From edf55b553c05cb60a407f0ed775f6e5627ff829a Mon Sep 17 00:00:00 2001 From: nik012003 Date: Sun, 26 Jun 2022 12:15:17 +0200 Subject: [PATCH] Fixed multi_threading --- Dockerfile | 5 +++- backend/proxy/__init__.py | 2 +- backend/proxy/proxy.cpp | 61 ++++++++++++++++++++++++--------------- backend/proxy/test | 47 ++++++++++++++++++++++++++++++ start.py | 11 +++++-- 5 files changed, 98 insertions(+), 28 deletions(-) create mode 100644 backend/proxy/test diff --git a/Dockerfile b/Dockerfile index e838872..90342c1 100755 --- a/Dockerfile +++ b/Dockerfile @@ -14,7 +14,10 @@ ADD ./backend/requirements.txt /execute/requirements.txt RUN pip install --no-cache-dir -r /execute/requirements.txt COPY ./backend/ /execute/ -RUN c++ -O3 -o proxy/proxy proxy/proxy.cpp -pthread -lboost_system -lboost_thread + +ARG GCC_PARAMS +RUN c++ -O3 $GCC_PARAMS -o proxy/proxy proxy/proxy.cpp -pthread -lboost_system -lboost_thread + COPY ./config/supervisord.conf /etc/supervisor/supervisord.conf COPY ./config/nginx.conf /tmp/nginx.conf COPY ./config/start_nginx.sh /tmp/start_nginx.sh diff --git a/backend/proxy/__init__.py b/backend/proxy/__init__.py index e3733c3..22f3126 100755 --- a/backend/proxy/__init__.py +++ b/backend/proxy/__init__.py @@ -52,7 +52,7 @@ class Proxy: self.__write_config(filters_codes) self.process = subprocess.Popen( - [proxy_binary_path, str(self.public_host), str(self.public_port), str(self.internal_host), str(self.internal_port), self.config_file_path], + [ proxy_binary_path, str(self.public_host), str(self.public_port), str(self.internal_host), str(self.internal_port), self.config_file_path], stdout=subprocess.PIPE, universal_newlines=True ) for stdout_line in iter(self.process.stdout.readline, ""): diff --git a/backend/proxy/proxy.cpp b/backend/proxy/proxy.cpp index 370dd1d..4ccc02a 100644 --- a/backend/proxy/proxy.cpp +++ b/backend/proxy/proxy.cpp @@ -14,6 +14,7 @@ #include #include +//#define MULTI_THREAD //#define DEBUG //#define DEBUG_PACKET @@ -21,23 +22,20 @@ using namespace std; boost::asio::io_service *ios_loop = nullptr; -int to_int(int c) { - if (not isxdigit(c)) return -1; // error: non-hexadecimal digit found - if (isdigit(c)) return c - '0'; - if (isupper(c)) c = tolower(c); - return c - 'a' + 10; -} - -template int -unhexlify(InputIterator first, InputIterator last, OutputIterator ascii) { - while (first != last) { - int top = to_int(*first++); - int bot = to_int(*first++); - if (top == -1 or bot == -1) - return -1; // error - *ascii++ = (top << 4) + bot; - } - return 0; +bool unhexlify(string const &hex, string &newString) { + try{ + int len = hex.length(); + for(int i=0; i< len; i+=2) + { + std::string byte = hex.substr(i,2); + char chr = (char) (int)strtol(byte.c_str(), NULL, 16); + newString.push_back(chr); + } + return true; + } + catch (...){ + return false; + } } struct regex_rules{ vector> regex_s_c_w, regex_c_s_w, regex_s_c_b, regex_c_s_b; @@ -46,6 +44,9 @@ shared_ptr regex_config; const char* config_file; mutex update_mutex; +#ifdef MULTI_THREAD +mutex stdout_mutex; +#endif bool filter_data(unsigned char* data, const size_t& bytes_transferred, vector> const &blacklist, vector> const &whitelist){ #ifdef DEBUG_PACKET @@ -58,6 +59,9 @@ bool filter_data(unsigned char* data, const size_t& bytes_transferred, vector ele:blacklist){ try{ if(regex_search(reinterpret_cast(data), reinterpret_cast(data)+bytes_transferred, ele.second)){ + #ifdef MULTI_THREAD + std::unique_lock lck(stdout_mutex); + #endif cout << "BLOCKED " << ele.first << endl; return false; } @@ -68,6 +72,9 @@ bool filter_data(unsigned char* data, const size_t& bytes_transferred, vector ele:whitelist){ try{ if(!regex_search(reinterpret_cast(data),reinterpret_cast(data)+bytes_transferred, ele.second)){ + #ifdef MULTI_THREAD + std::unique_lock lck(stdout_mutex); + #endif cout << "BLOCKED " << ele.first << endl; return false; } @@ -178,6 +185,7 @@ namespace tcp_proxy { if (!error) { + upstream_socket_.async_read_some( boost::asio::buffer(upstream_data_,max_data_length), boost::bind(&bridge::handle_upstream_read, @@ -257,7 +265,6 @@ namespace tcp_proxy unsigned char upstream_data_ [max_data_length]; boost::mutex mutex_; - public: class acceptor @@ -326,18 +333,21 @@ namespace tcp_proxy void push_regex(char* arg, bool case_sensitive, vector> &v){ size_t expr_len = (strlen(arg)-2)/2; - char expr[expr_len]; - unhexlify(arg+2, arg+strlen(arg)-1, expr); - string expr_str(expr, expr_len); + string hex(arg+2); + string expr; + if (!unhexlify(hex, expr)){ + cerr << "Regex " << arg << " was not unhexlified successfully" << endl; + return; + } try{ if (case_sensitive){ - regex regex(expr_str); + regex regex(expr); #ifdef DEBUG cerr << "Added case sensitive regex " << expr_str << endl; #endif v.push_back(make_pair(string(arg), regex)); } else { - regex regex(expr_str,regex_constants::icase); + regex regex(expr,regex_constants::icase); #ifdef DEBUG cerr << "Added case insensitive regex " << expr_str << endl; #endif @@ -447,12 +457,15 @@ int main(int argc, char* argv[]) forward_host, forward_port); acceptor.accept_connections(); - + #ifdef MULTI_THREAD boost::thread_group tg; for (unsigned i = 0; i < thread::hardware_concurrency(); ++i) tg.create_thread(boost::bind(&boost::asio::io_service::run, &ios)); tg.join_all(); + #else + ios.run(); + #endif } catch(exception& e) { diff --git a/backend/proxy/test b/backend/proxy/test new file mode 100644 index 0000000..fcbff50 --- /dev/null +++ b/backend/proxy/test @@ -0,0 +1,47 @@ + +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A +1C5B302D395D7B31307D5B412D5A5D7B337D204C4F5B4C5D2A diff --git a/start.py b/start.py index 987884d..30ecd53 100755 --- a/start.py +++ b/start.py @@ -22,6 +22,7 @@ def sep(): puts("-----------------------------------", is_bold=True) parser = argparse.ArgumentParser() parser.add_argument('--port', "-p", type=int, required=False, help='Port where open the web service of the firewall', default=4444) parser.add_argument('--no-autostart', "-n", required=False, action="store_true", help='Auto-execute "docker-compose up -d --build"', default=False) +parser.add_argument('--single-thread', "-s", required=False, action="store_true", help='Disable multi-threaded proxy"', default=False) args = parser.parse_args() sep() puts(f"Firegex", color=colors.yellow, end="") @@ -39,7 +40,10 @@ version: '3.9' services: firewall: restart: unless-stopped - build: . + build: + context: . + args: + - GCC_PARAMS={"-D MULTI_THREAD" if not args.single_thread else ""} network_mode: "host" environment: - NGINX_PORT={args.port} @@ -57,7 +61,10 @@ version: '3.9' services: firewall: restart: unless-stopped - build: . + build: + context: . + args: + - GCC_PARAMS={"-D MULTI_THREAD" if not args.single_thread else ""} ports: - {args.port}:{args.port} environment: