domain is allowed"); + LOG_INFO("This domain is allowed"); return true; } - if (check_categories(req_clas->get_categories, policy->locked_categories) == false) { - printf("This site has a locked category"); + if (check_categories(req_clas->get_categories, policy->locked_categories) == + false) { + LOG_INFO("This site has a locked category"); return false; } - if (check_trust_level(req_clas->get_trust_level, policy->min_trust_level) == false) { - printf("This site has a too small trust level"); + if (check_trust_level(req_clas->get_trust_level, policy->min_trust_level) == + false) { + LOG_INFO("This site has a too small trust level"); return false; } - if (check_categories_with_lvl(req_clas, policy->categories_with_lvl) == false) { - printf("This site blocked in accordance with 'trust categories with level'"); + if (check_categories_with_lvl(req_clas, policy->categories_with_lvl) == + false) { + LOG_INFO( + "This site blocked in accordance with 'trust categories with level'"); return false; } diff --git a/worker/src/dpdk_filter/main.c b/worker/src/dpdk_filter/main.c index 6da81a8..bfe7dfb 100644 --- a/worker/src/dpdk_filter/main.c +++ b/worker/src/dpdk_filter/main.c @@ -1,6 +1,6 @@ -#include "../../include/dpdk_filter/net_port.h" -#include "../../include/dpdk_filter/dns_cache.h" -#include "../../include/dpdk_filter/proc_packets.h" +#include "dns_cache.h" +#include "net_port.h" +#include "proc_packets.h" #include #include #include @@ -13,38 +13,39 @@ static volatile int running = 1; static void signal_handler(int signum) { if (signum == SIGINT || signum == SIGTERM) { - printf("\n Signal %d received, shutting down.\n", signum); + LOG_INFO("\n Signal %d received, shutting down.", signum); running = 0; } } -void forward_tap_to_out(struct net_port *port_exception, struct net_port *port_in, uint16_t queue_number) { - struct rte_mbuf *tap_pkts[32]; - uint16_t nb_tap = rte_eth_rx_burst(port_exception->port_id, queue_number, tap_pkts, 32); - for (int i = 0; i < nb_tap; i++) { - int ret = rte_eth_tx_burst(port_in->port_id, queue_number, &tap_pkts[i], 1); - if (ret < 1) { - printf("[ERROR] Failed to send packet\n"); - // PLUG (to be added later) - need to add processing for this case - rte_pktmbuf_free(tap_pkts[i]); - } +void forward_to_out(struct net_port *incoming_port, + struct net_port *outgoing_port, uint16_t queue_number) { + struct rte_mbuf *tap_pkts[32]; + uint16_t nb_tap = + rte_eth_rx_burst(incoming_port->port_id, queue_number, tap_pkts, 32); + for (int i = 0; i < nb_tap; i++) { + int ret = + rte_eth_tx_burst(outgoing_port->port_id, queue_number, &tap_pkts[i], 1); + if (ret < 1) { + LOG_ERROR("Failed to send packet"); + // PLUG (to be added later) - need to add processing for this case + rte_pktmbuf_free(tap_pkts[i]); } + } } int main(int argc, char **argv) { - //since BASE_POLICY is filled when initializing worker, let’s initialize here + // since BASE_POLICY is filled when initializing worker, let’s initialize here struct BASE_POLICY policy; if (signal(SIGINT, signal_handler) == SIG_ERR) { - printf("[ERROR] Failed to set SIGINT handler\n"); + LOG_ERROR("Failed to set SIGINT handler"); return 1; } if (signal(SIGTERM, signal_handler) == SIG_ERR) { - printf("[ERROR] Failed to set SIGTERM handler\n"); + LOG_ERROR("Failed to set SIGTERM handler"); return 1; } - - struct net_port *port_in = NULL; struct net_port *port_out = NULL; struct net_port *port_exception = NULL; @@ -58,7 +59,7 @@ int main(int argc, char **argv) { int ret = rte_eal_init(argc, argv); if (ret < 0) { - printf("[ERROR] EAL init failed: %s\n", rte_strerror(rte_errno)); + LOG_ERROR("EAL init failed: %s", rte_strerror(rte_errno)); return 1; } @@ -66,54 +67,58 @@ int main(int argc, char **argv) { "POOL", mbuf_quantity_in_pool, cache_size_per_kernel, priv_size, RTE_MBUF_DEFAULT_BUF_SIZE, rte_socket_id()); if (!mbuf_pool) { - printf("[ERROR] Failed to create mbuf pool: %s\n", rte_strerror(rte_errno)); + LOG_ERROR("Failed to create mbuf pool: %s", rte_strerror(rte_errno)); return -1; } init_dns_cache(); #ifdef VIRT_PORTS - printf("Using virtual ports: veth0/veth1\n"); + LOG_INFO("Using virtual ports: veth0/veth1"); port_in = init_struct_af_xdp_port("veth0", mbuf_pool); port_out = init_struct_af_xdp_port("veth1", mbuf_pool); #else - printf("Using real ports: eth0/eth1\n"); + LOG_INFO("Using real ports: eth0/eth1"); port_in = init_struct_af_xdp_port("eth0", mbuf_pool); port_out = init_struct_af_xdp_port("eth1", mbuf_pool); #endif port_exception = init_struct_tap_port("tap0", mbuf_pool); - if (!port_in || !port_out || !port_exception) { return 1; } - if (net_port_init(port_in) || net_port_init(port_out) || net_port_init(port_exception)) { + if (net_port_init(port_in) || net_port_init(port_out) || + net_port_init(port_exception)) { return 1; } - if (net_port_start(port_in->port_id) || - net_port_start(port_out->port_id) || + if (net_port_start(port_in->port_id) || net_port_start(port_out->port_id) || net_port_start(port_exception->port_id)) { return 1; } - ret = system("sudo ip link set tap0 up && " - "sudo ip addr add 10.0.3.1/24 dev tap0"); - if(ret) { - printf("[ERROR] Failed to set tap0 up\n"); - } + LOG_INFO( + "An endless cycle has been started. Packets pass from port with id=%u " + "to port with id=%u", + port_in->port_id, port_out->port_id); - printf("An endless cycle has been started. Packets pass from port with id=%u " - "to port with id=%u\n", - port_in->port_id, port_out->port_id); + uint64_t timer_check_counter = 0; + const uint64_t timer_check_interval = 10000; while (running) { - forward_tap_to_out(port_exception, port_in, queue_number); - pakage_processing(port_in, port_out, port_exception, queue_number, nb_pkts, pkts, &policy); + forward_to_out(port_exception, port_in, queue_number); + pakage_processing(port_in, port_out, port_exception, queue_number, nb_pkts, + pkts, &policy); + forward_to_out(port_out, port_in, queue_number); + + if (++timer_check_counter >= timer_check_interval) { + rte_timer_manage(); + timer_check_counter = 0; + } } - // function for save cache info if need + save_all_cache_to_sqlite(NULL); free_dns_cache(); net_port_close(port_in); diff --git a/worker/src/dpdk_filter/net_port.c b/worker/src/dpdk_filter/net_port.c index 92eeca4..21390ed 100644 --- a/worker/src/dpdk_filter/net_port.c +++ b/worker/src/dpdk_filter/net_port.c @@ -11,7 +11,7 @@ #include #include -#include "../../include/dpdk_filter/net_port.h" +#include "net_port.h" #define RX_RING_SIZE 1024 #define TX_RING_SIZE 1024 @@ -25,9 +25,9 @@ int find_port_by_dev_name(const char *dev_name, uint16_t *port_id_dev) { int ret = rte_eth_dev_info_get(port_id, &dev_info); if (ret) { - printf("[ERROR] Failed to retrieve the contextual information of an " - "Ethernet device: %s\n", - strerror(-ret)); + LOG_ERROR("Failed to retrieve the contextual information of an " + "Ethernet device: %s", + strerror(-ret)); return ret; } @@ -41,16 +41,18 @@ int find_port_by_dev_name(const char *dev_name, uint16_t *port_id_dev) { } struct net_port *init_struct_tap_port(const char *tap_iface_name, - struct rte_mempool *mbuf_pool) { + struct rte_mempool *mbuf_pool) { struct net_port *port = calloc(1, sizeof(struct net_port)); - if (!port) { - printf("[ERROR] Failed to allocate memory for struct net_port\n"); + if (!port) { + LOG_ERROR("Failed to allocate memory for struct net_port"); return