diff -r 18adcc36d6c7 -r b9f7ea866f99 cli/cnistnet.c --- a/cli/cnistnet.c Sat Jan 19 17:15:32 2008 +0000 +++ b/cli/cnistnet.c Sun Jan 20 15:45:51 2008 +0000 @@ -12,7 +12,14 @@ * [--dup dup_percentage[/dup_correlation]] * [--bandwidth bandwidth] * [--drd drdmin drdmax [drdcongest]] + * -m macsrc [macdest] add new + * [--delay delay [delsigma[/delcorr]]] + * [--drop drop_percentage[/drop_correlation]] + * [--dup dup_percentage[/dup_correlation]] + * [--bandwidth bandwidth] + * [--drd drdmin drdmax [drdcongest]] * -r src[:port[.protocol]] dest[:port[.protocol]] [cos] remove + * -c macsrc macdest remove\n\ * -s src[:port[.protocol]] dest[:port[.protocol]] [cos] see stats * -S src[:port[.protocol]] dest[:port[.protocol]] [cos] see stats continuously * [-n] -R read table (-n numerical format) @@ -49,7 +56,14 @@ fprintf(stderr, [--dup dup_percentage[/dup_correlation]]\n\ [--bandwidth bandwidth]\n\ [--drd drdmin drdmax [drdcongest]]\n\ + -m macsrc [macdest] add new\n\ + [--delay delay [delsigma[/delcorr]]]\n\ + [--drop drop_percentage[/drop_correlation]]\n\ + [--dup dup_percentage[/dup_correlation]]\n\ + [--bandwidth bandwidth]\n\ + [--drd drdmin drdmax [drdcongest]]\n\ -r src[:port[.prot]] dest[:port[.prot]] [cos] remove\n\ + -c macsrc macdest remove\n\ -s src[:port[.prot]] dest[:port[.prot]] [cos] see stats\n\ -S src[:port[.prot]] dest[:port[.prot]] [cos] see stats continuously\n\ [-n] -R read table (-n numerical format)\n\ @@ -62,6 +76,28 @@ exit(exitstatus); exit(exitstatus); } +int +readsrcdestmacprot(struct macsrcdestprot *sdpargs, int optind, int argc, char *argv[]) +{ + int last_index; + + bzero(sdpargs, sizeof(struct macsrcdestprot)); + if (optind+1 >= argc) /* not enough room to find args! */ + Usage(1); + + sdpargs->srcmac = argv[optind]; + + last_index = optind+1; + + if (strcmp(argv[optind+1], "add")) { + sdpargs->dstmac = argv[optind+1]; + if (!sdpargs->dstmac || *sdpargs->dstmac == '-') + Usage(2); + last_index = optind++; + } + + return last_index; +} int readsrcdestprot(struct srcdestprot *sdpargs, int optind, int argc, char *argv[]) @@ -331,6 +367,7 @@ main(int argc, char *argv[]) int ret; int c; int addinprogress=0; + int mac=0; int donum=0; int option_index; /* Note: Since the options I have that take arguments generally @@ -377,12 +414,17 @@ main(int argc, char *argv[]) #define OPTION_FLUSH 16 {"help", 0, 0, 'h'}, #define OPTION_HELP 17 + {"addmac", 0, 0, 'm'}, +#define OPTION_ADDMAC 18 + {"removemac", 0, 0, 'c'} +#define OPTION_REMOVEMAC 19 }; static struct srcdestprot sdpargs; + static struct macsrcdestprot macsdpargs; static struct addparam addargs; - if (argc == 1) + Usage(0); #ifdef doit if (opennistnet() < 0) { @@ -390,7 +432,7 @@ main(int argc, char *argv[]) exit(1); } #endif - while ((c = getopt_long(argc, argv, "adrsunDFGKRSU", + while ((c = getopt_long(argc, argv, "amdrsuncDFGKRSU", long_options, &option_index)) != EOF) { switch (c) { case 0: /* long arguments... */ @@ -404,6 +446,17 @@ main(int argc, char *argv[]) ++addinprogress; optind = readsrcdestprot(&sdpargs, optind, argc, argv); break; + case OPTION_ADDMAC: + /* Finish previous add before starting this one */ + if (addinprogress) { + util_binaddnistnetmac(&macsdpargs, &addargs, NULL, 2, 0); + addinprogress = 0; + mac = 0; + } + ++addinprogress; + mac = 1; + optind = readsrcdestmacprot(&macsdpargs, optind, argc, argv); + break; case OPTION_DELAY: optind = readdelay(&addargs, optind, argc, argv); break; @@ -429,6 +482,15 @@ main(int argc, char *argv[]) optind = readsrcdestprot(&sdpargs, optind, argc, argv); util_rmnistnet(&sdpargs, 2, 0); break; + case OPTION_REMOVEMAC: + if (addinprogress) { + util_binaddnistnetmac(&macsdpargs, &addargs, NULL, 2, 0); + addinprogress = 0; + mac = 0; + } + optind = readsrcdestmacprot(&macsdpargs, optind, argc, argv); + util_rmnistnetmac(&macsdpargs, 2, 0); + break; case OPTION_STATS: if (addinprogress) { util_binaddnistnet(&sdpargs, &addargs, NULL, 