mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-08 13:44:56 +02:00
ACCOUNT: remove trailing whitespace
This commit is contained in:
Jan Engelhardt
@@ -146,7 +146,7 @@ static void print_it(const void *ip,
|
|||||||
printf("--");
|
printf("--");
|
||||||
printf("%s ", opts[0].name);
|
printf("%s ", opts[0].name);
|
||||||
|
|
||||||
a.s_addr = accountinfo->net_ip;
|
a.s_addr = accountinfo->net_ip;
|
||||||
printf("%s", print_helper_ip(a));
|
printf("%s", print_helper_ip(a));
|
||||||
a.s_addr = accountinfo->net_mask;
|
a.s_addr = accountinfo->net_mask;
|
||||||
printf("%s", print_helper_mask(a));
|
printf("%s", print_helper_mask(a));
|
||||||
|
|||||||
@@ -114,12 +114,12 @@ static void ipt_acc_data_free(void *data, unsigned char depth)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
printk("ACCOUNT: ipt_acc_data_free called with unknown depth: %d\n",
|
printk("ACCOUNT: ipt_acc_data_free called with unknown depth: %d\n",
|
||||||
depth);
|
depth);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Look for existing table / insert new one.
|
/* Look for existing table / insert new one.
|
||||||
Return internal ID or -1 on error */
|
Return internal ID or -1 on error */
|
||||||
static int ipt_acc_table_insert(char *name, uint32_t ip, uint32_t netmask)
|
static int ipt_acc_table_insert(char *name, uint32_t ip, uint32_t netmask)
|
||||||
{
|
{
|
||||||
@@ -130,18 +130,18 @@ static int ipt_acc_table_insert(char *name, uint32_t ip, uint32_t netmask)
|
|||||||
|
|
||||||
/* Look for existing table */
|
/* Look for existing table */
|
||||||
for (i = 0; i < ACCOUNT_MAX_TABLES; i++) {
|
for (i = 0; i < ACCOUNT_MAX_TABLES; i++) {
|
||||||
if (strncmp(ipt_acc_tables[i].name, name,
|
if (strncmp(ipt_acc_tables[i].name, name,
|
||||||
ACCOUNT_TABLE_NAME_LEN) == 0) {
|
ACCOUNT_TABLE_NAME_LEN) == 0) {
|
||||||
DEBUGP("ACCOUNT: Found existing slot: %d - "
|
DEBUGP("ACCOUNT: Found existing slot: %d - "
|
||||||
"%u.%u.%u.%u/%u.%u.%u.%u\n", i,
|
"%u.%u.%u.%u/%u.%u.%u.%u\n", i,
|
||||||
NIPQUAD(ipt_acc_tables[i].ip),
|
NIPQUAD(ipt_acc_tables[i].ip),
|
||||||
NIPQUAD(ipt_acc_tables[i].netmask));
|
NIPQUAD(ipt_acc_tables[i].netmask));
|
||||||
|
|
||||||
if (ipt_acc_tables[i].ip != ip
|
if (ipt_acc_tables[i].ip != ip
|
||||||
|| ipt_acc_tables[i].netmask != netmask) {
|
|| ipt_acc_tables[i].netmask != netmask) {
|
||||||
printk("ACCOUNT: Table %s found, but IP/netmask mismatch. "
|
printk("ACCOUNT: Table %s found, but IP/netmask mismatch. "
|
||||||
"IP/netmask found: %u.%u.%u.%u/%u.%u.%u.%u\n",
|
"IP/netmask found: %u.%u.%u.%u/%u.%u.%u.%u\n",
|
||||||
name, NIPQUAD(ipt_acc_tables[i].ip),
|
name, NIPQUAD(ipt_acc_tables[i].ip),
|
||||||
NIPQUAD(ipt_acc_tables[i].netmask));
|
NIPQUAD(ipt_acc_tables[i].netmask));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -184,14 +184,14 @@ static int ipt_acc_table_insert(char *name, uint32_t ip, uint32_t netmask)
|
|||||||
ipt_acc_tables[i].depth = 2;
|
ipt_acc_tables[i].depth = 2;
|
||||||
|
|
||||||
DEBUGP("ACCOUNT: calculated netsize: %u -> "
|
DEBUGP("ACCOUNT: calculated netsize: %u -> "
|
||||||
"ipt_acc_table depth %u\n", netsize,
|
"ipt_acc_table depth %u\n", netsize,
|
||||||
ipt_acc_tables[i].depth);
|
ipt_acc_tables[i].depth);
|
||||||
|
|
||||||
ipt_acc_tables[i].refcount++;
|
ipt_acc_tables[i].refcount++;
|
||||||
if ((ipt_acc_tables[i].data
|
if ((ipt_acc_tables[i].data
|
||||||
= ipt_acc_zalloc_page()) == NULL) {
|
= ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUNT: out of memory for data of table: %s\n", name);
|
printk("ACCOUNT: out of memory for data of table: %s\n", name);
|
||||||
memset(&ipt_acc_tables[i], 0,
|
memset(&ipt_acc_tables[i], 0,
|
||||||
sizeof(struct ipt_acc_table));
|
sizeof(struct ipt_acc_table));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -257,7 +257,7 @@ static int ipt_acc_checkentry(const char *tablename,
|
|||||||
return 0;
|
return 0;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
/* Table nr caching so we don't have to do an extra string compare
|
/* Table nr caching so we don't have to do an extra string compare
|
||||||
for every packet */
|
for every packet */
|
||||||
info->table_nr = table_nr;
|
info->table_nr = table_nr;
|
||||||
|
|
||||||
@@ -299,27 +299,27 @@ static void ipt_acc_destroy(
|
|||||||
|
|
||||||
