anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-06 12:45:13 +02:00
Code Issues Releases Wiki Activity

ACCOUNT: use more precise types and fix minor tidbits

Browse Source
This commit is contained in:
Jan Engelhardt
2009-10-30 18:48:04 +01:00
parent 0aa7be2f1d
commit df7168bb4d
3 changed files with 35 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
extensions/ACCOUNT/iptaccount.c
View File

@@ -34,16 +34,14 @@ static void sig_term(int signr)
exit_now = true; exit_now = true;
} }
char *addr_to_dotted(unsigned int); static char *addr_to_dotted(unsigned int addr)
char *addr_to_dotted(unsigned int addr)
{ {
static char buf[17]; static char buf[16];
const unsigned char *bytep; const unsigned char *bytep;
addr = ntohl(addr); addr = ntohl(addr);
bytep = (const unsigned char *)&addr; bytep = (const unsigned char *)&addr;
snprintf(buf, 16, "%u.%u.%u.%u", bytep[3], bytep[2], bytep[1], bytep[0]); snprintf(buf, sizeof(buf), "%u.%u.%u.%u", bytep[3], bytep[2], bytep[1], bytep[0]);
buf[16] = 0;
return buf; return buf;
} }
@@ -190,7 +188,7 @@ int main(int argc, char *argv[])
{ {
printf("Read failed: %s\n", ctx.error_str); printf("Read failed: %s\n", ctx.error_str);
ipt_ACCOUNT_deinit(&ctx); ipt_ACCOUNT_deinit(&ctx);
exit(-1); return EXIT_FAILURE;
} }
if (!doCSV) if (!doCSV)
@@ -221,5 +219,5 @@ int main(int argc, char *argv[])
printf("Finished.\n"); printf("Finished.\n");
ipt_ACCOUNT_deinit(&ctx); ipt_ACCOUNT_deinit(&ctx);
exit(0); return EXIT_SUCCESS;
} }

13
extensions/ACCOUNT/libxt_ACCOUNT.c
View File

@@ -2,6 +2,7 @@
Author: Intra2net AG <opensource@intra2net.com> Author: Intra2net AG <opensource@intra2net.com>
*/ */
#include <stdbool.h>
#include <stdio.h> #include <stdio.h>
#include <netdb.h> #include <netdb.h>
#include <string.h> #include <string.h>
@@ -13,9 +14,9 @@
#include "xt_ACCOUNT.h" #include "xt_ACCOUNT.h"
static struct option account_tg_opts[] = { static struct option account_tg_opts[] = {
{ .name = "addr", .has_arg = 1, .flag = 0, .val = 'a' }, {.name = "addr", .has_arg = true, .val = 'a'},
{ .name = "tname", .has_arg = 1, .flag = 0, .val = 't' }, {.name = "tname", .has_arg = true, .val = 't'},
{ .name = 0 } {NULL},
}; };
/* Function which prints out usage message. */ /* Function which prints out usage message. */
@@ -105,7 +106,7 @@ static void account_tg_check(unsigned int flags)
} }
static void account_tg_print_it(const void *ip, static void account_tg_print_it(const void *ip,
const struct xt_entry_target *target, char do_prefix) const struct xt_entry_target *target, bool do_prefix)
{ {
const struct ipt_acc_info *accountinfo const struct ipt_acc_info *accountinfo
= (const struct ipt_acc_info *)target->data; = (const struct ipt_acc_info *)target->data;
@@ -137,14 +138,14 @@ account_tg_print(const void *ip,
const struct xt_entry_target *target, const struct xt_entry_target *target,
int numeric) int numeric)
{ {
account_tg_print_it(ip, target, 0); account_tg_print_it(ip, target, false);
} }
/* Saves the union ipt_targinfo in parsable form to stdout. */ /* Saves the union ipt_targinfo in parsable form to stdout. */
static void static void
account_tg_save(const void *ip, const struct xt_entry_target *target) account_tg_save(const void *ip, const struct xt_entry_target *target)
{ {
account_tg_print_it(ip, target, 1); account_tg_print_it(ip, target, true);
} }
static struct xtables_target account_tg_reg = { static struct xtables_target account_tg_reg = {