2, 0); @@ -505,6 +567,17 @@ main(int argc, char *argv[]) ++addinprogress; optind = readsrcdestprot(&sdpargs, optind, argc, argv); break; + case 'm': + /* Finish previous add before starting this one */ + if (addinprogress) { + util_binaddnistnetmac(&macsdpargs, &addargs, NULL, 2, 0); + addinprogress = 0; + mac = 0; + } + ++addinprogress; + mac = 1; + optind = readsrcdestmacprot(&macsdpargs, optind, argc, argv); + break; case 'r': if (addinprogress) { util_binaddnistnet(&sdpargs, &addargs, NULL, 2, 0); @@ -513,6 +586,15 @@ main(int argc, char *argv[]) optind = readsrcdestprot(&sdpargs, optind, argc, argv); util_rmnistnet(&sdpargs, 2, 0); break; + case 'c': + if (addinprogress) { + util_binaddnistnetmac(&macsdpargs, &addargs, NULL, 2, 0); + addinprogress = 0; + mac = 0; + } + optind = readsrcdestmacprot(&macsdpargs, optind, argc, argv); + util_rmnistnetmac(&macsdpargs, 2, 0); + break; case 's': if (addinprogress) { util_binaddnistnet(&sdpargs, &addargs, NULL, 2, 0); @@ -600,8 +682,15 @@ main(int argc, char *argv[]) } /* Finish off any remaining add */ if (addinprogress) { - util_binaddnistnet(&sdpargs, &addargs, NULL, 2, 0); - addinprogress = 0; + if (mac == 0) { + util_binaddnistnet(&sdpargs, &addargs, NULL, 2, 0); + addinprogress = 0; + } + else { + util_binaddnistnetmac(&macsdpargs, &addargs, NULL, 2, 0); + addinprogress = 0; + mac = 0; + } } return 0; } diff -r 18adcc36d6c7 -r b9f7ea866f99 include/kincludes.h --- a/include/kincludes.h Sat Jan 19 17:15:32 2008 +0000 +++ b/include/kincludes.h Sun Jan 20 15:45:51 2008 +0000 @@ -12,7 +12,7 @@ */ #include #include -#include +#include /* #include */ #ifndef KERNEL_VERSION diff -r 18adcc36d6c7 -r b9f7ea866f99 include/nistnet_table.h --- a/include/nistnet_table.h Sat Jan 19 17:15:32 2008 +0000 +++ b/include/nistnet_table.h Sun Jan 20 15:45:51 2008 +0000 @@ -2,6 +2,8 @@ #ifndef _NISTNET_TABLE_H #define _NISTNET_TABLE_H + +#include "linux/if_ether.h" #ifndef _NISTNET_H #include "nistnet.h" @@ -24,7 +26,7 @@ typedef union _ltPort { #define ltp2Type ltp2.ltpType #define ltp2Code ltp2.ltpCode -typedef struct _nistnetTableKey { /* size: 20 bytes */ +typedef struct _nistnetTableKey { /* size: 20 bytes + 12 bytes */ /* These fields are used for keys on a best match basis. */ u_int32_t ltkDest; /* Destination IP address */ u_int16_t ltkCoS; /* CoS info */ @@ -32,6 +34,8 @@ typedef struct _nistnetTableKey { /* si LTPort ltkDestPort; /* Destination UDP/TCP port */ u_int32_t ltkSource; /* Source IP address */ LTPort ltkSourcePort; /* Source UDP/TCP port */ + u_int8_t ltkMacDest[ETH_ALEN]; /*Dest MAC address*/ + u_int8_t ltkMacSource[ETH_ALEN]; /*Source MAC address*/ } NistnetTableKey, *NistnetTableKeyPtr; /* Wildcard values for keys */ @@ -81,6 +85,10 @@ typedef struct _nistnetTableEntry { /* s #define ltkSourceLongPort ltkSourcePort.ltpLongPort #define lteCoS lteKey.ltkCoS +/*added MacSource and MacDest*/ +#define lteMacSource lteKey.ltkMacSource +#define lteMacDest lteKey.ltkMacDest + /* A lot of this is kept around for compatibility's sake, mostly */ struct lin_hitstats lteStats; /* Destructuring defines */ @@ -115,7 +123,7 @@ typedef struct _nistnetTableEntry { /* s /* Other bits available */ /* The nistnet table itself is a doubly-threaded hash table */ -typedef struct _nistnetTable { /* size: 56 bytes */ +typedef struct _nistnetTable { /* size: 56 bytes + 12 bytes*/ NistnetTableEntry ltEntry; struct _nistnetTable * ltNextKey; #define ltNextDest ltNextKey @@ -165,7 +173,7 @@ typedef struct _nistnetTableHead { #endif } NistnetTableHead, *NistnetTableHeadPtr; -/* OK, as defined, each table entry+pointers amounts to 56 bytes (14 words). +/* OK, as defined, each table entry+pointers amounts to 56 bytes (14 words) (now it is 56 + 12). * We pre-allocate 1024 entries, and create two hash tables with 256 slots. * We also keep a finger on the last two entries accessed (not sure how * helpful this is). Total initial memory use is around 60K. diff -r 18adcc36d6c7 -r b9f7ea866f99 include/nistnetutil.h --- a/include/nistnetutil.h Sat Jan 19 17:15:32 2008 +0000 +++ b/include/nistnetutil.h Sun Jan 20 15:45:51 2008 +0000 @@ -8,6 +8,11 @@ struct srcdestprot { char *destport; char *prot; char *cos; +}; + +struct macsrcdestprot { + char* srcmac; + char* dstmac; }; struct addparam { @@ -65,4 +70,12 @@ void util_fixhitname(char *hostname, cha void util_fixhitname(char *hostname, char *servname, char *protoname, unsigned long addr, LTPort port, int protno, int timeout); void util_fixsrcdestprot(struct srcdestprot *fixme, NistnetTableEntryPtr entry, int timeout); +/*mac specific duplicated functions*/ +int util_binaddnistnetmac(struct macsrcdestprot *who, struct addparam *what, NistnetTableEntryPtr useradd, int print, int timeout); +int util_binstringtonistnetmac(struct macsrcdestprot *who, struct addparam *what, NistnetTableEntry *tonistnet, int timeout); +int util_stringtonistnetmac(struct macsrcdestprot *who, struct addparamstring *what, NistnetTableEntry *tonistnet, int timeout); +int util_nistnetmactostring(NistnetTableEntry *nistnet, struct macsrcdestprot *who); +int util_printhitnamemac(struct macsrcdestprot *sdpargs, int argtype, char*name); +int util_rmnistnetmac(struct macsrcdestprot *who, int print, int timeout); + #endif diff -r 18adcc36d6c7 -r b9f7ea866f99 kernel/knistnet.c --- a/kernel/knistnet.c Sat Jan 19 17:15:32 2008 +0000 +++ b/kernel/knistnet.c Sun Jan 20 15:45:51 2008 +0000 @@ -707,7 +707,9 @@ ecn_skb(struct sk_buff *skb) struct iphdr *iph; /* Get the ip header */ -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0) +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + iph = ip_hdr(skb); +#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0) iph = skb->nh.iph; #else iph = skb->h.iph; @@ -913,7 +915,7 @@ rcv_packet_munge(struct sk_buff *skb, st if (!tableme) { /* not intercepting */ global_stats(STATS_UNPROCESS); LinUnlock("global_stats2"); - return ippt->func(skb, dev, ippt); + return ippt->func(skb, dev, ippt, dev); } /* Assume we will queue until we find otherwise */ @@ -958,7 +960,7 @@ rcv_packet_munge(struct sk_buff *skb, st global_stats(STATS_PROCESS); munge_finish("no delay"); - return ippt->func(skb, dev, ippt); + return ippt->func(skb, dev, ippt, dev); } screamer = fast_alloc(GFP_ATOMIC); @@ -969,7 +971,7 @@ rcv_packet_munge(struct sk_buff *skb, st packet_stats(skb, hitme); global_stats(STATS_PROCESS); munge_finish("fast_alloc failed"); - return ippt->func(skb, dev, ippt); + return ippt->func(skb, dev, ippt, dev); } hpi = (struct nistnet_packetinfo *)screamer->data; @@ -1000,7 +1002,7 @@ rcv_packet_munge(struct sk_buff *skb, st return 0; } else { LinUnlock("ippt->func"); - return ippt->func(skb, dev, ippt); + return ippt->func(skb, dev, ippt, dev); } } diff -r 18adcc36d6c7 -r b9f7ea866f99 kernel/nistnet_table.c --- a/kernel/nistnet_table.c Sat Jan 19 17:15:32 2008 +0000 +++ b/kernel/nistnet_table.c Sun Jan 20 15:45:51 2008 +0000 @@ -12,6 +12,7 @@ #include "lock_sleep.h" #include "nistnet_table.h" +#include #ifdef linux @@ -27,10 +28,10 @@ #ifndef TRUE #define TRUE 1 #define FALSE 0 -typedef enum {false = FALSE, true = TRUE} boolean; -#endif - -/* OK, as defined, each table entry+pointers amounts to 56 bytes (14 words). + +#endif + +/* OK, as defined, each table entry+pointers amounts to 56 bytes (14 words) (+12 bytes). * We pre-allocate 1024 entries (and can allocate more in blocks of 1024 each), * and create two hash tables with 256 slots. We also keep a finger on the * last two entries accessed (not sure how helpful this is). Total initial @@ -249,7 +250,7 @@ lt_alloc(void) NistnetTablePtr answer=NULL; LockSupply(); - + if (!lt->lt_supply) lt_addblock(); if (lt->lt_supply) { @@ -353,6 +354,26 @@ PRIVATE int *here; * care about it currently. */ PRIVATE NistnetTableKey ltk_matchmasks[LT_KEYMATCH_MAX] = { + /*Handling only Mac source*/ + { 0, /* destination IP */ + 0, /* CoS */ + 0, /* protocol */ + {0}, /* destination port */ + 0, /* source IP */ + {0}, /* source port */ + {0,0,0,0,0,0}, + {0xff,0xff,0xff,0xff,0xff,0xff} + }, + /*Handling both Mac addresses*/ + { 0, /* destination IP */ + 0, /* CoS */ + 0, /* protocol */ + {0}, /* destination port */ + 0, /* source IP */ + {0}, /* source port */ + {0xff,0xff,0xff,0xff,0xff,0xff}, + {0xff,0xff,0xff,0xff,0xff,0xff} + }, /* 1. Complete match on all fields */ /* This is for the case when you specify everything. */ #ifdef CONFIG_COS @@ -361,7 +382,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0xffffffff}, /* destination port */ 0xffffffff, /* source IP */ - {0xffffffff} /* source port */ + {0xffffffff}, /* source port */ + {0xff,0xff,0xff,0xff,0xff,0xff}, + {0xff,0xff,0xff,0xff,0xff,0xff} }, #endif { 0xffffffff, /* destination IP */ @@ -369,7 +392,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0xffffffff}, /* destination port */ 0xffffffff, /* source IP */ - {0xffffffff} /* source port */ + {0xffffffff}, /* source port */ + {0xff,0xff,0xff,0xff,0xff,0xff}, + {0xff,0xff,0xff,0xff,0xff,0xff} }, /* 2. Wildcard for source port */ /* This is for when you care about the source IP address, but @@ -382,7 +407,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0xffffffff}, /* destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0xffffffff, /* destination IP */ @@ -390,7 +417,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0xffffffff}, /* destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 3. Wildcard for destination port */ /* This is for when you care about the destination IP address, but @@ -403,7 +432,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0xffffffff} /* source port */ + {0xffffffff}, /* source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0xffffffff, /* destination IP */ @@ -411,7 +442,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0xffffffff} /* source port */ + {0xffffffff}, /* source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 4. Wildcard for all ports within a protocol */ /* This lets you control all traffic within a given protocol between @@ -425,7 +458,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0xffffffff, /* destination IP */ @@ -433,7 +468,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 5. Wildcard for any source IP/port, to fixed dest IP/port */ /* This lets you control all traffic of a certain type to @@ -445,7 +482,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0xffffffff}, /* destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0xffffffff, /* destination IP */ @@ -453,7 +492,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0xffffffff}, /* destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 6. Wildcard for any source IP/fixed port to dest IP/any port */ /* The other way around; e.g., for controlling all traffic @@ -465,7 +506,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0xffffffff} /* source port */ + {0xffffffff}, /* source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0, /* IGNORE destination IP */ @@ -473,7 +516,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0xffffffff} /* source port */ + {0xffffffff}, /* source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 7. Wildcard for all ports, all protocols between two machines */ /* This is the selectivity found in the original version of NIST Net. @@ -486,7 +531,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0xffffffff, /* destination IP */ @@ -494,7 +541,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 7.5. Wildcard for all other traffic within a protocol */ /* This lets you control all other traffic sent or received within @@ -505,14 +554,18 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, { 0, /* IGNORE destination IP */ 0, /* IGNORE CoS */ 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 8. Wildcard for any source, any dest within a protocol */ /* This is useful for, e.g., when you want to control all igmp or @@ -524,7 +577,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0, /* IGNORE destination IP */ @@ -532,7 +587,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0xffff, /* protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 9. Wildcard for all sources to fixed destination IP */ /* This is default source/fixed destination in the original NIST Net. @@ -543,7 +600,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0xffffffff, /* destination IP */ @@ -551,7 +610,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 10. Wildcard for all destinations, fixed source IP */ /* This is fixed source/default destination in the original NIST Net. @@ -562,7 +623,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, #endif { 0, /* IGNORE destination IP */ @@ -570,7 +633,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0xffffffff, /* source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 11c. Wildcard for any source, within destination subnet (24 bit) */ /* This is an example of the more general selection mechanisms available @@ -591,7 +656,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 11b. Class B (16 bit) destination subnets */ { @@ -604,7 +671,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 11a. Class A (8 bit) destination subnets */ { @@ -617,7 +686,9 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, /* 12. Cleanup default - for anything not matched */ { /* always the last one! */ @@ -626,14 +697,16 @@ PRIVATE NistnetTableKey ltk_matchmasks[L 0, /* IGNORE protocol */ {0}, /* IGNORE destination port */ 0, /* IGNORE source IP */ - {0} /* IGNORE source port */ + {0}, /* IGNORE source port */ + {0,0,0,0,0,0}, + {0,0,0,0,0,0} }, }; #ifdef CONFIG_COS -PRIVATE int ltk_matchcount=26; -#else -PRIVATE int ltk_matchcount=16; +PRIVATE int ltk_matchcount=29; +#else +PRIVATE int ltk_matchcount=19; #endif /* lt_keymatchlist - update the list of masks used for matching. @@ -712,40 +785,40 @@ if (circular >= 100) */ for (answer = *lt_hashkeystart(lt->lt_keyhash, key, mask); answer; answer = answer->ltNextKey) { -if (first) { -first=0; -errprint(9, "lt_find_by_key: looking for (%x:%d.%d %x:%d.%d %d)\n", - (unsigned)ntohl(key->ltkSource), - ntohs(key->ltkSourceShortPort), - key->ltkProtocol, - (unsigned)ntohl(key->ltkDest), - ntohs(key->ltkDestShortPort), - key->ltkProtocol, - key->ltkCoS - ); -if (mask) -errprint(9, "lt_find_by_key: using mask (%x:%d.%d %x:%d.%d %d)\n", - (unsigned)ntohl(mask->ltkSource), - ntohs(mask->ltkSourceShortPort), - mask->ltkProtocol, - (unsigned)ntohl(mask->ltkDest), - ntohs(mask->ltkDestShortPort), - mask->ltkProtocol, - mask->ltkCoS - ); -} -errprint(9, "\tlt_find_by_key: checking (%x:%d.%d %x:%d.%d %d)\n", - (unsigned)ntohl(answer->ltEntry.lteSource), - ntohs(answer->ltEntry.lteSourceShortPort), - answer->ltEntry.lteProtocol, - (unsigned)ntohl(answer->ltEntry.lteDest), - ntohs(answer->ltEntry.lteDestShortPort), - answer->ltEntry.lteProtocol, - answer->ltEntry.lteCoS - ); -#ifdef LT_DEBUG -*here = *here + 1; -#endif + if (first) { + first=0; + errprint(9, "lt_find_by_key: looking for (%x:%d.%d %x:%d.%d %d)\n", + (unsigned)ntohl(key->ltkSource), + ntohs(key->ltkSourceShortPort), + key->ltkProtocol, + (unsigned)ntohl(key->ltkDest), + ntohs(key->ltkDestShortPort), + key->ltkProtocol, + key->ltkCoS + ); + if (mask) + errprint(9, "lt_find_by_key: using mask (%x:%d.%d %x:%d.%d %d)\n", + (unsigned)ntohl(mask->ltkSource), + ntohs(mask->ltkSourceShortPort), + mask->ltkProtocol, + (unsigned)ntohl(mask->ltkDest), + ntohs(mask->ltkDestShortPort), + mask->ltkProtocol, + mask->ltkCoS + ); + } + errprint(9, "\tlt_find_by_key: checking (%x:%d.%d %x:%d.%d %d)\n", + (unsigned)ntohl(answer->ltEntry.lteSource), + ntohs(answer->ltEntry.lteSourceShortPort), + answer->ltEntry.lteProtocol, + (unsigned)ntohl(answer->ltEntry.lteDest), + ntohs(answer->ltEntry.lteDestShortPort), + answer->ltEntry.lteProtocol, + answer->ltEntry.lteCoS + ); + #ifdef LT_DEBUG + *here = *here + 1; + #endif if (!KeyMatch(&answer->ltEntry.lteKey, key, mask)) { return answer; } @@ -786,6 +859,7 @@ lt_find_by_ipheader(struct sk_buff *skb) NistnetTablePtr answer; static NistnetTableKey key_finger1, key_finger2; struct iphdr *iph; + struct ethhdr *eth; unsigned char *raw; int frag; @@ -798,23 +872,39 @@ lt_find_by_ipheader(struct sk_buff *skb) */ /* Get the ip header */ -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0) +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + iph = ip_hdr(skb); +#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0) iph = skb->nh.iph; #else iph = skb->h.iph; #endif - /* Now we want to find the part past the header */ - if (skb->h.raw) - raw = skb->h.raw + iph->ihl*4; - else {/* oops */ - if (skb->nh.raw) - raw = skb->nh.raw + iph->ihl*4; - else - raw = (unsigned char *)iph + iph->ihl*4; - } + +#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,22) + /* Now we want to find the part past the header */ + if (skb->h.raw) + raw = skb->h.raw + iph->ihl*4; + else {/* oops */ + if (skb->nh.raw) + raw = skb->nh.raw + iph->ihl*4; + else + raw = (unsigned char *)iph + iph->ihl*4; + } +#endif /* Fill in the common fields */ bzero(&key, sizeof(key)); + + /*Mac handling code start*/ +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + eth = (struct ethhdr *) skb_mac_header(skb); +#else + eth = (struct ethhdr *) skb->mac.raw; +#endif + bcopy(eth->h_source, key.ltkMacSource, ETH_ALEN); + bcopy(eth->h_dest, key.ltkMacDest, ETH_ALEN); + /*Mac handling code end*/ + key.ltkSource = iph->saddr; key.ltkDest = iph->daddr; key.ltkProtocol = iph->protocol; @@ -849,7 +939,11 @@ lt_find_by_ipheader(struct sk_buff *skb) source/dest ports */ { struct udphdr *uh; - uh = (struct udphdr *)raw; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + uh = (struct udphdr *) udp_hdr(skb); +#else + uh = (struct udphdr *) raw; +#endif key.ltkSourceShortPort = uh->source; key.ltkDestShortPort = uh->dest; break; @@ -859,7 +953,11 @@ lt_find_by_ipheader(struct sk_buff *skb) { struct tcphdr *th; - th = (struct tcphdr *)raw; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + th = (struct tcphdr *) tcp_hdr(skb); +#else + th = (struct tcphdr *) raw; +#endif key.ltkSourceShortPort = th->source; key.ltkDestShortPort = th->dest; break; @@ -869,7 +967,11 @@ lt_find_by_ipheader(struct sk_buff *skb) { struct icmphdr *ih; - ih = (struct icmphdr *)raw; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + ih = (struct icmphdr *) icmp_hdr(skb); +#else + ih = (struct icmphdr *) raw; +#endif key.ltkDestType = ih->type; key.ltkDestCode = ih->code; break; @@ -879,7 +981,11 @@ lt_find_by_ipheader(struct sk_buff *skb) { struct igmphdr *ih; - ih = (struct igmphdr *)raw; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + ih = (struct igmphdr *) igmp_hdr(skb); +#else + ih = (struct igmphdr *) raw; +#endif key.ltkDestLongPort = ih->group; key.ltkSourceShortPort = ih->type; break; @@ -889,7 +995,11 @@ lt_find_by_ipheader(struct sk_buff *skb) { struct iphdr *encaps; - encaps = (struct iphdr *)raw; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) + encaps = (struct iphdr *) ipip_hdr; +#else + encaps = (struct iphdr *) raw; +#endif key.ltkSourceLongPort = encaps->saddr; key.ltkDestLongPort = encaps->daddr; break; diff -r 18adcc36d6c7 -r b9f7ea866f99 lib/nistnetutil.c --- a/lib/nistnetutil.c Sat Jan 19 17:15:32 2008 +0000 +++ b/lib/nistnetutil.c Sun Jan 20 15:45:51 2008 +0000 @@ -16,6 +16,7 @@ #include "nistnetlib.h" #include "nistnetutil.h" #include "alarmingdns.h" +#include #define nullfree(a) if (a) free(a) @@ -139,6 +140,39 @@ util_addnistnet(struct srcdestprot *who, } int +util_binaddnistnetmac(struct macsrcdestprot *who, struct addparam *what, NistnetTableEntryPtr