SOURCES: kernel24-netfilter.config, linux-2.4.26-netfilter-pom-ng-...
gotar
gotar at pld-linux.org
Fri Feb 24 16:38:01 CET 2006
Author: gotar Date: Fri Feb 24 15:38:01 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- added ipt_account from 1.2.11 and patched to v1.7
(http://www.barbara.eu.org/~quaker/ipt_account/files/ipt_account_patch-o-matic-ng.diff)
---- Files affected:
SOURCES:
kernel24-netfilter.config (1.6 -> 1.7) , linux-2.4.26-netfilter-pom-ng-20040302.patch (1.9 -> 1.10)
---- Diffs:
================================================================
Index: SOURCES/kernel24-netfilter.config
diff -u SOURCES/kernel24-netfilter.config:1.6 SOURCES/kernel24-netfilter.config:1.7
--- SOURCES/kernel24-netfilter.config:1.6 Tue Feb 1 23:32:44 2005
+++ SOURCES/kernel24-netfilter.config Fri Feb 24 16:37:56 2006
@@ -40,6 +40,7 @@
CONFIG_IP_NF_MATCH_MULTIPORT=m
CONFIG_IP_NF_MATCH_MPORT=m
CONFIG_IP_NF_MATCH_TOS=m
+CONFIG_IP_NF_MATCH_ACCOUNT=m
CONFIG_IP_NF_MATCH_CONDITION=m
CONFIG_IP_NF_MATCH_TIME=m
CONFIG_IP_NF_MATCH_RANDOM=m
================================================================
Index: SOURCES/linux-2.4.26-netfilter-pom-ng-20040302.patch
diff -u SOURCES/linux-2.4.26-netfilter-pom-ng-20040302.patch:1.9 SOURCES/linux-2.4.26-netfilter-pom-ng-20040302.patch:1.10
--- SOURCES/linux-2.4.26-netfilter-pom-ng-20040302.patch:1.9 Thu Nov 17 10:53:29 2005
+++ SOURCES/linux-2.4.26-netfilter-pom-ng-20040302.patch Fri Feb 24 16:37:56 2006
@@ -24210,3 +24210,989 @@
#ifdef CONFIG_INET
#include <linux/netfilter_ipv4.h>
EXPORT_SYMBOL(ip_route_me_harder);
+diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ipt_account.h linux-2.4.30.account/include/linux/netfilter_ipv4/ipt_account.h
+--- linux-2.4.30/include/linux/netfilter_ipv4/ipt_account.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.4.30.account/include/linux/netfilter_ipv4/ipt_account.h 2006-02-24 00:41:29.000000000 +0100
+@@ -0,0 +1,25 @@
++/*
++ * accounting match (ipt_account.c)
++ * (C) 2003,2004 by Piotr Gasidlo (quaker at barbara.eu.org)
++ *
++ * Version: 0.1.7
++ *
++ * This software is distributed under the terms of GNU GPL
++ */
++
++#ifndef _IPT_ACCOUNT_H_
++#define _IPT_ACCOUNT_H_
++
++#define IPT_ACCOUNT_NAME_LEN 64
++
++#define IPT_ACCOUNT_NAME "ipt_account"
++#define IPT_ACCOUNT_VERSION "0.1.7"
++
++struct t_ipt_account_info {
++ char name[IPT_ACCOUNT_NAME_LEN];
++ u_int32_t network;
++ u_int32_t netmask;
++ int shortlisting:1;
++};
++
++#endif
+diff -urN linux-2.4.30/net/ipv4/netfilter/Config.in linux-2.4.30.account/net/ipv4/netfilter/Config.in
+--- linux-2.4.30/net/ipv4/netfilter/Config.in 2005-01-19 15:10:13.000000000 +0100
++++ linux-2.4.30.account/net/ipv4/netfilter/Config.in 2006-02-24 00:43:23.000000000 +0100
+@@ -24,6 +24,7 @@
+ dep_tristate ' Multiple port match support' CONFIG_IP_NF_MATCH_MULTIPORT $CONFIG_IP_NF_IPTABLES
+ dep_tristate ' Multiple port with ranges match support' CONFIG_IP_NF_MATCH_MPORT $CONFIG_IP_NF_IPTABLES
+ dep_tristate ' TOS match support' CONFIG_IP_NF_MATCH_TOS $CONFIG_IP_NF_IPTABLES
++ dep_tristate ' account match support' CONFIG_IP_NF_MATCH_ACCOUNT $CONFIG_IP_NF_IPTABLES $CONFIG_PROC_FS
+ dep_tristate ' condition match support' CONFIG_IP_NF_MATCH_CONDITION $CONFIG_IP_NF_IPTABLES
+ dep_tristate ' TIME match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_TIME $CONFIG_IP_NF_IPTABLES
+ dep_tristate ' random match support' CONFIG_IP_NF_MATCH_RANDOM $CONFIG_IP_NF_IPTABLES