44
extensions/ACCOUNT/xt_ACCOUNT.c
View File

@@ -56,7 +56,7 @@ struct ipt_acc_table {
char name[ACCOUNT_TABLE_NAME_LEN]; char name[ACCOUNT_TABLE_NAME_LEN];
__be32 ip; __be32 ip;
__be32 netmask; __be32 netmask;
unsigned char depth; uint8_t depth;
uint32_t refcount; uint32_t refcount;
uint32_t itemcount; uint32_t itemcount;
void *data; void *data;
@@ -71,7 +71,7 @@ struct ipt_acc_table {
*/ */
struct ipt_acc_handle { struct ipt_acc_handle {
uint32_t ip; uint32_t ip;
unsigned char depth; uint8_t depth;
uint32_t itemcount; uint32_t itemcount;
void *data; void *data;
}; };
@@ -127,7 +127,7 @@ static void *ipt_acc_zalloc_page(void)
} }
/* Recursive free of all data structures */ /* Recursive free of all data structures */
static void ipt_acc_data_free(void *data, unsigned char depth) static void ipt_acc_data_free(void *data, uint8_t depth)
{ {
/* Empty data set */ /* Empty data set */
if (!data) if (!data)
@@ -179,7 +179,7 @@ static void ipt_acc_data_free(void *data, unsigned char depth)
/* Look for existing table / insert new one. /* Look for existing table / insert new one.
Return internal ID or -1 on error */ Return internal ID or -1 on error */
static int ipt_acc_table_insert(char *name, __be32 ip, __be32 netmask) static int ipt_acc_table_insert(const char *name, __be32 ip, __be32 netmask)
{ {
unsigned int i; unsigned int i;
@@ -331,8 +331,10 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
__be32 src_ip, __be32 dst_ip, __be32 src_ip, __be32 dst_ip,
uint32_t size, uint32_t *itemcount) uint32_t size, uint32_t *itemcount)
{ {
unsigned char is_src = 0, is_dst = 0, src_slot, dst_slot; uint8_t src_slot, dst_slot;
char is_src_new_ip = 0, is_dst_new_ip = 0; /* Check if this entry is new */ bool is_src = false, is_dst = false;
/* Check if this entry is new */
bool is_src_new_ip = false, is_dst_new_ip = false;
pr_debug("ACCOUNT: ipt_acc_depth0_insert: %u.%u.%u.%u/%u.%u.%u.%u " pr_debug("ACCOUNT: ipt_acc_depth0_insert: %u.%u.%u.%u/%u.%u.%u.%u "
"for net %u.%u.%u.%u/%u.%u.%u.%u, size: %u\n", NIPQUAD(src_ip), "for net %u.%u.%u.%u/%u.%u.%u.%u, size: %u\n", NIPQUAD(src_ip),
@@ -340,12 +342,12 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
/* Check if src/dst is inside our network. */ /* Check if src/dst is inside our network. */
/* Special: net_ip = 0.0.0.0/0 gets stored as src in slot 0 */ /* Special: net_ip = 0.0.0.0/0 gets stored as src in slot 0 */
if (!netmask) if (netmask == 0)
src_ip = 0; src_ip = 0;
if ((net_ip & netmask) == (src_ip & netmask)) if ((net_ip & netmask) == (src_ip & netmask))
is_src = 1; is_src = true;
if ((net_ip & netmask) == (dst_ip & netmask) && netmask) if ((net_ip & netmask) == (dst_ip & netmask) && netmask != 0)
is_dst = 1; is_dst = true;
if (!is_src && !is_dst) { if (!is_src && !is_dst) {
pr_debug("ACCOUNT: Skipping packet %u.%u.%u.%u/%u.%u.%u.%u " pr_debug("ACCOUNT: Skipping packet %u.%u.%u.%u/%u.%u.%u.%u "
@@ -364,7 +366,7 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
pr_debug("ACCOUNT: Calculated SRC 8 bit network slot: %d\n", src_slot); pr_debug("ACCOUNT: Calculated SRC 8 bit network slot: %d\n", src_slot);
if (!mask_24->ip[src_slot].src_packets if (!mask_24->ip[src_slot].src_packets
&& !mask_24->ip[src_slot].dst_packets) && !mask_24->ip[src_slot].dst_packets)
is_src_new_ip = 1; is_src_new_ip = true;
mask_24->ip[src_slot].src_packets++; mask_24->ip[src_slot].src_packets++;
mask_24->ip[src_slot].src_bytes += size; mask_24->ip[src_slot].src_bytes += size;
@@ -373,7 +375,7 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
pr_debug("ACCOUNT: Calculated DST 8 bit network slot: %d\n", dst_slot); pr_debug("ACCOUNT: Calculated DST 8 bit network slot: %d\n", dst_slot);
if (!mask_24->ip[dst_slot].src_packets if (!mask_24->ip[dst_slot].src_packets
&& !mask_24->ip[dst_slot].dst_packets) && !mask_24->ip[dst_slot].dst_packets)
is_dst_new_ip = 1; is_dst_new_ip = true;
mask_24->ip[dst_slot].dst_packets++; mask_24->ip[dst_slot].dst_packets++;
mask_24->ip[dst_slot].dst_bytes += size; mask_24->ip[dst_slot].dst_bytes += size;
@@ -385,16 +387,16 @@ static void ipt_acc_depth0_insert(struct ipt_acc_mask_24 *mask_24,
