diff -urN ulogd-2.0.0beta3.orig/doc/mysql-ulogd2-flat.sql ulogd-2.0.0beta3/doc/mysql-ulogd2-flat.sql
--- ulogd-2.0.0beta3.orig/doc/mysql-ulogd2-flat.sql 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/doc/mysql-ulogd2-flat.sql 2009-09-17 21:35:22.000000000 +0200
@@ -107,19 +107,19 @@
DROP VIEW IF EXISTS `view_tcp`;
CREATE SQL SECURITY INVOKER VIEW `view_tcp` AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 6;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 6;
DROP VIEW IF EXISTS `view_udp`;
CREATE SQL SECURITY INVOKER VIEW `view_udp` AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 17;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 17;
DROP VIEW IF EXISTS `view_icmp`;
CREATE SQL SECURITY INVOKER VIEW `view_icmp` AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 1;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 1;
DROP VIEW IF EXISTS `view_icmpv6`;
CREATE SQL SECURITY INVOKER VIEW `view_icmpv6` AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 58;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 58;
-- ulog view
DROP VIEW IF EXISTS `ulog`;
@@ -222,11 +222,11 @@
DROP VIEW IF EXISTS `view_tcp_quad`;
CREATE SQL SECURITY INVOKER VIEW `view_tcp_quad` AS
- SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,tcp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.oob_family = 6;
+ SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,tcp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.ip_protocol = 6;
DROP VIEW IF EXISTS `view_udp_quad`;
CREATE SQL SECURITY INVOKER VIEW `view_udp_quad` AS
- SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,udp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.oob_family = 17;
+ SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,udp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.ip_protocol = 17;
diff -urN ulogd-2.0.0beta3.orig/doc/pgsql-ulogd2-flat.sql ulogd-2.0.0beta3/doc/pgsql-ulogd2-flat.sql
--- ulogd-2.0.0beta3.orig/doc/pgsql-ulogd2-flat.sql 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/doc/pgsql-ulogd2-flat.sql 2009-09-17 21:35:22.000000000 +0200
@@ -108,16 +108,16 @@
--
CREATE OR REPLACE VIEW view_tcp AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 6;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 6;
CREATE OR REPLACE VIEW view_udp AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 17;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 17;
CREATE OR REPLACE VIEW view_icmp AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 1;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 1;
CREATE OR REPLACE VIEW view_icmpv6 AS
- SELECT * FROM ulog2 WHERE ulog2.oob_family = 58;
+ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 58;
-- complete view
CREATE OR REPLACE VIEW ulog AS
@@ -179,10 +179,10 @@
-- shortcuts
CREATE OR REPLACE VIEW view_tcp_quad AS
- SELECT _id,ip_saddr_str,tcp_sport,ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.oob_family = 6;
+ SELECT _id,ip_saddr_str,tcp_sport,ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.ip_protocol = 6;
CREATE OR REPLACE VIEW view_udp_quad AS
- SELECT _id,ip_saddr_str,udp_sport,ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.oob_family = 17;
+ SELECT _id,ip_saddr_str,udp_sport,ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.ip_protocol = 17;
--
-- conntrack
diff -urN ulogd-2.0.0beta3.orig/doc/ulogd.sgml ulogd-2.0.0beta3/doc/ulogd.sgml
--- ulogd-2.0.0beta3.orig/doc/ulogd.sgml 2008-09-12 00:06:46.000000000 +0200
+++ ulogd-2.0.0beta3/doc/ulogd.sgml 2009-09-17 21:35:22.000000000 +0200
@@ -6,7 +6,7 @@
ULOGD 2.x - the Netfilter Userspace Logging Daemon
Harald Welte <laforge@netfilter.org>, Eric Leblond <eric@inl.fr>
-Revision 2008/09/03
+Revision 2009/04/18
This is the documentation for ulogd-2.x, the second generation
@@ -464,6 +464,14 @@
procedure
Stored procedure that will be run with the argument specified in the
table variable.
+Behaviour of the procedure option can be twitted by using specific name.
+If procedure name is:
+
+- "INSERT": A classic INSERT SQL query is done in the table pointed by the
+ "table" variable.
