]>
Commit | Line | Data |
---|---|---|
c791e0c0 | 1 | diff -urN ulogd-2.0.0beta3.orig/doc/mysql-ulogd2-flat.sql ulogd-2.0.0beta3/doc/mysql-ulogd2-flat.sql |
2 | --- ulogd-2.0.0beta3.orig/doc/mysql-ulogd2-flat.sql 2009-03-06 18:54:04.000000000 +0100 | |
3 | +++ ulogd-2.0.0beta3/doc/mysql-ulogd2-flat.sql 2009-09-17 21:35:22.000000000 +0200 | |
4 | @@ -107,19 +107,19 @@ | |
5 | ||
6 | DROP VIEW IF EXISTS `view_tcp`; | |
7 | CREATE SQL SECURITY INVOKER VIEW `view_tcp` AS | |
8 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 6; | |
9 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 6; | |
10 | ||
11 | DROP VIEW IF EXISTS `view_udp`; | |
12 | CREATE SQL SECURITY INVOKER VIEW `view_udp` AS | |
13 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 17; | |
14 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 17; | |
15 | ||
16 | DROP VIEW IF EXISTS `view_icmp`; | |
17 | CREATE SQL SECURITY INVOKER VIEW `view_icmp` AS | |
18 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 1; | |
19 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 1; | |
20 | ||
21 | DROP VIEW IF EXISTS `view_icmpv6`; | |
22 | CREATE SQL SECURITY INVOKER VIEW `view_icmpv6` AS | |
23 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 58; | |
24 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 58; | |
25 | ||
26 | -- ulog view | |
27 | DROP VIEW IF EXISTS `ulog`; | |
28 | @@ -222,11 +222,11 @@ | |
29 | ||
30 | DROP VIEW IF EXISTS `view_tcp_quad`; | |
31 | CREATE SQL SECURITY INVOKER VIEW `view_tcp_quad` AS | |
32 | - SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,tcp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.oob_family = 6; | |
33 | + SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,tcp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.ip_protocol = 6; | |
34 | ||
35 | DROP VIEW IF EXISTS `view_udp_quad`; | |
36 | CREATE SQL SECURITY INVOKER VIEW `view_udp_quad` AS | |
37 | - SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,udp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.oob_family = 17; | |
38 | + SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,udp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.ip_protocol = 17; | |
39 | ||
40 | ||
41 | ||
42 | diff -urN ulogd-2.0.0beta3.orig/doc/pgsql-ulogd2-flat.sql ulogd-2.0.0beta3/doc/pgsql-ulogd2-flat.sql | |
43 | --- ulogd-2.0.0beta3.orig/doc/pgsql-ulogd2-flat.sql 2009-03-06 18:54:04.000000000 +0100 | |
44 | +++ ulogd-2.0.0beta3/doc/pgsql-ulogd2-flat.sql 2009-09-17 21:35:22.000000000 +0200 | |
45 | @@ -108,16 +108,16 @@ | |
46 | -- | |
47 | ||
48 | CREATE OR REPLACE VIEW view_tcp AS | |
49 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 6; | |
50 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 6; | |
51 | ||
52 | CREATE OR REPLACE VIEW view_udp AS | |
53 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 17; | |
54 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 17; | |
55 | ||
56 | CREATE OR REPLACE VIEW view_icmp AS | |
57 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 1; | |
58 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 1; | |
59 | ||
60 | CREATE OR REPLACE VIEW view_icmpv6 AS | |
61 | - SELECT * FROM ulog2 WHERE ulog2.oob_family = 58; | |
62 | + SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 58; | |
63 | ||
64 | -- complete view | |
65 | CREATE OR REPLACE VIEW ulog AS | |
66 | @@ -179,10 +179,10 @@ | |
67 | ||
68 | -- shortcuts | |
69 | CREATE OR REPLACE VIEW view_tcp_quad AS | |
70 | - SELECT _id,ip_saddr_str,tcp_sport,ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.oob_family = 6; | |
71 | + SELECT _id,ip_saddr_str,tcp_sport,ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.ip_protocol = 6; | |
72 | ||
73 | CREATE OR REPLACE VIEW view_udp_quad AS | |
74 | - SELECT _id,ip_saddr_str,udp_sport,ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.oob_family = 17; | |
75 | + SELECT _id,ip_saddr_str,udp_sport,ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.ip_protocol = 17; | |