+diff -urN linux-2.4.30/net/ipv4/netfilter/ipt_account.c linux-2.4.30.account/net/ipv4/netfilter/ipt_account.c
+--- linux-2.4.30/net/ipv4/netfilter/ipt_account.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.4.30.account/net/ipv4/netfilter/ipt_account.c 2006-02-24 00:42:05.000000000 +0100
+@@ -0,0 +1,931 @@
++/*
++ * accounting match (ipt_account.c)
++ * (C) 2003,2004 by Piotr Gasidlo (quaker at barbara.eu.org)
++ *
++ * Version: 0.1.7
++ *
++ * This software is distributed under the terms of GNU GPL
++ */
++
++#include <linux/module.h>
++#include <linux/skbuff.h>
++#include <linux/proc_fs.h>
++#include <linux/spinlock.h>
++#include <linux/vmalloc.h>
++#include <linux/interrupt.h>
++#include <linux/ctype.h>
++
++#include <linux/seq_file.h>
++
++#include <asm/uaccess.h>
++
++#include <linux/ip.h>
++#include <linux/tcp.h>
++#include <linux/udp.h>
++
++#include <linux/netfilter_ipv4/ip_tables.h>
++#include <linux/netfilter_ipv4/ipt_account.h>
++
++#if defined(CONFIG_IP_NF_MATCH_ACCOUNT_DEBUG)
++ #define dprintk(format,args...) printk(format,##args)
++#else
++ #define dprintk(format,args...)
++#endif
++
++static char version[] =
++KERN_INFO IPT_ACCOUNT_NAME " " IPT_ACCOUNT_VERSION " : Piotr Gasidło <quaker at barbara.eu.org>, http://www.barbara.eu.org/~quaker/ipt_account/\n";
++
++/* rights for files created in /proc/net/ipt_account/ */
++static int permissions = 0644;
++/* maximal netmask for single table */
++static int netmask = 16;
++
++/* module information */
++MODULE_AUTHOR("Piotr Gasidlo <quaker at barbara.eu.org>");
++MODULE_DESCRIPTION("Traffic accounting modules");
++MODULE_LICENSE("GPL");
++MODULE_PARM(permissions,"i");
++MODULE_PARM_DESC(permissions,"permissions on /proc/net/ipt_account/* files");
++MODULE_PARM(netmask, "i");
++MODULE_PARM_DESC(netmask, "maximum *save* size of one list (netmask)");
++
++/* structure with statistics counters */
++struct t_ipt_account_stat {
++ u_int64_t b_all, b_tcp, b_udp, b_icmp, b_other; /* byte counters for all/tcp/udp/icmp/other traffic */
++ u_int64_t p_all, p_tcp, p_udp, p_icmp, p_other; /* packet counters for all/tcp/udp/icmp/other traffic */
++};
++
++/* stucture with statistics counters, used when table is created with --ashort switch */
++struct t_ipt_account_stat_short {
++ u_int64_t b_all; /* byte counters for all traffic */
++ u_int64_t p_all; /* packet counters for all traffic */
++};
++
++/* structure holding to/from statistics for single ip */
++struct t_ipt_account_ip_list {
++ struct t_ipt_account_stat src;
++ struct t_ipt_account_stat dest;
++ unsigned long time; /* time when this record was last updated */
++
++};
++
++/* same as above, for tables with --ashort switch */
++struct t_ipt_account_ip_list_short {
++ struct t_ipt_account_stat_short src;
++ struct t_ipt_account_stat_short dest;
++ unsigned long time;
++};
++
++/* structure describing single table */
++struct t_ipt_account_table {
++ char name[IPT_ACCOUNT_NAME_LEN]; /* table name ( = filename in /proc/net/ipt_account/) */
++ union { /* table with statistics for each ip in network/netmask */
++ struct t_ipt_account_ip_list *l;
++ struct t_ipt_account_ip_list_short *s;
++ } ip_list;
++ u_int32_t network; /* network/netmask covered by table*/
++ u_int32_t netmask;
++ u_int32_t count;
++ int shortlisting:1; /* show only total columns of counters */
++ int use_count; /* rules counter - counting number of rules using this table */
++ struct t_ipt_account_table *next;
++ spinlock_t ip_list_lock;
++ struct proc_dir_entry *status_file;
++};
++
++/* we must use spinlocks to avoid parallel modifications of table list */
++static spinlock_t account_lock = SPIN_LOCK_UNLOCKED;
++
++static struct proc_dir_entry *proc_net_ipt_account = NULL;
++
++/* root pointer holding list of the tables */
++static struct t_ipt_account_table *account_tables = NULL;
++
++/* convert ascii to ip */
++int atoip(char *buffer, u_int32_t *ip) {
++
++ char *bufferptr = buffer;
++ int part, shift;
++
++ /* zero ip */
++ *ip = 0;
++
++ /* first must be a digit */
++ if (!isdigit(*bufferptr))
++ return 0;
++
++ /* parse first 3 octets (III.III.III.iii) */
++ for (part = 0, shift = 24; *bufferptr && shift; bufferptr++) {
++ if (isdigit(*bufferptr)) {
++ part = part * 10 + (*bufferptr - '0');
++ continue;
++ }
++ if (*bufferptr == '.') {
++ if (part > 255)
++ return 0;
++ *ip |= part << shift;
++ shift -= 8;
++ part = 0;
++ continue;
++ }
++ return 0;
++ }
++
++ /* we expect more digts */
++ if (!*bufferptr)
++ return 0;
++ /* parse last octet (iii.iii.iii.III) */
++ for (; *bufferptr; bufferptr++) {
++ if (isdigit(*bufferptr)) {
++ part = part * 10 + (*bufferptr - '0');
++ continue;
++ } else {
++ if (part > 255)
++ return 0;
++ break;
++ }
++ }
++ *ip |= part;
++ return (bufferptr - buffer);
++}
++
++/* convert ascii to 64bit integer */
++int atoi64(char *buffer, u_int64_t *i) {
++ char *bufferptr = buffer;
++
++ /* zero integer */
++ *i = 0;
++
++ while (isdigit(*bufferptr)) {
++ *i = *i * 10 + (*bufferptr - '0');
++ bufferptr++;
++ }
++ return (bufferptr - buffer);
++}
++
++static void *account_seq_start(struct seq_file *s, loff_t *pos)
++{
++ struct proc_dir_entry *pde = s->private;
++ struct t_ipt_account_table *table = pde->data;
++
++ unsigned int *bucket;
++
++ spin_lock_bh(&table->ip_list_lock);
++ if (*pos >= table->count)
++ return NULL;
++
++ bucket = kmalloc(sizeof(unsigned int), GFP_KERNEL);
++ if (!bucket)
++ return ERR_PTR(-ENOMEM);
++ *bucket = *pos;
++ return bucket;
++}
++
++static void *account_seq_next(struct seq_file *s, void *v, loff_t *pos)
++{
++ struct proc_dir_entry *pde = s->private;
++ struct t_ipt_account_table *table = pde->data;
++
++ unsigned int *bucket = (unsigned int *)v;
++
++ *pos = ++(*bucket);
++ if (*pos >= table->count) {
++ kfree(v);
++ return NULL;
++ }
++ return bucket;
++}
++
++static void account_seq_stop(struct seq_file *s, void *v)
++{
++ struct proc_dir_entry *pde = s->private;
++ struct t_ipt_account_table *table = pde->data;
++ unsigned int *bucket = (unsigned int *)v;
++ kfree(bucket);
++ spin_unlock_bh(&table->ip_list_lock);
++}
++
++static int account_seq_write(struct file *file, const char *ubuffer,
++ size_t ulength, loff_t *pos)
++{
++ struct proc_dir_entry *pde = ((struct seq_file *)file->private_data)->private;
++ struct t_ipt_account_table *table = pde->data;
++ char buffer[1024], *bufferptr;
++ int length;
++
++ u_int32_t ip;
++ int len, i;
++ struct t_ipt_account_ip_list l;
++ struct t_ipt_account_ip_list_short s;
++ u_int64_t *p, dummy;
++
++
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() entered.\n");
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() ulength = %i.\n", ulength);
++
++ length = ulength;
++ if (ulength > 1024)
++ length = 1024;
++ if (copy_from_user(buffer, ubuffer, length))
++ return -EFAULT;
++ buffer[length - 1] = 0;
++ bufferptr = buffer;
++
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() buffer = \'%s\' length = %i.\n", buffer, length);
++
++ /* reset table counters */
++ if (!memcmp(buffer, "reset", 5)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got \"reset\".\n");
++ if (!table->shortlisting) {
++ spin_lock_bh(&table->ip_list_lock);
++ memset(table->ip_list.l, 0, sizeof(struct t_ipt_account_ip_list) * table->count);
++ spin_unlock_bh(&table->ip_list_lock);
++ } else {
++ spin_lock_bh(&table->ip_list_lock);
++ memset(table->ip_list.s, 0, sizeof(struct t_ipt_account_ip_list_short) * table->count);
++ spin_unlock_bh(&table->ip_list_lock);
++ }
++ return length;
++ }
++
++ if (!memcmp(buffer, "ip", 2)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got \"ip\".\n");
++ bufferptr += 2;
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (*bufferptr != '=') {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected equal (%i).\n", bufferptr - buffer);
++ return length; /* expected equal */
++ }
++ bufferptr += 1;
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (!(len = atoip(bufferptr, &ip))) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected ip (%i).\n", bufferptr - buffer);
++ return length; /* expected ip */
++ }
++ bufferptr += len;
++ if ((ip & table->netmask) != table->network) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected ip [%u.%u.%u.%u] from table's network/netmask [%u.%u.%u.%u/%u.%u.%u.%u].\n", HIPQUAD(ip), HIPQUAD(table->network), HIPQUAD(table->netmask));
++ return length; /* expected ip from table's network/netmask */
++ }
++ if (!table->shortlisting) {
++ memset(&l, 0, sizeof(struct t_ipt_account_ip_list));
++ while(*bufferptr) {
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (!memcmp(bufferptr, "bytes_src", 9)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got bytes_src (%i).\n", bufferptr - buffer);
++ p = &l.src.b_all;
++ bufferptr += 9;
++ } else if (!memcmp(bufferptr, "bytes_dest", 10)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got bytes_dest (%i).\n", bufferptr - buffer);
++ p = &l.dest.b_all;
++ bufferptr += 10;
++ } else if (!memcmp(bufferptr, "packets_src", 11)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got packets_src (%i).\n", bufferptr - buffer);
++ p = &l.src.p_all;
++ bufferptr += 11;
++ } else if (!memcmp(bufferptr, "packets_dest", 12)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got packets_dest (%i).\n", bufferptr - buffer);
++ p = &l.dest.p_all;
++ bufferptr += 12;
++ } else if (!memcmp(bufferptr, "time", 4)) {
++ /* time hack, ignore time tokens */
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got time (%i).\n", bufferptr - buffer);
++ bufferptr += 4;
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (*bufferptr != '=') {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected equal (%i).\n", bufferptr - buffer);
++ return length; /* expected equal */
++ }
++ bufferptr += 1;
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (!(len = atoi64(bufferptr, &dummy))) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected int64 (%i).\n", bufferptr - buffer);
++ return length; /* expected int64 */
++ }
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got %llu (%i).\n", dummy, bufferptr - buffer);
++ bufferptr += len;
++ continue; /* skip time token */
++ } else
++ return length; /* expected token */
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (*bufferptr != '=') {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected equal (%i).\n", bufferptr - buffer);
++ return length; /* expected equal */
++ }
++ bufferptr += 1;
++ for (i = 0; i < 5; i++) {
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (!(len = atoi64(bufferptr, p))) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected int64 (%i).\n", bufferptr - buffer);
++ return length; /* expected int64 */
++ }
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got %llu (%i).\n", *p, bufferptr - buffer);
++ bufferptr += len;
++ p++;
++ }
++ }
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() updating row.\n");
++ spin_lock_bh(&table->ip_list_lock);
++ /* update counters, do not overwrite time field */
++ memcpy(&table->ip_list.l[ip - table->network], &l, sizeof(struct t_ipt_account_ip_list) - sizeof(unsigned long));
++ spin_unlock_bh(&table->ip_list_lock);
++ } else {
++ memset(&s, 0, sizeof(struct t_ipt_account_ip_list_short));
++ while(*bufferptr) {
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (!memcmp(bufferptr, "bytes_src", 9)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got bytes_src (%i).\n", bufferptr - buffer);
++ p = &s.src.b_all;
++ bufferptr += 9;
++ } else if (!memcmp(bufferptr, "bytes_dest", 10)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got bytes_dest (%i).\n", bufferptr - buffer);
++ p = &s.dest.b_all;
++ bufferptr += 10;
++ } else if (!memcmp(bufferptr, "packets_src", 11)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got packets_src (%i).\n", bufferptr - buffer);
++ p = &s.src.p_all;
++ bufferptr += 11;
++ } else if (!memcmp(bufferptr, "packets_dest", 12)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got packets_dest (%i).\n", bufferptr - buffer);
++ p = &s.dest.p_all;
++ bufferptr += 12;
++ } else if (!memcmp(bufferptr, "time", 4)) {
++ /* time hack, ignore time tokens */
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got time (%i).\n", bufferptr - buffer);
++ bufferptr += 4;
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (*bufferptr != '=') {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected equal (%i).\n", bufferptr - buffer);
++ return length; /* expected equal */
++ }
++ bufferptr += 1;
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (!(len = atoi64(bufferptr, &dummy))) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected int64 (%i).\n", bufferptr - buffer);
++ return length; /* expected int64 */
++ }
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got %llu (%i).\n", dummy, bufferptr - buffer);
++ bufferptr += len;
++ continue; /* skip time token */
++ } else {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected token (%i).\n", bufferptr - buffer);
++ return length; /* expected token */
++ }
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (*bufferptr != '=') {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected equal (%i).\n", bufferptr - buffer);
++ return length; /* expected equal */
++ }
++ bufferptr += 1;
++ if (!isspace(*bufferptr)) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected space (%i).\n", bufferptr - buffer);
++ return length; /* expected space */
++ }
++ bufferptr += 1;
++ if (!(len = atoi64(bufferptr, p))) {
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() expected int64 (%i).\n", bufferptr - buffer);
++ return length; /* expected int64 */
++ }
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() got %llu (%i).\n", *p, bufferptr - buffer);
