* [PATCH] ipt_account fixup
@ 2005-05-09 13:44 Piotr Gasidło
2005-05-17 20:04 ` Patrick McHardy
0 siblings, 1 reply; 2+ messages in thread
From: Piotr Gasidło @ 2005-05-09 13:44 UTC (permalink / raw)
To: netfilter-devel
[-- Attachment #1.1: Type: text/plain, Size: 394 bytes --]
Hello,
Little changes to ipt_account:
- added time field,
- better error handling in __init,
- new module parameters handling in 2.6.x version
Please apply.
--
Piotr 'QuakeR' Gasidło, BOFH @ pandora.barbara.eu.org
############## sending lusers to /dev/null since 1998
##### Waiting for tomorrow, for a little ray of light
### Waiting for tomorrow just to see your smile again
[-- Attachment #1.2: ipt_account-fix.diff --]
[-- Type: text/plain, Size: 8909 bytes --]
diff -uNr patch-o-matic-ng.orig/account/linux/net/ipv4/netfilter/ipt_account.c patch-o-matic-ng/account/linux/net/ipv4/netfilter/ipt_account.c
--- patch-o-matic-ng.orig/account/linux/net/ipv4/netfilter/ipt_account.c 2005-05-09 14:10:11.495288184 +0200
+++ patch-o-matic-ng/account/linux/net/ipv4/netfilter/ipt_account.c 2005-05-09 15:10:50.186123096 +0200
@@ -453,10 +453,12 @@
unsigned int *bucket = (unsigned int *)v;
u_int32_t address = table->network + *bucket;
+ struct timespec last;
if (!table->shortlisting) {
+ jiffies_to_timespec(jiffies - table->ip_list.l[*bucket].time, &last);
seq_printf(s,
- "ip = %u.%u.%u.%u bytes_src = %llu %llu %llu %llu %llu packets_src = %llu %llu %llu %llu %llu bytes_dest = %llu %llu %llu %llu %llu packets_dest = %llu %llu %llu %llu %llu\n",
+ "ip = %u.%u.%u.%u bytes_src = %llu %llu %llu %llu %llu packets_src = %llu %llu %llu %llu %llu bytes_dest = %llu %llu %llu %llu %llu packets_dest = %llu %llu %llu %llu %llu time = %lu\n",
HIPQUAD(address),
table->ip_list.l[*bucket].src.b_all,
table->ip_list.l[*bucket].src.b_tcp,
@@ -477,16 +479,19 @@
table->ip_list.l[*bucket].dest.p_tcp,
table->ip_list.l[*bucket].dest.p_udp,
table->ip_list.l[*bucket].dest.p_icmp,
- table->ip_list.l[*bucket].dest.p_other
+ table->ip_list.l[*bucket].dest.p_other,
+ last.tv_sec
);
} else {
+ jiffies_to_timespec(jiffies - table->ip_list.s[*bucket].time, &last);
seq_printf(s,
- "ip = %u.%u.%u.%u bytes_src = %llu packets_src = %llu bytes_dest = %llu packets_dest = %llu\n",
+ "ip = %u.%u.%u.%u bytes_src = %llu packets_src = %llu bytes_dest = %llu packets_dest = %llu time = %lu\n",
HIPQUAD(address),
table->ip_list.s[*bucket].src.b_all,
table->ip_list.s[*bucket].src.p_all,
table->ip_list.s[*bucket].dest.b_all,
- table->ip_list.s[*bucket].dest.p_all
+ table->ip_list.s[*bucket].dest.p_all,
+ last.tv_sec
);
}
return 0;
@@ -891,25 +896,34 @@
static int __init init(void)
{
+ int err;
+
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": __init() entered.\n");
printk(version);
/* check params */
if (netmask > 32 || netmask < 0) {
printk(KERN_INFO "account: Wrong netmask given by netmask parameter (%i). Valid is 32 to 0.\n", netmask);
- return -EINVAL;
+ err = -EINVAL;
+ goto doexit;
}
/* create /proc/net/ipt_account directory */
proc_net_ipt_account = proc_mkdir("ipt_account", proc_net);
if (!proc_net_ipt_account) {