76 | ||
77 | -- | |
78 | -- conntrack | |
79 | diff -urN ulogd-2.0.0beta3.orig/doc/ulogd.sgml ulogd-2.0.0beta3/doc/ulogd.sgml | |
80 | --- ulogd-2.0.0beta3.orig/doc/ulogd.sgml 2008-09-12 00:06:46.000000000 +0200 | |
81 | +++ ulogd-2.0.0beta3/doc/ulogd.sgml 2009-09-17 21:35:22.000000000 +0200 | |
82 | @@ -6,7 +6,7 @@ | |
83 | ||
84 | <title>ULOGD 2.x - the Netfilter Userspace Logging Daemon</title> | |
85 | <author>Harald Welte <laforge@netfilter.org>, Eric Leblond <eric@inl.fr></author> | |
86 | -<date>Revision 2008/09/03</date> | |
87 | +<date>Revision 2009/04/18</date> | |
88 | ||
89 | <abstract> | |
90 | This is the documentation for <tt>ulogd-2.x</tt>, the second generation | |
91 | @@ -464,6 +464,14 @@ | |
92 | <tag>procedure</tag> | |
93 | Stored procedure that will be run with the argument specified in the | |
94 | table variable. | |
95 | +Behaviour of the procedure option can be twitted by using specific name. | |
96 | +If procedure name is: | |
97 | +<itemize> | |
98 | +<item>"INSERT": A classic INSERT SQL query is done in the table pointed by the | |
99 | + "table" variable.</item> | |
100 | +<item>start with "INSERT ": Configuration has to specify the start of the INSERT query that will be used. For example, | |
101 | +a typical value is "INSERT INTO ulog2".</item> | |
102 | +</itemize> | |
103 | <tag>db</tag> | |
104 | Name of the mysql database. | |
105 | <tag>host</tag> | |
106 | diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_HWHDR.c ulogd-2.0.0beta3/filter/ulogd_filter_HWHDR.c | |
107 | --- ulogd-2.0.0beta3.orig/filter/ulogd_filter_HWHDR.c 2009-03-06 18:54:04.000000000 +0100 | |
108 | +++ ulogd-2.0.0beta3/filter/ulogd_filter_HWHDR.c 2009-09-17 21:35:22.000000000 +0200 | |
109 | @@ -31,6 +31,8 @@ | |
110 | #include <linux/if_ether.h> | |
111 | #include <ulogd/ulogd.h> | |
112 | ||
113 | +#define HWADDR_LENGTH 128 | |
114 | + | |
115 | enum input_keys { | |
116 | KEY_RAW_TYPE, | |
117 | KEY_OOB_PROTOCOL, | |
118 | @@ -44,8 +46,10 @@ | |
119 | KEY_MAC_TYPE, | |
120 | KEY_MAC_PROTOCOL, | |
121 | KEY_MAC_SADDR, | |
122 | + START_KEY = KEY_MAC_SADDR, | |
123 | KEY_MAC_DADDR, | |
124 | KEY_MAC_ADDR, | |
125 | + MAX_KEY = KEY_MAC_ADDR, | |
126 | }; | |
127 | ||
128 | static struct ulogd_key mac2str_inp[] = { | |
129 | @@ -94,42 +98,38 @@ | |
130 | }, | |
131 | [KEY_MAC_SADDR] = { | |
132 | .type = ULOGD_RET_STRING, | |
133 | - .flags = ULOGD_RETF_FREE, | |
134 | .name = "mac.saddr.str", | |
135 | }, | |
136 | [KEY_MAC_DADDR] = { | |
137 | .type = ULOGD_RET_STRING, | |
138 | - .flags = ULOGD_RETF_FREE, | |
139 | .name = "mac.daddr.str", | |
140 | }, | |
141 | [KEY_MAC_ADDR] = { | |
142 | .type = ULOGD_RET_STRING, | |
143 | - .flags = ULOGD_RETF_FREE, | |
144 | .name = "mac.str", | |
145 | }, | |
146 | }; | |
147 | ||
148 | +static char hwmac_str[MAX_KEY - START_KEY][HWADDR_LENGTH]; | |
149 | + | |
150 | static int parse_mac2str(struct ulogd_key *ret, unsigned char *mac, | |
151 | int okey, int len) | |
152 | { | |
153 | - char *mac_str; | |
154 | char *buf_cur; | |
155 | int i; | |
156 | ||
157 | - if (len > 0) | |
158 | - mac_str = calloc(len/sizeof(char)*3 + 1, sizeof(char)); | |
159 | - else | |
160 | - mac_str = strdup(""); | |
161 | - | |
162 | - if (mac_str == NULL) | |
163 | + if (len/sizeof(char)*3 + 1 > HWADDR_LENGTH) | |
164 | return ULOGD_IRET_ERR; | |
165 | ||
166 | - buf_cur = mac_str; | |
167 | + if (len == 0) | |
168 | + hwmac_str[okey - START_KEY][0] = 0; | |
169 | + | |
170 | + buf_cur = hwmac_str[okey - START_KEY]; | |
171 | for (i = 0; i < len; i++) | |
172 | buf_cur += sprintf(buf_cur, "%02x%c", mac[i], | |
173 | i == len - 1 ? 0 : ':'); | |
174 | ||
175 | - okey_set_ptr(&ret[okey], mac_str); | |
176 | + okey_set_ptr(&ret[okey], hwmac_str[okey - START_KEY]); | |
177 | ||
178 | return ULOGD_IRET_OK; | |
179 | } | |
180 | diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IFINDEX.c ulogd-2.0.0beta3/filter/ulogd_filter_IFINDEX.c | |
