1/*
2 * Copyright (c) 2008-2013 Patrick McHardy <kaber@trash.net>
3 */
4
5#include <stdbool.h>
6#include <stdio.h>
7#include <string.h>
8#include <stdlib.h>
9#include <stddef.h>
10#include <getopt.h>
11
12#include <xtables.h>
13#include <linux/netfilter/xt_rateest.h>
14
15static void rateest_help(void)
16{
17	printf(
18"rateest match options:\n"
19" --rateest1 name		Rate estimator name\n"
20" --rateest2 name		Rate estimator name\n"
21" --rateest-delta		Compare difference(s) to given rate(s)\n"
22" --rateest-bps1 [bps]		Compare bps\n"
23" --rateest-pps1 [pps]		Compare pps\n"
24" --rateest-bps2 [bps]		Compare bps\n"
25" --rateest-pps2 [pps]		Compare pps\n"
26" [!] --rateest-lt		Match if rate is less than given rate/estimator\n"
27" [!] --rateest-gt		Match if rate is greater than given rate/estimator\n"
28" [!] --rateest-eq		Match if rate is equal to given rate/estimator\n");
29}
30
31enum rateest_options {
32	OPT_RATEEST1,
33	OPT_RATEEST2,
34	OPT_RATEEST_BPS1,
35	OPT_RATEEST_PPS1,
36	OPT_RATEEST_BPS2,
37	OPT_RATEEST_PPS2,
38	OPT_RATEEST_DELTA,
39	OPT_RATEEST_LT,
40	OPT_RATEEST_GT,
41	OPT_RATEEST_EQ,
42};
43
44static const struct option rateest_opts[] = {
45	{.name = "rateest1",      .has_arg = true,  .val = OPT_RATEEST1},
46	{.name = "rateest",       .has_arg = true,  .val = OPT_RATEEST1}, /* alias for absolute mode */
47	{.name = "rateest2",      .has_arg = true,  .val = OPT_RATEEST2},
48	{.name = "rateest-bps1",  .has_arg = false, .val = OPT_RATEEST_BPS1},
49	{.name = "rateest-pps1",  .has_arg = false, .val = OPT_RATEEST_PPS1},
50	{.name = "rateest-bps2",  .has_arg = false, .val = OPT_RATEEST_BPS2},
51	{.name = "rateest-pps2",  .has_arg = false, .val = OPT_RATEEST_PPS2},
52	{.name = "rateest-bps",   .has_arg = false, .val = OPT_RATEEST_BPS2}, /* alias for absolute mode */
53	{.name = "rateest-pps",   .has_arg = false, .val = OPT_RATEEST_PPS2}, /* alias for absolute mode */
54	{.name = "rateest-delta", .has_arg = false, .val = OPT_RATEEST_DELTA},
55	{.name = "rateest-lt",    .has_arg = false, .val = OPT_RATEEST_LT},
56	{.name = "rateest-gt",    .has_arg = false, .val = OPT_RATEEST_GT},
57	{.name = "rateest-eq",    .has_arg = false, .val = OPT_RATEEST_EQ},
58	XT_GETOPT_TABLEEND,
59};
60
61/* Copied from iproute. See http://physics.nist.gov/cuu/Units/binary.html */
62static const struct rate_suffix {
63	const char *name;
64	double scale;
65} suffixes[] = {
66	{ "bit",	1. },
67	{ "Kibit",	1024. },
68	{ "kbit",	1000. },
69	{ "Mibit",	1024.*1024. },
70	{ "mbit",	1000000. },
71	{ "Gibit",	1024.*1024.*1024. },
72	{ "gbit",	1000000000. },
73	{ "Tibit",	1024.*1024.*1024.*1024. },
74	{ "tbit",	1000000000000. },
75	{ "Bps",	8. },
76	{ "KiBps",	8.*1024. },
77	{ "KBps",	8000. },
78	{ "MiBps",	8.*1024*1024. },
79	{ "MBps",	8000000. },
80	{ "GiBps",	8.*1024.*1024.*1024. },
81	{ "GBps",	8000000000. },
82	{ "TiBps",	8.*1024.*1024.*1024.*1024. },
83	{ "TBps",	8000000000000. },
84	{NULL},
85};
86
87static int
88rateest_get_rate(uint32_t *rate, const char *str)
89{
90	char *p;
91	double bps = strtod(str, &p);
92	const struct rate_suffix *s;
93
94	if (p == str)
95		return -1;
96
97	if (*p == '\0') {
98		*rate = bps / 8.;	/* assume bytes/sec */
99		return 0;
100	}
101
102	for (s = suffixes; s->name; ++s) {
103		if (strcasecmp(s->name, p) == 0) {
104			*rate = (bps * s->scale) / 8.;
105			return 0;
106		}
107	}
108
109	return -1;
110}
111
112static int
113rateest_parse(int c, char **argv, int invert, unsigned int *flags,
114	      const void *entry, struct xt_entry_match **match)
115{
116	struct xt_rateest_match_info *info = (void *)(*match)->data;
117	unsigned int val;
118
119	switch (c) {
120	case OPT_RATEEST1:
121		if (invert)
122			xtables_error(PARAMETER_PROBLEM,
123				   "rateest: rateest can't be inverted");
124
125		if (*flags & (1 << c))
126			xtables_error(PARAMETER_PROBLEM,
127				   "rateest: can't specify --rateest1 twice");
128		*flags |= 1 << c;
129
130		strncpy(info->name1, optarg, sizeof(info->name1) - 1);
131		break;
132
133	case OPT_RATEEST2:
134		if (invert)
135			xtables_error(PARAMETER_PROBLEM,
136				   "rateest: rateest can't be inverted");
137
138		if (*flags & (1 << c))
139			xtables_error(PARAMETER_PROBLEM,
140				   "rateest: can't specify --rateest2 twice");
141		*flags |= 1 << c;
142
143		strncpy(info->name2, optarg, sizeof(info->name2) - 1);
144		info->flags |= XT_RATEEST_MATCH_REL;
145		break;
146
147	case OPT_RATEEST_BPS1:
148		if (invert)
149			xtables_error(PARAMETER_PROBLEM,
150				   "rateest: rateest-bps can't be inverted");
151
152		if (*flags & (1 << c))
153			xtables_error(PARAMETER_PROBLEM,
154				   "rateest: can't specify --rateest-bps1 twice");
155		*flags |= 1 << c;
156
157		info->flags |= XT_RATEEST_MATCH_BPS;
158
159		/* The rate is optional and only required in absolute mode */
160		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
161			break;
162
163		if (rateest_get_rate(&info->bps1, argv[optind]) < 0)
164			xtables_error(PARAMETER_PROBLEM,
165				   "rateest: could not parse rate `%s'",
166				   argv[optind]);
167		optind++;
168		break;
169
170	case OPT_RATEEST_PPS1:
171		if (invert)
172			xtables_error(PARAMETER_PROBLEM,
173				   "rateest: rateest-pps can't be inverted");
174
175		if (*flags & (1 << c))
176			xtables_error(PARAMETER_PROBLEM,
177				   "rateest: can't specify --rateest-pps1 twice");
178		*flags |= 1 << c;
179
180		info->flags |= XT_RATEEST_MATCH_PPS;
181
182		/* The rate is optional and only required in absolute mode */
183		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
184			break;
185
186		if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
187			xtables_error(PARAMETER_PROBLEM,
188				   "rateest: could not parse pps `%s'",
189				   argv[optind]);
190		info->pps1 = val;
191		optind++;
192		break;
193
194	case OPT_RATEEST_BPS2:
195		if (invert)
196			xtables_error(PARAMETER_PROBLEM,
197				   "rateest: rateest-bps can't be inverted");
198
199		if (*flags & (1 << c))
200			xtables_error(PARAMETER_PROBLEM,
201				   "rateest: can't specify --rateest-bps2 twice");
202		*flags |= 1 << c;
203
204		info->flags |= XT_RATEEST_MATCH_BPS;
205
206		/* The rate is optional and only required in absolute mode */
207		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
208			break;
209
210		if (rateest_get_rate(&info->bps2, argv[optind]) < 0)
211			xtables_error(PARAMETER_PROBLEM,
212				   "rateest: could not parse rate `%s'",
213				   argv[optind]);
214		optind++;
215		break;
216
217	case OPT_RATEEST_PPS2:
218		if (invert)
219			xtables_error(PARAMETER_PROBLEM,
220				   "rateest: rateest-pps can't be inverted");
221
222		if (*flags & (1 << c))
223			xtables_error(PARAMETER_PROBLEM,
224				   "rateest: can't specify --rateest-pps2 twice");
225		*flags |= 1 << c;
226
227		info->flags |= XT_RATEEST_MATCH_PPS;
228
229		/* The rate is optional and only required in absolute mode */
230		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
231			break;
232
233		if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
234			xtables_error(PARAMETER_PROBLEM,
235				   "rateest: could not parse pps `%s'",
236				   argv[optind]);
237		info->pps2 = val;
238		optind++;
239		break;
240
241	case OPT_RATEEST_DELTA:
242		if (invert)
243			xtables_error(PARAMETER_PROBLEM,
244				   "rateest: rateest-delta can't be inverted");
245
246		if (*flags & (1 << c))
247			xtables_error(PARAMETER_PROBLEM,
248				   "rateest: can't specify --rateest-delta twice");
249		*flags |= 1 << c;
250
251		info->flags |= XT_RATEEST_MATCH_DELTA;
252		break;
253
254	case OPT_RATEEST_EQ:
255		if (*flags & (1 << c))
256			xtables_error(PARAMETER_PROBLEM,
257				   "rateest: can't specify lt/gt/eq twice");
258		*flags |= 1 << c;
259
260		info->mode = XT_RATEEST_MATCH_EQ;
261		if (invert)
262			info->flags |= XT_RATEEST_MATCH_INVERT;
263		break;
264
265	case OPT_RATEEST_LT:
266		if (*flags & (1 << c))
267			xtables_error(PARAMETER_PROBLEM,
268				   "rateest: can't specify lt/gt/eq twice");
269		*flags |= 1 << c;
270
271		info->mode = XT_RATEEST_MATCH_LT;
272		if (invert)
273			info->flags |= XT_RATEEST_MATCH_INVERT;
274		break;
275
276	case OPT_RATEEST_GT:
277		if (*flags & (1 << c))
278			xtables_error(PARAMETER_PROBLEM,
279				   "rateest: can't specify lt/gt/eq twice");
280		*flags |= 1 << c;
281
282		info->mode = XT_RATEEST_MATCH_GT;
283		if (invert)
284			info->flags |= XT_RATEEST_MATCH_INVERT;
285		break;
286	}
287
288	return 1;
289}
290
291static void rateest_final_check(struct xt_fcheck_call *cb)
292{
293	struct xt_rateest_match_info *info = cb->data;
294
295	if (info == NULL)
296		xtables_error(PARAMETER_PROBLEM, "rateest match: "
297		           "you need to specify some flags");
298	if (!(info->flags & XT_RATEEST_MATCH_REL))
299		info->flags |= XT_RATEEST_MATCH_ABS;
300}
301
302static void
303rateest_print_rate(uint32_t rate, int numeric)
304{
305	double tmp = (double)rate*8;
306
307	if (numeric)
308		printf(" %u", rate);
309	else if (tmp >= 1000.0*1000000.0)
310		printf(" %.0fMbit", tmp/1000000.0);
311	else if (tmp >= 1000.0 * 1000.0)
312		printf(" %.0fKbit", tmp/1000.0);
313	else
314		printf(" %.0fbit", tmp);
315}
316
317static void
318rateest_print_mode(const struct xt_rateest_match_info *info,
319                   const char *prefix)
320{
321	if (info->flags & XT_RATEEST_MATCH_INVERT)
322		printf(" !");
323
324	switch (info->mode) {
325	case XT_RATEEST_MATCH_EQ:
326		printf(" %seq", prefix);
327		break;
328	case XT_RATEEST_MATCH_LT:
329		printf(" %slt", prefix);
330		break;
331	case XT_RATEEST_MATCH_GT:
332		printf(" %sgt", prefix);
333		break;
334	default:
335		exit(1);
336	}
337}
338
339static void
340rateest_print(const void *ip, const struct xt_entry_match *match, int numeric)
341{
342	const struct xt_rateest_match_info *info = (const void *)match->data;
