aboutsummaryrefslogtreecommitdiff
path: root/net/pfflowd/files/pf37-pfflowd.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/pfflowd/files/pf37-pfflowd.c')
-rw-r--r--net/pfflowd/files/pf37-pfflowd.c254
1 files changed, 254 insertions, 0 deletions
diff --git a/net/pfflowd/files/pf37-pfflowd.c b/net/pfflowd/files/pf37-pfflowd.c
new file mode 100644
index 000000000000..8678a13ebdc4
--- /dev/null
+++ b/net/pfflowd/files/pf37-pfflowd.c
@@ -0,0 +1,254 @@
+--- pfflowd.c.orig 2008-05-28 12:28:08.000000000 -0700
++++ pfflowd.c 2008-05-28 12:28:29.000000000 -0700
+@@ -231,7 +231,7 @@
+ }
+
+ static int
+-send_netflow_v1(const struct pfsync_state *st, u_int n, int *flows_exp)
++send_netflow_v1(const struct _PFSYNC_STATE *st, u_int n, int *flows_exp)
+ {
+ char now_s[64];
+ int i, j, offset, num_packets, err;
+@@ -310,13 +310,13 @@
+ }
+
+ flw = (struct NF1_FLOW *)(packet + offset);
+- if (netflow_socket != -1 && st[i].packets[0][0] != 0) {
++ if (netflow_socket != -1 && st[i].packets[0] != 0) {
+ flw->src_ip = src.addr.v4.s_addr;
+ flw->dest_ip = dst.addr.v4.s_addr;
+ flw->src_port = src.port;
+ flw->dest_port = dst.port;
+- flw->flow_packets = st[i].packets[0][0];
+- flw->flow_octets = st[i].bytes[0][0];
++ flw->flow_packets = st[i].packets[0];
++ flw->flow_octets = st[i].bytes[0];
+ flw->flow_start = htonl(uptime_ms - creation);
+ flw->flow_finish = htonl(uptime_ms);
+ flw->protocol = st[i].proto;
+@@ -326,13 +326,13 @@
+ hdr->flows++;
+ }
+ flw = (struct NF1_FLOW *)(packet + offset);
+- if (netflow_socket != -1 && st[i].packets[1][0] != 0) {
++ if (netflow_socket != -1 && st[i].packets[1] != 0) {
+ flw->src_ip = dst.addr.v4.s_addr;
+ flw->dest_ip = src.addr.v4.s_addr;
+ flw->src_port = dst.port;
+ flw->dest_port = src.port;
+- flw->flow_packets = st[i].packets[1][0];
+- flw->flow_octets = st[i].bytes[1][0];
++ flw->flow_packets = st[i].packets[1];
++ flw->flow_octets = st[i].bytes[1];
+ flw->flow_start = htonl(uptime_ms - creation);
+ flw->flow_finish = htonl(uptime_ms);
+ flw->protocol = st[i].proto;
+@@ -344,10 +344,10 @@
+ flw = (struct NF1_FLOW *)(packet + offset);
+
+ if (verbose_flag) {
+- packets_out = ntohl(st[i].packets[0][0]);
+- packets_in = ntohl(st[i].packets[1][0]);
+- bytes_out = ntohl(st[i].bytes[0][0]);
+- bytes_in = ntohl(st[i].bytes[1][0]);
++ packets_out = ntohl(st[i].packets[0]);
++ packets_in = ntohl(st[i].packets[1]);
++ bytes_out = ntohl(st[i].bytes[0]);
++ bytes_in = ntohl(st[i].bytes[1]);
+
+ creation_tt = now - (creation / 1000);
+ localtime_r(&creation_tt, &creation_tm);
+@@ -368,7 +368,6 @@
+ strlcat(dst_s, pbuf, sizeof(dst_s));
+ }
+
+- syslog(LOG_DEBUG, "IFACE %s", st[i].ifname);
+ syslog(LOG_DEBUG, "GWY %s", rt_s);
+ syslog(LOG_DEBUG, "FLOW proto %d direction %d",
+ st[i].proto, st[i].direction);
+@@ -401,9 +400,8 @@
+ return (ntohs(hdr->flows));