181 | --- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IFINDEX.c 2009-03-06 18:54:04.000000000 +0100 | |
182 | +++ ulogd-2.0.0beta3/filter/ulogd_filter_IFINDEX.c 2009-09-17 21:35:22.000000000 +0200 | |
183 | @@ -30,12 +30,14 @@ | |
184 | static struct ulogd_key ifindex_keys[] = { | |
185 | { | |
186 | .type = ULOGD_RET_STRING, | |
187 | - .flags = ULOGD_RETF_NONE | ULOGD_RETF_FREE, | |
188 | + .len = IFNAMSIZ, | |
189 | + .flags = ULOGD_RETF_NONE, | |
190 | .name = "oob.in", | |
191 | }, | |
192 | { | |
193 | .type = ULOGD_RET_STRING, | |
194 | - .flags = ULOGD_RETF_NONE | ULOGD_RETF_FREE, | |
195 | + .len = IFNAMSIZ, | |
196 | + .flags = ULOGD_RETF_NONE, | |
197 | .name = "oob.out", | |
198 | }, | |
199 | }; | |
200 | @@ -62,25 +64,18 @@ | |
201 | { | |
202 | struct ulogd_key *ret = pi->output.keys; | |
203 | struct ulogd_key *inp = pi->input.keys; | |
204 | - void *ptr; | |
205 | + static char indev[IFNAMSIZ]; | |
206 | + static char outdev[IFNAMSIZ]; | |
207 | ||
208 | - ptr = calloc(IFNAMSIZ, sizeof(char)); | |
209 | - if (!ptr) | |
210 | - return ULOGD_IRET_ERR; | |
211 | - | |
212 | - nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), ptr); | |
213 | - if (((char *)ptr)[0] == '*') | |
214 | - ((char *)(ptr))[0] = 0; | |
215 | - okey_set_ptr(&ret[0], ptr); | |
216 | - | |
217 | - ptr = calloc(IFNAMSIZ, sizeof(char)); | |
218 | - if (!ptr) | |
219 | - return ULOGD_IRET_ERR; | |
220 | - | |
221 | - nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), ptr); | |
222 | - if (((char *)ptr)[0] == '*') | |
223 | - ((char *)(ptr))[0] = 0; | |
224 | - okey_set_ptr(&ret[1], ptr); | |
225 | + nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), indev); | |
226 | + if (indev[0] == '*') | |
227 | + indev[0] = 0; | |
228 | + okey_set_ptr(&ret[0], indev); | |
229 | + | |
230 | + nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), outdev); | |
231 | + if (outdev[0] == '*') | |
232 | + outdev[0] = 0; | |
233 | + okey_set_ptr(&ret[1], outdev); | |
234 | ||
235 | return ULOGD_IRET_OK; | |
236 | } | |
237 | diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2BIN.c ulogd-2.0.0beta3/filter/ulogd_filter_IP2BIN.c | |
238 | --- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2BIN.c 2009-03-06 18:54:04.000000000 +0100 | |
239 | +++ ulogd-2.0.0beta3/filter/ulogd_filter_IP2BIN.c 2009-09-17 21:35:22.000000000 +0200 | |
240 | @@ -27,11 +27,13 @@ | |
241 | #include <string.h> | |
242 | #include <arpa/inet.h> | |
243 | #include <ulogd/ulogd.h> | |
244 | +#include <netinet/if_ether.h> | |
245 | ||
246 | #define IPADDR_LENGTH 128 | |
247 | ||
248 | enum input_keys { | |
249 | KEY_OOB_FAMILY, | |
250 | + KEY_OOB_PROTOCOL, | |
251 | KEY_IP_SADDR, | |
252 | START_KEY = KEY_IP_SADDR, | |
253 | KEY_IP_DADDR, | |
254 | @@ -83,37 +85,33 @@ | |
255 | static struct ulogd_key ip2bin_keys[] = { | |
256 | { | |
257 | .type = ULOGD_RET_RAWSTR, | |
258 | - .flags = ULOGD_RETF_FREE, | |
259 | .name = "ip.saddr.bin", | |
260 | }, | |
261 | { | |
262 | .type = ULOGD_RET_RAWSTR, | |
263 | - .flags = ULOGD_RETF_FREE, | |
264 | .name = "ip.daddr.bin", | |
265 | }, | |
266 | { | |
267 | .type = ULOGD_RET_RAWSTR, | |
268 | - .flags = ULOGD_RETF_FREE, | |
269 | .name = "orig.ip.saddr.bin", | |
270 | }, | |
271 | { | |
272 | .type = ULOGD_RET_RAWSTR, | |
273 | - .flags = ULOGD_RETF_FREE, | |
274 | .name = "orig.ip.daddr.bin", | |
275 | }, | |
276 | { | |
277 | .type = ULOGD_RET_RAWSTR, | |
278 | - .flags = ULOGD_RETF_FREE, | |
279 | .name = "reply.ip.saddr.bin", | |
280 | }, | |
281 | { | |
282 | .type = ULOGD_RET_RAWSTR, | |
283 | - .flags = ULOGD_RETF_FREE, | |
284 | .name = "reply.ip.daddr.bin", | |
285 | }, | |
286 | ||
287 | }; | |
288 | ||
289 | +static char ipbin_array[MAX_KEY-START_KEY][IPADDR_LENGTH]; | |
290 | + | |
291 | /** | |
292 | * Convert IPv4 address (as 32-bit unsigned integer) to IPv6 address: | |
293 | * add 96 bits prefix "::ffff:" to get IPv6 address "::ffff:a.b.c.d". | |
294 | @@ -126,16 +124,40 @@ | |
295 | ipv6->s6_addr32[3] = ipv4; | |
296 | } | |
297 | ||
298 | -static char *ip2bin(struct ulogd_key* inp, int index, char family) | |
299 | +static int ip2bin(struct ulogd_key* inp, int index, int oindex) | |
300 | { | |
301 | - char tmp[IPADDR_LENGTH]; | |
302 | + char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]); | |
303 | + char convfamily = family; | |
304 | unsigned char *addr8; | |
305 | struct in6_addr *addr; | |
306 | struct in6_addr ip4_addr; | |
307 | char *buffer; | |
308 | int i, written; | |
309 | ||
310 | - switch (family) { | |
311 | + if (family == AF_BRIDGE) { | |
312 | + if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) { | |
313 | + ulogd_log(ULOGD_NOTICE, | |
314 | + "No protocol inside AF_BRIDGE packet\n"); | |
315 | + return ULOGD_IRET_ERR; | |
316 | + } | |
317 | + switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) { | |
318 | + case ETH_P_IPV6: | |
319 | + convfamily = AF_INET6; | |
320 | + break; | |
321 | + case ETH_P_IP: | |
322 | + convfamily = AF_INET; | |
323 | + break; | |
324 | + case ETH_P_ARP: | |
325 | + convfamily = AF_INET; | |
326 | + break; | |
327 | + default: | |
328 | + ulogd_log(ULOGD_NOTICE, | |
329 | + "Unknown protocol inside AF_BRIDGE packet\n"); | |
330 | + return ULOGD_IRET_ERR; | |
331 | + } | |
332 | + } | |
333 | + | |
334 | + switch (convfamily) { | |
335 | case AF_INET6: | |
336 | addr = (struct in6_addr *)ikey_get_u128(&inp[index]); | |
337 | break; | |
338 | @@ -147,10 +169,10 @@ | |
339 | default: | |
340 | /* TODO handle error */ | |
341 | ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n"); | |
342 | - return NULL; | |
343 | + return ULOGD_IRET_ERR; | |
344 | } | |
345 | ||
346 | - buffer = tmp; | |
347 | + buffer = ipbin_array[oindex]; | |
348 | /* format IPv6 to BINARY(16) as "0x..." */ | |
349 | buffer[0] = '0'; | |
350 | buffer[1] = 'x'; | |
351 | @@ -161,14 +183,14 @@ | |
352 | addr8[0], addr8[1], addr8[2], addr8[3]); | |
353 | if (written != 2 * 4) { | |
354 | buffer[0] = 0; | |
355 | - return NULL; | |
356 | + return ULOGD_IRET_ERR; | |
357 | } | |
358 | buffer += written; | |
359 | addr8 += 4; | |
360 | } | |
361 | buffer[0] = 0; | |
362 | ||
363 | - return strdup(tmp); | |
364 | + return ULOGD_IRET_OK; | |
365 | } | |
366 | ||
367 | static int interp_ip2bin(struct ulogd_pluginstance *pi) | |
368 | @@ -176,12 +198,16 @@ | |
369 | struct ulogd_key *ret = pi->output.keys; | |
370 | struct ulogd_key *inp = pi->input.keys; | |
371 | int i; | |
372 | - int oob_family = ikey_get_u8(&inp[KEY_OOB_FAMILY]); | |
373 | + int fret; | |
374 | ||
375 | /* Iter on all addr fields */ | |
376 | for(i = START_KEY; i < MAX_KEY; i++) { | |
377 | if (pp_is_valid(inp, i)) { | |
378 | - okey_set_ptr(&ret[i-1], ip2bin(inp, i, oob_family)); | |
379 | + fret = ip2bin(inp, i, i-START_KEY); | |
380 | + if (fret != ULOGD_IRET_OK) | |
381 | + return fret; | |
382 | + okey_set_ptr(&ret[i-START_KEY], | |
383 | + ipbin_array[i-START_KEY]); | |
384 | } | |
385 | } | |
386 | ||
387 | diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2STR.c ulogd-2.0.0beta3/filter/ulogd_filter_IP2STR.c | |
388 | --- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2STR.c 2009-03-06 18:54:04.000000000 +0100 | |
389 | +++ ulogd-2.0.0beta3/filter/ulogd_filter_IP2STR.c 2009-09-17 21:35:22.000000000 +0200 | |
390 | @@ -102,49 +102,42 @@ | |
391 | static struct ulogd_key ip2str_keys[] = { | |
392 | { | |
393 | .type = ULOGD_RET_STRING, | |
394 | - .flags = ULOGD_RETF_FREE, | |
395 | .name = "ip.saddr.str", | |
396 | }, | |
397 | { | |
398 | .type = ULOGD_RET_STRING, | |
399 | - .flags = ULOGD_RETF_FREE, | |
400 | .name = "ip.daddr.str", | |
401 | }, | |
402 | { | |
403 | .type = ULOGD_RET_STRING, | |
404 | - .flags = ULOGD_RETF_FREE, | |
405 | .name = "orig.ip.saddr.str", | |
406 | }, | |
407 | { | |
408 | .type = ULOGD_RET_STRING, | |
409 | - .flags = ULOGD_RETF_FREE, | |
410 | .name = "orig.ip.daddr.str", | |
411 | }, | |
412 | { | |
413 | .type = ULOGD_RET_STRING, | |
414 | - .flags = ULOGD_RETF_FREE, | |
415 | .name = "reply.ip.saddr.str", | |
416 | }, | |
417 | { | |
418 | .type = ULOGD_RET_STRING, | |
419 | - .flags = ULOGD_RETF_FREE, | |
420 | .name = "reply.ip.daddr.str", | |
421 | }, | |
422 | { | |
423 | .type = ULOGD_RET_STRING, | |
424 | - .flags = ULOGD_RETF_FREE, | |
425 | .name = "arp.saddr.str", | |
426 | }, | |
427 | { | |
428 | .type = ULOGD_RET_STRING, | |
429 | - .flags = ULOGD_RETF_FREE, | |
430 | .name = "arp.daddr.str", | |
431 | }, | |
432 | }; | |
433 | ||
434 | -static char *ip2str(struct ulogd_key *inp, int index) | |
435 | +static char ipstr_array[MAX_KEY-START_KEY][IPADDR_LENGTH]; | |
436 | + | |
437 | +static int ip2str(struct ulogd_key *inp, int index, int oindex) | |
438 | { | |
439 | - char tmp[IPADDR_LENGTH]; | |
440 | char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]); | |
441 | char convfamily = family; | |
442 | ||
443 | @@ -152,7 +145,7 @@ | |
444 | if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) { | |
445 | ulogd_log(ULOGD_NOTICE, | |
446 | "No protocol inside AF_BRIDGE packet\n"); | |
447 | - return NULL; | |
448 | + return ULOGD_IRET_ERR; | |
449 | } | |
450 | switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) { | |
451 | case ETH_P_IPV6: | |
452 | @@ -167,7 +160,7 @@ | |
453 | default: | |
454 | ulogd_log(ULOGD_NOTICE, | |
455 | "Unknown protocol inside AF_BRIDGE packet\n"); | |
456 | - return NULL; | |
457 | + return ULOGD_IRET_ERR; | |
458 | } | |
459 | } | |
460 | ||
461 | @@ -176,18 +169,19 @@ | |
462 | case AF_INET6: | |
463 | inet_ntop(AF_INET6, | |
464 | ikey_get_u128(&inp[index]), | |
465 | - tmp, sizeof(tmp)); | |
466 | + ipstr_array[oindex], sizeof(ipstr_array[oindex])); | |
467 | break; | |
468 | case AF_INET: | |
469 | ip = ikey_get_u32(&inp[index]); | |
470 | - inet_ntop(AF_INET, &ip, tmp, sizeof(tmp)); | |
471 | + inet_ntop(AF_INET, &ip, | |
472 | + ipstr_array[oindex], sizeof(ipstr_array[oindex])); | |
473 | break; | |
474 | default: | |
475 | /* TODO error handling */ | |
476 | ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n"); | |
477 | - return NULL; | |
478 | + return ULOGD_IRET_ERR; | |
479 | } | |
480 | - return strdup(tmp); | |
481 | + return ULOGD_IRET_OK; | |
482 | } | |
483 | ||
484 | static int interp_ip2str(struct ulogd_pluginstance *pi) | |
485 | @@ -195,11 +189,16 @@ | |
486 | struct ulogd_key *ret = pi->output.keys; | |
487 | struct ulogd_key *inp = pi->input.keys; | |
488 | int i; | |
489 | + int fret; | |
490 | ||
491 | /* Iter on all addr fields */ | |
492 | for (i = START_KEY; i <= MAX_KEY; i++) { | |
493 | if (pp_is_valid(inp, i)) { | |
494 | - okey_set_ptr(&ret[i-START_KEY], ip2str(inp, i)); | |
495 | + fret = ip2str(inp, i, i-START_KEY); | |
496 | + if (fret != ULOGD_IRET_OK) | |
497 | + return fret; | |
498 | + okey_set_ptr(&ret[i-START_KEY], | |
499 | + ipstr_array[i-START_KEY]); | |
500 | } | |
501 | } | |
502 | ||
503 | diff -urN ulogd-2.0.0beta3.orig/include/ulogd/ulogd.h ulogd-2.0.0beta3/include/ulogd/ulogd.h | |
504 | --- ulogd-2.0.0beta3.orig/include/ulogd/ulogd.h 2009-03-06 18:54:04.000000000 +0100 | |
505 | +++ ulogd-2.0.0beta3/include/ulogd/ulogd.h 2009-09-17 21:35:22.000000000 +0200 | |
506 | @@ -19,6 +19,7 @@ | |
507 | #include <signal.h> /* need this because of extension-sighandler */ | |
508 | #include <sys/types.h> | |
509 | #include <string.h> | |
510 | +#include <config.h> | |
511 | ||
512 | #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) | |
513 | ||
514 | diff -urN ulogd-2.0.0beta3.orig/input/flow/ulogd_inpflow_NFCT.c ulogd-2.0.0beta3/input/flow/ulogd_inpflow_NFCT.c | |
515 | --- ulogd-2.0.0beta3.orig/input/flow/ulogd_inpflow_NFCT.c 2009-03-06 18:54:04.000000000 +0100 | |
516 | +++ ulogd-2.0.0beta3/input/flow/ulogd_inpflow_NFCT.c 2009-09-17 21:35:22.000000000 +0200 | |
517 | @@ -114,6 +114,12 @@ | |
518 | .options = CONFIG_OPT_NONE, | |
519 | .u.value = 0, | |
520 | }, | |
521 | + { | |
522 | + .key = "netlink_resync_timeout", | |
523 | + .type = CONFIG_TYPE_INT, | |