spin_lock_bh(&ipt_acc_lock);
|
spin_lock_bh(&ipt_acc_lock);
|
||||||
|
|
||||||
DEBUGP("ACCOUNT: ipt_acc_deleteentry called for table: %s (#%d)\n",
|
DEBUGP("ACCOUNT: ipt_acc_deleteentry called for table: %s (#%d)\n",
|
||||||
info->table_name, info->table_nr);
|
info->table_name, info->table_nr);
|
||||||
|
|
||||||
info->table_nr = -1; /* Set back to original state */
|
info->table_nr = -1; /* Set back to original state */
|
||||||
|
|
||||||
/* Look for table */
|
/* Look for table */
|
||||||
for (i = 0; i < ACCOUNT_MAX_TABLES; i++) {
|
for (i = 0; i < ACCOUNT_MAX_TABLES; i++) {
|
||||||
if (strncmp(ipt_acc_tables[i].name, info->table_name,
|
if (strncmp(ipt_acc_tables[i].name, info->table_name,
|
||||||
ACCOUNT_TABLE_NAME_LEN) == 0) {
|
ACCOUNT_TABLE_NAME_LEN) == 0) {
|
||||||
DEBUGP("ACCOUNT: Found table at slot: %d\n", i);
|
DEBUGP("ACCOUNT: Found table at slot: %d\n", i);
|
||||||
|
|
||||||
ipt_acc_tables[i].refcount--;
|
ipt_acc_tables[i].refcount--;
|
||||||
DEBUGP("ACCOUNT: Refcount left: %d\n",
|
DEBUGP("ACCOUNT: Refcount left: %d\n",
|
||||||
ipt_acc_tables[i].refcount);
|
ipt_acc_tables[i].refcount);
|
||||||
|
|
||||||
/* Table not needed anymore? */
|
/* Table not needed anymore? */
|
||||||
if (ipt_acc_tables[i].refcount == 0) {
|
if (ipt_acc_tables[i].refcount == 0) {
|
||||||
DEBUGP("ACCOUNT: Destroying table at slot: %d\n", i);
|
DEBUGP("ACCOUNT: Destroying table at slot: %d\n", i);
|
||||||
ipt_acc_data_free(ipt_acc_tables[i].data,
|
ipt_acc_data_free(ipt_acc_tables[i].data,
|
||||||
ipt_acc_tables[i].depth);
|
ipt_acc_tables[i].depth);
|
||||||
memset(&ipt_acc_tables[i], 0,
|
memset(&ipt_acc_tables[i], 0,
|
||||||
sizeof(struct ipt_acc_table));
|
sizeof(struct ipt_acc_table));
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -342,7 +342,7 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
|
|||||||
char is_src_new_ip = 0, is_dst_new_ip = 0; /* Check if this entry is new */
|
char is_src_new_ip = 0, is_dst_new_ip = 0; /* Check if this entry is new */
|
||||||
|
|
||||||
DEBUGP("ACCOUNT: ipt_acc_depth0_insert: %u.%u.%u.%u/%u.%u.%u.%u "
|
DEBUGP("ACCOUNT: ipt_acc_depth0_insert: %u.%u.%u.%u/%u.%u.%u.%u "
|
||||||
"for net %u.%u.%u.%u/%u.%u.%u.%u, size: %u\n", NIPQUAD(src_ip),
|
"for net %u.%u.%u.%u/%u.%u.%u.%u, size: %u\n", NIPQUAD(src_ip),
|
||||||
NIPQUAD(dst_ip), NIPQUAD(net_ip), NIPQUAD(netmask), size);
|
NIPQUAD(dst_ip), NIPQUAD(net_ip), NIPQUAD(netmask), size);
|
||||||
|
|
||||||
/* Check if src/dst is inside our network. */
|
/* Check if src/dst is inside our network. */
|
||||||
@@ -356,7 +356,7 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
|
|||||||
|
|
||||||
if (!is_src && !is_dst) {
|
if (!is_src && !is_dst) {
|
||||||
DEBUGP("ACCOUNT: Skipping packet %u.%u.%u.%u/%u.%u.%u.%u "
|
DEBUGP("ACCOUNT: Skipping packet %u.%u.%u.%u/%u.%u.%u.%u "
|
||||||
"for net %u.%u.%u.%u/%u.%u.%u.%u\n", NIPQUAD(src_ip),
|
"for net %u.%u.%u.%u/%u.%u.%u.%u\n", NIPQUAD(src_ip),
|
||||||
NIPQUAD(dst_ip), NIPQUAD(net_ip), NIPQUAD(netmask));
|
NIPQUAD(dst_ip), NIPQUAD(net_ip), NIPQUAD(netmask));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -369,7 +369,7 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
|
|||||||
if (is_src) {
|
if (is_src) {
|
||||||
/* Calculate network slot */
|
/* Calculate network slot */
|
||||||
DEBUGP("ACCOUNT: Calculated SRC 8 bit network slot: %d\n", src_slot);
|
DEBUGP("ACCOUNT: Calculated SRC 8 bit network slot: %d\n", src_slot);
|
||||||
if (!mask_24->ip[src_slot].src_packets
|
if (!mask_24->ip[src_slot].src_packets
|
||||||
&& !mask_24->ip[src_slot].dst_packets)
|
&& !mask_24->ip[src_slot].dst_packets)
|
||||||
is_src_new_ip = 1;
|
is_src_new_ip = 1;
|
||||||
|
|
||||||
@@ -378,7 +378,7 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
|
|||||||
}
|
}
|
||||||
if (is_dst) {
|
if (is_dst) {
|
||||||
DEBUGP("ACCOUNT: Calculated DST 8 bit network slot: %d\n", dst_slot);
|
DEBUGP("ACCOUNT: Calculated DST 8 bit network slot: %d\n", dst_slot);
|
||||||
if (!mask_24->ip[dst_slot].src_packets
|
if (!mask_24->ip[dst_slot].src_packets
|
||||||
&& !mask_24->ip[dst_slot].dst_packets)
|
&& !mask_24->ip[dst_slot].dst_packets)
|
||||||
is_dst_new_ip = 1;
|
is_dst_new_ip = 1;
|
||||||
|
|
||||||
@@ -390,7 +390,7 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
|
|||||||
