X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=src%2Fprotector-plugin%2FNetworkProtector.h;h=8c782e27d3f29364d57a9ebf56fce7801b79d33a;hb=refs%2Fchanges%2F72%2F2072%2F1;hp=8a69f15995a0e1bee79d7abd5269ed4986e79a58;hpb=b9d7e9c232a4371ddfed51c58e5a57f87b057229;p=ric-app%2Fadmin.git diff --git a/src/protector-plugin/NetworkProtector.h b/src/protector-plugin/NetworkProtector.h index 8a69f15..8c782e2 100644 --- a/src/protector-plugin/NetworkProtector.h +++ b/src/protector-plugin/NetworkProtector.h @@ -23,6 +23,7 @@ #include "sliding_window.hpp" #include +#include #include // to decode the X2AP payload #include // to respond @@ -34,39 +35,65 @@ #define unlikely(x) (x) #endif +// each policy corresponds to a specific X2 subscriber profile ID +// and applies sliding window logic to UEs in that class (if enforce) +class protector_policy { +public: + protector_policy(bool enforce=true, int window_size=60, int threshold=10, double block_rate=10): _enforce(enforce), _window_size(window_size), _threshold(threshold), _block_rate(block_rate){ + _counter = 0; + _req = 0; + _rej = 0; + _window_ref = std::make_unique(_window_size); + }; + + bool _enforce; // do we enforce policy ? + int _counter; // count the # of attaching access + int _window_size; // time in seconds window for the # of counts + int _threshold; // count above which we start enforcing if enforce set + double _block_rate; // % of rejecting rate for counter > threshold + std::unique_ptr _window_ref; + unsigned long int _req; // number of requests + unsigned long int _rej; // number of rejects + +}; + + class protector { public: - protector( bool enforce, int windowSize_, int threshold_, double blockRate_); - + protector( bool rep=true); + protector(bool enforce, int window_size, int threshold, double block_rate, bool rep=true); bool operator()(unsigned char *, size_t , unsigned char *, size_t *); - bool configure(bool enforce, int windowSize_, int threshold_, double blockRate_); + bool configure(bool enforce, int windowSize_, int threshold_, double blockRate_, int id); + bool add_policy (bool enforce, int windowSize_, int threshold_, double blockRate_, int id); + bool delete_policy(int id); + bool query_policy(int , std::vector &); + void get_active_policies(std::vector & ); + bool is_active(int id); + void clear(); - bool selectiveBlock(); + bool selectiveBlock(double); - unsigned long int get_requests(void) const; - unsigned long int get_rejects(void) const; + long int get_requests(int id) const; + long int get_rejects(int id) const; std::string get_error(void) { return error_string;}; private: - bool m_enforce; // whether to execute logic or not - int m_counter; // count the # of attaching access - int m_windowSize; // time in seconds window for the # of counts - int m_threshold; // count above which we start enforcing if enforce set - double m_blockRate; // % of rejecting rate for counter > threshold - time_t m_timeWindow; // time active window started - unsigned long int m_req; // number of requests - unsigned long int m_rej; // number of rejects - - std::unique_ptr m_window_ref; + + std::map policy_list; std::unique_ptr m_access; + sgnb_addition_helper sgnb_data; sgnb_addition_request sgnb_req; sgnb_addition_response sgnb_resp; + + unsigned long int net_requests = 0; + unsigned long int net_rejects = 0; std::string error_string; + bool report_mode_only; }; #endif