524 | + .options = CONFIG_OPT_NONE, | |
525 | + .u.value = 60, | |
526 | + }, | |
527 | }, | |
528 | }; | |
529 | #define pollint_ce(x) (x->ces[0]) | |
530 | @@ -123,6 +129,7 @@ | |
531 | #define eventmask_ce(x) (x->ces[4]) | |
532 | #define nlsockbufsize_ce(x) (x->ces[5]) | |
533 | #define nlsockbufmaxsize_ce(x) (x->ces[6]) | |
534 | +#define nlresynctimeout_ce(x) (x->ces[7]) | |
535 | ||
536 | enum nfct_keys { | |
537 | NFCT_ORIG_IP_SADDR = 0, | |
538 | @@ -596,6 +603,9 @@ | |
539 | switch(type) { | |
540 | case NFCT_T_NEW: | |
541 | ts = hashtable_add(cpi->ct_active, &tmp); | |
542 | + if (ts == NULL) | |
543 | + return NFCT_CB_CONTINUE; | |
544 | + | |
545 | gettimeofday(&ts->time[START], NULL); | |
546 | return NFCT_CB_STOLEN; | |
547 | case NFCT_T_UPDATE: | |
548 | @@ -604,6 +614,9 @@ | |
549 | nfct_copy(ts->ct, ct, NFCT_CP_META); | |
550 | else { | |
551 | ts = hashtable_add(cpi->ct_active, &tmp); | |
552 | + if (ts == NULL) | |
553 | + return NFCT_CB_CONTINUE; | |
554 | + | |
555 | gettimeofday(&ts->time[START], NULL); | |
556 | return NFCT_CB_STOLEN; | |
557 | } | |
558 | @@ -637,12 +650,18 @@ | |
559 | { | |
560 | struct nfct_pluginstance *cpi = | |
561 | (struct nfct_pluginstance *)upi->private; | |
562 | + static int warned = 0; | |
563 | ||
564 | if (size < nlsockbufmaxsize_ce(upi->config_kset).u.value) { | |
565 | cpi->nlbufsiz = nfnl_rcvbufsiz(nfct_nfnlh(cpi->cth), size); | |
566 | return 1; | |
567 | } | |
568 | ||
569 | + /* we have already warned the user, do not keep spamming */ | |
570 | + if (warned) | |
571 | + return 0; | |
572 | + | |
573 | + warned = 1; | |
574 | ulogd_log(ULOGD_NOTICE, "Maximum buffer size (%d) in NFCT has been " | |
575 | "reached. Please, consider rising " | |
576 | "`netlink_socket_buffer_size` and " | |
577 | @@ -657,14 +676,13 @@ | |
578 | struct ulogd_pluginstance *upi = container_of(param, | |
579 | struct ulogd_pluginstance, | |
580 | private); | |
581 | + static int warned = 0; | |
582 | ||
583 | if (!(what & ULOGD_FD_READ)) | |
584 | return 0; | |
585 | ||
586 | if (nfct_catch(cpi->cth) == -1) { | |
587 | if (errno == ENOBUFS) { | |
588 | - int family = AF_UNSPEC; | |
589 | - | |
590 | if (nlsockbufmaxsize_ce(upi->config_kset).u.value) { | |
591 | int s = cpi->nlbufsiz * 2; | |
592 | if (setnlbufsiz(upi, s)) { | |
593 | @@ -673,7 +691,8 @@ | |
594 | "increasing buffer size " | |
595 | "to %d\n", cpi->nlbufsiz); | |
596 | } | |
597 | - } else { | |
598 | + } else if (!warned) { | |
599 | + warned = 1; | |
600 | ulogd_log(ULOGD_NOTICE, | |
601 | "We are losing events. Please, " | |
602 | "consider using the clauses " | |
603 | @@ -683,9 +702,14 @@ | |
604 | ||
605 | /* internal hash can deal with refresh */ | |
606 | if (usehash_ce(upi->config_kset).u.value != 0) { | |
607 | - nfct_send(cpi->ovh, NFCT_Q_DUMP, &family); | |
608 | - /* TODO: configurable retry timer */ | |
609 | - ulogd_add_timer(&cpi->ov_timer, 2); | |
610 | + /* schedule a resynchronization in N | |
611 | + * seconds, this parameter is configurable | |
612 | + * via config. Note that we don't re-schedule | |
613 | + * a resync if it's already in progress. */ | |
614 | + if (!ulogd_timer_pending(&cpi->ov_timer)) { | |
615 | + ulogd_add_timer(&cpi->ov_timer, | |
616 | + nlresynctimeout_ce(upi->config_kset).u.value); | |
617 | + } | |
618 | } | |
619 | } | |
620 | } | |
621 | @@ -734,6 +758,9 @@ | |
622 | /* if it does not exist, add it */ | |
623 | if (!hashtable_get(cpi->ct_active, &tmp)) { | |
624 | ts = hashtable_add(cpi->ct_active, &tmp); | |
625 | + if (ts == NULL) | |
626 | + return NFCT_CB_CONTINUE; | |
627 | + | |
628 | gettimeofday(&ts->time[START], NULL); /* do our best here */ | |
629 | return NFCT_CB_STOLEN; | |
630 | } | |
631 | @@ -755,11 +782,10 @@ | |
632 | if (nfct_catch(cpi->ovh) == -1) { | |
633 | /* enobufs in the overrun buffer? very rare */ | |
634 | if (errno == ENOBUFS) { | |
635 | - int family = AF_UNSPEC; | |
636 | - | |
637 | - nfct_send(cpi->ovh, NFCT_Q_DUMP, &family); | |