DEBUGP("ACCOUNT: Itemcounter before: %d\n", *itemcount);
|
DEBUGP("ACCOUNT: Itemcounter before: %d\n", *itemcount);
|
||||||
if (src_slot == dst_slot) {
|
if (src_slot == dst_slot) {
|
||||||
if (is_src_new_ip || is_dst_new_ip) {
|
if (is_src_new_ip || is_dst_new_ip) {
|
||||||
DEBUGP("ACCOUNT: src_slot == dst_slot: %d, %d\n",
|
DEBUGP("ACCOUNT: src_slot == dst_slot: %d, %d\n",
|
||||||
is_src_new_ip, is_dst_new_ip);
|
is_src_new_ip, is_dst_new_ip);
|
||||||
(*itemcount)++;
|
(*itemcount)++;
|
||||||
}
|
}
|
||||||
@@ -407,8 +407,8 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
|
|||||||
DEBUGP("ACCOUNT: Itemcounter after: %d\n", *itemcount);
|
DEBUGP("ACCOUNT: Itemcounter after: %d\n", *itemcount);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16,
|
static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16,
|
||||||
uint32_t net_ip, uint32_t netmask,
|
uint32_t net_ip, uint32_t netmask,
|
||||||
uint32_t src_ip, uint32_t dst_ip,
|
uint32_t src_ip, uint32_t dst_ip,
|
||||||
uint32_t size, uint32_t *itemcount)
|
uint32_t size, uint32_t *itemcount)
|
||||||
{
|
{
|
||||||
@@ -418,7 +418,7 @@ static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16,
|
|||||||
DEBUGP("ACCOUNT: Calculated SRC 16 bit network slot: %d\n", slot);
|
DEBUGP("ACCOUNT: Calculated SRC 16 bit network slot: %d\n", slot);
|
||||||
|
|
||||||
/* Do we need to create a new mask_24 bucket? */
|
/* Do we need to create a new mask_24 bucket? */
|
||||||
if (!mask_16->mask_24[slot] && (mask_16->mask_24[slot] =
|
if (!mask_16->mask_24[slot] && (mask_16->mask_24[slot] =
|
||||||
ipt_acc_zalloc_page()) == NULL) {
|
ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUNT: Can't process packet because out of memory!\n");
|
printk("ACCOUNT: Can't process packet because out of memory!\n");
|
||||||
return;
|
return;
|
||||||
@@ -434,7 +434,7 @@ static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16,
|
|||||||
DEBUGP("ACCOUNT: Calculated DST 16 bit network slot: %d\n", slot);
|
DEBUGP("ACCOUNT: Calculated DST 16 bit network slot: %d\n", slot);
|
||||||
|
|
||||||
/* Do we need to create a new mask_24 bucket? */
|
/* Do we need to create a new mask_24 bucket? */
|
||||||
if (!mask_16->mask_24[slot] && (mask_16->mask_24[slot]
|
if (!mask_16->mask_24[slot] && (mask_16->mask_24[slot]
|
||||||
= ipt_acc_zalloc_page()) == NULL) {
|
= ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUT: Can't process packet because out of memory!\n");
|
printk("ACCOUT: Can't process packet because out of memory!\n");
|
||||||
return;
|
return;
|
||||||
@@ -445,7 +445,7 @@ static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
|
static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
|
||||||
uint32_t net_ip, uint32_t netmask,
|
uint32_t net_ip, uint32_t netmask,
|
||||||
uint32_t src_ip, uint32_t dst_ip,
|
uint32_t src_ip, uint32_t dst_ip,
|
||||||
uint32_t size, uint32_t *itemcount)
|
uint32_t size, uint32_t *itemcount)
|
||||||
@@ -456,7 +456,7 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
|
|||||||
DEBUGP("ACCOUNT: Calculated SRC 24 bit network slot: %d\n", slot);
|
DEBUGP("ACCOUNT: Calculated SRC 24 bit network slot: %d\n", slot);
|
||||||
|
|
||||||
/* Do we need to create a new mask_24 bucket? */
|
/* Do we need to create a new mask_24 bucket? */
|
||||||
if (!mask_8->mask_16[slot] && (mask_8->mask_16[slot]
|
if (!mask_8->mask_16[slot] && (mask_8->mask_16[slot]
|
||||||
= ipt_acc_zalloc_page()) == NULL) {
|
= ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUNT: Can't process packet because out of memory!\n");
|
printk("ACCOUNT: Can't process packet because out of memory!\n");
|
||||||
return;
|
return;
|
||||||
@@ -472,7 +472,7 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
|
|||||||
DEBUGP("ACCOUNT: Calculated DST 24 bit network slot: %d\n", slot);
|
DEBUGP("ACCOUNT: Calculated DST 24 bit network slot: %d\n", slot);
|
||||||
|
|
||||||
/* Do we need to create a new mask_24 bucket? */
|
/* Do we need to create a new mask_24 bucket? */
|
||||||
if (!mask_8->mask_16[slot] && (mask_8->mask_16[slot]
|
if (!mask_8->mask_16[slot] && (mask_8->mask_16[slot]
|
||||||
= ipt_acc_zalloc_page()) == NULL) {
|
= ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUNT: Can't process packet because out of memory!\n");
|