+- start with "INSERT ": Configuration has to specify the start of the INSERT query that will be used. For example,
+a typical value is "INSERT INTO ulog2".
+
db
Name of the mysql database.
host
diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_HWHDR.c ulogd-2.0.0beta3/filter/ulogd_filter_HWHDR.c
--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_HWHDR.c 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/filter/ulogd_filter_HWHDR.c 2009-09-17 21:35:22.000000000 +0200
@@ -31,6 +31,8 @@
#include
#include
+#define HWADDR_LENGTH 128
+
enum input_keys {
KEY_RAW_TYPE,
KEY_OOB_PROTOCOL,
@@ -44,8 +46,10 @@
KEY_MAC_TYPE,
KEY_MAC_PROTOCOL,
KEY_MAC_SADDR,
+ START_KEY = KEY_MAC_SADDR,
KEY_MAC_DADDR,
KEY_MAC_ADDR,
+ MAX_KEY = KEY_MAC_ADDR,
};
static struct ulogd_key mac2str_inp[] = {
@@ -94,42 +98,38 @@
},
[KEY_MAC_SADDR] = {
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "mac.saddr.str",
},
[KEY_MAC_DADDR] = {
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "mac.daddr.str",
},
[KEY_MAC_ADDR] = {
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "mac.str",
},
};
+static char hwmac_str[MAX_KEY - START_KEY][HWADDR_LENGTH];
+
static int parse_mac2str(struct ulogd_key *ret, unsigned char *mac,
int okey, int len)
{
- char *mac_str;
char *buf_cur;
int i;
- if (len > 0)
- mac_str = calloc(len/sizeof(char)*3 + 1, sizeof(char));
- else
- mac_str = strdup("");
-
- if (mac_str == NULL)
+ if (len/sizeof(char)*3 + 1 > HWADDR_LENGTH)
return ULOGD_IRET_ERR;
- buf_cur = mac_str;
+ if (len == 0)
+ hwmac_str[okey - START_KEY][0] = 0;
+
+ buf_cur = hwmac_str[okey - START_KEY];
for (i = 0; i < len; i++)
buf_cur += sprintf(buf_cur, "%02x%c", mac[i],
i == len - 1 ? 0 : ':');
- okey_set_ptr(&ret[okey], mac_str);
+ okey_set_ptr(&ret[okey], hwmac_str[okey - START_KEY]);
return ULOGD_IRET_OK;
}
diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IFINDEX.c ulogd-2.0.0beta3/filter/ulogd_filter_IFINDEX.c
--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IFINDEX.c 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/filter/ulogd_filter_IFINDEX.c 2009-09-17 21:35:22.000000000 +0200
@@ -30,12 +30,14 @@
static struct ulogd_key ifindex_keys[] = {
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_NONE | ULOGD_RETF_FREE,
+ .len = IFNAMSIZ,
+ .flags = ULOGD_RETF_NONE,
.name = "oob.in",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_NONE | ULOGD_RETF_FREE,
+ .len = IFNAMSIZ,
+ .flags = ULOGD_RETF_NONE,
.name = "oob.out",
},
};
@@ -62,25 +64,18 @@
{
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
- void *ptr;
+ static char indev[IFNAMSIZ];
+ static char outdev[IFNAMSIZ];
- ptr = calloc(IFNAMSIZ, sizeof(char));
- if (!ptr)
- return ULOGD_IRET_ERR;
-
- nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), ptr);
- if (((char *)ptr)[0] == '*')
- ((char *)(ptr))[0] = 0;
- okey_set_ptr(&ret[0], ptr);
-
- ptr = calloc(IFNAMSIZ, sizeof(char));
- if (!ptr)
- return ULOGD_IRET_ERR;
-
- nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), ptr);
- if (((char *)ptr)[0] == '*')
- ((char *)(ptr))[0] = 0;
- okey_set_ptr(&ret[1], ptr);
+ nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), indev);
+ if (indev[0] == '*')
+ indev[0] = 0;
+ okey_set_ptr(&ret[0], indev);
+
+ nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), outdev);
+ if (outdev[0] == '*')
+ outdev[0] = 0;
+ okey_set_ptr(&ret[1], outdev);
return ULOGD_IRET_OK;
}
diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2BIN.c ulogd-2.0.0beta3/filter/ulogd_filter_IP2BIN.c
--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2BIN.c 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/filter/ulogd_filter_IP2BIN.c 2009-09-17 21:35:22.000000000 +0200
@@ -27,11 +27,13 @@
#include
#include
#include
+#include
#define IPADDR_LENGTH 128
enum input_keys {
KEY_OOB_FAMILY,
+ KEY_OOB_PROTOCOL,
KEY_IP_SADDR,
START_KEY = KEY_IP_SADDR,
KEY_IP_DADDR,
@@ -83,37 +85,33 @@
static struct ulogd_key ip2bin_keys[] = {
{
.type = ULOGD_RET_RAWSTR,
- .flags = ULOGD_RETF_FREE,
.name = "ip.saddr.bin",
},
{
.type = ULOGD_RET_RAWSTR,
- .flags = ULOGD_RETF_FREE,
.name = "ip.daddr.bin",
},
{
.type = ULOGD_RET_RAWSTR,
- .flags = ULOGD_RETF_FREE,
.name = "orig.ip.saddr.bin",
},
{
.type = ULOGD_RET_RAWSTR,
- .flags = ULOGD_RETF_FREE,
.name = "orig.ip.daddr.bin",
},
{
.type = ULOGD_RET_RAWSTR,
- .flags = ULOGD_RETF_FREE,
.name = "reply.ip.saddr.bin",
},
{
.type = ULOGD_RET_RAWSTR,
- .flags = ULOGD_RETF_FREE,
.name = "reply.ip.daddr.bin",
},
};
+static char ipbin_array[MAX_KEY-START_KEY][IPADDR_LENGTH];
+
/**
* Convert IPv4 address (as 32-bit unsigned integer) to IPv6 address:
* add 96 bits prefix "::ffff:" to get IPv6 address "::ffff:a.b.c.d".
@@ -126,16 +124,40 @@
ipv6->s6_addr32[3] = ipv4;
}
-static char *ip2bin(struct ulogd_key* inp, int index, char family)
+static int ip2bin(struct ulogd_key* inp, int index, int oindex)
{
- char tmp[IPADDR_LENGTH];
+ char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
+ char convfamily = family;
unsigned char *addr8;
struct in6_addr *addr;
struct in6_addr ip4_addr;
char *buffer;
int i, written;
- switch (family) {
+ if (family == AF_BRIDGE) {
+ if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
+ ulogd_log(ULOGD_NOTICE,
+ "No protocol inside AF_BRIDGE packet\n");
+ return ULOGD_IRET_ERR;
+ }
+ switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
+ case ETH_P_IPV6:
+ convfamily = AF_INET6;
+ break;
+ case ETH_P_IP:
+ convfamily = AF_INET;
+ break;
+ case ETH_P_ARP:
+ convfamily = AF_INET;
+ break;
+ default:
+ ulogd_log(ULOGD_NOTICE,
+ "Unknown protocol inside AF_BRIDGE packet\n");
+ return ULOGD_IRET_ERR;
+ }
+ }
+
+ switch (convfamily) {
case AF_INET6:
addr = (struct in6_addr *)ikey_get_u128(&inp[index]);
break;
@@ -147,10 +169,10 @@
default:
/* TODO handle error */
ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n");
- return NULL;
+ return ULOGD_IRET_ERR;
}
- buffer = tmp;
+ buffer = ipbin_array[oindex];
/* format IPv6 to BINARY(16) as "0x..." */
buffer[0] = '0';
buffer[1] = 'x';
@@ -161,14 +183,14 @@
addr8[0], addr8[1], addr8[2], addr8[3]);
if (written != 2 * 4) {
buffer[0] = 0;
- return NULL;
+ return ULOGD_IRET_ERR;
}
buffer += written;
addr8 += 4;
}
buffer[0] = 0;
- return strdup(tmp);
+ return ULOGD_IRET_OK;
}