638 | - /* TODO: configurable retry timer */ | |
639 | - ulogd_add_timer(&cpi->ov_timer, 2); | |
640 | + if (!ulogd_timer_pending(&cpi->ov_timer)) { | |
641 | + ulogd_add_timer(&cpi->ov_timer, | |
642 | + nlresynctimeout_ce(upi->config_kset).u.value); | |
643 | + } | |
644 | } | |
645 | } | |
646 | ||
647 | @@ -815,8 +841,6 @@ | |
648 | (struct nfct_pluginstance *)upi->private; | |
649 | ||
650 | nfct_send(cpi->ovh, NFCT_Q_DUMP, &family); | |
651 | - /* TODO: configurable retry timer */ | |
652 | - ulogd_add_timer(&cpi->ov_timer, 2); | |
653 | } | |
654 | ||
655 | static int constructor_nfct(struct ulogd_pluginstance *upi) | |
656 | diff -urN ulogd-2.0.0beta3.orig/output/ulogd_output_IPFIX.c ulogd-2.0.0beta3/output/ulogd_output_IPFIX.c | |
657 | --- ulogd-2.0.0beta3.orig/output/ulogd_output_IPFIX.c 2008-09-12 00:06:47.000000000 +0200 | |
658 | +++ ulogd-2.0.0beta3/output/ulogd_output_IPFIX.c 2009-09-17 21:35:22.000000000 +0200 | |
659 | @@ -93,6 +93,7 @@ | |
660 | return NULL; | |
661 | ||
662 | bm->size_bits = num_bits; | |
663 | + bm->buf = (void *)bm + sizeof(*bm); | |
664 | ||
665 | bitmask_clear(bm); | |
666 | ||
667 | @@ -240,7 +241,7 @@ | |
668 | ||
669 | tmpl->total_length = 0; | |
670 | ||
671 | - for (i = 0; i < upi->input.num_keys; i++) { | |
672 | + for (i = 0, j = 0; i < upi->input.num_keys; i++) { | |
673 | struct ulogd_key *key = &upi->input.keys[i]; | |
674 | int length = ulogd_key_size(key); | |
675 | ||
676 | @@ -332,8 +333,7 @@ | |
677 | ulogd_log(ULOGD_ERROR, "can't build new template!\n"); | |
678 | return ULOGD_IRET_ERR; | |
679 | } | |
680 | - /* FIXME: prepend? */ | |
681 | - list_add(&ii->template_list, &template->list); | |
682 | + llist_add(&template->list, &ii->template_list); | |
683 | } | |
684 | ||
685 | total_size = template->total_length; | |
686 | @@ -435,18 +435,14 @@ | |
687 | if (!ii->valid_bitmask) | |
688 | return -ENOMEM; | |
689 | ||
690 | + INIT_LLIST_HEAD(&ii->template_list); | |
691 | + | |
692 | ret = open_connect_socket(pi); | |
693 | if (ret < 0) | |
694 | goto out_bm_free; | |
695 | ||
696 | - ret = build_template(pi); | |
697 | - if (ret < 0) | |
698 | - goto out_sock_close; | |
699 | - | |
700 | return 0; | |
701 | ||
702 | -out_sock_close: | |
703 | - close(ii->fd); | |
704 | out_bm_free: | |
705 | bitmask_free(ii->valid_bitmask); | |
706 | ii->valid_bitmask = NULL; | |
707 | diff -urN ulogd-2.0.0beta3.orig/src/ulogd.c ulogd-2.0.0beta3/src/ulogd.c | |
708 | --- ulogd-2.0.0beta3.orig/src/ulogd.c 2009-03-06 18:54:04.000000000 +0100 | |
709 | +++ ulogd-2.0.0beta3/src/ulogd.c 2009-09-17 21:35:22.000000000 +0200 | |
710 | @@ -640,14 +640,8 @@ | |
711 | int i = 0; | |
712 | struct ulogd_pluginstance *pi_cur; | |
713 | ||
714 | - /* PASS 2: */ | |
715 | - ulogd_log(ULOGD_DEBUG, "connecting input/output keys of stack:\n"); | |
716 | + /* pre-configuration pass */ | |
717 | llist_for_each_entry_reverse(pi_cur, &stack->list, list) { | |
718 | - struct ulogd_pluginstance *pi_prev = | |
719 | - llist_entry(pi_cur->list.prev, | |
720 | - struct ulogd_pluginstance, | |
721 | - list); | |
722 | - i++; | |
723 | ulogd_log(ULOGD_DEBUG, "traversing plugin `%s'\n", | |
724 | pi_cur->plugin->name); | |
725 | /* call plugin to tell us which keys it requires in | |
726 | @@ -662,6 +656,18 @@ | |
727 | return ret; | |
728 | } | |
729 | } | |
730 | + } | |
731 | + | |
732 | + /* PASS 2: */ | |
733 | + ulogd_log(ULOGD_DEBUG, "connecting input/output keys of stack:\n"); | |
734 | + llist_for_each_entry_reverse(pi_cur, &stack->list, list) { | |
735 | + struct ulogd_pluginstance *pi_prev = | |
736 | + llist_entry(pi_cur->list.prev, | |
737 | + struct ulogd_pluginstance, | |
738 | + list); | |
739 | + i++; | |
740 | + ulogd_log(ULOGD_DEBUG, "traversing plugin `%s'\n", | |
741 | + pi_cur->plugin->name); | |
742 | ||
743 | if (i == 1) { | |
744 | /* first round: output plugin */ | |
745 | diff -urN ulogd-2.0.0beta3.orig/ulogd.conf.in ulogd-2.0.0beta3/ulogd.conf.in | |