if (is_src_new_ip || is_dst_new_ip) { if (is_src_new_ip || is_dst_new_ip) {
pr_debug("ACCOUNT: src_slot == dst_slot: %d, %d\n", pr_debug("ACCOUNT: src_slot == dst_slot: %d, %d\n",
is_src_new_ip, is_dst_new_ip); is_src_new_ip, is_dst_new_ip);
(*itemcount)++; ++*itemcount;
} }
} else { } else {
if (is_src_new_ip) { if (is_src_new_ip) {
pr_debug("ACCOUNT: New src_ip: %u.%u.%u.%u\n", NIPQUAD(src_ip)); pr_debug("ACCOUNT: New src_ip: %u.%u.%u.%u\n", NIPQUAD(src_ip));
(*itemcount)++; ++*itemcount;
} }
if (is_dst_new_ip) { if (is_dst_new_ip) {
pr_debug("ACCOUNT: New dst_ip: %u.%u.%u.%u\n", NIPQUAD(dst_ip)); pr_debug("ACCOUNT: New dst_ip: %u.%u.%u.%u\n", NIPQUAD(dst_ip));
(*itemcount)++; ++*itemcount;
} }
} }
pr_debug("ACCOUNT: Itemcounter after: %d\n", *itemcount); pr_debug("ACCOUNT: Itemcounter after: %d\n", *itemcount);
@@ -407,7 +409,7 @@ static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16,
{ {
/* Do we need to process src IP? */ /* Do we need to process src IP? */
if ((net_ip & netmask) == (src_ip & netmask)) { if ((net_ip & netmask) == (src_ip & netmask)) {
unsigned char slot = (ntohl(src_ip) & 0xFF00) >> 8; uint8_t slot = (ntohl(src_ip) & 0xFF00) >> 8;
pr_debug("ACCOUNT: Calculated SRC 16 bit network slot: %d\n", slot); pr_debug("ACCOUNT: Calculated SRC 16 bit network slot: %d\n", slot);
/* Do we need to create a new mask_24 bucket? */ /* Do we need to create a new mask_24 bucket? */
@@ -423,7 +425,7 @@ static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16,
/* Do we need to process dst IP? */ /* Do we need to process dst IP? */
if ((net_ip & netmask) == (dst_ip & netmask)) { if ((net_ip & netmask) == (dst_ip & netmask)) {
unsigned char slot = (ntohl(dst_ip) & 0xFF00) >> 8; uint8_t slot = (ntohl(dst_ip) & 0xFF00) >> 8;
pr_debug("ACCOUNT: Calculated DST 16 bit network slot: %d\n", slot); pr_debug("ACCOUNT: Calculated DST 16 bit network slot: %d\n", slot);
/* Do we need to create a new mask_24 bucket? */ /* Do we need to create a new mask_24 bucket? */
@@ -445,7 +447,7 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
{ {
/* Do we need to process src IP? */ /* Do we need to process src IP? */
if ((net_ip & netmask) == (src_ip & netmask)) { if ((net_ip & netmask) == (src_ip & netmask)) {
unsigned char slot = (ntohl(src_ip) & 0xFF0000) >> 16; uint8_t slot = (ntohl(src_ip) & 0xFF0000) >> 16;
pr_debug("ACCOUNT: Calculated SRC 24 bit network slot: %d\n", slot); pr_debug("ACCOUNT: Calculated SRC 24 bit network slot: %d\n", slot);
/* Do we need to create a new mask_24 bucket? */ /* Do we need to create a new mask_24 bucket? */
@@ -461,7 +463,7 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
/* Do we need to process dst IP? */ /* Do we need to process dst IP? */
if ((net_ip & netmask) == (dst_ip & netmask)) { if ((net_ip & netmask) == (dst_ip & netmask)) {
unsigned char slot = (ntohl(dst_ip) & 0xFF0000) >> 16; uint8_t slot = (ntohl(dst_ip) & 0xFF0000) >> 16;
pr_debug("ACCOUNT: Calculated DST 24 bit network slot: %d\n", slot); pr_debug("ACCOUNT: Calculated DST 24 bit network slot: %d\n", slot);
/* Do we need to create a new mask_24 bucket? */ /* Do we need to create a new mask_24 bucket? */
@@ -594,7 +596,7 @@ static int ipt_acc_handle_prepare_read(char *tablename,
struct ipt_acc_handle *dest, uint32_t *count) struct ipt_acc_handle *dest, uint32_t *count)
{ {
int table_nr = -1; int table_nr = -1;
unsigned char depth; uint8_t depth;
for (table_nr = 0; table_nr < ACCOUNT_MAX_TABLES; table_nr++) for (table_nr = 0; table_nr < ACCOUNT_MAX_TABLES; table_nr++)
if (strncmp(ipt_acc_tables[table_nr].name, tablename, if (strncmp(ipt_acc_tables[table_nr].name, tablename,
@@ -775,7 +777,7 @@ static int ipt_acc_handle_get_data(uint32_t handle, void *to_user)
{ {
unsigned long to_user_pos = 0, tmpbuf_pos = 0; unsigned long to_user_pos = 0, tmpbuf_pos = 0;
uint32_t net_ip; uint32_t net_ip;
unsigned char depth; uint8_t depth;
if (handle >= ACCOUNT_MAX_HANDLES) { if (handle >= ACCOUNT_MAX_HANDLES) {
printk("ACCOUNT: invalid handle for ipt_acc_handle_get_data() " printk("ACCOUNT: invalid handle for ipt_acc_handle_get_data() "