1 /*
2 * Copyright (c) 2008-2013 Patrick McHardy <kaber@trash.net>
3 */
4
5 #include <stdbool.h>
6 #include <stdio.h>
7 #include <string.h>
8 #include <stdlib.h>
9 #include <stddef.h>
10 #include <getopt.h>
11
12 #include <xtables.h>
13 #include <linux/netfilter/xt_rateest.h>
14
rateest_help(void)15 static void rateest_help(void)
16 {
17 printf(
18 "rateest match options:\n"
19 " --rateest1 name Rate estimator name\n"
20 " --rateest2 name Rate estimator name\n"
21 " --rateest-delta Compare difference(s) to given rate(s)\n"
22 " --rateest-bps1 [bps] Compare bps\n"
23 " --rateest-pps1 [pps] Compare pps\n"
24 " --rateest-bps2 [bps] Compare bps\n"
25 " --rateest-pps2 [pps] Compare pps\n"
26 " [!] --rateest-lt Match if rate is less than given rate/estimator\n"
27 " [!] --rateest-gt Match if rate is greater than given rate/estimator\n"
28 " [!] --rateest-eq Match if rate is equal to given rate/estimator\n");
29 }
30
31 enum rateest_options {
32 OPT_RATEEST1,
33 OPT_RATEEST2,
34 OPT_RATEEST_BPS1,
35 OPT_RATEEST_PPS1,
36 OPT_RATEEST_BPS2,
37 OPT_RATEEST_PPS2,
38 OPT_RATEEST_DELTA,
39 OPT_RATEEST_LT,
40 OPT_RATEEST_GT,
41 OPT_RATEEST_EQ,
42 };
43
44 static const struct option rateest_opts[] = {
45 {.name = "rateest1", .has_arg = true, .val = OPT_RATEEST1},
46 {.name = "rateest", .has_arg = true, .val = OPT_RATEEST1}, /* alias for absolute mode */
47 {.name = "rateest2", .has_arg = true, .val = OPT_RATEEST2},
48 {.name = "rateest-bps1", .has_arg = false, .val = OPT_RATEEST_BPS1},
49 {.name = "rateest-pps1", .has_arg = false, .val = OPT_RATEEST_PPS1},
50 {.name = "rateest-bps2", .has_arg = false, .val = OPT_RATEEST_BPS2},
51 {.name = "rateest-pps2", .has_arg = false, .val = OPT_RATEEST_PPS2},
52 {.name = "rateest-bps", .has_arg = false, .val = OPT_RATEEST_BPS2}, /* alias for absolute mode */
53 {.name = "rateest-pps", .has_arg = false, .val = OPT_RATEEST_PPS2}, /* alias for absolute mode */
54 {.name = "rateest-delta", .has_arg = false, .val = OPT_RATEEST_DELTA},
55 {.name = "rateest-lt", .has_arg = false, .val = OPT_RATEEST_LT},
56 {.name = "rateest-gt", .has_arg = false, .val = OPT_RATEEST_GT},
57 {.name = "rateest-eq", .has_arg = false, .val = OPT_RATEEST_EQ},
58 XT_GETOPT_TABLEEND,
59 };
60
61 /* Copied from iproute. See http://physics.nist.gov/cuu/Units/binary.html */
62 static const struct rate_suffix {
63 const char *name;
64 double scale;
65 } suffixes[] = {
66 { "bit", 1. },
67 { "Kibit", 1024. },
68 { "kbit", 1000. },
69 { "Mibit", 1024.*1024. },
70 { "mbit", 1000000. },
71 { "Gibit", 1024.*1024.*1024. },
72 { "gbit", 1000000000. },
73 { "Tibit", 1024.*1024.*1024.*1024. },
74 { "tbit", 1000000000000. },
75 { "Bps", 8. },
76 { "KiBps", 8.*1024. },
77 { "KBps", 8000. },
78 { "MiBps", 8.*1024*1024. },
79 { "MBps", 8000000. },
80 { "GiBps", 8.*1024.*1024.*1024. },
81 { "GBps", 8000000000. },
82 { "TiBps", 8.*1024.*1024.*1024.*1024. },
83 { "TBps", 8000000000000. },
84 {NULL},
85 };
86
87 static int
rateest_get_rate(uint32_t * rate,const char * str)88 rateest_get_rate(uint32_t *rate, const char *str)
89 {
90 char *p;
91 double bps = strtod(str, &p);
92 const struct rate_suffix *s;
93
94 if (p == str)
95 return -1;
96
97 if (*p == '\0') {
98 *rate = bps / 8.; /* assume bytes/sec */
99 return 0;
100 }
101
102 for (s = suffixes; s->name; ++s) {