+ }
+
+-
+ static int
+-send_netflow_v5(const struct pfsync_state *st, u_int n, int *flows_exp)
++send_netflow_v5(const struct _PFSYNC_STATE *st, u_int n, int *flows_exp)
+ {
+ char now_s[64];
+ int i, j, offset, num_packets, err;
+@@ -483,13 +481,13 @@
+ }
+
+ flw = (struct NF5_FLOW *)(packet + offset);
+- if (netflow_socket != -1 && st[i].packets[0][0] != 0) {
++ if (netflow_socket != -1 && st[i].packets[0] != 0) {
+ flw->src_ip = src.addr.v4.s_addr;
+ flw->dest_ip = dst.addr.v4.s_addr;
+ flw->src_port = src.port;
+ flw->dest_port = dst.port;
+- flw->flow_packets = st[i].packets[0][0];
+- flw->flow_octets = st[i].bytes[0][0];
++ flw->flow_packets = st[i].packets[0];
++ flw->flow_octets = st[i].bytes[0];
+ flw->flow_start = htonl(uptime_ms - creation);
+ flw->flow_finish = htonl(uptime_ms);
+ flw->tcp_flags = 0;
+@@ -499,13 +497,13 @@
+ hdr->flows++;
+ }
+ flw = (struct NF5_FLOW *)(packet + offset);
+- if (netflow_socket != -1 && st[i].packets[1][0] != 0) {
++ if (netflow_socket != -1 && st[i].packets[1] != 0) {
+ flw->src_ip = dst.addr.v4.s_addr;
+ flw->dest_ip = src.addr.v4.s_addr;
+ flw->src_port = dst.port;
+ flw->dest_port = src.port;
+- flw->flow_packets = st[i].packets[1][0];
+- flw->flow_octets = st[i].bytes[1][0];
++ flw->flow_packets = st[i].packets[1];
++ flw->flow_octets = st[i].bytes[1];
+ flw->flow_start = htonl(uptime_ms - creation);
+ flw->flow_finish = htonl(uptime_ms);
+ flw->tcp_flags = 0;
+@@ -517,10 +515,10 @@
+ flw = (struct NF5_FLOW *)(packet + offset);
+
+ if (verbose_flag) {
+- packets_out = ntohl(st[i].packets[0][0]);
+- packets_in = ntohl(st[i].packets[1][0]);
+- bytes_out = ntohl(st[i].bytes[0][0]);
+- bytes_in = ntohl(st[i].bytes[1][0]);
++ packets_out = ntohl(st[i].packets[0]);
++ packets_in = ntohl(st[i].packets[1]);
++ bytes_out = ntohl(st[i].bytes[0]);
++ bytes_in = ntohl(st[i].bytes[1]);
+
+ creation_tt = now - (creation / 1000);
+ localtime_r(&creation_tt, &creation_tm);
+@@ -541,7 +539,6 @@
+ strlcat(dst_s, pbuf, sizeof(dst_s));
+ }
+
+- syslog(LOG_DEBUG, "IFACE %s", st[i].ifname);
+ syslog(LOG_DEBUG, "GWY %s", rt_s);
+ syslog(LOG_DEBUG, "FLOW proto %d direction %d",
+ st[i].proto, st[i].direction);
+@@ -574,32 +571,6 @@
+ return (ntohs(hdr->flows));
+ }
+
+-static void
+-send_flow(const struct pfsync_state *st, u_int n, int *flows_exp)
+-{
+- int r = 0;
+-
+- switch (export_version) {
+- case 1:
+- r = send_netflow_v1(st, n, flows_exp);
+- break;
+- case 5:
+- r = send_netflow_v5(st, n, flows_exp);
+- break;
+- default:
+- /* should never reach this point */
+- syslog(LOG_DEBUG, "Invalid netflow version, exiting");
+- exit(1);
+- }
+-
+- if (r > 0) {
+- flows_exported += r;
+- if (verbose_flag)
+- syslog(LOG_DEBUG, "flows_exported = %d", *flows_exp);
+- }
+-
+-}
+-
+ /*
+ * Per-packet callback function from libpcap.
