diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/Makefile.am | 2 | ||||
-rw-r--r-- | src/buffer.c | 76 | ||||
-rw-r--r-- | src/cache_iterators.c | 10 | ||||
-rw-r--r-- | src/ignore_pool.c | 2 | ||||
-rw-r--r-- | src/log.c | 34 | ||||
-rw-r--r-- | src/main.c | 4 | ||||
-rw-r--r-- | src/netlink.c | 28 | ||||
-rw-r--r-- | src/network.c | 2 | ||||
-rw-r--r-- | src/read_config_yy.y | 2 | ||||
-rw-r--r-- | src/run.c | 24 | ||||
-rw-r--r-- | src/stats-mode.c | 30 | ||||
-rw-r--r-- | src/sync-ftfw.c | 8 | ||||
-rw-r--r-- | src/sync-mode.c | 32 |
13 files changed, 74 insertions, 180 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index fafb5ff..15628b7 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -10,7 +10,7 @@ conntrack_SOURCES = conntrack.c conntrack_LDADD = ../extensions/libct_proto_tcp.la ../extensions/libct_proto_udp.la ../extensions/libct_proto_icmp.la conntrack_LDFLAGS = $(all_libraries) @LIBNETFILTER_CONNTRACK_LIBS@ -conntrackd_SOURCES = alarm.c main.c run.c hash.c queue.c buffer.c \ +conntrackd_SOURCES = alarm.c main.c run.c hash.c queue.c \ local.c log.c mcast.c netlink.c \ ignore_pool.c \ cache.c cache_iterators.c \ diff --git a/src/buffer.c b/src/buffer.c deleted file mode 100644 index 739174a..0000000 --- a/src/buffer.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * (C) 2006-2008 by Pablo Neira Ayuso <pablo@netfilter.org> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -#include "buffer.h" - -#include <stdlib.h> -#include <string.h> -#include <errno.h> - -struct buffer *buffer_create(size_t size) -{ - struct buffer *b; - - b = malloc(sizeof(struct buffer)); - if (b == NULL) - return NULL; - memset(b, 0, sizeof(struct buffer)); - - b->size = size; - - b->data = malloc(size); - if (b->data == NULL) { - free(b); - return NULL; - } - memset(b->data, 0, size); - - return b; -} - -void buffer_destroy(struct buffer *b) -{ - free(b->data); - free(b); -} - -int buffer_add(struct buffer *b, void *data, size_t size) -{ - if (b->size - b->cur_size < size) { - errno = ENOSPC; - return -1; - } - - memcpy(b->data + b->cur_size, data, size); - b->cur_size += size; - return 0; -} - -void buffer_flush(struct buffer *b, - void (*cb)(void *buffer_data, void *data), - void *data) -{ - cb(b->data, data); - b->cur_size = 0; - memset(b->data, 0, b->size); -} - -size_t buffer_size(const struct buffer *b) -{ - return b->size; -} diff --git a/src/cache_iterators.c b/src/cache_iterators.c index bf70dd1..92b7b7f 100644 --- a/src/cache_iterators.c +++ b/src/cache_iterators.c @@ -123,14 +123,14 @@ void cache_commit(struct cache *c) commit_exist = c->commit_exist - commit_exist; /* log results */ - dlog(STATE(log), LOG_NOTICE, "Committed %u new entries", commit_ok); + dlog(LOG_NOTICE, "Committed %u new entries", commit_ok); if (commit_exist) - dlog(STATE(log), LOG_NOTICE, "%u entries ignored, " - "already exist", commit_exist); + dlog(LOG_NOTICE, "%u entries ignored, " + "already exist", commit_exist); if (commit_fail) - dlog(STATE(log), LOG_NOTICE, "%u entries can't be " - "committed", commit_fail); + dlog(LOG_NOTICE, "%u entries can't be " + "committed", commit_fail); } static int do_flush(void *data1, void *data2) diff --git a/src/ignore_pool.c b/src/ignore_pool.c index c77a55b..2d898d1 100644 --- a/src/ignore_pool.c +++ b/src/ignore_pool.c @@ -133,7 +133,7 @@ int ignore_pool_test(struct ignore_pool *ip, struct nf_conntrack *ct) ret = __ignore_pool_test_ipv6(ip, ct); break; default: - dlog(STATE(log), LOG_WARNING, "unknown layer 3 protocol?"); + dlog(LOG_WARNING, "unknown layer 3 protocol?"); break; } @@ -19,7 +19,6 @@ */ #include "log.h" -#include "buffer.h" #include "conntrackd.h" #include <time.h> @@ -38,6 +37,8 @@ int init_log(void) strerror(errno)); return -1; } + + setlinebuf(STATE(log)); } if (CONFIG(stats).logfile[0]) { @@ -48,6 +49,8 @@ int init_log(void) strerror(errno)); return -1; } + + setlinebuf(STATE(stats_log)); } if (CONFIG(syslog_facility) != -1 || @@ -57,8 +60,9 @@ int init_log(void) return 0; } -void dlog(FILE *fd, int priority, const char *format, ...) +void dlog(int priority, const char *format, ...) { + FILE *fd = STATE(log); time_t t; char *buf; const char *prio; @@ -100,16 +104,9 @@ void dlog(FILE *fd, int priority, const char *format, ...) } } -void dlog_buffered_ct_flush(void *buffer_data, void *data) -{ - FILE *fd = data; - - fputs((const char*)buffer_data, fd); - fflush(fd); -} - -void dlog_buffered_ct(FILE *fd, struct buffer *b, struct nf_conntrack *ct) +void dlog_ct(struct nf_conntrack *ct) { + FILE *fd = STATE(stats_log); time_t t; char buf[1024]; char *tmp; @@ -122,20 +119,7 @@ void dlog_buffered_ct(FILE *fd, struct buffer *b, struct nf_conntrack *ct) if (fd) { snprintf(buf+strlen(buf), 1024-strlen(buf), "\n"); - /* zero size buffer: force fflush */ - if (buffer_size(b) == 0) { - fputs(buf, fd); - fflush(fd); - } - - if (buffer_add(b, buf, strlen(buf)) == -1) { - buffer_flush(b, dlog_buffered_ct_flush, fd); - if (buffer_add(b, buf, strlen(buf)) == -1) { - /* buffer too small, catacrocket! */ - fputs(buf, fd); - fflush(fd); - } - } + fputs(buf, fd); } if (CONFIG(stats).syslog_facility != -1) @@ -250,9 +250,9 @@ int main(int argc, char *argv[]) close(STDOUT_FILENO); close(STDERR_FILENO); - dlog(STATE(log), LOG_NOTICE, "-- starting in daemon mode --"); + dlog(LOG_NOTICE, "-- starting in daemon mode --"); } else - dlog(STATE(log), LOG_NOTICE, "-- starting in console mode --"); + dlog(LOG_NOTICE, "-- starting in console mode --"); /* * run main process diff --git a/src/netlink.c b/src/netlink.c index 0457e8a..bb94001 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -73,7 +73,7 @@ static int event_handler(enum nf_conntrack_msg_type type, update_traffic_stats(ct); break; default: - dlog(STATE(log), LOG_WARNING, "unknown msg from ctnetlink\n"); + dlog(LOG_WARNING, "unknown msg from ctnetlink\n"); break; } @@ -134,7 +134,7 @@ static int dump_handler(enum nf_conntrack_msg_type type, STATE(mode)->dump(ct); break; default: - dlog(STATE(log), LOG_WARNING, "unknown msg from ctnetlink"); + dlog(LOG_WARNING, "unknown msg from ctnetlink"); break; } return NFCT_CB_CONTINUE; @@ -167,15 +167,15 @@ void nl_resize_socket_buffer(struct nfct_handle *h) return; if (s > CONFIG(netlink_buffer_size_max_grown)) { - dlog(STATE(log), LOG_WARNING, - "maximum netlink socket buffer " - "size has been reached. We are likely to " - "be losing events, this may lead to " - "unsynchronized replicas. Please, consider " - "increasing netlink socket buffer size via " - "SocketBufferSize and " - "SocketBufferSizeMaxGrown clauses in " - "conntrackd.conf"); + dlog(LOG_WARNING, + "maximum netlink socket buffer " + "size has been reached. We are likely to " + "be losing events, this may lead to " + "unsynchronized replicas. Please, consider " + "increasing netlink socket buffer size via " + "SocketBufferSize and " + "SocketBufferSizeMaxGrown clauses in " + "conntrackd.conf"); s = CONFIG(netlink_buffer_size_max_grown); warned = 1; } @@ -183,9 +183,9 @@ void nl_resize_socket_buffer(struct nfct_handle *h) CONFIG(netlink_buffer_size) = nfnl_rcvbufsiz(nfct_nfnlh(h), s); /* notify the sysadmin */ - dlog(STATE(log), LOG_NOTICE, "netlink