1#include <stdbool.h> 2#include <stdio.h> 3#include <string.h> 4#include <stdlib.h> 5#include <stddef.h> 6#include <getopt.h> 7 8#include <xtables.h> 9#include <linux/netfilter/xt_rateest.h> 10 11static void rateest_help(void) 12{ 13 printf( 14"rateest match options:\n" 15" --rateest1 name Rate estimator name\n" 16" --rateest2 name Rate estimator name\n" 17" --rateest-delta Compare difference(s) to given rate(s)\n" 18" --rateest-bps1 [bps] Compare bps\n" 19" --rateest-pps1 [pps] Compare pps\n" 20" --rateest-bps2 [bps] Compare bps\n" 21" --rateest-pps2 [pps] Compare pps\n" 22" [!] --rateest-lt Match if rate is less than given rate/estimator\n" 23" [!] --rateest-gt Match if rate is greater than given rate/estimator\n" 24" [!] --rateest-eq Match if rate is equal to given rate/estimator\n"); 25} 26 27enum rateest_options { 28 OPT_RATEEST1, 29 OPT_RATEEST2, 30 OPT_RATEEST_BPS1, 31 OPT_RATEEST_PPS1, 32 OPT_RATEEST_BPS2, 33 OPT_RATEEST_PPS2, 34 OPT_RATEEST_DELTA, 35 OPT_RATEEST_LT, 36 OPT_RATEEST_GT, 37 OPT_RATEEST_EQ, 38}; 39 40static const struct option rateest_opts[] = { 41 {.name = "rateest1", .has_arg = true, .val = OPT_RATEEST1}, 42 {.name = "rateest", .has_arg = true, .val = OPT_RATEEST1}, /* alias for absolute mode */ 43 {.name = "rateest2", .has_arg = true, .val = OPT_RATEEST2}, 44 {.name = "rateest-bps1", .has_arg = false, .val = OPT_RATEEST_BPS1}, 45 {.name = "rateest-pps1", .has_arg = false, .val = OPT_RATEEST_PPS1}, 46 {.name = "rateest-bps2", .has_arg = false, .val = OPT_RATEEST_BPS2}, 47 {.name = "rateest-pps2", .has_arg = false, .val = OPT_RATEEST_PPS2}, 48 {.name = "rateest-bps", .has_arg = false, .val = OPT_RATEEST_BPS2}, /* alias for absolute mode */ 49 {.name = "rateest-pps", .has_arg = false, .val = OPT_RATEEST_PPS2}, /* alias for absolute mode */ 50 {.name = "rateest-delta", .has_arg = false, .val = OPT_RATEEST_DELTA}, 51 {.name = "rateest-lt", .has_arg = false, .val = OPT_RATEEST_LT}, 52 {.name = "rateest-gt", .has_arg = false, .val = OPT_RATEEST_GT}, 53 {.name = "rateest-eq", .has_arg = false, .val = OPT_RATEEST_EQ}, 54 XT_GETOPT_TABLEEND, 55}; 56 57/* Copied from iproute. See http://physics.nist.gov/cuu/Units/binary.html */ 58static const struct rate_suffix { 59 const char *name; 60 double scale; 61} suffixes[] = { 62 { "bit", 1. }, 63 { "Kibit", 1024. }, 64 { "kbit", 1000. }, 65 { "Mibit", 1024.*1024. }, 66 { "mbit", 1000000. }, 67 { "Gibit", 1024.*1024.*1024. }, 68 { "gbit", 1000000000. }, 69 { "Tibit", 1024.*1024.*1024.*1024. }, 70 { "tbit", 1000000000000. }, 71 { "Bps", 8. }, 72 { "KiBps", 8.*1024. }, 73 { "KBps", 8000. }, 74 { "MiBps", 8.*1024*1024. }, 75 { "MBps", 8000000. }, 76 { "GiBps", 8.*1024.*1024.*1024. }, 77 { "GBps", 8000000000. }, 78 { "TiBps", 8.*1024.*1024.*1024.