NULL; } - snprintf(port->dev_args, sizeof(port->dev_args),"iface=%s", tap_iface_name); - snprintf(port->dev_name, sizeof(port->dev_name), "net_tap_%s", tap_iface_name); + snprintf(port->dev_args, sizeof(port->dev_args), "iface=%s, remote=%s", + tap_iface_name, tap_iface_name); + snprintf(port->dev_name, sizeof(port->dev_name), "net_tap_%s", + tap_iface_name); strncpy(port->iface_name, tap_iface_name, sizeof(port->iface_name) - 1); port->iface_name[sizeof(port->iface_name) - 1] = '\0'; port->mbuf_pool = mbuf_pool; @@ -59,12 +61,11 @@ struct net_port *init_struct_tap_port(const char *tap_iface_name, return port; } - struct net_port *init_struct_af_xdp_port(const char *iface_name, - struct rte_mempool *mbuf_pool) { + struct rte_mempool *mbuf_pool) { struct net_port *port = calloc(1, sizeof(struct net_port)); if (!port) { - printf("[ERROR] Failed to allocate memory for struct net_port\n"); + LOG_ERROR("Failed to allocate memory for struct net_port"); return NULL; } @@ -88,14 +89,14 @@ int net_port_init(struct net_port *port) { ret = rte_vdev_init(dev_name, port->dev_args); if (ret < 0) { - printf("[ERROR] Failed to create vdev: %s\n", strerror(-ret)); + LOG_ERROR("Failed to create vdev: %s", strerror(-ret)); return ret; } ret = find_port_by_dev_name(port->dev_name, &port_id); if (ret) { - printf("no port was found that has the same vdev name. vdev = %s", - port->dev_name); + LOG_INFO("no port was found that has the same vdev name. vdev = %s", + port->dev_name); rte_vdev_uninit(dev_name); return -1; } @@ -103,14 +104,14 @@ int net_port_init(struct net_port *port) { port->port_id = port_id; if (!rte_eth_dev_is_valid_port(port_id)) { - printf("[ERROR] Port %u is not valid\n", port_id); + LOG_ERROR("Port %u is not valid", port_id); rte_vdev_uninit(dev_name); return -EINVAL; } ret = rte_eth_dev_configure(port_id, 1, 1, &port_conf); if (ret < 0) { - printf("[ERROR] Failed to configure port: %s\n", strerror(-ret)); + LOG_ERROR("Failed to configure port: %s", strerror(-ret)); rte_vdev_uninit(dev_name); return ret; } @@ -119,7 +120,7 @@ int net_port_init(struct net_port *port) { rte_eth_dev_socket_id(port_id), NULL, port->mbuf_pool); if (ret < 0) { - printf("[ERROR] Failed to setup RX queue: %s\n", strerror(-ret)); + LOG_ERROR("Failed to setup RX queue: %s", strerror(-ret)); rte_vdev_uninit(dev_name); return ret; } @@ -128,12 +129,12 @@ int net_port_init(struct net_port *port) { rte_eth_dev_socket_id(port_id), NULL); if (ret < 0) { - printf("[ERROR] Failed to setup TX queue: %s\n", strerror(-ret)); + LOG_ERROR("Failed to setup TX queue: %s", strerror(-ret)); rte_vdev_uninit(dev_name); return ret; } - printf("Port %u initialized\n", port_id); + LOG_INFO("Port %u initialized", port_id); return 0; } @@ -142,19 +143,19 @@ int net_port_start(uint16_t port_id) { ret = rte_eth_dev_start(port_id); if (ret < 0) { - printf("[ERROR] Failed to start: %s\n", strerror(-ret)); + LOG_ERROR("Failed to start: %s", strerror(-ret)); return ret; } ret = rte_eth_promiscuous_enable(port_id); if (ret) { - printf("[ERROR] Failed to enable receipt in promiscuous mode for an " - "Ethernet device: %s\n", - strerror(-ret)); + LOG_ERROR("Failed to enable receipt in promiscuous mode for an " + "Ethernet device: %s", + strerror(-ret)); return ret; } - printf("Port %u started\n", port_id); + LOG_INFO("Port %u started", port_id); return 0; } @@ -174,23 +175,22 @@ void net_port_close(struct net_port *port) { ret = rte_eth_dev_stop(port_id); if (ret) { - printf("[ERROR] Failed to stop an Ethernet device: %s\n", strerror(-ret)); + LOG_ERROR("Failed to stop an Ethernet device: %s", strerror(-ret)); return; } ret = rte_eth_dev_close(port_id); if (ret) { - printf("[ERROR] Failed to close a stopped Ethernet device: %s\n", - strerror(-ret)); + LOG_ERROR("Failed to close a stopped Ethernet device: %s", strerror(-ret)); return; } ret = rte_vdev_uninit(port->dev_name); if (ret) { - printf("[ERROR] Failed