From f19d3cd0bca8ef24e8c78fb6ae24346dc3b7db36 Mon Sep 17 00:00:00 2001 From: xchaos Date: Tue, 15 Jan 2013 00:16:56 +0000 Subject: [PATCH] getting ready for IP6tables support git-svn-id: https://dev.arachne.cz/repos/prometheus/trunk@209 251d49ef-1d17-4917-a970-b30cf55b089b --- Makefile | 2 +- help.c | 2 + ipstruct.h | 3 + parsehosts.c | 7 +- parseiptables.c | 166 ++++++++++++++++++++++++++++++++++++++++++++ prometheus.c | 180 ++++-------------------------------------------- 6 files changed, 190 insertions(+), 170 deletions(-) create mode 100644 parseiptables.c diff --git a/Makefile b/Makefile index 2f89465..6564397 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ prefix=/usr mandir=$(prefix)/share/man sbindir=$(prefix)/sbin sysconfdir=/etc -OBJECTS=parsehosts.o parselogs.o ipv4subnets.o json.o htmlandlogs.o help.o prometheus.o +OBJECTS=parsehosts.o parseiptables.o parselogs.o ipv4subnets.o json.o htmlandlogs.o help.o prometheus.o HEADERS=cll1-0.6.2.h ipstruct.h main: prometheus diff --git a/help.c b/help.c index 23c71b4..023673a 100644 --- a/help.c +++ b/help.c @@ -2,6 +2,8 @@ #include "cll1-0.6.2.h" +/* ======= Help screen is hopefuly self-documenting part of code :-) ======= */ + void help(void) { puts("Command line switches:\n\ diff --git a/ipstruct.h b/ipstruct.h index dcf5bfa..dab37fc 100644 --- a/ipstruct.h +++ b/ipstruct.h @@ -53,3 +53,6 @@ struct Keyword list(Keyword); }; + +void TheIP(char *ipaddr); +/* function implemented in parsehosts.c */ diff --git a/parsehosts.c b/parsehosts.c index db3bf2e..d17c619 100644 --- a/parsehosts.c +++ b/parsehosts.c @@ -17,11 +17,11 @@ extern int free_min; extern const int highest_priority; /* This must be object oriented! This looks almost like constructor ;-) */ -void TheIP(void) +void TheIP(char *ipaddr) { create(ip,IP); ip->name = ""; - ip->addr = ""; + ip->addr = ipaddr; ip->sharing = NULL; ip->prio = highest_priority+1; ip->lmsid = -1; @@ -80,9 +80,8 @@ void parse_ip(char *str) if_exists(ip, ips, eq(ip->addr,ipaddr)); else { - TheIP(); + TheIP(ipaddr); } - ip->addr = ipaddr; ip->name = ipname; if(lmsid) { diff --git a/parseiptables.c b/parseiptables.c new file mode 100644 index 0000000..e736324 --- /dev/null +++ b/parseiptables.c @@ -0,0 +1,166 @@ +/* Modified by: xChaos, 20130115 */ + +#include "cll1-0.6.2.h" +#include "ipstruct.h" + +#define STRLEN 512 + +/* globals declared in prometheus.c */ +extern struct IP *ips, *ip, *sharedip; +extern char *mark; +extern char *proxy_ip; +extern int free_min; +extern int free_max; +extern int include_upload; + +/* ===================== traffic analyser - uses iptables ================ */ + +void get_traffic_statistics(const char *whichiptables) +{ + char *str,*cmd; + int downloadflag=0; + + textfile(Pipe,str) *line,*lines=NULL; + string(str,STRLEN); + string(cmd,STRLEN); + + sprintf(cmd,"%s -L -v -x -n -t mangle", whichiptables); + shell(cmd); + input(str,STRLEN) + { + create(line,Pipe); + line->str=str; + string(str,STRLEN); + append(line,lines); + } + + for_each(line,lines) + { + int col, accept = 0, proxyflag = 0, valid = 1, setchainname = 0, commonflag = 0; + unsigned long long traffic = 0; + unsigned long pkts = 0; + char *ipaddr = NULL,*ptr; + + valid_columns(ptr, line->str, ' ', col) + if(valid) switch(col) + { + case 1: if(eq(ptr,"Chain")) + { + setchainname = 1; + } + else if(eq(ptr,"pkts")) + { + valid = 0; + } + else + { + sscanf(ptr,"%lu",&pkts); + } + break; + case 2: if(setchainname) + { + if(!strncmp(ptr,"post_",5) || eq(ptr,"POSTROUTING")) + { + downloadflag = 1; + } + else + { + if(!strncmp(ptr,"forw_",5) || eq(ptr,"FORWARD")) + { + downloadflag = 0; + } + } + if(eq(ptr,"post_common") || eq(ptr,"forw_common")) + { + commonflag = 1; + } + } + else + { + sscanf(ptr,"%Lu",&traffic); + traffic += (1<<19); + traffic >>= 20; + } + break; + case 3: if((strncmp(ptr,"post_",5) && strncmp(ptr,"forw_",5)) || commonflag) + { + accept = eq(ptr,mark); + } + /*if(filter_type==1) accept=eq(ptr,"MARK"); else accept=eq(ptr,"CLASSIFY");*/ + break; + case 8: if(downloadflag) + { + if(strstr(proxy_ip,ptr)) + { + proxyflag = 1; + } + } + else + { + ipaddr = ptr; + } + break; + case 9: if(downloadflag)ipaddr = ptr;break; + } + + if(accept && traffic>0 && ipaddr) + { + if(proxyflag) + { + printf("(proxy) "); + } + else if(!downloadflag) + { + printf("(upload) "); + } + printf("IP %s: %Lu MB (%ld pkts)\n", ipaddr, traffic, pkts); + + if_exists(ip,ips,eq(ip->addr,ipaddr)); + else + { + TheIP(ipaddr); + if(eq(ip->addr,"0.0.0.0/0")) + { + ip->name = "(unregistered)"; + ip->min = free_min; + ip->max = ip->desired=free_max; + } + else + { + ip->name = ipaddr; + } + } + + if(downloadflag) + { + if(proxyflag) + { + ip->proxy = traffic; + } + else + { + ip->traffic += traffic; + } + ip->direct = ip->traffic-ip->upload-ip->proxy; + ip->pktsdown = pkts; + } + else + { + ip->upload = traffic; + ip->pktsup = pkts; + if(include_upload) + { + ip->traffic += traffic; + } + else + { + if(traffic > ip->traffic) + { + ip->traffic = traffic; + } + } + } + } + } + free(cmd); +} diff --git a/prometheus.c b/prometheus.c index 9743b30..b4de143 100644 --- a/prometheus.c +++ b/prometheus.c @@ -45,20 +45,19 @@ const char *stats_html_signature = "Statistics generated b #define STRLEN 512 #undef DEBUG -/* ======= Help screen is hopefuly self-documenting part of code :-) ======= */ - - /* ======= All path names are defined here (for RPM patch) ======= */ -const char *tc = "/sbin/tc"; /* requires tc with HTB support */ -const char *iptables = "/sbin/iptables"; /* requires iptables utility */ -const char *iptablessave = "/sbin/iptables-save"; /* not yet required */ -const char *iptablesrestore = "/sbin/iptables-restore"; /* requires iptables-restore */ -const char *ls = "/bin/ls"; /* this is not user configurable :-) */ +const char *tc = "/sbin/tc"; /* requires tc with HTB support */ +const char *iptables = "/sbin/iptables"; /* requires iptables utility */ +const char *ip6tables = "/sbin/ip6tables"; /* requires iptables utility */ +const char *iptablessave = "/sbin/iptables-save"; /* not yet required */ +const char *iptablesrestore = "/sbin/iptables-restore"; /* requires iptables-restore */ +const char *ip6tablessave = "/sbin/ip6tables-save"; /* not yet required */ +const char *ip6tablesrestore = "/sbin/ip6tables-restore"; /* requires iptables-restore */ +const char *ls = "/bin/ls"; /* this is not user configurable :-) */ char *config = "/etc/prometheus/prometheus.conf"; /* main configuration file */ char *hosts = "/etc/prometheus/hosts"; /* per-IP bandwidth definition file */ - char *iptablesfile = "/var/spool/prometheus.iptables"; /* temporary file for iptables-restore*/ char *credit = "/var/lib/misc/prometheus.credit"; /* credit log file */ char *classmap = "/var/lib/misc/prometheus.classes"; /* credit log file */ @@ -135,6 +134,9 @@ struct Keyword *keyword, *defaultkeyword=NULL, *keywords=NULL; void help(void); /* implemented in help.c */ +void get_traffic_statistics(const char *whichiptables); +/* implemented in parseiptables.c */ + void parse_ip_log(int argc, char **argv); /* implemented in parselog.c */ @@ -173,8 +175,6 @@ struct Index list(Index); } *idxs=NULL, *idx, *metaindex; -void