++ bufferptr += len;
++ }
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() updating row.\n");
++ spin_lock_bh(&table->ip_list_lock);
++ /* update counters, do not overwrite time field */
++ memcpy(&table->ip_list.s[ip - table->network], &s, sizeof(struct t_ipt_account_ip_list_short) - sizeof(unsigned long));
++ spin_unlock_bh(&table->ip_list_lock);
++ }
++ }
++
++ dprintk(KERN_INFO IPT_ACCOUNT_NAME ": account_seq_write() left.\n");
++ return length;
++}
++
++
++static int account_seq_show(struct seq_file *s, void *v)
++{
++ struct proc_dir_entry *pde = s->private;
++ struct t_ipt_account_table *table = pde->data;
++ unsigned int *bucket = (unsigned int *)v;
++
++ u_int32_t address = table->network + *bucket;
++
++ struct timespec last;
++
++ if (!table->shortlisting) {
++ jiffies_to_timespec(jiffies - table->ip_list.l[*bucket].time, &last);
++ seq_printf(s,
++ "ip = %u.%u.%u.%u bytes_src = %llu %llu %llu %llu %llu packets_src = %llu %llu %llu %llu %llu bytes_dest = %llu %llu %llu %llu %llu packets_dest = %llu %llu %llu %llu %llu time = %lu\n",
++ HIPQUAD(address),
++ table->ip_list.l[*bucket].src.b_all,
++ table->ip_list.l[*bucket].src.b_tcp,
++ table->ip_list.l[*bucket].src.b_udp,
++ table->ip_list.l[*bucket].src.b_icmp,
++ table->ip_list.l[*bucket].src.b_other,
++ table->ip_list.l[*bucket].src.p_all,
++ table->ip_list.l[*bucket].src.p_tcp,
++ table->ip_list.l[*bucket].src.p_udp,
++ table->ip_list.l[*bucket].src.p_icmp,
++ table->ip_list.l[*bucket].src.p_other,
++ table->ip_list.l[*bucket].dest.b_all,
++ table->ip_list.l[*bucket].dest.b_tcp,
++ table->ip_list.l[*bucket].dest.b_udp,
++ table->ip_list.l[*bucket].dest.b_icmp,
++ table->ip_list.l[*bucket].dest.b_other,
++ table->ip_list.l[*bucket].dest.p_all,
++ table->ip_list.l[*bucket].dest.p_tcp,
++ table->ip_list.l[*bucket].dest.p_udp,
++ table->ip_list.l[*bucket].dest.p_icmp,
++ table->ip_list.l[*bucket].dest.p_other,
++ last.tv_sec
++ );
++ } else {
++ jiffies_to_timespec(jiffies - table->ip_list.s[*bucket].time, &last);
++ seq_printf(s,
++ "ip = %u.%u.%u.%u bytes_src = %llu packets_src = %llu bytes_dest = %llu packets_dest = %llu time = %lu\n",
++ HIPQUAD(address),
++ table->ip_list.s[*bucket].src.b_all,
++ table->ip_list.s[*bucket].src.p_all,
++ table->ip_list.s[*bucket].dest.b_all,
++ table->ip_list.s[*bucket].dest.p_all,
++ last.tv_sec
++ );
++ }
++ return 0;
++}
++
++static struct seq_operations account_seq_ops = {
++ .start = account_seq_start,
++ .next = account_seq_next,
++ .stop = account_seq_stop,
++ .show = account_seq_show
++};
++
++static int account_seq_open(struct inode *inode, struct file *file)
++{
++ int ret = seq_open(file, &account_seq_ops);
++
++ if (!ret) {
++ struct seq_file *sf = file->private_data;
++ sf->private = PDE(inode);
++ }
++ return ret;
++}
++
++static struct file_operations account_file_ops = {
++ .owner = THIS_MODULE,
++ .open = account_seq_open,
++ .read = seq_read,
++ .write = account_seq_write,
++ .llseek = seq_lseek,
++ .release = seq_release
++};
++
++/* do raw accounting */
++static inline void do_account(struct t_ipt_account_stat *stat, const struct sk_buff *skb) {
++
++ /* update packet & bytes counters in *stat structure */
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/kernel24-netfilter.config?r1=1.6&r2=1.7&f=u
http://cvs.pld-linux.org/SOURCES/linux-2.4.26-netfilter-pom-ng-20040302.patch?r1=1.9&r2=1.10&f=u
More information about the pld-cvs-commit
mailing list