anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-06 12:45:13 +02:00
Code Issues Releases Wiki Activity

fuzzy: misc cleanup

Browse Source
This commit is contained in:
Jan Engelhardt
2008-08-31 17:27:15 -04:00
parent 003591fe6f
commit 75e9afbc4a
2 changed files with 50 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
extensions/libxt_fuzzy.c
View File

@@ -18,16 +18,15 @@
static void fuzzy_mt_help(void) static void fuzzy_mt_help(void)
{ {
printf( printf(
"fuzzy v%s options:\n" "fuzzy match options:\n"
" --lower-limit number (in packets per second)\n" " --lower-limit number (in packets per second)\n"
" --upper-limit number\n" " --upper-limit number\n");
,XTABLES_VERSION);
}; };
static struct option fuzzy_mt_opts[] = { static const struct option fuzzy_mt_opts[] = {
{ "lower-limit", 1 , 0 , '1' } , {.name = "lower-limit", .has_arg = true, .val = '1'},
{ "upper-limit", 1 , 0 , '2' } , {.name = "upper-limit", .has_arg = true, .val = '2'},
{ 0 } {NULL},
}; };
/* Initialize data structures */ /* Initialize data structures */
@@ -39,7 +38,6 @@ static void fuzzy_mt_init(struct xt_entry_match *m)
* Default rates (I will improve this very soon with something based * Default rates (I will improve this very soon with something based
* on real statistics of the running machine). * on real statistics of the running machine).
*/ */
info->minimum_rate = 1000; info->minimum_rate = 1000;
info->maximum_rate = 2000; info->maximum_rate = 2000;
} }
@@ -51,49 +49,32 @@ static int fuzzy_mt_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match) const void *entry, struct xt_entry_match **match)
{ {
struct xt_fuzzy_mtinfo *info = (void *)(*match)->data; struct xt_fuzzy_mtinfo *info = (void *)(*match)->data;
uint32_t num; uint32_t num;
switch (c) { switch (c) {
case '1': case '1':
if (invert) if (invert)
exit_error(PARAMETER_PROBLEM,"Can't specify ! --lower-limit"); exit_error(PARAMETER_PROBLEM,"Can't specify ! --lower-limit");
if (*flags & IPT_FUZZY_OPT_MINIMUM) if (*flags & IPT_FUZZY_OPT_MINIMUM)
exit_error(PARAMETER_PROBLEM,"Can't specify --lower-limit twice"); exit_error(PARAMETER_PROBLEM,"Can't specify --lower-limit twice");
if (string_to_number(optarg,1,FUZZY_MAX_RATE,&num) == -1 || num < 1) if (string_to_number(optarg,1,FUZZY_MAX_RATE,&num) == -1 || num < 1)
exit_error(PARAMETER_PROBLEM,"BAD --lower-limit"); exit_error(PARAMETER_PROBLEM,"BAD --lower-limit");
info->minimum_rate = num; info->minimum_rate = num;
*flags |= IPT_FUZZY_OPT_MINIMUM; *flags |= IPT_FUZZY_OPT_MINIMUM;
return true;
break;
case '2': case '2':
if (invert) if (invert)
exit_error(PARAMETER_PROBLEM,"Can't specify ! --upper-limit"); exit_error(PARAMETER_PROBLEM,"Can't specify ! --upper-limit");
if (*flags & IPT_FUZZY_OPT_MAXIMUM) if (*flags & IPT_FUZZY_OPT_MAXIMUM)
exit_error(PARAMETER_PROBLEM,"Can't specify --upper-limit twice"); exit_error(PARAMETER_PROBLEM,"Can't specify --upper-limit twice");
if (string_to_number(optarg,1,FUZZY_MAX_RATE,&num) == -1 || num < 1) if (string_to_number(optarg,1,FUZZY_MAX_RATE,&num) == -1 || num < 1)
exit_error(PARAMETER_PROBLEM,"BAD --upper-limit"); exit_error(PARAMETER_PROBLEM,"BAD --upper-limit");
info->maximum_rate = num; info->maximum_rate = num;
*flags |= IPT_FUZZY_OPT_MAXIMUM; *flags |= IPT_FUZZY_OPT_MAXIMUM;
return true;
break;
default:
return 0;
} }
return 1; return false;
} }
static void fuzzy_mt_check(unsigned int flags) static void fuzzy_mt_check(unsigned int flags)
@@ -105,18 +86,16 @@ static void fuzzy_mt_print(const void *ip, const struct xt_entry_match *match,
{ {
const struct xt_fuzzy_mtinfo *info = (const void *)match->data; const struct xt_fuzzy_mtinfo *info = (const void *)match->data;
printf(" fuzzy: lower limit = %u pps - upper limit = %u pps ",info->minimum_rate,info->maximum_rate); printf("fuzzy: lower limit = %u pps - upper limit = %u pps ",
info->minimum_rate, info->maximum_rate);
} }
/* Saves the union ipt_targinfo in parsable form to stdout. */
static void fuzzy_mt_save(const void *ip, const struct xt_entry_match *match) static void fuzzy_mt_save(const void *ip, const struct xt_entry_match *match)
{ {
const struct xt_fuzzy_mtinfo *info = (const void *)match->data; const struct xt_fuzzy_mtinfo *info = (const void *)match->data;
printf("--lower-limit %u ", info->minimum_rate); printf("--lower-limit %u ", info->minimum_rate);
printf("--upper-limit %u ", info->maximum_rate); printf("--upper-limit %u ", info->maximum_rate);
} }
static struct xtables_match fuzzy_mt_reg = { static struct xtables_match fuzzy_mt_reg = {