printk("ACCOUNT: Can't process packet because out of memory!\n");
|
||||||
return;
|
return;
|
||||||
@@ -532,7 +532,7 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb,
|
|||||||
|
|
||||||
if (ipt_acc_tables[info->table_nr].name[0] == 0) {
|
if (ipt_acc_tables[info->table_nr].name[0] == 0) {
|
||||||
printk("ACCOUNT: ipt_acc_target: Invalid table id %u. "
|
printk("ACCOUNT: ipt_acc_target: Invalid table id %u. "
|
||||||
"IPs %u.%u.%u.%u/%u.%u.%u.%u\n", info->table_nr,
|
"IPs %u.%u.%u.%u/%u.%u.%u.%u\n", info->table_nr,
|
||||||
NIPQUAD(src_ip), NIPQUAD(dst_ip));
|
NIPQUAD(src_ip), NIPQUAD(dst_ip));
|
||||||
spin_unlock_bh(&ipt_acc_lock);
|
spin_unlock_bh(&ipt_acc_lock);
|
||||||
return IPT_CONTINUE;
|
return IPT_CONTINUE;
|
||||||
@@ -543,7 +543,7 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb,
|
|||||||
/* Count packet and check if the IP is new */
|
/* Count packet and check if the IP is new */
|
||||||
ipt_acc_depth0_insert(
|
ipt_acc_depth0_insert(
|
||||||
(struct ipt_acc_mask_24 *)ipt_acc_tables[info->table_nr].data,
|
(struct ipt_acc_mask_24 *)ipt_acc_tables[info->table_nr].data,
|
||||||
ipt_acc_tables[info->table_nr].ip,
|
ipt_acc_tables[info->table_nr].ip,
|
||||||
ipt_acc_tables[info->table_nr].netmask,
|
ipt_acc_tables[info->table_nr].netmask,
|
||||||
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
|
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
|
||||||
spin_unlock_bh(&ipt_acc_lock);
|
spin_unlock_bh(&ipt_acc_lock);
|
||||||
@@ -554,7 +554,7 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb,
|
|||||||
if (ipt_acc_tables[info->table_nr].depth == 1) {
|
if (ipt_acc_tables[info->table_nr].depth == 1) {
|
||||||
ipt_acc_depth1_insert(
|
ipt_acc_depth1_insert(
|
||||||
(struct ipt_acc_mask_16 *)ipt_acc_tables[info->table_nr].data,
|
(struct ipt_acc_mask_16 *)ipt_acc_tables[info->table_nr].data,
|
||||||
ipt_acc_tables[info->table_nr].ip,
|
ipt_acc_tables[info->table_nr].ip,
|
||||||
ipt_acc_tables[info->table_nr].netmask,
|
ipt_acc_tables[info->table_nr].netmask,
|
||||||
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
|
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
|
||||||
spin_unlock_bh(&ipt_acc_lock);
|
spin_unlock_bh(&ipt_acc_lock);
|
||||||
@@ -565,7 +565,7 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb,
|
|||||||
if (ipt_acc_tables[info->table_nr].depth == 2) {
|
if (ipt_acc_tables[info->table_nr].depth == 2) {
|
||||||
ipt_acc_depth2_insert(
|
ipt_acc_depth2_insert(
|
||||||
(struct ipt_acc_mask_8 *)ipt_acc_tables[info->table_nr].data,
|
(struct ipt_acc_mask_8 *)ipt_acc_tables[info->table_nr].data,
|
||||||
ipt_acc_tables[info->table_nr].ip,
|
ipt_acc_tables[info->table_nr].ip,
|
||||||
ipt_acc_tables[info->table_nr].netmask,
|
ipt_acc_tables[info->table_nr].netmask,
|
||||||
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
|
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
|
||||||
spin_unlock_bh(&ipt_acc_lock);
|
spin_unlock_bh(&ipt_acc_lock);
|
||||||
@@ -573,7 +573,7 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb,
|
|||||||
}
|
}
|
||||||
|
|
||||||
printk("ACCOUNT: ipt_acc_target: Unable to process packet. "
|
printk("ACCOUNT: ipt_acc_target: Unable to process packet. "
|
||||||
"Table id %u. IPs %u.%u.%u.%u/%u.%u.%u.%u\n",
|
"Table id %u. IPs %u.%u.%u.%u/%u.%u.%u.%u\n",
|
||||||
info->table_nr, NIPQUAD(src_ip), NIPQUAD(dst_ip));
|
info->table_nr, NIPQUAD(src_ip), NIPQUAD(dst_ip));
|
||||||
|
|
||||||
spin_unlock_bh(&ipt_acc_lock);
|
spin_unlock_bh(&ipt_acc_lock);
|
||||||
@@ -583,11 +583,11 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb,
|
|||||||
/*
|
/*
|
||||||
Functions dealing with "handles":
|
Functions dealing with "handles":
|
||||||
Handles are snapshots of a accounting state.
|
Handles are snapshots of a accounting state.
|
||||||
|
|
||||||
read snapshots are only for debugging the code
|
read snapshots are only for debugging the code
|
||||||
and are very expensive concerning speed/memory
|
and are very expensive concerning speed/memory
|
||||||
compared to read_and_flush.
|
compared to read_and_flush.
|
||||||
|
|
||||||
The functions aren't protected by spinlocks themselves
|
The functions aren't protected by spinlocks themselves
|
||||||
as this is done in the ioctl part of the code.
|
as this is done in the ioctl part of the code.