static int interp_ip2bin(struct ulogd_pluginstance *pi)
@@ -176,12 +198,16 @@
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
int i;
- int oob_family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
+ int fret;
/* Iter on all addr fields */
for(i = START_KEY; i < MAX_KEY; i++) {
if (pp_is_valid(inp, i)) {
- okey_set_ptr(&ret[i-1], ip2bin(inp, i, oob_family));
+ fret = ip2bin(inp, i, i-START_KEY);
+ if (fret != ULOGD_IRET_OK)
+ return fret;
+ okey_set_ptr(&ret[i-START_KEY],
+ ipbin_array[i-START_KEY]);
}
}
diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2STR.c ulogd-2.0.0beta3/filter/ulogd_filter_IP2STR.c
--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2STR.c 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/filter/ulogd_filter_IP2STR.c 2009-09-17 21:35:22.000000000 +0200
@@ -102,49 +102,42 @@
static struct ulogd_key ip2str_keys[] = {
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "ip.saddr.str",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "ip.daddr.str",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "orig.ip.saddr.str",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "orig.ip.daddr.str",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "reply.ip.saddr.str",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "reply.ip.daddr.str",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "arp.saddr.str",
},
{
.type = ULOGD_RET_STRING,
- .flags = ULOGD_RETF_FREE,
.name = "arp.daddr.str",
},
};
-static char *ip2str(struct ulogd_key *inp, int index)
+static char ipstr_array[MAX_KEY-START_KEY][IPADDR_LENGTH];
+
+static int ip2str(struct ulogd_key *inp, int index, int oindex)
{
- char tmp[IPADDR_LENGTH];
char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
char convfamily = family;
@@ -152,7 +145,7 @@
if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
ulogd_log(ULOGD_NOTICE,
"No protocol inside AF_BRIDGE packet\n");
- return NULL;
+ return ULOGD_IRET_ERR;
}
switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
case ETH_P_IPV6:
@@ -167,7 +160,7 @@
default:
ulogd_log(ULOGD_NOTICE,
"Unknown protocol inside AF_BRIDGE packet\n");
- return NULL;
+ return ULOGD_IRET_ERR;
}
}
@@ -176,18 +169,19 @@
case AF_INET6:
inet_ntop(AF_INET6,
ikey_get_u128(&inp[index]),
- tmp, sizeof(tmp));
+ ipstr_array[oindex], sizeof(ipstr_array[oindex]));
break;
case AF_INET:
ip = ikey_get_u32(&inp[index]);
- inet_ntop(AF_INET, &ip, tmp, sizeof(tmp));
+ inet_ntop(AF_INET, &ip,
+ ipstr_array[oindex], sizeof(ipstr_array[oindex]));
break;
default:
/* TODO error handling */
ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n");
- return NULL;
+ return ULOGD_IRET_ERR;
}
- return strdup(tmp);
+ return ULOGD_IRET_OK;
}
static int interp_ip2str(struct ulogd_pluginstance *pi)
@@ -195,11 +189,16 @@
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
int i;
+ int fret;
/* Iter on all addr fields */
for (i = START_KEY; i <= MAX_KEY; i++) {
if (pp_is_valid(inp, i)) {
- okey_set_ptr(&ret[i-START_KEY], ip2str(inp, i));
+ fret = ip2str(inp, i, i-START_KEY);
+ if (fret != ULOGD_IRET_OK)
+ return fret;
+ okey_set_ptr(&ret[i-START_KEY],
+ ipstr_array[i-START_KEY]);
