summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am2
-rw-r--r--src/buffer.c76
-rw-r--r--src/cache_iterators.c10
-rw-r--r--src/ignore_pool.c2
-rw-r--r--src/log.c34
-rw-r--r--src/main.c4
-rw-r--r--src/netlink.c28
-rw-r--r--src/network.c2
-rw-r--r--src/read_config_yy.y2
-rw-r--r--src/run.c24
-rw-r--r--src/stats-mode.c30
-rw-r--r--src/sync-ftfw.c8
-rw-r--r--src/sync-mode.c32
13 files changed, 74 insertions, 180 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index fafb5ff..15628b7 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -10,7 +10,7 @@ conntrack_SOURCES = conntrack.c
conntrack_LDADD = ../extensions/libct_proto_tcp.la ../extensions/libct_proto_udp.la ../extensions/libct_proto_icmp.la
conntrack_LDFLAGS = $(all_libraries) @LIBNETFILTER_CONNTRACK_LIBS@
-conntrackd_SOURCES = alarm.c main.c run.c hash.c queue.c buffer.c \
+conntrackd_SOURCES = alarm.c main.c run.c hash.c queue.c \
local.c log.c mcast.c netlink.c \
ignore_pool.c \
cache.c cache_iterators.c \
diff --git a/src/buffer.c b/src/buffer.c
deleted file mode 100644
index 739174a..0000000
--- a/src/buffer.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * (C) 2006-2008 by Pablo Neira Ayuso <pablo@netfilter.org>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "buffer.h"
-
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-struct buffer *buffer_create(size_t size)
-{
- struct buffer *b;
-
- b = malloc(sizeof(struct buffer));
- if (b == NULL)
- return NULL;
- memset(b, 0, sizeof(struct buffer));
-
- b->size = size;
-
- b->data = malloc(size);
- if (b->data == NULL) {
- free(b);
- return NULL;
- }
- memset(b->data, 0, size);
-
- return b;
-}
-
-void buffer_destroy(struct buffer *b)
-{
- free(b->data);
- free(b);
-}
-
-int buffer_add(struct buffer *b, void *data, size_t size)
-{
- if (b->size - b->cur_size < size) {
- errno = ENOSPC;
- return -1;
- }
-
- memcpy(b->data + b->cur_size, data, size);
- b->cur_size += size;
- return 0;
-}
-
-void buffer_flush(struct buffer *b,
- void (*cb)(void *buffer_data, void *data),
- void *data)
-{
- cb(b->data, data);
- b->cur_size = 0;
- memset(b->data, 0, b->size);
-}
-
-size_t buffer_size(const struct buffer *b)
-{
- return b->size;
-}
diff --git a/src/cache_iterators.c b/src/cache_iterators.c
index bf70dd1..92b7b7f 100644
--- a/src/cache_iterators.c
+++ b/src/cache_iterators.c
@@ -123,14 +123,14 @@ void cache_commit(struct cache *c)
commit_exist = c->commit_exist - commit_exist;
/* log results */
- dlog(STATE(log), LOG_NOTICE, "Committed %u new entries", commit_ok);
+ dlog(LOG_NOTICE, "Committed %u new entries", commit_ok);
if (commit_exist)
- dlog(STATE(log), LOG_NOTICE, "%u entries ignored, "
- "already exist", commit_exist);
+ dlog(LOG_NOTICE, "%u entries ignored, "
+ "already exist", commit_exist);
if (commit_fail)
- dlog(STATE(log), LOG_NOTICE, "%u entries can't be "
- "committed", commit_fail);
+ dlog(LOG_NOTICE, "%u entries can't be "
+ "committed", commit_fail);
}
static int do_flush(void *data1, void *data2)
diff --git a/src/ignore_pool.c b/src/ignore_pool.c
index c77a55b..2d898d1 100644
--- a/src/ignore_pool.c
+++ b/src/ignore_pool.c
@@ -133,7 +133,7 @@ int ignore_pool_test(struct ignore_pool *ip, struct nf_conntrack *ct)
ret = __ignore_pool_test_ipv6(ip, ct);
break;
default:
- dlog(STATE(log), LOG_WARNING, "unknown layer 3 protocol?");
+ dlog(LOG_WARNING, "unknown layer 3 protocol?");
break;
}
diff --git a/src/log.c b/src/log.c
index 41b2057..51e757f 100644
--- a/src/log.c
+++ b/src/log.c
@@ -19,7 +19,6 @@
*/
#include "log.h"
-#include "buffer.h"
#include "conntrackd.h"
#include <time.h>
@@ -38,6 +37,8 @@ int init_log(void)
strerror(errno));
return -1;
}
+
+ setlinebuf(STATE(log));
}
if (CONFIG(stats).logfile[0]) {
@@ -48,6 +49,8 @@ int init_log(void)
strerror(errno));
return -1;
}
+
+ setlinebuf(STATE(stats_log));
}
if (CONFIG(syslog_facility) != -1 ||
@@ -57,8 +60,9 @@ int init_log(void)
return 0;
}
-void dlog(FILE *fd, int priority, const char *format, ...)
+void dlog(int priority, const char *format, ...)
{
+ FILE *fd = STATE(log);
time_t t;
char *buf;
const char *prio;
@@ -100,16 +104,9 @@ void dlog(FILE *fd, int priority, const char *format, ...)
}
}
-void dlog_buffered_ct_flush(void *buffer_data, void *data)
-{
- FILE *fd = data;
-
- fputs((const char*)buffer_data, fd);
- fflush(fd);
-}
-
-void dlog_buffered_ct(FILE *fd, struct buffer *b, struct nf_conntrack *ct)
+void dlog_ct(struct nf_conntrack *ct)
{
+ FILE *fd = STATE(stats_log);
time_t t;
char buf[1024];
char *tmp;
@@ -122,20 +119,7 @@ void dlog_buffered_ct(FILE *fd, struct buffer *b, struct nf_conntrack *ct)
if (fd) {
snprintf(buf+strlen(buf), 1024-strlen(buf), "\n");
- /* zero size buffer: force fflush */
- if (buffer_size(b) == 0) {
- fputs(buf, fd);
- fflush(fd);
- }
-
- if (buffer_add(b, buf, strlen(buf)) == -1) {
- buffer_flush(b, dlog_buffered_ct_flush, fd);
- if (buffer_add(b, buf, strlen(buf)) == -1) {
- /* buffer too small, catacrocket! */
- fputs(buf, fd);
- fflush(fd);
- }
- }
+ fputs(buf, fd);
}
if (CONFIG(stats).syslog_facility != -1)
diff --git a/src/main.c b/src/main.c
index 0aa5317..8221564 100644
--- a/src/main.c
+++ b/src/main.c
@@ -250,9 +250,9 @@ int main(int argc, char *argv[])
close(STDOUT_FILENO);
close(STDERR_FILENO);
- dlog(STATE(log), LOG_NOTICE, "-- starting in daemon mode --");
+ dlog(LOG_NOTICE, "-- starting in daemon mode --");
} else
- dlog(STATE(log), LOG_NOTICE, "-- starting in console mode --");
+ dlog(LOG_NOTICE, "-- starting in console mode --");
/*
* run main process
diff --git a/src/netlink.c b/src/netlink.c
index 0457e8a..bb94001 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -73,7 +73,7 @@ static int event_handler(enum nf_conntrack_msg_type type,
update_traffic_stats(ct);
break;
default:
- dlog(STATE(log), LOG_WARNING, "unknown msg from ctnetlink\n");
+ dlog(LOG_WARNING, "unknown msg from ctnetlink\n");
break;
}
@@ -134,7 +134,7 @@ static int dump_handler(enum nf_conntrack_msg_type type,
STATE(mode)->dump(ct);
break;
default:
- dlog(STATE(log), LOG_WARNING, "unknown msg from ctnetlink");
+ dlog(LOG_WARNING, "unknown msg from ctnetlink");
break;
}
return NFCT_CB_CONTINUE;
@@ -167,15 +167,15 @@ void nl_resize_socket_buffer(struct nfct_handle *h)
return;
if (s > CONFIG(netlink_buffer_size_max_grown)) {
- dlog(STATE(log), LOG_WARNING,
- "maximum netlink socket buffer "
- "size has been reached. We are likely to "
- "be losing events, this may lead to "
- "unsynchronized replicas. Please, consider "
- "increasing netlink socket buffer size via "
- "SocketBufferSize and "
- "SocketBufferSizeMaxGrown clauses in "
- "conntrackd.conf");
+ dlog(LOG_WARNING,
+ "maximum netlink socket buffer "
+ "size has been reached. We are likely to "
+ "be losing events, this may lead to "
+ "unsynchronized replicas. Please, consider "
+ "increasing netlink socket buffer size via "
+ "SocketBufferSize and "
+ "SocketBufferSizeMaxGrown clauses in "
+ "conntrackd.conf");
s = CONFIG(netlink_buffer_size_max_grown);
warned = 1;
}
@@ -183,9 +183,9 @@ void nl_resize_socket_buffer(struct nfct_handle *h)
CONFIG(netlink_buffer_size) = nfnl_rcvbufsiz(nfct_nfnlh(h), s);
/* notify the sysadmin */
- dlog(STATE(log), LOG_NOTICE, "netlink socket buffer size "
- "has been set to %u bytes",
- CONFIG(netlink_buffer_size));
+ dlog(LOG_NOTICE, "netlink socket buffer size "
+ "has been set to %u bytes",
+ CONFIG(netlink_buffer_size));
}
int nl_dump_conntrack_table(void)
diff --git a/src/network.c b/src/network.c
index 7c7a08a..da26545 100644
--- a/src/network.c
+++ b/src/network.c
@@ -222,7 +222,7 @@ int mcast_track_seq(uint32_t seq, uint32_t *exp_seq)
/* out of sequence: replayed/delayed packet? */
if (before(seq, STATE_SYNC(last_seq_recv)+1))
- dlog(STATE(log), LOG_WARNING, "delayed packet? exp=%u rcv=%u",
+ dlog(LOG_WARNING, "delayed packet? exp=%u rcv=%u",
STATE_SYNC(last_seq_recv)+1, seq);
out:
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
index 531b1fe..0ba5331 100644
--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
@@ -635,7 +635,7 @@ stat_syslog_facility : T_SYSLOG T_STRING
buffer_size: T_STAT_BUFFER_SIZE T_NUMBER
{
- conf.stats.buffer_size = $2;
+ fprintf(stderr, "WARNING: LogFileBufferSize is deprecated.\n");
};
%%
diff --git a/src/run.c b/src/run.c
index 9076028..a5b6a79 100644
--- a/src/run.c
+++ b/src/run.c
@@ -43,7 +43,7 @@ void killer(int foo)
local_server_destroy(STATE(local), CONFIG(local).path);
STATE(mode)->kill();
unlink(CONFIG(lockfile));
- dlog(STATE(log), LOG_NOTICE, "---- shutdown received ----");
+ dlog(LOG_NOTICE, "---- shutdown received ----");
close_log();
sigprocmask(SIG_UNBLOCK, &STATE(block), NULL);
@@ -63,7 +63,7 @@ void local_handler(int fd, void *data)
ret = read(fd, &type, sizeof(type));
if (ret == -1) {
- dlog(STATE(log), LOG_ERR, "can't read from unix socket");
+ dlog(LOG_ERR, "can't read from unix socket");
return;
}
if (ret == 0)
@@ -71,7 +71,7 @@ void local_handler(int fd, void *data)
switch(type) {
case FLUSH_MASTER:
- dlog(STATE(log), LOG_WARNING, "`conntrackd -F' is deprecated. "
+ dlog(LOG_WARNING, "`conntrackd -F' is deprecated. "
"Use conntrack -F instead.");
if (fork() == 0) {
execlp("conntrack", "conntrack", "-F", NULL);
@@ -79,13 +79,13 @@ void local_handler(int fd, void *data)
}
return;
case RESYNC_MASTER:
- dlog(STATE(log), LOG_NOTICE, "resync with master table");
+ dlog(LOG_NOTICE, "resync with master table");
nl_dump_conntrack_table();
return;
}
if (!STATE(mode)->local(fd, type, data))
- dlog(STATE(log), LOG_WARNING, "unknown local request %d", type);
+ dlog(LOG_WARNING, "unknown local request %d", type);
}
int
@@ -104,25 +104,25 @@ init(void)
/* Initialization */
if (STATE(mode)->init() == -1) {
- dlog(STATE(log), LOG_ERR, "initialization failed");
+ dlog(LOG_ERR, "initialization failed");
return -1;
}
/* local UNIX socket */
STATE(local) = local_server_create(&CONFIG(local));
if (!STATE(local)) {
- dlog(STATE(log), LOG_ERR, "can't open unix socket!");
+ dlog(LOG_ERR, "can't open unix socket!");
return -1;
}
if (nl_init_event_handler() == -1) {
- dlog(STATE(log), LOG_ERR, "can't open netlink handler! "
+ dlog(LOG_ERR, "can't open netlink handler! "
"no ctnetlink kernel support?");
return -1;
}
if (nl_init_dump_handler() == -1) {
- dlog(STATE(log), LOG_ERR, "can't open netlink handler! "
+ dlog(LOG_ERR, "can't open netlink handler! "
"no ctnetlink kernel support?");
return -1;
}
@@ -146,7 +146,7 @@ init(void)
if (signal(SIGCHLD, child) == SIG_ERR)
return -1;
- dlog(STATE(log), LOG_NOTICE, "initialization completed");
+ dlog(LOG_NOTICE, "initialization completed");
return 0;
}
@@ -171,7 +171,7 @@ static int __run(struct timeval *next_alarm)
if (errno == EINTR)
return 0;
- dlog(STATE(log), LOG_WARNING,
+ dlog(LOG_WARNING,
"select failed: %s", strerror(errno));
return 0;
}
@@ -213,7 +213,7 @@ static int __run(struct timeval *next_alarm)
case EAGAIN:
break;
default:
- dlog(STATE(log), LOG_WARNING,
+ dlog(LOG_WARNING,
"event catch says: %s", strerror(errno));
break;
}
diff --git a/src/stats-mode.c b/src/stats-mode.c
index 0ecb2b0..9e6089c 100644
--- a/src/stats-mode.c
+++ b/src/stats-mode.c
@@ -18,7 +18,6 @@
#include "netlink.h"
#include "traffic_stats.h"
-#include "buffer.h"
#include "debug.h"
#include "cache.h"
#include "log.h"
@@ -32,27 +31,19 @@ static int init_stats(void)
{
state.stats = malloc(sizeof(struct ct_stats_state));
if (!state.stats) {
- dlog(STATE(log), LOG_ERR, "can't allocate memory for stats");
+ dlog(LOG_ERR, "can't allocate memory for stats");
return -1;
}
memset(state.stats, 0, sizeof(struct ct_stats_state));
- STATE_STATS(buffer_log) = buffer_create(CONFIG(stats).buffer_size);
- if (!STATE_STATS(buffer_log)) {
- dlog(STATE(log), LOG_ERR, "can't allocate stats buffer");
- free(state.stats);
- return -1;
- }
-
STATE_STATS(cache) = cache_create("stats",
LIFETIME,
CONFIG(family),
NULL);
if (!STATE_STATS(cache)) {
- dlog(STATE(log), LOG_ERR, "can't allocate memory for the "
- "external cache");
+ dlog(LOG_ERR, "can't allocate memory for the "
+ "external cache");
free(state.stats);
- buffer_destroy(STATE_STATS(buffer_log));
return -1;
}
@@ -62,11 +53,6 @@ static int init_stats(void)
static void kill_stats(void)
{
cache_destroy(STATE_STATS(cache));
- /* flush the buffer before exiting */
- if (STATE(stats_log) != NULL)
- buffer_flush(STATE_STATS(buffer_log),
- dlog_buffered_ct_flush,
- STATE(stats_log));
}
/* handler for requests coming via UNIX socket */
@@ -82,7 +68,7 @@ static int local_handler_stats(int fd, int type, void *data)
cache_dump(STATE_STATS(cache), fd, NFCT_O_XML);
break;
case FLUSH_CACHE:
- dlog(STATE(log), LOG_NOTICE, "flushing caches");
+ dlog(LOG_NOTICE, "flushing caches");
cache_flush(STATE_STATS(cache));
break;
case KILL:
@@ -138,7 +124,7 @@ static void overrun_stats(void)
h = nfct_open(CONNTRACK, 0);
if (!h) {
- dlog(STATE(log), LOG_ERR, "can't open overrun handler");
+ dlog(LOG_ERR, "can't open overrun handler");
return;
}
@@ -148,7 +134,7 @@ static void overrun_stats(void)
ret = nfct_query(h, NFCT_Q_DUMP, &family);
if (ret == -1)
- dlog(STATE(log), LOG_ERR,
+ dlog(LOG_ERR,
"overrun query error %s", strerror(errno));
nfct_close(h);
@@ -162,7 +148,7 @@ static void event_new_stats(struct nf_conntrack *ct)
debug_ct(ct, "cache new");
} else {
if (errno != EEXIST) {
- dlog(STATE(log), LOG_ERR,
+ dlog(LOG_ERR,
"can't add to cache cache: %s\n", strerror(errno));
debug_ct(ct, "can't add");
}
@@ -186,7 +172,7 @@ static int event_destroy_stats(struct nf_conntrack *ct)
if (cache_del(STATE_STATS(cache), ct)) {
debug_ct(ct, "cache destroy");
- dlog_buffered_ct(STATE(stats_log), STATE_STATS(buffer_log), ct);
+ dlog_ct(ct);
return 1;
} else {
debug_ct(ct, "can't destroy!");
diff --git a/src/sync-ftfw.c b/src/sync-ftfw.c
index f6d2ed3..94df5f9 100644
--- a/src/sync-ftfw.c
+++ b/src/sync-ftfw.c
@@ -98,13 +98,13 @@ static int ftfw_init(void)
{
tx_queue = queue_create(CONFIG(resend_queue_size));
if (tx_queue == NULL) {
- dlog(STATE(log), LOG_ERR, "cannot create tx queue");
+ dlog(LOG_ERR, "cannot create tx queue");
return -1;
}
rs_queue = queue_create(CONFIG(resend_queue_size));
if (rs_queue == NULL) {
- dlog(STATE(log), LOG_ERR, "cannot create rs queue");
+ dlog(LOG_ERR, "cannot create rs queue");
return -1;
}
@@ -143,11 +143,11 @@ static int ftfw_local(int fd, int type, void *data)
switch(type) {
case REQUEST_DUMP:
- dlog(STATE(log), LOG_NOTICE, "request resync");
+ dlog(LOG_NOTICE, "request resync");
tx_queue_add_ctlmsg(NET_F_RESYNC, 0, 0);
break;
case SEND_BULK:
- dlog(STATE(log), LOG_NOTICE, "sending bulk update");
+ dlog(LOG_NOTICE, "sending bulk update");
cache_iterate(STATE_SYNC(internal), NULL, do_cache_to_tx);
break;
default:
diff --git a/src/sync-mode.c b/src/sync-mode.c
index dc8e782..4b2fad7 100644
--- a/src/sync-mode.c
+++ b/src/sync-mode.c
@@ -80,7 +80,7 @@ retry:
debug_ct(ct, "can't destroy");
break;
default:
- dlog(STATE(log), LOG_ERR, "mcast unknown query %d\n", query);
+ dlog(LOG_ERR, "mcast unknown query %d\n", query);
break;
}
}
@@ -100,7 +100,7 @@ static void mcast_handler(void)
struct nethdr *net = (struct nethdr *) ptr;
if (ntohs(net->len) > remain) {
- dlog(STATE(log), LOG_ERR, "fragmented messages");
+ dlog(LOG_ERR, "fragmented messages");
break;
}
@@ -122,7 +122,7 @@ static int init_sync(void)
{
state.sync = malloc(sizeof(struct ct_sync_state));
if (!state.sync) {
- dlog(STATE(log), LOG_ERR, "can't allocate memory for sync");
+ dlog(LOG_ERR, "can't allocate memory for sync");
return -1;
}
memset(state.sync, 0, sizeof(struct ct_sync_state));
@@ -148,8 +148,8 @@ static int init_sync(void)
STATE_SYNC(sync)->internal_cache_extra);
if (!STATE_SYNC(internal)) {
- dlog(STATE(log), LOG_ERR, "can't allocate memory for "
- "the internal cache");
+ dlog(LOG_ERR, "can't allocate memory for "
+ "the internal cache");
return -1;
}
@@ -164,28 +164,28 @@ static int init_sync(void)
NULL);
if (!STATE_SYNC(external)) {
- dlog(STATE(log), LOG_ERR, "can't allocate memory for the "
- "external cache");
+ dlog(LOG_ERR, "can't allocate memory for the "
+ "external cache");
return -1;
}
/* multicast server to receive events from the wire */
STATE_SYNC(mcast_server) = mcast_server_create(&CONFIG(mcast));
if (STATE_SYNC(mcast_server) == NULL) {
- dlog(STATE(log), LOG_ERR, "can't open multicast server!");
+ dlog(LOG_ERR, "can't open multicast server!");
return -1;
}
/* multicast client to send events on the wire */
STATE_SYNC(mcast_client) = mcast_client_create(&CONFIG(mcast));
if (STATE_SYNC(mcast_client) == NULL) {
- dlog(STATE(log), LOG_ERR, "can't open client multicast socket");
+ dlog(LOG_ERR, "can't open client multicast socket");
mcast_server_destroy(STATE_SYNC(mcast_server));
return -1;
}
if (mcast_buffered_init(&CONFIG(mcast)) == -1) {
- dlog(STATE(log), LOG_ERR, "can't init tx buffer!");
+ dlog(LOG_ERR, "can't init tx buffer!");
mcast_server_destroy(STATE_SYNC(mcast_server));
mcast_client_destroy(STATE_SYNC(mcast_client));
return -1;
@@ -282,14 +282,14 @@ static int local_handler_sync(int fd, int type, void *data)
case COMMIT:
ret = fork();
if (ret == 0) {
- dlog(STATE(log), LOG_NOTICE,
+ dlog(LOG_NOTICE,
"committing external cache");
cache_commit(STATE_SYNC(external));
exit(EXIT_SUCCESS);
}
break;
case FLUSH_CACHE:
- dlog(STATE(log), LOG_NOTICE, "flushing caches");
+ dlog(LOG_NOTICE, "flushing caches");
cache_flush(STATE_SYNC(internal));
cache_flush(STATE_SYNC(external));
break;
@@ -416,7 +416,7 @@ static void overrun_sync(void)
h = nfct_open(CONNTRACK, 0);
if (!h) {
- dlog(STATE(log), LOG_ERR, "can't open overrun handler");
+ dlog(LOG_ERR, "can't open overrun handler");
return;
}
@@ -424,7 +424,7 @@ static void overrun_sync(void)
ret = nfct_query(h, NFCT_Q_DUMP, &family);
if (ret == -1)
- dlog(STATE(log), LOG_ERR,
+ dlog(LOG_ERR,
"overrun query error %s", strerror(errno));
nfct_callback_unregister(h);
@@ -457,8 +457,8 @@ retry:
goto retry;
}
- dlog(STATE(log), LOG_ERR, "can't add to internal cache: "
- "%s\n", strerror(errno));
+ dlog(LOG_ERR, "can't add to internal cache: "
+ "%s\n", strerror(errno));
debug_ct(ct, "can't add");
}
}