|
||||||
*/
|
*/
|
||||||
@@ -604,7 +604,7 @@ static int ipt_acc_handle_find_slot(void)
|
|||||||
for (i = 0; i < ACCOUNT_MAX_HANDLES; i++) {
|
for (i = 0; i < ACCOUNT_MAX_HANDLES; i++) {
|
||||||
/* Found free slot */
|
/* Found free slot */
|
||||||
if (ipt_acc_handles[i].data == NULL) {
|
if (ipt_acc_handles[i].data == NULL) {
|
||||||
/* Don't "mark" data as used as we are protected by a spinlock
|
/* Don't "mark" data as used as we are protected by a spinlock
|
||||||
by the calling function. handle_find_slot() is only a function
|
by the calling function. handle_find_slot() is only a function
|
||||||
to prevent code duplication. */
|
to prevent code duplication. */
|
||||||
return i;
|
return i;
|
||||||
@@ -625,7 +625,7 @@ static int ipt_acc_handle_free(unsigned int handle)
|
|||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ipt_acc_data_free(ipt_acc_handles[handle].data,
|
ipt_acc_data_free(ipt_acc_handles[handle].data,
|
||||||
ipt_acc_handles[handle].depth);
|
ipt_acc_handles[handle].depth);
|
||||||
memset (&ipt_acc_handles[handle], 0, sizeof (struct ipt_acc_handle));
|
memset (&ipt_acc_handles[handle], 0, sizeof (struct ipt_acc_handle));
|
||||||
return 0;
|
return 0;
|
||||||
@@ -640,7 +640,7 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
unsigned char depth;
|
unsigned char depth;
|
||||||
|
|
||||||
for (table_nr = 0; table_nr < ACCOUNT_MAX_TABLES; table_nr++)
|
for (table_nr = 0; table_nr < ACCOUNT_MAX_TABLES; table_nr++)
|
||||||
if (strncmp(ipt_acc_tables[table_nr].name, tablename,
|
if (strncmp(ipt_acc_tables[table_nr].name, tablename,
|
||||||
ACCOUNT_TABLE_NAME_LEN) == 0)
|
ACCOUNT_TABLE_NAME_LEN) == 0)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@@ -665,11 +665,11 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
/* Recursive copy of complete data structure */
|
/* Recursive copy of complete data structure */
|
||||||
depth = dest->depth;
|
depth = dest->depth;
|
||||||
if (depth == 0) {
|
if (depth == 0) {
|
||||||
memcpy(dest->data,
|
memcpy(dest->data,
|
||||||
ipt_acc_tables[table_nr].data,
|
ipt_acc_tables[table_nr].data,
|
||||||
sizeof(struct ipt_acc_mask_24));
|
sizeof(struct ipt_acc_mask_24));
|
||||||
} else if (depth == 1) {
|
} else if (depth == 1) {
|
||||||
struct ipt_acc_mask_16 *src_16 =
|
struct ipt_acc_mask_16 *src_16 =
|
||||||
(struct ipt_acc_mask_16 *)ipt_acc_tables[table_nr].data;
|
(struct ipt_acc_mask_16 *)ipt_acc_tables[table_nr].data;
|
||||||
struct ipt_acc_mask_16 *network_16 =
|
struct ipt_acc_mask_16 *network_16 =
|
||||||
(struct ipt_acc_mask_16 *)dest->data;
|
(struct ipt_acc_mask_16 *)dest->data;
|
||||||
@@ -677,7 +677,7 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
|
|
||||||
for (b = 0; b <= 255; b++) {
|
for (b = 0; b <= 255; b++) {
|
||||||
if (src_16->mask_24[b]) {
|
if (src_16->mask_24[b]) {
|
||||||
if ((network_16->mask_24[b] =
|
if ((network_16->mask_24[b] =
|
||||||
ipt_acc_zalloc_page()) == NULL) {
|
ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUNT: out of memory during copy of 16 bit "
|
printk("ACCOUNT: out of memory during copy of 16 bit "
|
||||||
"network in ipt_acc_handle_prepare_read()\n");
|
"network in ipt_acc_handle_prepare_read()\n");
|
||||||
@@ -685,21 +685,21 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(network_16->mask_24[b], src_16->mask_24[b],
|
memcpy(network_16->mask_24[b], src_16->mask_24[b],
|
||||||
sizeof(struct ipt_acc_mask_24));
|
sizeof(struct ipt_acc_mask_24));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else if(depth == 2) {
|
} else if(depth == 2) {
|
||||||
struct ipt_acc_mask_8 *src_8 =
|
struct ipt_acc_mask_8 *src_8 =
|
||||||
(struct ipt_acc_mask_8 *)ipt_acc_tables[table_nr].data;
|
(struct ipt_acc_mask_8 *)ipt_acc_tables[table_nr].data;
|
||||||
struct ipt_acc_mask_8 *network_8 =
|
struct ipt_acc_mask_8 *network_8 =
|
||||||
(struct ipt_acc_mask_8 *)dest->data;
|
(struct ipt_acc_mask_8 *)dest->data;
|
||||||
struct ipt_acc_mask_16 *src_16, *network_16;
|
struct ipt_acc_mask_16 *src_16, *network_16;
|
||||||
unsigned int a, b;
|
unsigned int a, b;
|
||||||
|
|
||||||
for (a = 0; a <= 255; a++) {
|
for (a = 0; a <= 255; a++) {
|
||||||
if (src_8->mask_16[a]) {
|
if (src_8->mask_16[a]) {
|
||||||
if ((network_8->mask_16[a] =
|
if ((network_8->mask_16[a] =
|
||||||