}
}
diff -urN ulogd-2.0.0beta3.orig/include/ulogd/ulogd.h ulogd-2.0.0beta3/include/ulogd/ulogd.h
--- ulogd-2.0.0beta3.orig/include/ulogd/ulogd.h 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/include/ulogd/ulogd.h 2009-09-17 21:35:22.000000000 +0200
@@ -19,6 +19,7 @@
#include /* need this because of extension-sighandler */
#include
#include
+#include
#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
diff -urN ulogd-2.0.0beta3.orig/input/flow/ulogd_inpflow_NFCT.c ulogd-2.0.0beta3/input/flow/ulogd_inpflow_NFCT.c
--- ulogd-2.0.0beta3.orig/input/flow/ulogd_inpflow_NFCT.c 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/input/flow/ulogd_inpflow_NFCT.c 2009-09-17 21:35:22.000000000 +0200
@@ -114,6 +114,12 @@
.options = CONFIG_OPT_NONE,
.u.value = 0,
},
+ {
+ .key = "netlink_resync_timeout",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u.value = 60,
+ },
},
};
#define pollint_ce(x) (x->ces[0])
@@ -123,6 +129,7 @@
#define eventmask_ce(x) (x->ces[4])
#define nlsockbufsize_ce(x) (x->ces[5])
#define nlsockbufmaxsize_ce(x) (x->ces[6])
+#define nlresynctimeout_ce(x) (x->ces[7])
enum nfct_keys {
NFCT_ORIG_IP_SADDR = 0,
@@ -596,6 +603,9 @@
switch(type) {
case NFCT_T_NEW:
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL);
return NFCT_CB_STOLEN;
case NFCT_T_UPDATE:
@@ -604,6 +614,9 @@
nfct_copy(ts->ct, ct, NFCT_CP_META);
else {
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL);
return NFCT_CB_STOLEN;
}
@@ -637,12 +650,18 @@
{
struct nfct_pluginstance *cpi =
(struct nfct_pluginstance *)upi->private;
+ static int warned = 0;
if (size < nlsockbufmaxsize_ce(upi->config_kset).u.value) {
cpi->nlbufsiz = nfnl_rcvbufsiz(nfct_nfnlh(cpi->cth), size);
return 1;
}
+ /* we have already warned the user, do not keep spamming */
+ if (warned)
+ return 0;
+
+ warned = 1;
ulogd_log(ULOGD_NOTICE, "Maximum buffer size (%d) in NFCT has been "
"reached. Please, consider rising "
"`netlink_socket_buffer_size` and "
@@ -657,14 +676,13 @@
struct ulogd_pluginstance *upi = container_of(param,
struct ulogd_pluginstance,
private);
+ static int warned = 0;
if (!(what & ULOGD_FD_READ))
return 0;
if (nfct_catch(cpi->cth) == -1) {
if (errno == ENOBUFS) {
- int family = AF_UNSPEC;
-
if (nlsockbufmaxsize_ce(upi->config_kset).u.value) {
int s = cpi->nlbufsiz * 2;
if (setnlbufsiz(upi, s)) {
@@ -673,7 +691,8 @@
"increasing buffer size "
"to %d\n", cpi->nlbufsiz);
}
- } else {
+ } else if (!warned) {
+ warned = 1;
ulogd_log(ULOGD_NOTICE,
"We are losing events. Please, "
"consider using the clauses "
@@ -683,9 +702,14 @@
/* internal hash can deal with refresh */
if (usehash_ce(upi->config_kset).u.value != 0) {
- nfct_send(cpi->ovh, NFCT_Q_DUMP, &family);
- /* TODO: configurable retry timer */
- ulogd_add_timer(&cpi->ov_timer, 2);
+ /* schedule a resynchronization in N
+ * seconds, this parameter is configurable
+ * via config. Note that we don't re-schedule
+ * a resync if it's already in progress. */
+ if (!ulogd_timer_pending(&cpi->ov_timer)) {
+ ulogd_add_timer(&cpi->ov_timer,
+ nlresynctimeout_ce(upi->config_kset).u.value);
+ }
}
}
}
@@ -734,6 +758,9 @@