TheIP(void); -/* function implemented in parsehosts.c */ /* ====== iptables indexes are used to reduce complexity to log8(N) ===== */ @@ -264,6 +264,9 @@ void get_config(char *config_filename) option("iptables",iptables); option("iptables-save",iptablessave); /* new */ option("iptables-restore",iptablesrestore); /* new */ + option("ip6tables",ip6tables); + option("ip6tables-save",ip6tablessave); /* new */ + option("ip6tables-restore",ip6tablesrestore); /* new */ option("iptables-in-filename",iptablesfile); /* new */ option("hosts",hosts); option("lan-interface",lan); @@ -347,159 +350,6 @@ void get_config(char *config_filename) } } -/* ===================== traffic analyser - uses iptables ================ */ - -void get_traffic_statistics(void) -{ - char *str,*cmd; - int downloadflag=0; - - textfile(Pipe,str) *line,*lines=NULL; - string(str,STRLEN); - string(cmd,STRLEN); - - sprintf(cmd,"%s -L -v -x -n -t mangle",iptables); - shell(cmd); - input(str,STRLEN) - { - create(line,Pipe); - line->str=str; - string(str,STRLEN); - append(line,lines); - } - - for_each(line,lines) - { - int col, accept=0,proxyflag=0,valid=1,setchainname=0,commonflag=0; - unsigned long long traffic=0; - unsigned long pkts=0; - char *ipaddr=NULL,*ptr; - - /* debug puts(line->str); */ - valid_columns(ptr,line->str,' ',col) - if(valid) switch(col) - { - case 1: if(eq(ptr,"Chain")) - { - setchainname=1; - } - else if(eq(ptr,"pkts")) - { - valid=0; - } - else - { - sscanf(ptr,"%lu",&pkts); - } - break; - case 2: if(setchainname) - { - if(!strncmp(ptr,"post_",5) || eq(ptr,"POSTROUTING")) - { - downloadflag = 1; - } - else - { - if(!strncmp(ptr,"forw_",5) || eq(ptr,"FORWARD")) - { - downloadflag = 0; - } - } - if(eq(ptr,"post_common") || eq(ptr,"forw_common")) - { - commonflag = 1; - } - } - else - { - sscanf(ptr,"%Lu",&traffic); - traffic += (1<<19); - traffic >>= 20; - } - break; - case 3: if((strncmp(ptr,"post_",5) && strncmp(ptr,"forw_",5)) || commonflag) - { - accept=eq(ptr,mark); - } - /*if(filter_type==1) accept=eq(ptr,"MARK"); else accept=eq(ptr,"CLASSIFY");*/ - break; - case 8: if(downloadflag) - { - if(strstr(proxy_ip,ptr)) - { - proxyflag=1; - } - } - else - { - ipaddr=ptr; - } - break; - case 9: if(downloadflag)ipaddr=ptr;break; - } - - if(accept && traffic>0 && ipaddr) - { - if(proxyflag) - { - printf("(proxy) "); - } - else if(!downloadflag) - { - printf("(upload) "); - } - printf("IP %s: %Lu MB (%ld pkts)\n", ipaddr, traffic, pkts); - - if_exists(ip,ips,eq(ip->addr,ipaddr)); - else - { - TheIP(); - ip->addr = ipaddr; - if(eq(ip->addr,"0.0.0.0/0")) - { - ip->name = "(unregistered)"; - ip->min = free_min; - ip->max = ip->desired=free_max; - } - else - { - ip->name = ipaddr; - } - } - - if(downloadflag) - { - if(proxyflag) - { - ip->proxy=traffic; - } - else - { - ip->traffic+=traffic; - } - ip->direct=ip->traffic-ip->upload-ip->proxy; - ip->pktsdown=pkts; - } - else - { - ip->upload=traffic; - ip->pktsup=pkts; - if(include_upload) - { - ip->traffic+=traffic; - } - else - { - if(traffic>ip->traffic) - { - ip->traffic=traffic; - } - } - } - } - } - free(cmd); -} /* ========== This function executes, logs OR ALSO prints command ========== */ @@ -650,7 +500,7 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); /*-----------------------------------------------------------------*/ puts("Parsing iptables verbose output ..."); /*-----------------------------------------------------------------*/ - get_traffic_statistics(); + get_traffic_statistics(iptables); } /*-----------------------------------------------------------------*/ -- 2.30.2