printk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() failed to create procfs entry.\n");
- return -EINVAL; /* was -ENOMEM */
+ err = -ENOMEM;
+ goto doexit;
}
proc_net_ipt_account->owner = THIS_MODULE;
+ err = ipt_register_match(&account_match);
+ if (err) {
+ printk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() failed to register match.\n");
+ remove_proc_entry("ipt_account", proc_net);
+ }
+doexit:
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": __init() left.\n");
-
- return ipt_register_match(&account_match);
+ return err;
}
static void __exit fini(void)
diff -uNr patch-o-matic-ng.orig/account/linux-2.6/net/ipv4/netfilter/ipt_account.c patch-o-matic-ng/account/linux-2.6/net/ipv4/netfilter/ipt_account.c
--- patch-o-matic-ng.orig/account/linux-2.6/net/ipv4/netfilter/ipt_account.c 2005-05-09 14:10:11.662262800 +0200
+++ patch-o-matic-ng/account/linux-2.6/net/ipv4/netfilter/ipt_account.c 2005-05-09 15:20:07.904337040 +0200
@@ -44,9 +44,9 @@
MODULE_AUTHOR("Piotr Gasidlo <quaker@barbara.eu.org>");
MODULE_DESCRIPTION("Traffic accounting modules");
MODULE_LICENSE("GPL");
-MODULE_PARM(permissions,"i");
+module_param(permissions, int, 0400);
+module_param(netmask, int, 0400);
MODULE_PARM_DESC(permissions,"permissions on /proc/net/ipt_account/* files");
-MODULE_PARM(netmask, "i");
MODULE_PARM_DESC(netmask, "maximum *save* size of one list (netmask)");
/* structure with statistics counters */
@@ -453,10 +453,12 @@
unsigned int *bucket = (unsigned int *)v;
u_int32_t address = table->network + *bucket;
+ struct timespec last;
if (!table->shortlisting) {
+ jiffies_to_timespec(jiffies - table->ip_list.l[*bucket].time, &last);
seq_printf(s,
- "ip = %u.%u.%u.%u bytes_src = %llu %llu %llu %llu %llu packets_src = %llu %llu %llu %llu %llu bytes_dest = %llu %llu %llu %llu %llu packets_dest = %llu %llu %llu %llu %llu\n",
+ "ip = %u.%u.%u.%u bytes_src = %llu %llu %llu %llu %llu packets_src = %llu %llu %llu %llu %llu bytes_dest = %llu %llu %llu %llu %llu packets_dest = %llu %llu %llu %llu %llu time = %lu\n",
HIPQUAD(address),
table->ip_list.l[*bucket].src.b_all,
table->ip_list.l[*bucket].src.b_tcp,
@@ -477,16 +479,19 @@
table->ip_list.l[*bucket].dest.p_tcp,
table->ip_list.l[*bucket].dest.p_udp,
table->ip_list.l[*bucket].dest.p_icmp,
- table->ip_list.l[*bucket].dest.p_other
+ table->ip_list.l[*bucket].dest.p_other,
+ last.tv_sec
);
} else {
+ jiffies_to_timespec(jiffies - table->ip_list.s[*bucket].time, &last);
seq_printf(s,
- "ip = %u.%u.%u.%u bytes_src = %llu packets_src = %llu bytes_dest = %llu packets_dest = %llu\n",
+ "ip = %u.%u.%u.%u bytes_src = %llu packets_src = %llu bytes_dest = %llu packets_dest = %llu time = %lu\n",
HIPQUAD(address),
table->ip_list.s[*bucket].src.b_all,
table->ip_list.s[*bucket].src.p_all,
table->ip_list.s[*bucket].dest.b_all,
- table->ip_list.s[*bucket].dest.p_all
+ table->ip_list.s[*bucket].dest.p_all,
+ last.tv_sec
);
}
return 0;
@@ -700,7 +705,7 @@
table = vmalloc(sizeof(struct t_ipt_account_table));
if (table == NULL) {
printk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() failed to allocate %u for new table %s.\n", sizeof(struct t_ipt_account_table), info->name);