343
344	printf(" rateest match ");
345
346	printf("%s", info->name1);
347	if (info->flags & XT_RATEEST_MATCH_DELTA)
348		printf(" delta");
349
350	if (info->flags & XT_RATEEST_MATCH_BPS) {
351		printf(" bps");
352		if (info->flags & XT_RATEEST_MATCH_DELTA)
353			rateest_print_rate(info->bps1, numeric);
354		if (info->flags & XT_RATEEST_MATCH_ABS) {
355			rateest_print_rate(info->bps2, numeric);
356			rateest_print_mode(info, "");
357		}
358	}
359	if (info->flags & XT_RATEEST_MATCH_PPS) {
360		printf(" pps");
361		if (info->flags & XT_RATEEST_MATCH_DELTA)
362			printf(" %u", info->pps1);
363		if (info->flags & XT_RATEEST_MATCH_ABS) {
364			rateest_print_mode(info, "");
365			printf(" %u", info->pps2);
366		}
367	}
368
369	if (info->flags & XT_RATEEST_MATCH_REL) {
370		rateest_print_mode(info, "");
371
372		printf(" %s", info->name2);
373
374		if (info->flags & XT_RATEEST_MATCH_BPS) {
375			printf(" bps");
376			if (info->flags & XT_RATEEST_MATCH_DELTA)
377				rateest_print_rate(info->bps2, numeric);
378		}
379		if (info->flags & XT_RATEEST_MATCH_PPS) {
380			printf(" pps");
381			if (info->flags & XT_RATEEST_MATCH_DELTA)
382				printf(" %u", info->pps2);
383		}
384	}
385}
386
387static void __rateest_save_rate(const struct xt_rateest_match_info *info,
388                                const char *name, uint32_t r1, uint32_t r2,
389                                int numeric)
390{
391	if (info->flags & XT_RATEEST_MATCH_DELTA) {
392		printf(" --rateest-%s1", name);
393		rateest_print_rate(r1, numeric);
394		rateest_print_mode(info, "--rateest-");
395		printf(" --rateest-%s2", name);
396	} else {
397		rateest_print_mode(info, "--rateest-");
398		printf(" --rateest-%s", name);
399	}
400
401	if (info->flags & (XT_RATEEST_MATCH_ABS|XT_RATEEST_MATCH_DELTA))
402		rateest_print_rate(r2, numeric);
403}
404
405static void rateest_save_rates(const struct xt_rateest_match_info *info)
406{
407	if (info->flags & XT_RATEEST_MATCH_BPS)
408		__rateest_save_rate(info, "bps", info->bps1, info->bps2, 0);
409	if (info->flags & XT_RATEEST_MATCH_PPS)
410		__rateest_save_rate(info, "pps", info->pps1, info->pps2, 1);
411}
412
413
414static void
415rateest_save(const void *ip, const struct xt_entry_match *match)
416{
417	const struct xt_rateest_match_info *info = (const void *)match->data;
418
419	if (info->flags & XT_RATEEST_MATCH_DELTA)
420		printf(" --rateest-delta");
421
422	if (info->flags & XT_RATEEST_MATCH_REL) {
423		printf(" --rateest1 %s", info->name1);
424		rateest_save_rates(info);
425		printf(" --rateest2 %s", info->name2);
426	} else { /* XT_RATEEST_MATCH_ABS */
427		printf(" --rateest %s", info->name1);
428		rateest_save_rates(info);
429	}
430}
431
432static struct xtables_match rateest_mt_reg = {
433	.family		= NFPROTO_UNSPEC,
434	.name		= "rateest",
435	.version	= XTABLES_VERSION,
436	.size		= XT_ALIGN(sizeof(struct xt_rateest_match_info)),
437	.userspacesize	= XT_ALIGN(offsetof(struct xt_rateest_match_info, est1)),
438	.help		= rateest_help,
439	.parse		= rateest_parse,
440	.x6_fcheck	= rateest_final_check,
441	.print		= rateest_print,
442	.save		= rateest_save,
443	.extra_opts	= rateest_opts,
444};
445
446void _init(void)
447{
448	xtables_register_match(&rateest_mt_reg);
449}
450