mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-06 04:35:12 +02:00
1324442bce
The Smoothwall Express traffic stats collector (traffiClogger) does
not handle counter rollovers well and does not perform read&flush.
(Yes, the code is somewhat aged.) To change it to perform read&flush
is non-trivial. Then, it occurred to me that it might be easier to
change ipt_ACCOUNT in xtables-addons to use 64-bit counters,
considering it was designed around single kernel pages.
The following submission counts to at least 100 GB, produces no
obvious kernel gripes, and adjacent counters do not seem to interfere
with each other. Yes, it uses more memory, but RAM costs much less
than bugs that grown out of complex software.
The theory:
- Use two kernel pages for the counters for each group of 256
addresses.
- Change counters to 64-bit.
- Change to __get_free_pages/free_pages, using order=2
(two consecutive pages), and zero both pages.
- Change "%u" to "%llu" as needed.
- Everything else pretty much stays the same.
I also changed tmpbuf to two pages (Justin Case's idea), but I
do not know if that's really necessary.
Xtables-addons ============== Xtables-addons is the proclaimed successor to patch-o-matic(-ng). It contains extensions that were not accepted in the main Xtables package. Xtables-addons is different from patch-o-matic in that you do not have to patch or recompile either kernel or Xtables(iptables). But please see the INSTALL file for the minimum requirements of this package. All code imported from patch-o-matic has been reviewed and all apparent bugs like binary stability across multiarches, missing sanity checks and incorrect endianess handling have been fixed, simplified, and sped up. Included in this package ======================== - xt_ACCOUNT 1.16, libxt_ACCOUNT 1.3 Inclusion into a kernel tree ============================ External extensions =================== The program "xa-download-more" can be used to download more extensions from 3rd parties into the source tree. The URLs are listed in the "sources" file. If the "sources" file contains an entry like http://foobar.org/xa/ xa-download-more will inspect http://foobar.org/xa/xa-index.txt for files to download. That file may contain foobar.tar.bz2 and xa-download-more will then retrieve and unpack http://foobar.org/xa/foobar.tar.bz2. Files that should be contained in the tarball are an mconfig and Kbuild files to control building the extension, libxt_foobar.c for the userspace extension and xt_foobar.c for the kernel extension. mconfig.foobar extensions/Kbuild.foobar extensions/Mbuild.foobar extensions/libxt_foobar.c extensions/libxt_foobar.man extensions/xt_foobar.c extensions/xt_foobar.h