+ */
+@@ -608,8 +579,8 @@
+ const u_char *pkt)
+ {
+ const struct pfsync_header *ph = (const struct pfsync_header *)pkt;
+- const struct pfsync_state *st;
+- u_int64_t bytes[2], packets[2];
++ const struct _PFSYNC_STATE *st;
++ int r = 0;
+
+ if (phdr->caplen < PFSYNC_HDRLEN) {
+ syslog(LOG_WARNING, "Runt pfsync packet header");
+@@ -632,56 +603,25 @@
+ return;
+ }
+
+- st = (const struct pfsync_state *)((const u_int8_t *)ph + sizeof(*ph));
++ st = (const struct _PFSYNC_STATE *)((const u_int8_t *)ph + sizeof(*ph));
+
+- /*
+- * Check if any members of st->packets or st->bytes overflow
+- * the 32 bit netflow counters, if so, create as many flow records
+- * that are needed to clear the counter.
+- */
+-
+- pf_state_counter_ntoh(st->packets[0],packets[0]);
+- pf_state_counter_ntoh(st->packets[1],packets[1]);
+- pf_state_counter_ntoh(st->bytes[0],bytes[0]);
+- pf_state_counter_ntoh(st->bytes[1],bytes[1]);
+-
+- while (bytes[0] > 0 || bytes[1] > 0 ||
+- packets[0] > 0 || packets[1] > 0) {
+-
+- struct pfsync_state st1;
+-
+- memcpy(&st1, st, sizeof(st1));
+-
+- if (bytes[0] > UINT_MAX) {
+- st1.bytes[0][0] = 0xffffffff;
+- bytes[0] -= MIN(bytes[0], 0xffffffff);
+- } else {
+- st1.bytes[0][0] = htonl(bytes[0]);
+- bytes[0] = 0;
+- }
+- if (bytes[1] > UINT_MAX) {
+- st1.bytes[1][0] = 0xffffffff;
+- bytes[1] -= MIN(bytes[1], 0xffffffff);
+- } else {
+- st1.bytes[1][0] = htonl(bytes[1]);
+- bytes[1] = 0;
+- }
+- if (packets[0] > UINT_MAX) {
+- st1.packets[0][0] = 0xffffffff;
+- packets[0] -= MIN(packets[0], 0xffffffff);
+- } else {
+- st1.packets[0][0] = htonl(packets[0]);
+- packets[0] = 0;
+- }
+- if (packets[1] > UINT_MAX) {
+- st1.packets[1][0] = 0xffffffff;
+- packets[1] -= MIN(packets[1], 0xffffffff);
+- } else {
+- st1.packets[1][0] = htonl(packets[1]);
+- packets[1] = 0;
+- }
++ switch (export_version) {
++ case 1:
++ r = send_netflow_v1(st, ph->count, &flows_exported);
++ break;
++ case 5:
++ r = send_netflow_v5(st, ph->count, &flows_exported);
++ break;
++ default:
++ /* should never reach this point */
++ syslog(LOG_DEBUG, "Invalid netflow version, exiting");
++ exit(1);
++ }
+
+- send_flow(&st1, ph->count, &flows_exported);
++ if (r > 0) {
++ flows_exported += r;
++ if (verbose_flag)
++ syslog(LOG_DEBUG, "flows_exported = %d", flows_exported);
+ }
+ }
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-22 02:56:34 +0000