to uninitialize a driver: %s\n", strerror(-ret)); + LOG_ERROR("Failed to uninitialize a driver: %s", strerror(-ret)); return; } port->port_id = -1; - printf("Port %u closed\n", port_id); + LOG_INFO("Port %u closed", port_id); } \ No newline at end of file diff --git a/worker/src/dpdk_filter/pars_packets.c b/worker/src/dpdk_filter/pars_packets.c index ea59e2d..30a1ed8 100644 --- a/worker/src/dpdk_filter/pars_packets.c +++ b/worker/src/dpdk_filter/pars_packets.c @@ -1,4 +1,4 @@ -#include "../../include/dpdk_filter/pars_packets.h" +#include "pars_packets.h" #include #include #include @@ -13,7 +13,7 @@ void parsing_pakage(struct rte_mbuf *packet, struct info_of_pakage *info_pac) { uint32_t pkt_type = rte_net_get_ptype(packet, &hdr_lens, RTE_PTYPE_ALL_MASK); if (pkt_type == RTE_PTYPE_UNKNOWN) { - printf("[ERROR PARS] Problem with get lens of headers"); + LOG_ERROR(" PARS] Problem with get lens of headers"); return; } diff --git a/worker/src/dpdk_filter/proc_packets.c b/worker/src/dpdk_filter/proc_packets.c index 6527fa2..95b025b 100644 --- a/worker/src/dpdk_filter/proc_packets.c +++ b/worker/src/dpdk_filter/proc_packets.c @@ -1,5 +1,5 @@ -#include "../../include/dpdk_filter/proc_packets.h" -#include "../../include/dpdk_filter/dns_cache.h" +#include "proc_packets.h" +#include "dns_cache.h" const uint16_t LIST_EXCEPTION_PORTS[LEN_LIST_EXCEPTION_PORTS] = {22}; @@ -11,7 +11,7 @@ void package_sending_decision(bool solution_is_send, struct rte_mbuf *pkt, uint16_t ret = rte_eth_tx_burst(port_out->port_id, queue_number, tx_pkt, 1); if (ret < 1) { - printf("[ERROR] Failed to send packet\n"); + LOG_ERROR("Failed to send packet"); // PLUG (to be added later) - need to add processing for this case rte_pktmbuf_free(pkt); } @@ -20,7 +20,6 @@ void package_sending_decision(bool solution_is_send, struct rte_mbuf *pkt, rte_pktmbuf_free(pkt); } - bool check_is_exception(uint16_t number_port) { for (int i = 0; i < LEN_LIST_EXCEPTION_PORTS; i++) { if (number_port == LIST_EXCEPTION_PORTS[i]) { @@ -30,10 +29,10 @@ bool check_is_exception(uint16_t number_port) { return false; } - -void pakage_processing(struct net_port *port_in, - struct net_port *port_out, struct net_port *port_exception, uint16_t queue_number, - uint16_t nb_pkts, struct rte_mbuf **pkts, struct BASE_POLICY* policy) { +void pakage_processing(struct net_port *port_in, struct net_port *port_out, + struct net_port *port_exception, uint16_t queue_number, + uint16_t nb_pkts, struct rte_mbuf **pkts, + struct BASE_POLICY *policy) { uint16_t nb_rx = rte_eth_rx_burst(port_in->port_id, queue_number, pkts, nb_pkts); @@ -45,12 +44,12 @@ void pakage_processing(struct net_port *port_in, parsing_pakage(pkts[i], &info_pac); if (info_pac.domain[0] == '\0') { - printf("[INFO] Packet without dns request\n"); + LOG_INFO("Packet without dns request"); package_sending_decision(true, pkts[i], port_out, queue_number); continue; } - if(check_is_exception(info_pac.number_port) == true) { + if (check_is_exception(info_pac.number_port) == true) { package_sending_decision(true, pkts[i], port_exception, queue_number); continue; } @@ -75,15 +74,15 @@ void pakage_processing(struct net_port *port_in, rte_calloc("struct_node_cache", 1, sizeof(struct node_cache), RTE_CACHE_LINE_SIZE); if (!new_node) { - printf("[ERROR] Failed to allocate memory for struct node_cache\n"); + LOG_ERROR("Failed to allocate memory for struct node_cache"); continue; } new_node->solution_is_send = solution_is_send; // NEED TO FILL THE STRUCTURE WITH CATEGORIES add_to_dns_cache(info_pac.domain, new_node); } else { - printf( - "[ERROR] Failed to search a key-value pair in the hash table: %s\n", + LOG_ERROR( + "[ERROR] Failed to search a key-value pair in the hash table: %s", strerror(-ret)); } }