*1024. }, 79 { "TBps", 8000000000000. }, 80 {NULL}, 81}; 82 83static int 84rateest_get_rate(uint32_t *rate, const char *str) 85{ 86 char *p; 87 double bps = strtod(str, &p); 88 const struct rate_suffix *s; 89 90 if (p == str) 91 return -1; 92 93 if (*p == '\0') { 94 *rate = bps / 8.; /* assume bytes/sec */ 95 return 0; 96 } 97 98 for (s = suffixes; s->name; ++s) { 99 if (strcasecmp(s->name, p) == 0) { 100 *rate = (bps * s->scale) / 8.; 101 return 0; 102 } 103 } 104 105 return -1; 106} 107 108static int 109rateest_parse(int c, char **argv, int invert, unsigned int *flags, 110 const void *entry, struct xt_entry_match **match) 111{ 112 struct xt_rateest_match_info *info = (void *)(*match)->data; 113 unsigned int val; 114 115 switch (c) { 116 case OPT_RATEEST1: 117 if (invert) 118 xtables_error(PARAMETER_PROBLEM, 119 "rateest: rateest can't be inverted"); 120 121 if (*flags & (1 << c)) 122 xtables_error(PARAMETER_PROBLEM, 123 "rateest: can't specify --rateest1 twice"); 124 *flags |= 1 << c; 125 126 strncpy(info->name1, optarg, sizeof(info->name1) - 1); 127 break; 128 129 case OPT_RATEEST2: 130 if (invert) 131 xtables_error(PARAMETER_PROBLEM, 132 "rateest: rateest can't be inverted"); 133 134 if (*flags & (1 << c)) 135 xtables_error(PARAMETER_PROBLEM, 136 "rateest: can't specify --rateest2 twice"); 137 *flags |= 1 << c; 138 139 strncpy(info->name2, optarg, sizeof(info->name2) - 1); 140 info->flags |= XT_RATEEST_MATCH_REL; 141 break; 142 143 case OPT_RATEEST_BPS1: 144 if (invert) 145 xtables_error(PARAMETER_PROBLEM, 146 "rateest: rateest-bps can't be inverted"); 147 148 if (*flags & (1 << c)) 149 xtables_error(PARAMETER_PROBLEM, 150 "rateest: can't specify --rateest-bps1 twice"); 151 *flags |= 1 << c; 152 153 info->flags |= XT_RATEEST_MATCH_BPS; 154 155 /* The rate is optional and only required in absolute mode */ 156 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!') 157 break; 158 159 if (rateest_get_rate(&info->bps1, argv[optind]) < 0) 160 xtables_error(PARAMETER_PROBLEM, 161 "rateest: could not parse rate `%s'", 162 argv[optind]); 163 optind++; 164 break; 165 166 case OPT_RATEEST_PPS1: 167 if (invert) 168 xtables_error(PARAMETER_PROBLEM, 169 "rateest: rateest-pps can't be inverted"); 170 171 if (*flags & (1 << c)) 172 xtables_error(PARAMETER_PROBLEM, 173 "rateest: can't specify --rateest-pps1 twice"); 174 *flags |= 1 << c; 175 176 info->flags |= XT_RATEEST_MATCH_PPS; 177 178 /* The rate is optional and only required in absolute mode */ 179 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!') 180 break; 181 182 if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX)) 183 xtables_error(PARAMETER_PROBLEM, 184 "rateest: could not parse pps `%s'", 185 argv[optind]); 186 info->pps1 = val; 187 optind++; 188 break; 189 190 case OPT_RATEEST_BPS2: 191 if (invert) 192 xtables_error(PARAMETER_PROBLEM, 193 "rateest: rateest-bps can't be inverted"); 194 195 if (*flags & (1 << c)) 196 xtables_error(PARAMETER_PROBLEM, 197 "rateest: can't specify --rateest-bps2 twice"); 198 *flags |= 1 << c; 199 200 info->flags |= XT_RATEEST_MATCH_BPS; 201 202 /* The rate is optional and only required in absolute mode */ 203 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!') 