From e55b28c1072ab3a97df1d6a69b293fc34af3a591 Mon Sep 17 00:00:00 2001 From: bodea Date: Thu, 13 Jan 2005 07:57:35 +0000 Subject: [PATCH] rename sess_count to sess_local, fiddle with packet_limit log output --- cluster.c | 20 ++++++++++---------- l2tpns.c | 34 ++++++++++++++++++---------------- l2tpns.h | 6 +++--- ppp.c | 6 +++--- 4 files changed, 34 insertions(+), 32 deletions(-) diff --git a/cluster.c b/cluster.c index 4035f49..903b940 100644 --- a/cluster.c +++ b/cluster.c @@ -1,6 +1,6 @@ // L2TPNS Clustering Stuff -char const *cvs_id_cluster = "$Id: cluster.c,v 1.28 2004/12/22 05:30:58 bodea Exp $"; +char const *cvs_id_cluster = "$Id: cluster.c,v 1.29 2005/01/13 07:57:35 bodea Exp $"; #include #include @@ -406,18 +406,18 @@ void master_update_counts(void) if ( walk_session_number > config->cluster_highest_sessionid) walk_session_number = 1; - if (!sess_count[walk_session_number].cin && !sess_count[walk_session_number].cout) + if (!sess_local[walk_session_number].cin && !sess_local[walk_session_number].cout) continue; // Unused. Skip it. b[c].sid = walk_session_number; - b[c].in = sess_count[walk_session_number].cin; - b[c].out = sess_count[walk_session_number].cout; + b[c].in = sess_local[walk_session_number].cin; + b[c].out = sess_local[walk_session_number].cout; if (++c > MAX_B_RECS) // Send a max of 400 elements in a packet. break; // Reset counters. - sess_count[walk_session_number].cin = sess_count[walk_session_number].cout = 0; + sess_local[walk_session_number].cin = sess_local[walk_session_number].cout = 0; } if (!c) // Didn't find any that changes. Get out of here! @@ -581,12 +581,12 @@ void cluster_check_master(void) session[i].last_packet = time_now; // Accumulate un-sent byte counters. - session[i].cin += sess_count[i].cin; - session[i].cout += sess_count[i].cout; - session[i].total_cin += sess_count[i].cin; - session[i].total_cout += sess_count[i].cout; + session[i].cin += sess_local[i].cin; + session[i].cout += sess_local[i].cout; + session[i].total_cin += sess_local[i].cin; + session[i].total_cout += sess_local[i].cout; - sess_count[i].cin = sess_count[i].cout = 0; + sess_local[i].cin = sess_local[i].cout = 0; session[i].radius = 0; // Reset authentication as the radius blocks aren't up to date. diff --git a/l2tpns.c b/l2tpns.c index 72e71b2..127d515 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.77 2005/01/10 07:45:03 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.78 2005/01/13 07:57:36 bodea Exp $"; #include #include @@ -151,7 +151,7 @@ static sessionidt shut_acct_n = 0; tunnelt *tunnel = NULL; // Array of tunnel structures. sessiont *session = NULL; // Array of session structures. -sessioncountt *sess_count = NULL; // Array of partial per-session traffic counters. +sessionlocalt *sess_local = NULL; // Array of local per-session counters. radiust *radius = NULL; // Array of radius structures. ippoolt *ip_address_pool = NULL; // Array of dynamic IP addresses. ip_filtert *ip_filters = NULL; // Array of named filters. @@ -832,7 +832,7 @@ static void processipout(uint8_t * buf, int len) // DoS prevention: enforce a maximum number of packets per 0.1s for a session if (config->max_packets > 0) { - if (sess_count[s].last_packet_out == TIME) + if (sess_local[s].last_packet_out == TIME) { int max = config->max_packets; @@ -845,24 +845,26 @@ static void processipout(uint8_t * buf, int len) if (!config->cluster_iam_master && sp->throttle_out && sp->throttle_out < max) max = sp->throttle_out; - if (++sess_count[s].packets_out > max) + if (++sess_local[s].packets_out > max) { - sess_count[s].packets_dropped++; + sess_local[s].packets_dropped++; return; } } else { - if (sess_count[s].packets_dropped) + if (sess_local[s].packets_dropped) { - INC_STAT(tun_rx_dropped, sess_count[s].packets_dropped); - LOG(2, s, t, "Possible DoS attack on %s (%s); dropped %u packets.