ipt_acc_zalloc_page()) == NULL) {
|
ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUNT: out of memory during copy of 24 bit network"
|
printk("ACCOUNT: out of memory during copy of 24 bit network"
|
||||||
" in ipt_acc_handle_prepare_read()\n");
|
" in ipt_acc_handle_prepare_read()\n");
|
||||||
@@ -707,7 +707,7 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(network_8->mask_16[a], src_8->mask_16[a],
|
memcpy(network_8->mask_16[a], src_8->mask_16[a],
|
||||||
sizeof(struct ipt_acc_mask_16));
|
sizeof(struct ipt_acc_mask_16));
|
||||||
|
|
||||||
src_16 = src_8->mask_16[a];
|
src_16 = src_8->mask_16[a];
|
||||||
@@ -715,7 +715,7 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
|
|
||||||
for (b = 0; b <= 255; b++) {
|
for (b = 0; b <= 255; b++) {
|
||||||
if (src_16->mask_24[b]) {
|
if (src_16->mask_24[b]) {
|
||||||
if ((network_16->mask_24[b] =
|
if ((network_16->mask_24[b] =
|
||||||
ipt_acc_zalloc_page()) == NULL) {
|
ipt_acc_zalloc_page()) == NULL) {
|
||||||
printk("ACCOUNT: out of memory during copy of 16 bit"
|
printk("ACCOUNT: out of memory during copy of 16 bit"
|
||||||
" network in ipt_acc_handle_prepare_read()\n");
|
" network in ipt_acc_handle_prepare_read()\n");
|
||||||
@@ -723,7 +723,7 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(network_16->mask_24[b], src_16->mask_24[b],
|
memcpy(network_16->mask_24[b], src_16->mask_24[b],
|
||||||
sizeof(struct ipt_acc_mask_24));
|
sizeof(struct ipt_acc_mask_24));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -732,7 +732,7 @@ static int ipt_acc_handle_prepare_read(char *tablename,
|
|||||||
}
|
}
|
||||||
|
|
||||||
*count = ipt_acc_tables[table_nr].itemcount;
|
*count = ipt_acc_tables[table_nr].itemcount;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -744,7 +744,7 @@ static int ipt_acc_handle_prepare_read_flush(char *tablename,
|
|||||||
void *new_data_page;
|
void *new_data_page;
|
||||||
|
|
||||||
for (table_nr = 0; table_nr < ACCOUNT_MAX_TABLES; table_nr++)
|
for (table_nr = 0; table_nr < ACCOUNT_MAX_TABLES; table_nr++)
|
||||||
if (strncmp(ipt_acc_tables[table_nr].name, tablename,
|
if (strncmp(ipt_acc_tables[table_nr].name, tablename,
|
||||||
ACCOUNT_TABLE_NAME_LEN) == 0)
|
ACCOUNT_TABLE_NAME_LEN) == 0)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@@ -779,18 +779,18 @@ static int ipt_acc_handle_prepare_read_flush(char *tablename,
|
|||||||
We only copy entries != 0 to increase performance.
|
We only copy entries != 0 to increase performance.
|
||||||
*/
|
*/
|
||||||
static int ipt_acc_handle_copy_data(void *to_user, unsigned long *to_user_pos,
|
static int ipt_acc_handle_copy_data(void *to_user, unsigned long *to_user_pos,
|
||||||
unsigned long *tmpbuf_pos,
|
unsigned long *tmpbuf_pos,
|
||||||
struct ipt_acc_mask_24 *data,
|
struct ipt_acc_mask_24 *data,
|
||||||
uint32_t net_ip, uint32_t net_OR_mask)
|
uint32_t net_ip, uint32_t net_OR_mask)
|
||||||
{
|
{
|
||||||
struct ipt_acc_handle_ip handle_ip;
|
struct ipt_acc_handle_ip handle_ip;
|
||||||
size_t handle_ip_size = sizeof (struct ipt_acc_handle_ip);
|
size_t handle_ip_size = sizeof (struct ipt_acc_handle_ip);
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
|
|
||||||
for (i = 0; i <= 255; i++) {
|
for (i = 0; i <= 255; i++) {
|
||||||
if (data->ip[i].src_packets || data->ip[i].dst_packets) {
|
if (data->ip[i].src_packets || data->ip[i].dst_packets) {
|
||||||
handle_ip.ip = net_ip | net_OR_mask | (i<<24);
|
handle_ip.ip = net_ip | net_OR_mask | (i<<24);
|
||||||
|
|
||||||
handle_ip.src_packets = data->ip[i].src_packets;
|
handle_ip.src_packets = data->ip[i].src_packets;
|
||||||
handle_ip.src_bytes = data->ip[i].src_bytes;
|
handle_ip.src_bytes = data->ip[i].src_bytes;
|
||||||
handle_ip.dst_packets = data->ip[i].dst_packets;
|
handle_ip.dst_packets = data->ip[i].dst_packets;
|
||||||
@@ -808,11 +808,11 @@ static int ipt_acc_handle_copy_data(void *to_user, unsigned long *to_user_pos,
|
|||||||
*tmpbuf_pos += handle_ip_size;
|
*tmpbuf_pos += handle_ip_size;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Copy the data from our internal structure
|
/* Copy the data from our internal structure
|
||||||
We only copy entries != 0 to increase performance.
|
We only copy entries != 0 to increase performance.
|
||||||
Overwrites ipt_acc_tmpbuf.
|
Overwrites ipt_acc_tmpbuf.