103 if (strcasecmp(s->name, p) == 0) {
104 *rate = (bps * s->scale) / 8.;
105 return 0;
106 }
107 }
108
109 return -1;
110 }
111
112 static int
rateest_parse(int c,char ** argv,int invert,unsigned int * flags,const void * entry,struct xt_entry_match ** match)113 rateest_parse(int c, char **argv, int invert, unsigned int *flags,
114 const void *entry, struct xt_entry_match **match)
115 {
116 struct xt_rateest_match_info *info = (void *)(*match)->data;
117 unsigned int val;
118
119 switch (c) {
120 case OPT_RATEEST1:
121 if (invert)
122 xtables_error(PARAMETER_PROBLEM,
123 "rateest: rateest can't be inverted");
124
125 if (*flags & (1 << c))
126 xtables_error(PARAMETER_PROBLEM,
127 "rateest: can't specify --rateest1 twice");
128 *flags |= 1 << c;
129
130 strncpy(info->name1, optarg, sizeof(info->name1) - 1);
131 break;
132
133 case OPT_RATEEST2:
134 if (invert)
135 xtables_error(PARAMETER_PROBLEM,
136 "rateest: rateest can't be inverted");
137
138 if (*flags & (1 << c))
139 xtables_error(PARAMETER_PROBLEM,
140 "rateest: can't specify --rateest2 twice");
141 *flags |= 1 << c;
142
143 strncpy(info->name2, optarg, sizeof(info->name2) - 1);
144 info->flags |= XT_RATEEST_MATCH_REL;
145 break;
146
147 case OPT_RATEEST_BPS1:
148 if (invert)
149 xtables_error(PARAMETER_PROBLEM,
150 "rateest: rateest-bps can't be inverted");
151
152 if (*flags & (1 << c))
153 xtables_error(PARAMETER_PROBLEM,
154 "rateest: can't specify --rateest-bps1 twice");
155 *flags |= 1 << c;
156
157 info->flags |= XT_RATEEST_MATCH_BPS;
158
159 /* The rate is optional and only required in absolute mode */
160 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
161 break;
162
163 if (rateest_get_rate(&info->bps1, argv[optind]) < 0)
164 xtables_error(PARAMETER_PROBLEM,
165 "rateest: could not parse rate `%s'",
166 argv[optind]);
167 optind++;
168 break;
169
170 case OPT_RATEEST_PPS1:
171 if (invert)
172 xtables_error(PARAMETER_PROBLEM,
173 "rateest: rateest-pps can't be inverted");
174
175 if (*flags & (1 << c))
176 xtables_error(PARAMETER_PROBLEM,
177 "rateest: can't specify --rateest-pps1 twice");
178 *flags |= 1 << c;
179
180 info->flags |= XT_RATEEST_MATCH_PPS;
181
182 /* The rate is optional and only required in absolute mode */
183 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
184 break;
185
186 if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
187 xtables_error(PARAMETER_PROBLEM,
188 "rateest: could not parse pps `%s'",
189 argv[optind]);
190 info->pps1 = val;
191 optind++;
192 break;
193
194 case OPT_RATEEST_BPS2:
195 if (invert)
196 xtables_error(PARAMETER_PROBLEM,
197 "rateest: rateest-bps can't be inverted");
198
199 if (*flags & (1 << c))
200 xtables_error(PARAMETER_PROBLEM,
201 "rateest: can't specify --rateest-bps2 twice");
202 *flags |= 1 << c;
203
204 info->flags |= XT_RATEEST_MATCH_BPS;
205
206 /* The rate is optional and only required in absolute mode */
207 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
208 break;
209
210 if (rateest_get_rate(&info->bps2, argv[optind]) < 0)
211 xtables_error(PARAMETER_PROBLEM,
212 "rateest: could not parse rate `%s'",
213 argv[optind]);
214 optind++;
215 break;
216
217 case OPT_RATEEST_PPS2:
218 if (invert)
219 xtables_error(PARAMETER_PROBLEM,
220 "rateest: rateest-pps can't be inverted");
221
222 if (*flags & (1 << c))