87
extensions/xt_fuzzy.c
View File

@@ -35,26 +35,26 @@
#define PAR_HIGH 1 #define PAR_HIGH 1
MODULE_AUTHOR("Hime Aguiar e Oliveira Junior <hime@engineer.com>"); MODULE_AUTHOR("Hime Aguiar e Oliveira Junior <hime@engineer.com>");
MODULE_DESCRIPTION("IP tables Fuzzy Logic Controller match module"); MODULE_DESCRIPTION("Xtables: Fuzzy Logic Controller match");
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_fuzzy"); MODULE_ALIAS("ipt_fuzzy");
static uint8_t mf_high(uint32_t tx,uint32_t mini,uint32_t maxi) static uint8_t mf_high(uint32_t tx, uint32_t mini, uint32_t maxi)
{ {
if (tx >= maxi) return 100; if (tx >= maxi)
return 100;
if (tx <= mini) return 0; if (tx <= mini)
return 0;
return ((100 * (tx-mini)) / (maxi-mini)); return 100 * (tx - mini) / (maxi - mini);
} }
static uint8_t mf_low(uint32_t tx,uint32_t mini,uint32_t maxi) static uint8_t mf_low(uint32_t tx, uint32_t mini, uint32_t maxi)
{ {
if (tx <= mini) return 100; if (tx <= mini)
return 100;
if (tx >= maxi) return 0; if (tx >= maxi)
return 0;
return ((100 * (maxi - tx)) / (maxi - mini)); return 100 * (maxi - tx) / (maxi - mini);
} }
@@ -64,44 +64,39 @@ fuzzy_mt(const struct sk_buff *skb, const struct net_device *in,
const void *matchinfo, int offset, unsigned int protoff, const void *matchinfo, int offset, unsigned int protoff,
bool *hotdrop) bool *hotdrop)
{ {
/* From userspace */
struct xt_fuzzy_mtinfo *info = (void *)matchinfo; struct xt_fuzzy_mtinfo *info = (void *)matchinfo;
unsigned long amount; unsigned long amount;
uint8_t howhigh, howlow, random_number; uint8_t howhigh, howlow, random_number;
info->bytes_total += skb->len; info->bytes_total += skb->len;
++info->packets_total; ++info->packets_total;
info->present_time = jiffies; info->present_time = jiffies;
if (info->present_time >= info->previous_time) if (info->present_time >= info->previous_time) {
amount = info->present_time - info->previous_time; amount = info->present_time - info->previous_time;
else { } else {
/* /*
* There was a transition: I choose to re-sample * There was a transition: I choose to re-sample
* and keep the old acceptance rate... * and keep the old acceptance rate...
*/ */
amount = 0; amount = 0;
info->previous_time = info->present_time; info->previous_time = info->present_time;
info->bytes_total = info->packets_total = 0; info->bytes_total = info->packets_total = 0;
}; }
if ( amount > HZ/10) {/* More than 100 ms elapsed ... */ if (amount > HZ / 10) {
/* More than 100 ms elapsed ... */
info->mean_rate = (uint32_t) ((HZ * info->packets_total) \
/ amount);
info->mean_rate = HZ * info->packets_total / amount;
info->previous_time = info->present_time; info->previous_time = info->present_time;
info->bytes_total = info->packets_total = 0; info->bytes_total = info->packets_total = 0;