\n", - fmtaddr(ip, 0), sp->user, sess_count[s].packets_dropped); + INC_STAT(tun_rx_dropped, sess_local[s].packets_dropped); + LOG(3, s, t, "Dropped %u/%u packets to %s for %suser %s\n", + sess_local[s].packets_out, sess_local[s].packets_dropped, + fmtaddr(ip, 0), sp->throttle_out ? "throttled " : "", + sp->user); } - sess_count[s].last_packet_out = TIME; - sess_count[s].packets_out = 1; - sess_count[s].packets_dropped = 0; + sess_local[s].last_packet_out = TIME; + sess_local[s].packets_out = 1; + sess_local[s].packets_dropped = 0; } } @@ -903,7 +905,7 @@ static void processipout(uint8_t * buf, int len) sp->total_cout += len; // byte count sp->pout++; udp_tx += len; - sess_count[s].cout += len; // To send to master.. + sess_local[s].cout += len; // To send to master.. } // @@ -953,7 +955,7 @@ static void send_ipout(sessionidt s, uint8_t *buf, int len) sp->total_cout += len; // byte count sp->pout++; udp_tx += len; - sess_count[s].cout += len; // To send to master.. + sess_local[s].cout += len; // To send to master.. } // add an AVP (16 bit) @@ -2729,9 +2731,9 @@ static void initdata(int optdebug, char *optconfig) exit(1); } - if (!(sess_count = shared_malloc(sizeof(sessioncountt) * MAXSESSION))) + if (!(sess_local = shared_malloc(sizeof(sessionlocalt) * MAXSESSION))) { - LOG(0, 0, 0, "Error doing malloc for sessions_count: %s\n", strerror(errno)); + LOG(0, 0, 0, "Error doing malloc for sess_local: %s\n", strerror(errno)); exit(1); } diff --git a/l2tpns.h b/l2tpns.h index 959c9ed..0460a38 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -1,5 +1,5 @@ // L2TPNS Global Stuff -// $Id: l2tpns.h,v 1.52 2005/01/10 07:17:37 bodea Exp $ +// $Id: l2tpns.h,v 1.53 2005/01/13 07:57:39 bodea Exp $ #ifndef __L2TPNS_H__ #define __L2TPNS_H__ @@ -236,7 +236,7 @@ typedef struct clockt last_packet_out; uint32_t packets_out; uint32_t packets_dropped; -} sessioncountt; +} sessionlocalt; #define SESSIONPFC 1 // PFC negotiated flags #define SESSIONACFC 2 // ACFC negotiated flags @@ -644,7 +644,7 @@ void host_unreachable(in_addr_t destination, uint16_t id, in_addr_t source, char extern tunnelt *tunnel; extern sessiont *session; -extern sessioncountt *sess_count; +extern sessionlocalt *sess_local; extern ippoolt *ip_address_pool; #define sessionfree (session[0].next) diff --git a/ppp.c b/ppp.c index 0d9dc01..a56b534 100644 --- a/ppp.c +++ b/ppp.c @@ -1,6 +1,6 @@ // L2TPNS PPP Stuff -char const *cvs_id_ppp = "$Id: ppp.c,v 1.40 2005/01/05 13:50:30 bodea Exp $"; +char const *cvs_id_ppp = "$Id: ppp.c,v 1.41 2005/01/13 07:57:39 bodea Exp $"; #include #include @@ -750,7 +750,7 @@ void processipin(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l) session[s].cin += l - 4; session[s].total_cin += l - 4; - sess_count[s].cin += l - 4; + sess_local[s].cin += l - 4; session[s].pin++; eth_tx += l - 4; @@ -785,7 +785,7 @@ void send_ipin(sessionidt s, uint8_t *buf, int len) // Increment packet counters session[s].cin += len - 4; session[s].total_cin += len - 4; - sess_count[s].cin += len - 4; + sess_local[s].cin += len - 4; session[s].pin++; eth_tx += len - 4; -- 2.20.1