|
||||||
*/
|
*/
|
||||||
@@ -838,12 +838,12 @@ static int ipt_acc_handle_get_data(uint32_t handle, void *to_user)
|
|||||||
|
|
||||||
/* 8 bit network */
|
/* 8 bit network */
|
||||||
if (depth == 0) {
|
if (depth == 0) {
|
||||||
struct ipt_acc_mask_24 *network =
|
struct ipt_acc_mask_24 *network =
|
||||||
(struct ipt_acc_mask_24*)ipt_acc_handles[handle].data;
|
(struct ipt_acc_mask_24*)ipt_acc_handles[handle].data;
|
||||||
if (ipt_acc_handle_copy_data(to_user, &to_user_pos, &tmpbuf_pos,
|
if (ipt_acc_handle_copy_data(to_user, &to_user_pos, &tmpbuf_pos,
|
||||||
network, net_ip, 0))
|
network, net_ip, 0))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
/* Flush remaining data to userspace */
|
/* Flush remaining data to userspace */
|
||||||
if (tmpbuf_pos)
|
if (tmpbuf_pos)
|
||||||
if (copy_to_user(to_user+to_user_pos, ipt_acc_tmpbuf, tmpbuf_pos))
|
if (copy_to_user(to_user+to_user_pos, ipt_acc_tmpbuf, tmpbuf_pos))
|
||||||
@@ -854,12 +854,12 @@ static int ipt_acc_handle_get_data(uint32_t handle, void *to_user)
|
|||||||
|
|
||||||
/* 16 bit network */
|
/* 16 bit network */
|
||||||
if (depth == 1) {
|
if (depth == 1) {
|
||||||
struct ipt_acc_mask_16 *network_16 =
|
struct ipt_acc_mask_16 *network_16 =
|
||||||
(struct ipt_acc_mask_16*)ipt_acc_handles[handle].data;
|
(struct ipt_acc_mask_16*)ipt_acc_handles[handle].data;
|
||||||
unsigned int b;
|
unsigned int b;
|
||||||
for (b = 0; b <= 255; b++) {
|
for (b = 0; b <= 255; b++) {
|
||||||
if (network_16->mask_24[b]) {
|
if (network_16->mask_24[b]) {
|
||||||
struct ipt_acc_mask_24 *network =
|
struct ipt_acc_mask_24 *network =
|
||||||
(struct ipt_acc_mask_24*)network_16->mask_24[b];
|
(struct ipt_acc_mask_24*)network_16->mask_24[b];
|
||||||
if (ipt_acc_handle_copy_data(to_user, &to_user_pos,
|
if (ipt_acc_handle_copy_data(to_user, &to_user_pos,
|
||||||
&tmpbuf_pos, network, net_ip, (b << 16)))
|
&tmpbuf_pos, network, net_ip, (b << 16)))
|
||||||
@@ -877,16 +877,16 @@ static int ipt_acc_handle_get_data(uint32_t handle, void *to_user)
|
|||||||
|
|
||||||
/* 24 bit network */
|
/* 24 bit network */
|
||||||
if (depth == 2) {
|
if (depth == 2) {
|
||||||
struct ipt_acc_mask_8 *network_8 =
|
struct ipt_acc_mask_8 *network_8 =
|
||||||
(struct ipt_acc_mask_8*)ipt_acc_handles[handle].data;
|
(struct ipt_acc_mask_8*)ipt_acc_handles[handle].data;
|
||||||
unsigned int a, b;
|
unsigned int a, b;
|
||||||
for (a = 0; a <= 255; a++) {
|
for (a = 0; a <= 255; a++) {
|
||||||
if (network_8->mask_16[a]) {
|
if (network_8->mask_16[a]) {
|
||||||
struct ipt_acc_mask_16 *network_16 =
|
struct ipt_acc_mask_16 *network_16 =
|
||||||
(struct ipt_acc_mask_16*)network_8->mask_16[a];
|
(struct ipt_acc_mask_16*)network_8->mask_16[a];
|
||||||
for (b = 0; b <= 255; b++) {
|
for (b = 0; b <= 255; b++) {
|
||||||
if (network_16->mask_24[b]) {
|
if (network_16->mask_24[b]) {
|
||||||
struct ipt_acc_mask_24 *network =
|
struct ipt_acc_mask_24 *network =
|
||||||
(struct ipt_acc_mask_24*)network_16->mask_24[b];
|
(struct ipt_acc_mask_24*)network_16->mask_24[b];
|
||||||
if (ipt_acc_handle_copy_data(to_user,
|
if (ipt_acc_handle_copy_data(to_user,
|
||||||
&to_user_pos, &tmpbuf_pos,
|
&to_user_pos, &tmpbuf_pos,
|
||||||
@@ -904,11 +904,11 @@ static int ipt_acc_handle_get_data(uint32_t handle, void *to_user)
|
|||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ipt_acc_set_ctl(struct sock *sk, int cmd,
|
static int ipt_acc_set_ctl(struct sock *sk, int cmd,
|
||||||
void *user, unsigned int len)
|
void *user, unsigned int len)
|
||||||
{
|
{
|
||||||
struct ipt_acc_handle_sockopt handle;
|
struct ipt_acc_handle_sockopt handle;
|
||||||
@@ -921,7 +921,7 @@ static int ipt_acc_set_ctl(struct sock *sk, int cmd,
|
|||||||
case IPT_SO_SET_ACCOUNT_HANDLE_FREE:
|
case IPT_SO_SET_ACCOUNT_HANDLE_FREE:
|
||||||
if (len != sizeof(struct ipt_acc_handle_sockopt)) {
|
if (len != sizeof(struct ipt_acc_handle_sockopt)) {
|
||||||
printk("ACCOUNT: ipt_acc_set_ctl: wrong data size (%u != %zu) "
|
printk("ACCOUNT: ipt_acc_set_ctl: wrong data size (%u != %zu) "
|
||||||
"for IPT_SO_SET_HANDLE_FREE\n",
|
"for IPT_SO_SET_HANDLE_FREE\n",
|
||||||
len, sizeof(struct ipt_acc_handle_sockopt));
|
len, sizeof(struct ipt_acc_handle_sockopt));
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -972,7 +972,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (copy_from_user (&handle, user,
|
if (copy_from_user (&handle, user,
|
||||||
sizeof(struct ipt_acc_handle_sockopt))) {
|
sizeof(struct ipt_acc_handle_sockopt))) {
|
||||||
return -EFAULT;
|
return -EFAULT;
|
||||||
break;
|
break;
|
||||||
@@ -1001,7 +1001,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len)
|
|||||||
sizeof(struct ipt_acc_handle));
|
sizeof(struct ipt_acc_handle));
|
||||||
up(&ipt_acc_userspace_mutex);
|