223 xtables_error(PARAMETER_PROBLEM,
224 "rateest: can't specify --rateest-pps2 twice");
225 *flags |= 1 << c;
226
227 info->flags |= XT_RATEEST_MATCH_PPS;
228
229 /* The rate is optional and only required in absolute mode */
230 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
231 break;
232
233 if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
234 xtables_error(PARAMETER_PROBLEM,
235 "rateest: could not parse pps `%s'",
236 argv[optind]);
237 info->pps2 = val;
238 optind++;
239 break;
240
241 case OPT_RATEEST_DELTA:
242 if (invert)
243 xtables_error(PARAMETER_PROBLEM,
244 "rateest: rateest-delta can't be inverted");
245
246 if (*flags & (1 << c))
247 xtables_error(PARAMETER_PROBLEM,
248 "rateest: can't specify --rateest-delta twice");
249 *flags |= 1 << c;
250
251 info->flags |= XT_RATEEST_MATCH_DELTA;
252 break;
253
254 case OPT_RATEEST_EQ:
255 if (*flags & (1 << c))
256 xtables_error(PARAMETER_PROBLEM,
257 "rateest: can't specify lt/gt/eq twice");
258 *flags |= 1 << c;
259
260 info->mode = XT_RATEEST_MATCH_EQ;
261 if (invert)
262 info->flags |= XT_RATEEST_MATCH_INVERT;
263 break;
264
265 case OPT_RATEEST_LT:
266 if (*flags & (1 << c))
267 xtables_error(PARAMETER_PROBLEM,
268 "rateest: can't specify lt/gt/eq twice");
269 *flags |= 1 << c;
270
271 info->mode = XT_RATEEST_MATCH_LT;
272 if (invert)
273 info->flags |= XT_RATEEST_MATCH_INVERT;
274 break;
275
276 case OPT_RATEEST_GT:
277 if (*flags & (1 << c))
278 xtables_error(PARAMETER_PROBLEM,
279 "rateest: can't specify lt/gt/eq twice");
280 *flags |= 1 << c;
281
282 info->mode = XT_RATEEST_MATCH_GT;
283 if (invert)
284 info->flags |= XT_RATEEST_MATCH_INVERT;
285 break;
286 }
287
288 return 1;
289 }
290
rateest_final_check(struct xt_fcheck_call * cb)291 static void rateest_final_check(struct xt_fcheck_call *cb)
292 {
293 struct xt_rateest_match_info *info = cb->data;
294
295 if (info == NULL)
296 xtables_error(PARAMETER_PROBLEM, "rateest match: "
297 "you need to specify some flags");
298 if (!(info->flags & XT_RATEEST_MATCH_REL))
299 info->flags |= XT_RATEEST_MATCH_ABS;
300 }
301
302 static void
rateest_print_rate(uint32_t rate,int numeric)303 rateest_print_rate(uint32_t rate, int numeric)
304 {
305 double tmp = (double)rate*8;
306
307 if (numeric)
308 printf(" %u", rate);
309 else if (tmp >= 1000.0*1000000.0)
310 printf(" %.0fMbit", tmp/1000000.0);
311 else if (tmp >= 1000.0 * 1000.0)
312 printf(" %.0fKbit", tmp/1000.0);
313 else
314 printf(" %.0fbit", tmp);
315 }
316
317 static void
rateest_print_mode(const struct xt_rateest_match_info * info,const char * prefix)318 rateest_print_mode(const struct xt_rateest_match_info *info,
319 const char *prefix)
320 {
321 if (info->flags & XT_RATEEST_MATCH_INVERT)
322 printf(" !");
323
324 switch (info->mode) {
325 case XT_RATEEST_MATCH_EQ:
326 printf(" %seq", prefix);
327 break;
328 case XT_RATEEST_MATCH_LT:
329 printf(" %slt", prefix);
330 break;
331 case XT_RATEEST_MATCH_GT:
332 printf(" %sgt", prefix);
333 break;
334 default:
335 exit(1);
336 }
337 }
338
339 static void
rateest_print(const void * ip,const struct xt_entry_match * match,int numeric)340 rateest_print(const void *ip, const struct xt_entry_match *match, int numeric)
341 {
342 const struct xt_rateest_match_info *info = (const void *)match->data;
343
344 printf(" rateest match ");
345
346 printf("%s", info->name1);