useradd, int print, int timeout) +{ + int ret=0; + NistnetTableEntry *addme, space; + + if (useradd) + addme = useradd; + else + addme = &space; + + if (print>1) + printf("addnistnetmac: %s to %s,\n\ + delay %8.6f (sigma %8.6f corr %8.6f),\n\ + bandwidth %d, drop %8.6f (corr %8.6f),\n\ + dup %8.6f (corr %8.6f),\n\ + drdmin %d, drdmax %d, drdcongest %d\n", + who->srcmac, + who->dstmac, + what->delay, what->delsigma, what->delcorr, + what->bandwidth, what->drop, what->dropcorr, + what->dup, what->dupcorr, + what->drdmin, what->drdmax, what->drdcongest); + ret = util_binstringtonistnetmac(who, what, addme, timeout); + if (ret < 0 && print) + herror("util_binaddnistnetmac: can't convert"); + ret = addnistnet(addme); + if (ret < 0 && print) + perror("util_binaddnistnetmac"); + return ret; +} + + +int util_binaddnistnet(struct srcdestprot *who, struct addparam *what, NistnetTableEntryPtr useradd, int print, int timeout) { int ret=0; @@ -148,7 +182,6 @@ util_binaddnistnet(struct srcdestprot *w addme = useradd; else addme = &space; - if (print>1) printf("addnistnet: %s:%s to %s:%s (prot %s cos %s),\n\ delay %8.6f (sigma %8.6f corr %8.6f),\n\ @@ -175,6 +208,31 @@ util_binaddnistnet(struct srcdestprot *w } int +util_rmnistnetmac(struct macsrcdestprot *who, int print, int timeout) +{ + NistnetTableEntry rmme; + char onebuf[BUFSIZ], twobuf[BUFSIZ]; + int ret=0; + + bzero(&rmme, sizeof(rmme)); + if (util_stringtonistnetmac(who, NULL, &rmme, timeout) < 0) { + if (print) herror("util_rmnistnet: can't convert"); + return -1; + } + + if (print>1) { + util_printhitnamemac(who, ARG_SOURCE, onebuf); + util_printhitnamemac(who, ARG_DEST, twobuf); + printf("rmnistnet: %s -> %s\n", onebuf, twobuf); + } + + ret = rmnistnet(&rmme); + if (ret < 0 && print) + perror("remove"); + return ret; +} + +int util_rmnistnet(struct srcdestprot *who, int print, int timeout) { NistnetTableEntry rmme; @@ -309,6 +367,7 @@ util_readnistnet(int donum, int timeout) NistnetTableKeyPtr bigguy; NistnetTableEntry littleguy; struct srcdestprot who; + struct macsrcdestprot macwho; struct addparamstring what; int count, i, limit; char onebuf[BUFSIZ], twobuf[BUFSIZ], threebuf[BUFSIZ]; @@ -323,15 +382,24 @@ util_readnistnet(int donum, int timeout) for (i=0; i < count; ++i) { littleguy.lteKey = bigguy[i]; statnistnet(&littleguy); + util_nistnetmactostring(&littleguy, &macwho); util_nistnettostring(&littleguy, &who, &what, donum, timeout); - util_printhitname(&who, ARG_SOURCE, onebuf); - util_printhitname(&who, ARG_DEST, twobuf); - if (littleguy.lteCoS) { - util_printhitname(&who, ARG_COS, threebuf); - printf("cnistnet -a %s %s %s", onebuf, twobuf, threebuf); - } else { - printf("cnistnet -a %s %s", onebuf, twobuf); - } + if (!strcmp(macwho.srcmac,"0:0:0:0:0:0")) { + util_printhitname(&who, ARG_SOURCE, onebuf); + util_printhitname(&who, ARG_DEST, twobuf); + if (littleguy.lteCoS) { + util_printhitname(&who, ARG_COS, threebuf); + printf("cnistnet -a %s %s %s", onebuf, twobuf, threebuf); + } else { + printf("cnistnet -a %s %s", onebuf, twobuf); + } + } + else { + util_printhitnamemac(&macwho, ARG_SOURCE, onebuf); + util_printhitnamemac(&macwho, ARG_DEST, twobuf); + printf("cnistnet -m %s %s", onebuf, twobuf); + } + /* now print out arguments */ /* Delay */ if (littleguy.lteDelay || littleguy.lteDelsigma) { @@ -372,6 +440,18 @@ util_readnistnet(int donum, int timeout) } free((void *) bigguy); return 0; +} + +int util_printhitnamemac(struct macsrcdestprot *sdpargs, int argtype, char*name) { + if (sdpargs != NULL) { + if (argtype == ARG_SOURCE) + sprintf(name, "%s", sdpargs->srcmac); + else if(sdpargs->dstmac != NULL) + sprintf(name, "%s", sdpargs->dstmac); + else + sprintf(name, "0:0:0:0:0:0"); + } + return 0; } int @@ -860,6 +940,35 @@ util_readdrd(struct addparam *addargs, s */ #define MILLITOMU 1000.0 #define PERCENT 100.0 + +int +util_binstringtonistnetmac(struct macsrcdestprot *who, struct addparam *what, + NistnetTableEntry *tonistnet, int timeout) +{ + int ret=0; + ret = util_stringtonistnetmac(who, NULL, tonistnet, timeout); + if (what) { + MakeDistributedStats(what->delay*MILLITOMU, what->delsigma*MILLITOMU, what->delcorr, + &tonistnet->lteIDelay); + MakeUniformStats(what->drop/PERCENT, what->dropcorr, + &tonistnet->lteIDrop); + MakeUniformStats(what->dup/PERCENT, what->dupcorr, + &tonistnet->lteIDup); + /* "Export" to old places */ + tonistnet->lteOldDelay = tonistnet->lteDelay; + tonistnet->lteOldDelsigma = tonistnet->lteDelsigma; + tonistnet->lteOldDrop = tonistnet->lteDrop; + tonistnet->lteOldDup = tonistnet->lteDup; + + /* The rest are OK as is */ + tonistnet->lteBandwidth = what->bandwidth; + tonistnet->lteDRDMin = what->drdmin; + tonistnet->lteDRDMax = what->drdmax; + tonistnet->lteDRDCongestion = what->drdcongest; + } + return ret; +} + int util_binstringtonistnet(struct srcdestprot *who, struct addparam *what, NistnetTableEntry *tonistnet, int timeout) @@ -887,6 +996,68 @@ util_binstringtonistnet(struct srcdestpr tonistnet->lteDRDCongestion = what->drdcongest; } return ret; +} + +int +util_stringtonistnetmac(struct macsrcdestprot *who, struct addparamstring *what, + NistnetTableEntry *tonistnet, int timeout) +{ + struct hostent *hent; + struct protoent *pent; + struct servent *sent; + struct addparam binwhat; + struct ether_addr* eth; + int return_value=0; + int print=1; + bzero((void *)tonistnet, sizeof(NistnetTableEntry)); + if (who) { + if (who->srcmac) { + eth = ether_aton(who->srcmac); + bcopy(eth->ether_addr_octet, tonistnet->lteMacSource, ETH_ALEN*sizeof(u_int8_t)); + } + else { + bzero (tonistnet->lteMacSource, ETH_ALEN*sizeof(u_int8_t)); + } + if (who->dstmac) { + eth = ether_aton(who->dstmac); + bcopy (eth->ether_addr_octet, tonistnet->lteMacDest, ETH_ALEN*sizeof(u_int8_t)); + } + else { + bzero(tonistnet->lteMacDest, ETH_ALEN*sizeof(u_int8_t)); + } + tonistnet->lteSource = INADDR_ANY; + tonistnet->lteDest = INADDR_ANY; + tonistnet->lteProtocol = INPROTOCOL_ANY; + tonistnet->lteSourcePort.ltp.ltpPort = INPORT_ANY; + tonistnet->lteDestPort.ltp.ltpPort = INPORT_ANY; + tonistnet->lteCoS = INCOS_ANY; + } + if (what) { + return_value = util_readdelay(&binwhat, what, print)+ + util_readdrop(&binwhat, what, print)+ + util_readdup(&binwhat, what, print)+ + util_readbandwidth(&binwhat, what, print)+ + util_readdrd(&binwhat, what, print); + + MakeDistributedStats(binwhat.delay*MILLITOMU, binwhat.delsigma*MILLITOMU, binwhat.delcorr, + &tonistnet->lteIDelay); + MakeUniformStats(binwhat.drop/PERCENT, binwhat.dropcorr, + &tonistnet->lteIDrop); + MakeUniformStats(binwhat.dup/PERCENT, binwhat.dupcorr, + &tonistnet->lteIDup); + /* "Export" to old places */ + tonistnet->lteOldDelay = tonistnet->lteDelay; + tonistnet->lteOldDelsigma = tonistnet->lteDelsigma; + tonistnet->lteOldDrop = tonistnet->lteDrop; + tonistnet->lteOldDup = tonistnet->lteDup; + + /* The rest are OK as is */ + tonistnet->lteBandwidth = binwhat.bandwidth; + tonistnet->lteDRDMin = binwhat.drdmin; + tonistnet->lteDRDMax = binwhat.drdmax; + tonistnet->lteDRDCongestion = binwhat.drdcongest; + } + return return_value; } int @@ -1195,6 +1366,27 @@ util_nistnettostring(NistnetTableEntry * } int +util_nistnetmactostring(NistnetTableEntry *nistnet, struct macsrcdestprot *who) +{ + char* s = NULL; + + if (who) { + bzero(who, sizeof(struct macsrcdestprot)); + if (nistnet->lteMacSource != NULL) { + s = ether_ntoa (nistnet->lteMacSource); + who->srcmac = (char*) malloc(sizeof(char) * (strlen(s) + 1)); + strcpy (who->srcmac, s); + } + if (nistnet->lteMacDest != NULL) { + s = ether_ntoa (nistnet->lteMacDest); + who->dstmac = (char*) malloc(sizeof(char) * (strlen(s) + 1)); + strcpy (who->dstmac, s); + } + } + return 0; +} + +int util_nistnettobinstring(NistnetTableEntry *nistnet, struct srcdestprot *who, struct addparam *what, int numeric_flag, int timeout) {