howhigh = mf_high(info->mean_rate,info->minimum_rate,info->maximum_rate); howhigh = mf_high(info->mean_rate, info->minimum_rate,
howlow = mf_low(info->mean_rate,info->minimum_rate,info->maximum_rate); info->maximum_rate);
howlow = mf_low(info->mean_rate, info->minimum_rate,
info->maximum_rate);
info->acceptance_rate = (uint8_t) \ info->acceptance_rate = howhigh * PAR_LOW + PAR_HIGH * howlow;
(howhigh * PAR_LOW + PAR_HIGH * howlow);
/* /*
* In fact, the above defuzzification would require a * In fact, the above defuzzification would require a
@@ -112,43 +107,40 @@ fuzzy_mt(const struct sk_buff *skb, const struct net_device *in,
* both mf_high and mf_low - but to keep things understandable, * both mf_high and mf_low - but to keep things understandable,
* I did so. * I did so.
*/ */
} }
if (info->acceptance_rate < 100) if (info->acceptance_rate < 100) {
{ get_random_bytes(&random_number, sizeof(random_number));
get_random_bytes((void *)(&random_number), 1);
if (random_number <= (255 * info->acceptance_rate) / 100) if (random_number <= 255 * info->acceptance_rate / 100)
/* /*
* If within the acceptance, it can pass * If within the acceptance, it can pass
* => do not match. * => do not match.
*/ */
return 0; return false;
else else
/* It cannot pass (it matches) */ /* It cannot pass (it matches) */
return 1; return true;
}; };
/* acceptance_rate == 100 % => Everything passes ... */ /* acceptance_rate == 100 % => Everything passes ... */
return 0; return false;
} }
static bool static bool
fuzzy_mt_check(const char *table, const void *ip, const struct xt_match *match, fuzzy_mt_check(const char *table, const void *ip, const struct xt_match *match,
void *matchinfo, unsigned int hook_mask) void *matchinfo, unsigned int hook_mask)
{ {
const struct xt_fuzzy_mtinfo *info = matchinfo; const struct xt_fuzzy_mtinfo *info = matchinfo;
if ((info->minimum_rate < FUZZY_MIN_RATE) || (info->maximum_rate > FUZZY_MAX_RATE) if (info->minimum_rate < FUZZY_MIN_RATE ||
|| (info->minimum_rate >= info->maximum_rate)) { info->maximum_rate > FUZZY_MAX_RATE ||
printk("ip6t_fuzzy: BAD limits , please verify !!!\n"); info->minimum_rate >= info->maximum_rate) {
return 0; printk(KERN_INFO KBUILD_MODNAME ": bad values, please check.\n");
return false;
} }
return 1; return true;
} }
static struct xt_match fuzzy_mt_reg = { static struct xt_match fuzzy_mt_reg = {
@@ -163,10 +155,7 @@ static struct xt_match fuzzy_mt_reg = {
static int __init fuzzy_mt_init(void) static int __init fuzzy_mt_init(void)
{ {
if (xt_register_match(&fuzzy_mt_reg)) return xt_register_match(&fuzzy_mt_reg);
return -EINVAL;
return 0;
} }
static void __exit fuzzy_mt_exit(void) static void __exit fuzzy_mt_exit(void)