- ret = 0; /* was -ENOMEM */
+ ret = 0;
goto failure;
}
@@ -721,7 +726,7 @@
table->ip_list.l = vmalloc(sizeof(struct t_ipt_account_ip_list) * table->count);
if (table->ip_list.l == NULL) {
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() failed to allocate %u for ip_list.\n", sizeof(struct t_ipt_account_ip_list) * table->count);
- ret = 0; /* was -ENOMEM */
+ ret = 0;
goto failure_table;
}
memset(table->ip_list.l, 0, sizeof(struct t_ipt_account_ip_list) * table->count);
@@ -730,7 +735,7 @@
table->ip_list.s = vmalloc(sizeof(struct t_ipt_account_ip_list_short) * table->count);
if (table->ip_list.s == NULL) {
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() failed to allocate %u for ip_list.\n", sizeof(struct t_ipt_account_ip_list_short) * table->count);
- ret = 0; /* was -ENOMEM */
+ ret = 0;
goto failure_table;
}
memset(table->ip_list.s, 0, sizeof(struct t_ipt_account_ip_list_short) * table->count);
@@ -763,7 +768,7 @@
/* create procfs status file */
table->status_file = create_proc_entry(table->name, permissions, proc_net_ipt_account);
if (table->status_file == NULL) {
- ret = 0; /* was -ENOMEM */
+ ret = 0;
goto failure_unlink;
}
table->status_file->owner = THIS_MODULE;
@@ -785,13 +790,13 @@
if (table == NULL) {
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() no table found. Leaving.\n");
spin_unlock_bh(&account_lock);
- return 0; /* was -ENOMEM */
+ return 0;
}
while (strncmp(info->name, table->name, IPT_ACCOUNT_NAME_LEN) && (last_table = table) && (table = table->next));
if (table == NULL) {
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() table already destroyed. Leaving.\n");
spin_unlock_bh(&account_lock);
- return 0; /* was -ENOMEM */
+ return 0;
}
if (last_table)
last_table->next = table->next;
@@ -886,25 +891,34 @@
static int __init init(void)
{
+ int err;
+
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": __init() entered.\n");
printk(version);
/* check params */
if (netmask > 32 || netmask < 0) {
printk(KERN_INFO "account: Wrong netmask given by netmask parameter (%i). Valid is 32 to 0.\n", netmask);
- return -EINVAL;
+ err = -EINVAL;
+ goto doexit;
}
/* create /proc/net/ipt_account directory */
proc_net_ipt_account = proc_mkdir("ipt_account", proc_net);
if (!proc_net_ipt_account) {
printk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() failed to create procfs entry.\n");
- return -EINVAL; /* was -ENOMEM */
+ err = -ENOMEM;
+ goto doexit;
}
proc_net_ipt_account->owner = THIS_MODULE;
+ err = ipt_register_match(&account_match);
+ if (err) {
+ printk(KERN_INFO IPT_ACCOUNT_NAME ": checkentry() failed to register match.\n");
+ remove_proc_entry("ipt_account", proc_net);
+ }
+doexit:
dprintk(KERN_INFO IPT_ACCOUNT_NAME ": __init() left.\n");
-
- return ipt_register_match(&account_match);
+ return err;
}
static void __exit fini(void)
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-05-17 20:04 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-05-09 13:44 [PATCH] ipt_account fixup Piotr Gasidło
2005-05-17 20:04 ` Patrick McHardy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.