746 | --- ulogd-2.0.0beta3.orig/ulogd.conf.in 2009-03-06 18:54:04.000000000 +0100 | |
747 | +++ ulogd-2.0.0beta3/ulogd.conf.in 2009-09-17 21:35:22.000000000 +0200 | |
748 | @@ -91,6 +91,7 @@ | |
749 | [ct1] | |
750 | #netlink_socket_buffer_size=217088 | |
751 | #netlink_socket_buffer_maxsize=1085440 | |
752 | +#netlink_resync_timeout=60 # seconds to wait to perform resynchronization | |
753 | ||
754 | [ct2] | |
755 | #netlink_socket_buffer_size=217088 | |
756 | @@ -106,8 +107,8 @@ | |
757 | #netlink_socket_buffer_maxsize=1085440 | |
758 | # set number of packet to queue inside kernel | |
759 | #netlink_qthreshold=1 | |
760 | -# set the delay before flushing packet in the queue inside kernel (in ms) | |
761 | -#netlink_qtimeout=1000 | |
762 | +# set the delay before flushing packet in the queue inside kernel (in 10ms) | |
763 | +#netlink_qtimeout=100 | |
764 | ||
765 | # packet logging through NFLOG for group 1 | |
766 | [log2] | |
767 | diff -urN ulogd-2.0.0beta3.orig/util/chtons.h ulogd-2.0.0beta3/util/chtons.h | |
768 | --- ulogd-2.0.0beta3.orig/util/chtons.h 1970-01-01 01:00:00.000000000 +0100 | |
769 | +++ ulogd-2.0.0beta3/util/chtons.h 2009-09-17 21:35:22.000000000 +0200 | |
770 | @@ -0,0 +1,32 @@ | |
771 | +#ifndef _CHTONS_H_ | |
772 | +#define _CHTONS_H_ | |
773 | + | |
774 | +#include <endian.h> | |
775 | + | |
776 | +#if __BYTE_ORDER == __BIG_ENDIAN | |
777 | +# define BITNR(X) ((X)^31) | |
778 | +# if !defined(__constant_htonl) | |
779 | +# define __constant_htonl(x) (x) | |
780 | +# endif | |
781 | +# if !defined(__constant_htons) | |
782 | +# define __constant_htons(x) (x) | |
783 | +# endif | |
784 | +#elif __BYTE_ORDER == __LITTLE_ENDIAN | |
785 | +# define BITNR(X) ((X)^7) | |
786 | +# if !defined(__constant_htonl) | |
787 | +# define __constant_htonl(x) \ | |
788 | + ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \ | |
789 | + (((unsigned long int)(x) & 0x0000ff00U) << 8) | \ | |
790 | + (((unsigned long int)(x) & 0x00ff0000U) >> 8) | \ | |
791 | + (((unsigned long int)(x) & 0xff000000U) >> 24))) | |
792 | +# endif | |
793 | +# if !defined(__constant_htons) | |
794 | +# define __constant_htons(x) \ | |
795 | + ((unsigned short int)((((unsigned short int)(x) & 0x00ff) << 8) | \ | |
796 | + (((unsigned short int)(x) & 0xff00) >> 8))) | |
797 | +# endif | |
798 | +#else | |
799 | +# error "Don't know if bytes are big- or little-endian!" | |
800 | +#endif | |
801 | + | |
802 | +#endif | |
803 | diff -urN ulogd-2.0.0beta3.orig/util/db.c ulogd-2.0.0beta3/util/db.c | |
804 | --- ulogd-2.0.0beta3.orig/util/db.c 2009-03-06 18:54:04.000000000 +0100 | |
805 | +++ ulogd-2.0.0beta3/util/db.c 2009-09-17 21:35:22.000000000 +0200 | |
806 | @@ -91,14 +91,22 @@ | |
807 | return -ENOMEM; | |
808 | } | |
809 | ||
810 | - if (strcasecmp(procedure,"INSERT") == 0) { | |
811 | + if (strncasecmp(procedure,"INSERT", strlen("INSERT")) == 0 && | |
812 | + (procedure[strlen("INSERT")] == '\0' || | |
813 | + procedure[strlen("INSERT")] == ' ')) { | |
814 | char buf[ULOGD_MAX_KEYLEN]; | |
815 | char *underscore; | |
816 | ||
817 | - if (mi->schema) | |
818 | - sprintf(mi->stmt, "insert into %s.%s (", mi->schema, table); | |
819 | + if(procedure[6] == '\0') { | |
820 | + /* procedure == "INSERT" */ | |
821 | + if (mi->schema) | |
822 | + sprintf(mi->stmt, "insert into %s.%s (", mi->schema, table); | |
823 | + else | |
824 | + sprintf(mi->stmt, "insert into %s (", table); | |
825 | + } | |
826 | else | |
827 | - sprintf(mi->stmt, "insert into %s (", table); | |
828 | + sprintf(mi->stmt, "%s (", procedure); | |
829 | + | |
830 | mi->stmt_val = mi->stmt + strlen(mi->stmt); | |
831 | ||
832 | for (i = 0; i < upi->input.num_keys; i++) { | |
833 | @@ -193,6 +201,13 @@ | |
834 | free(upi->input.keys); | |
835 | upi->input.keys = NULL; | |
836 | } | |
837 | + | |
838 | + /* try to free the buffer for insert statement */ | |
839 | + if (di->stmt) { | |
840 | + free(di->stmt); | |
841 | + di->stmt = NULL; | |
842 | + } | |
843 | + | |
844 | return 0; | |
845 | } | |
846 |