up(&ipt_acc_userspace_mutex);
|
||||||
|
|
||||||
if (copy_to_user(user, &handle,
|
if (copy_to_user(user, &handle,
|
||||||
sizeof(struct ipt_acc_handle_sockopt))) {
|
sizeof(struct ipt_acc_handle_sockopt))) {
|
||||||
return -EFAULT;
|
return -EFAULT;
|
||||||
break;
|
break;
|
||||||
@@ -1017,7 +1017,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (copy_from_user (&handle, user,
|
if (copy_from_user (&handle, user,
|
||||||
sizeof(struct ipt_acc_handle_sockopt))) {
|
sizeof(struct ipt_acc_handle_sockopt))) {
|
||||||
return -EFAULT;
|
return -EFAULT;
|
||||||
break;
|
break;
|
||||||
@@ -1066,7 +1066,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len)
|
|||||||
handle.itemcount++;
|
handle.itemcount++;
|
||||||
up(&ipt_acc_userspace_mutex);
|
up(&ipt_acc_userspace_mutex);
|
||||||
|
|
||||||
if (copy_to_user(user, &handle,
|
if (copy_to_user(user, &handle,
|
||||||
sizeof(struct ipt_acc_handle_sockopt))) {
|
sizeof(struct ipt_acc_handle_sockopt))) {
|
||||||
return -EFAULT;
|
return -EFAULT;
|
||||||
break;
|
break;
|
||||||
@@ -1154,8 +1154,8 @@ static int __init init(void)
|
|||||||
{
|
{
|
||||||
init_MUTEX(&ipt_acc_userspace_mutex);
|
init_MUTEX(&ipt_acc_userspace_mutex);
|
||||||
|
|
||||||
if ((ipt_acc_tables =
|
if ((ipt_acc_tables =
|
||||||
kmalloc(ACCOUNT_MAX_TABLES *
|
kmalloc(ACCOUNT_MAX_TABLES *
|
||||||
sizeof(struct ipt_acc_table), GFP_KERNEL)) == NULL) {
|
sizeof(struct ipt_acc_table), GFP_KERNEL)) == NULL) {
|
||||||
printk("ACCOUNT: Out of memory allocating account_tables structure");
|
printk("ACCOUNT: Out of memory allocating account_tables structure");
|
||||||
goto error_cleanup;
|
goto error_cleanup;
|
||||||
@@ -1163,8 +1163,8 @@ static int __init init(void)
|
|||||||
memset(ipt_acc_tables, 0,
|
memset(ipt_acc_tables, 0,
|
||||||
ACCOUNT_MAX_TABLES * sizeof(struct ipt_acc_table));
|
ACCOUNT_MAX_TABLES * sizeof(struct ipt_acc_table));
|
||||||
|
|
||||||
if ((ipt_acc_handles =
|
if ((ipt_acc_handles =
|
||||||
kmalloc(ACCOUNT_MAX_HANDLES *
|
kmalloc(ACCOUNT_MAX_HANDLES *
|
||||||
sizeof(struct ipt_acc_handle), GFP_KERNEL)) == NULL) {
|
sizeof(struct ipt_acc_handle), GFP_KERNEL)) == NULL) {
|
||||||
printk("ACCOUNT: Out of memory allocating account_handles structure");
|
printk("ACCOUNT: Out of memory allocating account_handles structure");
|
||||||
goto error_cleanup;
|
goto error_cleanup;
|
||||||
|
|||||||
@@ -39,24 +39,24 @@ struct ipt_acc_table {
|
|||||||
char name[ACCOUNT_TABLE_NAME_LEN]; /* name of the table */
|
char name[ACCOUNT_TABLE_NAME_LEN]; /* name of the table */
|
||||||
uint32_t ip; /* base IP of network */
|
uint32_t ip; /* base IP of network */
|
||||||
uint32_t netmask; /* netmask of the network */
|
uint32_t netmask; /* netmask of the network */
|
||||||
unsigned char depth; /* size of network:
|
unsigned char depth; /* size of network:
|
||||||
0: 8 bit, 1: 16bit, 2: 24 bit */
|
0: 8 bit, 1: 16bit, 2: 24 bit */
|
||||||
uint32_t refcount; /* refcount of this table.
|
uint32_t refcount; /* refcount of this table.
|
||||||
if zero, destroy it */
|
if zero, destroy it */
|
||||||
uint32_t itemcount; /* number of IPs in this table */
|
uint32_t itemcount; /* number of IPs in this table */
|
||||||
void *data; /* pointer to the actual data,
|
void *data; /* pointer to the actual data,
|
||||||
depending on netmask */
|
depending on netmask */
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Internal handle structure */
|
/* Internal handle structure */
|
||||||
struct ipt_acc_handle {
|
struct ipt_acc_handle {
|
||||||
uint32_t ip; /* base IP of network. Used for
|
uint32_t ip; /* base IP of network. Used for
|
||||||
caculating the final IP during
|
caculating the final IP during
|
||||||
get_data() */
|
get_data() */
|
||||||
unsigned char depth; /* size of network. See above for
|
unsigned char depth; /* size of network. See above for
|
||||||
details */
|
details */
|
||||||
uint32_t itemcount; /* number of IPs in this table */
|
uint32_t itemcount; /* number of IPs in this table */
|
||||||
void *data; /* pointer to the actual data,
|
void *data; /* pointer to the actual data,
|
||||||
depending on size */
|
depending on size */
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -69,8 +69,8 @@ struct ipt_acc_handle_sockopt {
|
|||||||
HANDLE_READ_FLUSH */
|
HANDLE_READ_FLUSH */
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Used for every IP entry
|
/* Used for every IP entry
|
||||||
Size is 16 bytes so that 256 (class C network) * 16
|
Size is 16 bytes so that 256 (class C network) * 16
|
||||||
fits in one kernel (zero) page */
|
fits in one kernel (zero) page */
|
||||||
struct ipt_acc_ip {
|
struct ipt_acc_ip {
|
||||||
uint32_t src_packets;
|
uint32_t src_packets;
|
||||||
|
|||||||
Reference in New Issue
Block a user