/* if it does not exist, add it */
if (!hashtable_get(cpi->ct_active, &tmp)) {
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL); /* do our best here */
return NFCT_CB_STOLEN;
}
@@ -755,11 +782,10 @@
if (nfct_catch(cpi->ovh) == -1) {
/* enobufs in the overrun buffer? very rare */
if (errno == ENOBUFS) {
- int family = AF_UNSPEC;
-
- nfct_send(cpi->ovh, NFCT_Q_DUMP, &family);
- /* TODO: configurable retry timer */
- ulogd_add_timer(&cpi->ov_timer, 2);
+ if (!ulogd_timer_pending(&cpi->ov_timer)) {
+ ulogd_add_timer(&cpi->ov_timer,
+ nlresynctimeout_ce(upi->config_kset).u.value);
+ }
}
}
@@ -815,8 +841,6 @@
(struct nfct_pluginstance *)upi->private;
nfct_send(cpi->ovh, NFCT_Q_DUMP, &family);
- /* TODO: configurable retry timer */
- ulogd_add_timer(&cpi->ov_timer, 2);
}
static int constructor_nfct(struct ulogd_pluginstance *upi)
diff -urN ulogd-2.0.0beta3.orig/output/ulogd_output_IPFIX.c ulogd-2.0.0beta3/output/ulogd_output_IPFIX.c
--- ulogd-2.0.0beta3.orig/output/ulogd_output_IPFIX.c 2008-09-12 00:06:47.000000000 +0200
+++ ulogd-2.0.0beta3/output/ulogd_output_IPFIX.c 2009-09-17 21:35:22.000000000 +0200
@@ -93,6 +93,7 @@
return NULL;
bm->size_bits = num_bits;
+ bm->buf = (void *)bm + sizeof(*bm);
bitmask_clear(bm);
@@ -240,7 +241,7 @@
tmpl->total_length = 0;
- for (i = 0; i < upi->input.num_keys; i++) {
+ for (i = 0, j = 0; i < upi->input.num_keys; i++) {
struct ulogd_key *key = &upi->input.keys[i];
int length = ulogd_key_size(key);
@@ -332,8 +333,7 @@
ulogd_log(ULOGD_ERROR, "can't build new template!\n");
return ULOGD_IRET_ERR;
}
- /* FIXME: prepend? */
- list_add(&ii->template_list, &template->list);
+ llist_add(&template->list, &ii->template_list);
}
total_size = template->total_length;
@@ -435,18 +435,14 @@
if (!ii->valid_bitmask)
return -ENOMEM;
+ INIT_LLIST_HEAD(&ii->template_list);
+
ret = open_connect_socket(pi);
if (ret < 0)
goto out_bm_free;
- ret = build_template(pi);
- if (ret < 0)
- goto out_sock_close;
-
return 0;
-out_sock_close:
- close(ii->fd);
out_bm_free:
bitmask_free(ii->valid_bitmask);
ii->valid_bitmask = NULL;
diff -urN ulogd-2.0.0beta3.orig/src/ulogd.c ulogd-2.0.0beta3/src/ulogd.c
--- ulogd-2.0.0beta3.orig/src/ulogd.c 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/src/ulogd.c 2009-09-17 21:35:22.000000000 +0200
@@ -640,14 +640,8 @@
int i = 0;
struct ulogd_pluginstance *pi_cur;
- /* PASS 2: */
- ulogd_log(ULOGD_DEBUG, "connecting input/output keys of stack:\n");
+ /* pre-configuration pass */
llist_for_each_entry_reverse(pi_cur, &stack->list, list) {
- struct ulogd_pluginstance *pi_prev =
- llist_entry(pi_cur->list.prev,
- struct ulogd_pluginstance,
- list);
- i++;
ulogd_log(ULOGD_DEBUG, "traversing plugin `%s'\n",
pi_cur->plugin->name);
/* call plugin to tell us which keys it requires in
@@ -662,6 +656,18 @@
return ret;
}
}
+ }
+
+ /* PASS 2: */
+ ulogd_log(ULOGD_DEBUG, "connecting input/output keys of stack:\n");
+ llist_for_each_entry_reverse(pi_cur, &stack->list, list) {
+ struct ulogd_pluginstance *pi_prev =
+ llist_entry(pi_cur->list.prev,
+ struct ulogd_pluginstance,
+ list);
+ i++;
+ ulogd_log(ULOGD_DEBUG, "traversing plugin `%s'\n",
