Difuse/Mellaris
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7a3f6e945d6e46380824ca5d95db25aecd758895
Mellaris/ruleset/interface.go
T
hayzam 7a3f6e945d Improves flow handling and adds runtime stats APIs 
Refactors TCP and UDP flow managers to enhance analyzer selection and flow binding accuracy, including O(1) UDP stream rebinding by 5-tuple.
Introduces runtime stats tracking for engine and ruleset operations, exposing new APIs for granular performance and error metrics.
Optimizes GeoMatcher with result caching and supports efficient geosite set matching, reducing redundant computation in ruleset expressions.
2026-05-13 06:10:38 +05:30

133 lines
3.1 KiB
Go
Raw Blame History

package ruleset
import (
"context"
"net"
"strconv"
"sync/atomic"
"git.difuse.io/Difuse/Mellaris/analyzer"
"git.difuse.io/Difuse/Mellaris/modifier"
)
type Action int
const (
// ActionMaybe indicates that the ruleset hasn't seen anything worth blocking based on
// current information, but that may change if volatile fields change in the future.
ActionMaybe Action = iota
// ActionAllow indicates that the stream should be allowed regardless of future changes.
ActionAllow
// ActionBlock indicates that the stream should be blocked.
ActionBlock
// ActionDrop indicates that the current packet should be dropped,
// but the stream should be allowed to continue.
// Only valid for UDP streams. Equivalent to ActionBlock for TCP streams.
ActionDrop
// ActionModify indicates that the current packet should be modified,
// and the stream should be allowed to continue.
// Only valid for UDP streams. Equivalent to ActionMaybe for TCP streams.
ActionModify
)
func (a Action) String() string {
switch a {
case ActionMaybe:
return "maybe"
case ActionAllow:
return "allow"
case ActionBlock:
return "block"
case ActionDrop:
return "drop"
case ActionModify:
return "modify"
default:
return "unknown"
}
}
type Protocol int
func (p Protocol) String() string {
switch p {
case ProtocolTCP:
return "tcp"
case ProtocolUDP:
return "udp"
default:
return "unknown"
}
}
const (
ProtocolTCP Protocol = iota
ProtocolUDP
)
type StreamInfo struct {
ID int64
Protocol Protocol
SrcMAC, DstMAC net.HardwareAddr
SrcIP, DstIP net.IP
SrcPort, DstPort uint16
Props analyzer.CombinedPropMap
}
func (i StreamInfo) SrcString() string {
return net.JoinHostPort(i.SrcIP.String(), strconv.Itoa(int(i.SrcPort)))
}
func (i StreamInfo) DstString() string {
return net.JoinHostPort(i.DstIP.String(), strconv.Itoa(int(i.DstPort)))
}
type MatchResult struct {
Action Action
ModInstance modifier.Instance
}
type Ruleset interface {
// Analyzers returns the list of analyzers to use for a stream.
// It must be safe for concurrent use by multiple workers.
Analyzers(StreamInfo) []analyzer.Analyzer
// Match matches a stream against the ruleset and returns the result.
// It must be safe for concurrent use by multiple workers.
Match(StreamInfo) MatchResult
}
type Stats struct {
MatchCalls uint64
MatchErrors uint64
MatchLatencyNanos uint64
LookupCalls uint64
LookupErrors uint64
LookupLatencyNanos uint64
}
type statsCounters struct {
MatchCalls atomic.Uint64
MatchErrors atomic.Uint64
MatchLatencyNanos atomic.Uint64
LookupCalls atomic.Uint64
LookupErrors atomic.Uint64
LookupLatencyNanos atomic.Uint64
}
type StatsProvider interface {
Stats() Stats
}
// Logger is the logging interface for the ruleset.
type Logger interface {
Log(info StreamInfo, name string)
MatchError(info StreamInfo, name string, err error)
}
type BuiltinConfig struct {
Logger Logger
GeoSiteFilename string
GeoIpFilename string
ProtectedDialContext func(ctx context.Context, network, address string) (net.Conn, error)
}
Reference in New Issue View Git Blame Copy Permalink