probe_main.h

LInux BootLoader的说明文档

#ifndef  PROBE_MAIN_H
#define  PROBE_MAIN_H

#include<stdlib.h>
#include<stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <pthread.h>
#include <sys/wait.h>
#include "pcap.h"
#include "mprobe_pbuffer.h"
#include "kfifo.h"
#include "packet.h"

typedef unsigned char u_int8_t;
typedef unsigned short u_int16_t;
typedef unsigned int u_int32_t;

#define UDP 0
#define TCP 1

#define BYTE 1
#define KB 1024*BYTE
#define MB 1024*KB

#define UNCONFIRM 0
#define CONFIRM 1

#define NEEDED 1
#define UNNEEDED -1

#define MAX_COMPARE 50


typedef struct  _probe_infor_
{
	u_int8_t	read_file_flag;
	u_int8_t	data_rule_port[8];		/* 接受规则连的端口 */
	u_int8_t	data_report_port[8];	/* 发送报警端口 */
	u_int8_t	file_report_port[8];	/* 发送文件端口 */
	
	u_int8_t	buf_size[8];
	u_int8_t	device[16];				/* 抓包网口 */
	u_int8_t	communicate[16];		/* 通信口 */
	u_int8_t	data_cnt_ip[16];		/* 数据中心IP */
	u_int8_t	username[32];
	u_int8_t	password[32];
	u_int8_t	probe_id[32];			/* 探针ID */
	u_int8_t	version[128];		/* 版本 */

	u_int8_t	cap_file_name[128];	
}probe_infor_t ;



typedef struct _connect_node_head_
{
	struct _connect_node_t_ *first;
	struct _connect_node_t_ *tail;
}connect_node_head;


typedef struct _connect_node_t_
{
	u_int8_t   consult;  /* whether confirm node*/
	u_int8_t   protocol;
	u_int8_t   state;
	u_int8_t   counter;
	
	u_int8_t flag1;
	u_int8_t flag2;
	u_int8_t flag3;
	u_int8_t flag4;
	
	u_int16_t sport;
	u_int16_t dport;
	u_int32_t sip;
	u_int32_t dip;
	
	void * memory;
	void * consult_pt;

	struct _connect_node_t_ *next;
	struct _connect_node_t_ *prev;
}connect_node;


typedef  struct  _port_t_
{
	struct  _port_t_ *next;
	struct kfifo * fifo;
}port_t ;

typedef struct  _port_array_
{
	struct _port_t_ * headt;
	struct _port_t_ * tailt;
	struct _port_t_ * headu;
	struct _port_t_ * tailu;
}port_array_t;



typedef struct _probe_all_t_
{
	struct _pthread_infor_ **pthread;
	struct _port_array_ *  port;
}probe_all_t;


typedef struct _func_t_
{
	void	   *(*init)();
	u_int32_t  (*judge)(
					void *pthread, 
					void *module_pt, 
					connect_node *node, 
					packet_t *packet,
					u_int16_t	direct 
					);
	u_int32_t  (*audit_packet)(
					void	 *pthread,
					void	 *module_pt,       	
					connect_node *node,   
					packet_t  *packet,   
					u_int16_t		direct
					);
	u_int32_t  (*consult_audit_packet)(
					void	 *pthread,  
					void	 *module_pt,     
					connect_node	*node,           
					packet_t *packet,  
					u_int16_t		direct   
				       );
	u_int32_t  (*connect_destroy)(
					void	 *pthread,  
					void	 *module_pt,     
					connect_node	*node         
					);
	u_int32_t  (*consult_connect_destroy)(
					void	 *pthread,  
					void	 *module_pt,     
					connect_node	*node         
					);
}func_t;


typedef struct _pthread_infor_
{
	pcap_t *pd;
	pthread_t tid;
	pthread_mutex_t  * confirm_mutex;
	pthread_cond_t cond;
	u_int8_t    confirm;			/*该模块是否需要协商*/
	u_int16_t  port[2][16];                   /*该模块需要所有的端口,一行填端口号，一行填是否是tcp,是则是1，不是则是零*/
	u_int8_t    name[16];
	struct kfifo * fifo;
	func_t   functions;       /*函数指针*/
}pthread_infor_t ;

#endif