+ pi_cur->plugin->name);
if (i == 1) {
/* first round: output plugin */
diff -urN ulogd-2.0.0beta3.orig/ulogd.conf.in ulogd-2.0.0beta3/ulogd.conf.in
--- ulogd-2.0.0beta3.orig/ulogd.conf.in 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/ulogd.conf.in 2009-09-17 21:35:22.000000000 +0200
@@ -91,6 +91,7 @@
[ct1]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
+#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
[ct2]
#netlink_socket_buffer_size=217088
@@ -106,8 +107,8 @@
#netlink_socket_buffer_maxsize=1085440
# set number of packet to queue inside kernel
#netlink_qthreshold=1
-# set the delay before flushing packet in the queue inside kernel (in ms)
-#netlink_qtimeout=1000
+# set the delay before flushing packet in the queue inside kernel (in 10ms)
+#netlink_qtimeout=100
# packet logging through NFLOG for group 1
[log2]
diff -urN ulogd-2.0.0beta3.orig/util/chtons.h ulogd-2.0.0beta3/util/chtons.h
--- ulogd-2.0.0beta3.orig/util/chtons.h 1970-01-01 01:00:00.000000000 +0100
+++ ulogd-2.0.0beta3/util/chtons.h 2009-09-17 21:35:22.000000000 +0200
@@ -0,0 +1,32 @@
+#ifndef _CHTONS_H_
+#define _CHTONS_H_
+
+#include
+
+#if __BYTE_ORDER == __BIG_ENDIAN
+# define BITNR(X) ((X)^31)
+# if !defined(__constant_htonl)
+# define __constant_htonl(x) (x)
+# endif
+# if !defined(__constant_htons)
+# define __constant_htons(x) (x)
+# endif
+#elif __BYTE_ORDER == __LITTLE_ENDIAN
+# define BITNR(X) ((X)^7)
+# if !defined(__constant_htonl)
+# define __constant_htonl(x) \
+ ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \
+ (((unsigned long int)(x) & 0x0000ff00U) << 8) | \
+ (((unsigned long int)(x) & 0x00ff0000U) >> 8) | \
+ (((unsigned long int)(x) & 0xff000000U) >> 24)))
+# endif
+# if !defined(__constant_htons)
+# define __constant_htons(x) \
+ ((unsigned short int)((((unsigned short int)(x) & 0x00ff) << 8) | \
+ (((unsigned short int)(x) & 0xff00) >> 8)))
+# endif
+#else
+# error "Don't know if bytes are big- or little-endian!"
+#endif
+
+#endif
diff -urN ulogd-2.0.0beta3.orig/util/db.c ulogd-2.0.0beta3/util/db.c
--- ulogd-2.0.0beta3.orig/util/db.c 2009-03-06 18:54:04.000000000 +0100
+++ ulogd-2.0.0beta3/util/db.c 2009-09-17 21:35:22.000000000 +0200
@@ -91,14 +91,22 @@
return -ENOMEM;
}
- if (strcasecmp(procedure,"INSERT") == 0) {
+ if (strncasecmp(procedure,"INSERT", strlen("INSERT")) == 0 &&
+ (procedure[strlen("INSERT")] == '\0' ||
+ procedure[strlen("INSERT")] == ' ')) {
char buf[ULOGD_MAX_KEYLEN];
char *underscore;
- if (mi->schema)
- sprintf(mi->stmt, "insert into %s.%s (", mi->schema, table);
+ if(procedure[6] == '\0') {
+ /* procedure == "INSERT" */
+ if (mi->schema)
+ sprintf(mi->stmt, "insert into %s.%s (", mi->schema, table);
+ else
+ sprintf(mi->stmt, "insert into %s (", table);
+ }
else
- sprintf(mi->stmt, "insert into %s (", table);
+ sprintf(mi->stmt, "%s (", procedure);
+
mi->stmt_val = mi->stmt + strlen(mi->stmt);
for (i = 0; i < upi->input.num_keys; i++) {
@@ -193,6 +201,13 @@
free(upi->input.keys);
upi->input.keys = NULL;
}
+
+ /* try to free the buffer for insert statement */
+ if (di->stmt) {
+ free(di->stmt);
+ di->stmt = NULL;
+ }
+
return 0;
}