204 break; 205 206 if (rateest_get_rate(&info->bps2, argv[optind]) < 0) 207 xtables_error(PARAMETER_PROBLEM, 208 "rateest: could not parse rate `%s'", 209 argv[optind]); 210 optind++; 211 break; 212 213 case OPT_RATEEST_PPS2: 214 if (invert) 215 xtables_error(PARAMETER_PROBLEM, 216 "rateest: rateest-pps can't be inverted"); 217 218 if (*flags & (1 << c)) 219 xtables_error(PARAMETER_PROBLEM, 220 "rateest: can't specify --rateest-pps2 twice"); 221 *flags |= 1 << c; 222 223 info->flags |= XT_RATEEST_MATCH_PPS; 224 225 /* The rate is optional and only required in absolute mode */ 226 if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!') 227 break; 228 229 if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX)) 230 xtables_error(PARAMETER_PROBLEM, 231 "rateest: could not parse pps `%s'", 232 argv[optind]); 233 info->pps2 = val; 234 optind++; 235 break; 236 237 case OPT_RATEEST_DELTA: 238 if (invert) 239 xtables_error(PARAMETER_PROBLEM, 240 "rateest: rateest-delta can't be inverted"); 241 242 if (*flags & (1 << c)) 243 xtables_error(PARAMETER_PROBLEM, 244 "rateest: can't specify --rateest-delta twice"); 245 *flags |= 1 << c; 246 247 info->flags |= XT_RATEEST_MATCH_DELTA; 248 break; 249 250 case OPT_RATEEST_EQ: 251 if (*flags & (1 << c)) 252 xtables_error(PARAMETER_PROBLEM, 253 "rateest: can't specify lt/gt/eq twice"); 254 *flags |= 1 << c; 255 256 info->mode = XT_RATEEST_MATCH_EQ; 257 if (invert) 258 info->flags |= XT_RATEEST_MATCH_INVERT; 259 break; 260 261 case OPT_RATEEST_LT: 262 if (*flags & (1 << c)) 263 xtables_error(PARAMETER_PROBLEM, 264 "rateest: can't specify lt/gt/eq twice"); 265 *flags |= 1 << c; 266 267 info->mode = XT_RATEEST_MATCH_LT; 268 if (invert) 269 info->flags |= XT_RATEEST_MATCH_INVERT; 270 break; 271 272 case OPT_RATEEST_GT: 273 if (*flags & (1 << c)) 274 xtables_error(PARAMETER_PROBLEM, 275 "rateest: can't specify lt/gt/eq twice"); 276 *flags |= 1 << c; 277 278 info->mode = XT_RATEEST_MATCH_GT; 279 if (invert) 280 info->flags |= XT_RATEEST_MATCH_INVERT; 281 break; 282 } 283 284 return 1; 285} 286 287static void rateest_final_check(struct xt_fcheck_call *cb) 288{ 289 struct xt_rateest_match_info *info = cb->data; 290 291 if (info == NULL) 292 xtables_error(PARAMETER_PROBLEM, "rateest match: " 293 "you need to specify some flags"); 294 if (!(info->flags & XT_RATEEST_MATCH_REL)) 295 info->flags |= XT_RATEEST_MATCH_ABS; 296} 297 298static void 299rateest_print_rate(uint32_t rate, int numeric) 300{ 301 double tmp = (double)rate*8; 302 303 if (numeric) 304 printf(" %u", rate); 305 else if (tmp >= 1000.0*1000000.0) 306 printf(" %.0fMbit", tmp/1000000.0); 307 else if (tmp >= 1000.0 * 1000.0) 308 printf(" %.0fKbit", tmp/1000.0); 309 else 310 printf(" %.0fbit", tmp); 311} 312 313static void 314rateest_print_mode(const struct xt_rateest_match_info *info, 315 const char *prefix) 316{ 317 if (info->flags & XT_RATEEST_MATCH_INVERT) 318 printf(" !"); 319 320 switch (info->mode) { 321 case XT_RATEEST_MATCH_EQ: 322 printf(" %seq", prefix); 323 break; 324 case XT_RATEEST_MATCH_LT: 325 printf(" %slt", prefix); 326 break; 327 case XT_RATEEST_MATCH_GT: 328 printf(" %sgt", prefix); 329 break; 330 default: 331 exit(1); 332 } 333} 334 335static void 336rateest_print(const void *ip, const struct xt_entry_match *match, int numeric) 337{ 338 const struct xt_rateest_match_info *info = (const void *)match->data; 339 340 printf(" rateest match "); 341 342 printf("%s", info->name1); 343 if (info->flags & XT_RATEEST_MATCH_DELTA) 344 printf(" delta"); 345 346 if (info->flags & XT_RATEEST_MATCH_BPS) { 347 printf(" bps"); 348 if (info->flags & XT_RATEEST_MATCH_DELTA) 349 rateest_print_rate(info->bps1, numeric); 350 if (info->flags & XT_RATEEST_MATCH_ABS) { 351 rateest_print_mode(info, ""); 352 rateest_print_rate(info->bps2, numeric); 353 } 354 } 355 if (info->flags & XT_RATEEST_MATCH_PPS) { 356 printf(" pps"); 357 if (info->flags & XT_RATEEST_MATCH_DELTA) 358 printf(" %u", info->pps1); 359 if (info->flags & XT_RATEEST_MATCH_ABS) { 360 rateest_print_mode(info, ""); 361 printf(" %u", info->pps2); 362 } 363 } 364 365 if (info->flags & XT_RATEEST_MATCH_REL) { 366 rateest_print_mode(info, ""); 367 368 printf(" %s", info->name2); 369 if (info->flags & XT_RATEEST_MATCH_DELTA) 370 printf(" delta"); 371 372 if (info->flags & XT_RATEEST_MATCH_BPS) { 373 printf(" bps"); 374 if (info->flags & XT_RATEEST_MATCH_DELTA) 375 rateest_print_rate(info->bps2, numeric); 376 } 377 if (info->flags & XT_RATEEST_MATCH_PPS) { 378 printf(" pps"); 379 if (info->flags & XT_RATEEST_MATCH_DELTA) 380 printf(" %u", info->pps2); 381 } 382 } 383} 384 385static void 386rateest_save(const void *ip, const struct xt_entry_match *match) 387{ 388 const struct xt_rateest_match_info *info = (const void *)match->data; 389 390 if (info->flags & XT_RATEEST_MATCH_REL) { 391 printf(" --rateest1 %s", info->name1); 392 if (info->flags & XT_RATEEST_MATCH_BPS) 393 printf(" --rateest-bps"); 394 if (info->flags & XT_RATEEST_MATCH_PPS) 395 printf(" --rateest-pps"); 396 rateest_print_mode(info, " --rateest-"); 397 printf(" --rateest2 %s", info->name2); 398 } else { 399 printf(" --rateest %s", info->name1); 400 if (info->flags & XT_RATEEST_MATCH_BPS) { 401 printf(" --rateest-bps1"); 402 rateest_print_rate(info->bps1, 0); 403 printf(" --rateest-bps2"); 404 rateest_print_rate(info->bps2, 0); 405 rateest_print_mode(info, "--rateest-"); 406 } 407 if (info->flags & XT_RATEEST_MATCH_PPS) { 408 printf(" --rateest-pps"); 409 rateest_print_mode(info, "--rateest-"); 410 printf(" %u", info->pps2); 411 } 412 } 413} 414 415static struct xtables_match rateest_mt_reg = { 416 .family = NFPROTO_UNSPEC, 417 .name = "rateest", 418 .version = XTABLES_VERSION, 419 .size = XT_ALIGN(sizeof(struct xt_rateest_match_info)), 420 .userspacesize = XT_ALIGN(offsetof(struct xt_rateest_match_info, est1)), 421 .help = rateest_help, 422 .parse = rateest_parse, 423 .x6_fcheck = rateest_final_check, 424 .print = rateest_print, 425 .save = rateest_save, 426 .extra_opts = rateest_opts, 427}; 428 429void _init(void) 430{ 431 xtables_register_match(&rateest_mt_reg); 432} 433