socket buffer size " - "has been set to %u bytes", - CONFIG(netlink_buffer_size)); + dlog(LOG_NOTICE, "netlink socket buffer size " + "has been set to %u bytes", + CONFIG(netlink_buffer_size)); } int nl_dump_conntrack_table(void) diff --git a/src/network.c b/src/network.c index 7c7a08a..da26545 100644 --- a/src/network.c +++ b/src/network.c @@ -222,7 +222,7 @@ int mcast_track_seq(uint32_t seq, uint32_t *exp_seq) /* out of sequence: replayed/delayed packet? */ if (before(seq, STATE_SYNC(last_seq_recv)+1)) - dlog(STATE(log), LOG_WARNING, "delayed packet? exp=%u rcv=%u", + dlog(LOG_WARNING, "delayed packet? exp=%u rcv=%u", STATE_SYNC(last_seq_recv)+1, seq); out: diff --git a/src/read_config_yy.y b/src/read_config_yy.y index 531b1fe..0ba5331 100644 --- a/src/read_config_yy.y +++ b/src/read_config_yy.y @@ -635,7 +635,7 @@ stat_syslog_facility : T_SYSLOG T_STRING buffer_size: T_STAT_BUFFER_SIZE T_NUMBER { - conf.stats.buffer_size = $2; + fprintf(stderr, "WARNING: LogFileBufferSize is deprecated.\n"); }; %% @@ -43,7 +43,7 @@ void killer(int foo) local_server_destroy(STATE(local), CONFIG(local).path); STATE(mode)->kill(); unlink(CONFIG(lockfile)); - dlog(STATE(log), LOG_NOTICE, "---- shutdown received ----"); + dlog(LOG_NOTICE, "---- shutdown received ----"); close_log(); sigprocmask(SIG_UNBLOCK, &STATE(block), NULL); @@ -63,7 +63,7 @@ void local_handler(int fd, void *data) ret = read(fd, &type, sizeof(type)); if (ret == -1) { - dlog(STATE(log), LOG_ERR, "can't read from unix socket"); + dlog(LOG_ERR, "can't read from unix socket"); return; } if (ret == 0) @@ -71,7 +71,7 @@ void local_handler(int fd, void *data) switch(type) { case FLUSH_MASTER: - dlog(STATE(log), LOG_WARNING, "`conntrackd -F' is deprecated. " + dlog(LOG_WARNING, "`conntrackd -F' is deprecated. " "Use conntrack -F instead."); if (fork() == 0) { execlp("conntrack", "conntrack", "-F", NULL); @@ -79,13 +79,13 @@ void local_handler(int fd, void *data) } return; case RESYNC_MASTER: - dlog(STATE(log), LOG_NOTICE, "resync with master table"); + dlog(LOG_NOTICE, "resync with master table"); nl_dump_conntrack_table(); return; } if (!STATE(mode)->local(fd, type, data)) - dlog(STATE(log), LOG_WARNING, "unknown local request %d", type); + dlog(LOG_WARNING, "unknown local request %d", type); } int @@ -104,25 +104,25 @@ init(void) /* Initialization */ if (STATE(mode)->init() == -1) { - dlog(STATE(log), LOG_ERR, "initialization failed"); + dlog(LOG_ERR, "initialization failed"); return -1; } /* local UNIX socket */ STATE(local) = local_server_create(&CONFIG(local)); if (!STATE(local)) { - dlog(STATE(log), LOG_ERR, "can't open unix socket!"); + dlog(LOG_ERR, "can't open unix socket!"); return -1; } if (nl_init_event_handler() == -1) { - dlog(STATE(log), LOG_ERR, "can't open netlink handler! " + dlog(LOG_ERR, "can't open netlink handler! " "no ctnetlink kernel support?"); return -1; } if (nl_init_dump_handler() == -1) { - dlog(STATE(log), LOG_ERR, "can't open netlink handler! " + dlog(LOG_ERR, "can't open netlink handler! " "no ctnetlink kernel support?"); return -1; } @@ -146,7 +146,7 @@ init(void) if (signal(SIGCHLD, child) == SIG_ERR) return -1; - dlog(STATE(log), LOG_NOTICE, "initialization completed"); + dlog(LOG_NOTICE, "initialization completed"); return 0; } @@ -171,7 +171,7 @@ static int __run(struct timeval *next_alarm) if (errno == EINTR) return 0; - dlog(STATE(log), LOG_WARNING, + dlog(LOG_WARNING, "select failed: %s", strerror(errno)); return 0; } @@ -213,7 +213,7 @@ static int __run(struct timeval *next_alarm) case EAGAIN: break; default: - dlog(STATE(log), LOG_WARNING, + dlog(LOG_WARNING, "event catch says: %s", strerror(errno)); break; } diff --git a/src/stats-mode.c b/src/stats-mode.c index 0ecb2b0..9e6089c 100644 --- a/src/stats-mode.c +++ b/src/stats-mode.c @@ -18,7 +18,6 @@ #include "netlink.h" #include "traffic_stats.h" -#include "buffer.h" #include "debug.h" #include "cache.h" #include "log.h" @@ -32,27 +31,19 @@ static int init_stats(void) { state.stats = malloc(sizeof(struct ct_stats_state)); if (!state.stats) { - dlog(STATE(log), LOG_ERR, "can't allocate memory for stats"); + dlog(LOG_ERR, "can't allocate memory for stats"); return -1; } memset(state.stats, 0, sizeof(struct ct_stats_state)); - STATE_STATS(buffer_log) = buffer_create(CONFIG(stats).buffer_size); - if (!STATE_STATS(buffer_log)) { - dlog(STATE(log), LOG_ERR, "can't allocate stats buffer"); - free(state.stats); - return -1; - } - STATE_STATS(cache) = cache_create("stats", LIFETIME, CONFIG(family), NULL); if (!STATE_STATS(cache)) { - dlog(STATE(log), LOG_ERR, "can't allocate memory for the " - "external cache"); + dlog(LOG_ERR, "can't allocate memory for the " + "external cache"); free(state.stats); - buffer_destroy(STATE_STATS(buffer_log)); return -1; } @@ -62,11 +53,6 @@ static int init_stats(void) static void kill_stats(void) { cache_destroy(STATE_STATS(cache)); - /* flush the buffer before exiting */ - if (STATE(stats_log) != NULL) - buffer_flush(STATE_STATS(buffer_log), - dlog_buffered_ct_flush, - STATE(stats_log)); } /* handler for requests coming via UNIX socket */ @@ -82,7 +68,7 @@ static int local_handler_stats(int fd, int type, void *data) cache_dump(STATE_STATS(cache), fd, NFCT_O_XML); break; case FLUSH_CACHE: - dlog(STATE(log), LOG_NOTICE, "flushing caches"); + dlog(LOG_NOTICE, "flushing caches"); cache_flush(STATE_STATS(cache)); break; case KILL: @@ -138,7 +124,7 @@ static void overrun_stats(void) h = nfct_open(CONNTRACK, 0); if (!h) { - dlog(STATE(log), LOG_ERR, "can't open overrun handler"); + dlog(LOG_ERR, "can't open overrun handler"); return; } @@ -148,7 +134,7 @@ static void overrun_stats(void) ret = nfct_query(h, NFCT_Q_DUMP, &family); if (ret == -1) - dlog(STATE(log), LOG_ERR, + dlog(LOG_ERR, "overrun query error %s", strerror(errno)); nfct_close(h); @@ -162,7 +148,7 @@ static void event_new_stats(struct nf_conntrack *ct) debug_ct(ct, "cache new"); } else { if (errno != EEXIST) { - dlog(STATE(log), LOG_ERR, + dlog(LOG_ERR, "can't add to cache cache: %s\n", strerror(errno)); debug_ct(ct, "can't add"); } @@ -186,7 +172,7 @@ static int event_destroy_stats(struct nf_conntrack *ct) if (cache_del(STATE_STATS(cache), ct)) { debug_ct(ct, "cache destroy"); - dlog_buffered_ct(STATE(stats_log), STATE_STATS(buffer_log), ct); + dlog_ct(ct); return 1; } else { debug_ct(ct, "can't destroy!"); diff --git a/src/sync-ftfw.c b/src/sync-ftfw.c index f6d2ed3..94df5f9 100644 --- a/src/sync-ftfw.c +++ b/src/sync-ftfw.c @@ -98,13 +98,13 @@ static int ftfw_init(void) { tx_queue = queue_create(CONFIG(resend_queue_size)); if (tx_queue == NULL) { - dlog(STATE(log), LOG_ERR, "cannot create tx queue"); + dlog(LOG_ERR, "cannot create tx queue"); return -1; } rs_queue = queue_create(CONFIG(resend_queue_size)); if (rs_queue == NULL) { - dlog(STATE(log), LOG_ERR, "cannot create rs queue"); + dlog(LOG_ERR, "cannot create rs queue"); return -1; } @@ -143,11 +143,11 @@ static int ftfw_local(int fd, int type, void *data) switch(type) { case REQUEST_DUMP: - dlog(STATE(log), LOG_NOTICE, "request resync"); + dlog(LOG_NOTICE, "request resync"); tx_queue_add_ctlmsg(NET_F_RESYNC, 0, 