libxt_statistic.c revision d118d21ea3108f94ca1f84f11dd39f3f12e9ee2b
1#include <stdbool.h> 2#include <stdio.h> 3#include <netdb.h> 4#include <string.h> 5#include <stdlib.h> 6#include <stddef.h> 7#include <getopt.h> 8 9#include <xtables.h> 10#include <linux/netfilter/xt_statistic.h> 11 12static void statistic_help(void) 13{ 14 printf( 15"statistic match options:\n" 16" --mode mode Match mode (random, nth)\n" 17" random mode:\n" 18"[!] --probability p Probability\n" 19" nth mode:\n" 20"[!] --every n Match every nth packet\n" 21" --packet p Initial counter value (0 <= p <= n-1, default 0)\n"); 22} 23 24static const struct option statistic_opts[] = { 25 {.name = "mode", .has_arg = true, .val = '1'}, 26 {.name = "probability", .has_arg = true, .val = '2'}, 27 {.name = "every", .has_arg = true, .val = '3'}, 28 {.name = "packet", .has_arg = true, .val = '4'}, 29 XT_GETOPT_TABLEEND, 30}; 31 32static struct xt_statistic_info *global_info; 33 34static void statistic_mt_init(struct xt_entry_match *match) 35{ 36 global_info = (void *)match->data; 37} 38 39static int 40statistic_parse(int c, char **argv, int invert, unsigned int *flags, 41 const void *entry, struct xt_entry_match **match) 42{ 43 struct xt_statistic_info *info = (void *)(*match)->data; 44 unsigned int val; 45 double prob; 46 47 if (invert) 48 info->flags |= XT_STATISTIC_INVERT; 49 50 switch (c) { 51 case '1': 52 if (*flags & 0x1) 53 xtables_error(PARAMETER_PROBLEM, "double --mode"); 54 if (!strcmp(optarg, "random")) 55 info->mode = XT_STATISTIC_MODE_RANDOM; 56 else if (!strcmp(optarg, "nth")) 57 info->mode = XT_STATISTIC_MODE_NTH; 58 else 59 xtables_error(PARAMETER_PROBLEM, "Bad mode \"%s\"", optarg); 60 *flags |= 0x1; 61 break; 62 case '2': 63 if (*flags & 0x2) 64 xtables_error(PARAMETER_PROBLEM, "double --probability"); 65 prob = atof(optarg); 66 if (prob < 0 || prob > 1) 67 xtables_error(PARAMETER_PROBLEM, 68 "--probability must be between 0 and 1"); 69 info->u.random.probability = 0x80000000 * prob; 70 *flags |= 0x2; 71 break; 72 case '3': 73 if (*flags & 0x4) 74 xtables_error(PARAMETER_PROBLEM, "double --every"); 75 if (!xtables_strtoui(optarg, NULL, &val, 0, UINT32_MAX)) 76 xtables_error(PARAMETER_PROBLEM, 77 "cannot parse --every `%s'", optarg); 78 info->u.nth.every = val; 79 if (info->u.nth.every == 0) 80 xtables_error(PARAMETER_PROBLEM, "--every cannot be 0"); 81 info->u.nth.every--; 82 *flags |= 0x4; 83 break; 84 case '4': 85 if (*flags & 0x8) 86 xtables_error(PARAMETER_PROBLEM, "double --packet"); 87 if (!xtables_strtoui(optarg, NULL, &val, 0, UINT32_MAX)) 88 xtables_error(PARAMETER_PROBLEM, 89 "cannot parse --packet `%s'", optarg); 90 info->u.nth.packet = val; 91 *flags |= 0x8; 92 break; 93 } 94 return 1; 95} 96 97static void statistic_check(unsigned int flags) 98{ 99 if (!(flags & 0x1)) 100 xtables_error(PARAMETER_PROBLEM, "no mode specified"); 101 if ((flags & 0x2) && (flags & (0x4 | 0x8))) 102 xtables_error(PARAMETER_PROBLEM, 103 "both nth and random parameters given"); 104 if (flags & 0x2 && global_info->mode != XT_STATISTIC_MODE_RANDOM) 105 xtables_error(PARAMETER_PROBLEM, 106 "--probability can only be used in random mode"); 107 if (flags & 0x4 && global_info->mode != XT_STATISTIC_MODE_NTH) 108 xtables_error(PARAMETER_PROBLEM, 109 "--every can only be used in nth mode"); 110 if (flags & 0x8 && global_info->mode != XT_STATISTIC_MODE_NTH) 111 xtables_error(PARAMETER_PROBLEM, 112 "--packet can only be used in nth mode"); 113 if ((flags & 0x8) && !(flags & 0x4)) 114 xtables_error(PARAMETER_PROBLEM, 115 "--packet can only be used with --every"); 116 /* at this point, info->u.nth.every have been decreased. */ 117 if (global_info->u.nth.packet > global_info->u.nth.every) 118 xtables_error(PARAMETER_PROBLEM, 119 "the --packet p must be 0 <= p <= n-1"); 120 121 122 global_info->u.nth.count = global_info->u.nth.every - 123 global_info->u.nth.packet; 124} 125 126static void print_match(const struct xt_statistic_info *info, char *prefix) 127{ 128 switch (info->mode) { 129 case XT_STATISTIC_MODE_RANDOM: 130 printf(" %smode random%s %sprobability %f", prefix, 131 (info->flags & XT_STATISTIC_INVERT) ? " !" : "", 132 prefix, 133 1.0 * info->u.random.probability / 0x80000000); 134 break; 135 case XT_STATISTIC_MODE_NTH: 136 printf(" %smode nth%s %severy %u", prefix, 137 (info->flags & XT_STATISTIC_INVERT) ? " !" : "", 138 prefix, 139 info->u.nth.every + 1); 140 if (info->u.nth.packet) 141 printf(" %spacket %u", prefix, info->u.nth.packet); 142 break; 143 } 144} 145 146static void 147statistic_print(const void *ip, const struct xt_entry_match *match, int numeric) 148{ 149 const struct xt_statistic_info *info = (const void *)match->data; 150 151 printf(" statistic"); 152 print_match(info, ""); 153} 154 155static void statistic_save(const void *ip, const struct xt_entry_match *match) 156{ 157 const struct xt_statistic_info *info = (const void *)match->data; 158 159 print_match(info, "--"); 160} 161 162static struct xtables_match statistic_match = { 163 .family = NFPROTO_UNSPEC, 164 .name = "statistic", 165 .version = XTABLES_VERSION, 166 .size = XT_ALIGN(sizeof(struct xt_statistic_info)), 167 .userspacesize = offsetof(struct xt_statistic_info, u.nth.count), 168 .init = statistic_mt_init, 169 .help = statistic_help, 170 .parse = statistic_parse, 171 .final_check = statistic_check, 172 .print = statistic_print, 173 .save = statistic_save, 174 .extra_opts = statistic_opts, 175}; 176 177void _init(void) 178{ 179 xtables_register_match(&statistic_match); 180} 181