347 if (info->flags & XT_RATEEST_MATCH_DELTA)
348 printf(" delta");
349
350 if (info->flags & XT_RATEEST_MATCH_BPS) {
351 printf(" bps");
352 if (info->flags & XT_RATEEST_MATCH_DELTA)
353 rateest_print_rate(info->bps1, numeric);
354 if (info->flags & XT_RATEEST_MATCH_ABS) {
355 rateest_print_rate(info->bps2, numeric);
356 rateest_print_mode(info, "");
357 }
358 }
359 if (info->flags & XT_RATEEST_MATCH_PPS) {
360 printf(" pps");
361 if (info->flags & XT_RATEEST_MATCH_DELTA)
362 printf(" %u", info->pps1);
363 if (info->flags & XT_RATEEST_MATCH_ABS) {
364 rateest_print_mode(info, "");
365 printf(" %u", info->pps2);
366 }
367 }
368
369 if (info->flags & XT_RATEEST_MATCH_REL) {
370 rateest_print_mode(info, "");
371
372 printf(" %s", info->name2);
373
374 if (info->flags & XT_RATEEST_MATCH_BPS) {
375 printf(" bps");
376 if (info->flags & XT_RATEEST_MATCH_DELTA)
377 rateest_print_rate(info->bps2, numeric);
378 }
379 if (info->flags & XT_RATEEST_MATCH_PPS) {
380 printf(" pps");
381 if (info->flags & XT_RATEEST_MATCH_DELTA)
382 printf(" %u", info->pps2);
383 }
384 }
385 }
386
__rateest_save_rate(const struct xt_rateest_match_info * info,const char * name,uint32_t r1,uint32_t r2,int numeric)387 static void __rateest_save_rate(const struct xt_rateest_match_info *info,
388 const char *name, uint32_t r1, uint32_t r2,
389 int numeric)
390 {
391 if (info->flags & XT_RATEEST_MATCH_DELTA) {
392 printf(" --rateest-%s1", name);
393 rateest_print_rate(r1, numeric);
394 rateest_print_mode(info, "--rateest-");
395 printf(" --rateest-%s2", name);
396 } else {
397 rateest_print_mode(info, "--rateest-");
398 printf(" --rateest-%s", name);
399 }
400
401 if (info->flags & (XT_RATEEST_MATCH_ABS|XT_RATEEST_MATCH_DELTA))
402 rateest_print_rate(r2, numeric);
403 }
404
rateest_save_rates(const struct xt_rateest_match_info * info)405 static void rateest_save_rates(const struct xt_rateest_match_info *info)
406 {
407 if (info->flags & XT_RATEEST_MATCH_BPS)
408 __rateest_save_rate(info, "bps", info->bps1, info->bps2, 0);
409 if (info->flags & XT_RATEEST_MATCH_PPS)
410 __rateest_save_rate(info, "pps", info->pps1, info->pps2, 1);
411 }
412
413
414 static void
rateest_save(const void * ip,const struct xt_entry_match * match)415 rateest_save(const void *ip, const struct xt_entry_match *match)
416 {
417 const struct xt_rateest_match_info *info = (const void *)match->data;
418
419 if (info->flags & XT_RATEEST_MATCH_DELTA)
420 printf(" --rateest-delta");
421
422 if (info->flags & XT_RATEEST_MATCH_REL) {
423 printf(" --rateest1 %s", info->name1);
424 rateest_save_rates(info);
425 printf(" --rateest2 %s", info->name2);
426 } else { /* XT_RATEEST_MATCH_ABS */
427 printf(" --rateest %s", info->name1);
428 rateest_save_rates(info);
429 }
430 }
431
432 static struct xtables_match rateest_mt_reg = {
433 .family = NFPROTO_UNSPEC,
434 .name = "rateest",
435 .version = XTABLES_VERSION,
436 .size = XT_ALIGN(sizeof(struct xt_rateest_match_info)),
437 .userspacesize = XT_ALIGN(offsetof(struct xt_rateest_match_info, est1)),
438 .help = rateest_help,
439 .parse = rateest_parse,
440 .x6_fcheck = rateest_final_check,
441 .print = rateest_print,
442 .save = rateest_save,
443 .extra_opts = rateest_opts,
444 };
445
_init(void)446 void _init(void)
447 {
448 xtables_register_match(&rateest_mt_reg);
449 }
450