0); break; case SEND_BULK: - dlog(STATE(log), LOG_NOTICE, "sending bulk update"); + dlog(LOG_NOTICE, "sending bulk update"); cache_iterate(STATE_SYNC(internal), NULL, do_cache_to_tx); break; default: diff --git a/src/sync-mode.c b/src/sync-mode.c index dc8e782..4b2fad7 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -80,7 +80,7 @@ retry: debug_ct(ct, "can't destroy"); break; default: - dlog(STATE(log), LOG_ERR, "mcast unknown query %d\n", query); + dlog(LOG_ERR, "mcast unknown query %d\n", query); break; } } @@ -100,7 +100,7 @@ static void mcast_handler(void) struct nethdr *net = (struct nethdr *) ptr; if (ntohs(net->len) > remain) { - dlog(STATE(log), LOG_ERR, "fragmented messages"); + dlog(LOG_ERR, "fragmented messages"); break; } @@ -122,7 +122,7 @@ static int init_sync(void) { state.sync = malloc(sizeof(struct ct_sync_state)); if (!state.sync) { - dlog(STATE(log), LOG_ERR, "can't allocate memory for sync"); + dlog(LOG_ERR, "can't allocate memory for sync"); return -1; } memset(state.sync, 0, sizeof(struct ct_sync_state)); @@ -148,8 +148,8 @@ static int init_sync(void) STATE_SYNC(sync)->internal_cache_extra); if (!STATE_SYNC(internal)) { - dlog(STATE(log), LOG_ERR, "can't allocate memory for " - "the internal cache"); + dlog(LOG_ERR, "can't allocate memory for " + "the internal cache"); return -1; } @@ -164,28 +164,28 @@ static int init_sync(void) NULL); if (!STATE_SYNC(external)) { - dlog(STATE(log), LOG_ERR, "can't allocate memory for the " - "external cache"); + dlog(LOG_ERR, "can't allocate memory for the " + "external cache"); return -1; } /* multicast server to receive events from the wire */ STATE_SYNC(mcast_server) = mcast_server_create(&CONFIG(mcast)); if (STATE_SYNC(mcast_server) == NULL) { - dlog(STATE(log), LOG_ERR, "can't open multicast server!"); + dlog(LOG_ERR, "can't open multicast server!"); return -1; } /* multicast client to send events on the wire */ STATE_SYNC(mcast_client) = mcast_client_create(&CONFIG(mcast)); if (STATE_SYNC(mcast_client) == NULL) { - dlog(STATE(log), LOG_ERR, "can't open client multicast socket"); + dlog(LOG_ERR, "can't open client multicast socket"); mcast_server_destroy(STATE_SYNC(mcast_server)); return -1; } if (mcast_buffered_init(&CONFIG(mcast)) == -1) { - dlog(STATE(log), LOG_ERR, "can't init tx buffer!"); + dlog(LOG_ERR, "can't init tx buffer!"); mcast_server_destroy(STATE_SYNC(mcast_server)); mcast_client_destroy(STATE_SYNC(mcast_client)); return -1; @@ -282,14 +282,14 @@ static int local_handler_sync(int fd, int type, void *data) case COMMIT: ret = fork(); if (ret == 0) { - dlog(STATE(log), LOG_NOTICE, + dlog(LOG_NOTICE, "committing external cache"); cache_commit(STATE_SYNC(external)); exit(EXIT_SUCCESS); } break; case FLUSH_CACHE: - dlog(STATE(log), LOG_NOTICE, "flushing caches"); + dlog(LOG_NOTICE, "flushing caches"); cache_flush(STATE_SYNC(internal)); cache_flush(STATE_SYNC(external)); break; @@ -416,7 +416,7 @@ static void overrun_sync(void) h = nfct_open(CONNTRACK, 0); if (!h) { - dlog(STATE(log), LOG_ERR, "can't open overrun handler"); + dlog(LOG_ERR, "can't open overrun handler"); return; } @@ -424,7 +424,7 @@ static void overrun_sync(void) ret = nfct_query(h, NFCT_Q_DUMP, &family); if (ret == -1) - dlog(STATE(log), LOG_ERR, + dlog(LOG_ERR, "overrun query error %s", strerror(errno)); nfct_callback_unregister(h); @@ -457,8 +457,8 @@ retry: goto retry; } - dlog(STATE(log), LOG_ERR, "can't add to internal cache: " - "%s\n", strerror(errno)); + dlog(LOG_ERR, "can't add to internal cache: " + "%s\n", strerror(errno)); debug_ct(ct, "can't add"); } } |