--- embedaddon/mpd/src/iface.c 2013/07/22 08:44:29 1.1.1.2 +++ embedaddon/mpd/src/iface.c 2016/11/01 09:56:12 1.1.1.3 @@ -99,8 +99,8 @@ #ifdef USE_NG_NETFLOW static int IfaceInitNetflow(Bund b, char *path, char *hook, char in, char out, int v6); - static int IfaceSetupNetflow(Bund b, char in, char out); - static void IfaceShutdownNetflow(Bund b, char in, char out); + static int IfaceSetupNetflow(Bund b, char in, char out, int v6); + static void IfaceShutdownNetflow(Bund b, char in, char out, int v6); #endif #ifdef USE_NG_IPACCT @@ -140,7 +140,7 @@ #ifdef USE_IPFW static int IfaceAllocACL (struct acl_pool ***ap, int start, char * ifname, int number); static int IfaceFindACL (struct acl_pool *ap, char * ifname, int number); - static char * IFaceParseACL (char * src, char * ifname); + static char * IfaceParseACL (char * src, IfaceState iface); #endif static int IfaceSetName(Bund b, const char * ifname); @@ -197,6 +197,7 @@ static const struct confinfo gConfList[] = { { 0, IFACE_CONF_ONDEMAND, "on-demand" }, { 0, IFACE_CONF_PROXY, "proxy-arp" }, + { 0, IFACE_CONF_KEEP_TIMEOUT, "keep-timeout" }, #ifdef USE_NG_TCPMSS { 0, IFACE_CONF_TCPMSSFIX, "tcpmssfix" }, #endif @@ -230,7 +231,7 @@ #ifdef USE_NG_BPF /* A BPF filter that matches TCP SYN packets */ - static const struct bpf_insn gTCPSYNProg[] = { + static const struct bpf_insn gTCPSYNProg[] __attribute__((used)) = { /*00*/ BPF_STMT(BPF_LD+BPF_B+BPF_ABS, 9), /* A <- IP protocol */ /*01*/ BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IPPROTO_TCP, 0, 6), /* !TCP => 8 */ /*02*/ BPF_STMT(BPF_LD+BPF_H+BPF_ABS, 6), /* A <- fragmentation offset */ @@ -293,6 +294,7 @@ IfaceInit(Bund b) #endif Disable(&iface->options, IFACE_CONF_ONDEMAND); Disable(&iface->options, IFACE_CONF_PROXY); + Disable(&iface->options, IFACE_CONF_KEEP_TIMEOUT); Disable(&iface->options, IFACE_CONF_TCPMSSFIX); #ifdef USE_NG_NAT NatInit(b); @@ -453,7 +455,14 @@ IfaceUp(Bund b, int ready) /* Start Session timer */ if (b->params.session_timeout > 0) { - session_timeout = b->params.session_timeout; + if (Enabled(&iface->options, IFACE_CONF_KEEP_TIMEOUT)) { + session_timeout = b->params.session_timeout - \ + (iface->last_up - b->last_up); + Log(LG_IFACE2, ("[%s] IFACE: keep session-timeout at: %d seconds", + b->name, session_timeout)); + } else { + session_timeout = b->params.session_timeout; + } } else if (iface->session_timeout > 0) { session_timeout = iface->session_timeout; } @@ -464,7 +473,7 @@ IfaceUp(Bund b, int ready) if (session_timeout > INT_MAX / 1100) { session_timeout = INT_MAX / 1100; Log(LG_ERR, ("[%s] IFACE: session-timeout limited to %d seconds", - b->name, session_timeout)); + b->name, session_timeout)); } TimerInit(&iface->sessionTimer, "IfaceSession", session_timeout * SECONDS, IfaceSessionTimeout, b); @@ -584,22 +593,33 @@ IfaceUp(Bund b, int ready) } acls = b->params.acl_queue; while (acls != NULL) { - buf = IFaceParseACL(acls->rule,iface->ifname); + buf = IfaceParseACL(acls->rule, iface); ExecCmd(LG_IFACE2, b->name, "%s queue %d config %s", PATH_IPFW, acls->real_number, buf); Freee(buf); acls = acls->next; } acls = b->params.acl_table; while (acls != NULL) { + /* allow both %aX and `peer_addr` macros */ + buf = IfaceParseACL(acls->rule, iface); + strcpy(acls->rule, buf); + Freee(buf); acl = Mdup(MB_IPFW, acls, sizeof(struct acl) + strlen(acls->rule)); acl->next = iface->tables; iface->tables = acl; - ExecCmd(LG_IFACE2, b->name, "%s table %d add %s", PATH_IPFW, acls->real_number, acls->rule); + if (strncmp(acls->rule, "peer_addr", 9) == 0) { + char hisaddr[20]; + ExecCmd(LG_IFACE2, b->name, "%s table %d add %s", + PATH_IPFW, acls->real_number, + u_addrtoa(&iface->peer_addr, hisaddr, sizeof(hisaddr))); + } else { + ExecCmd(LG_IFACE2, b->name, "%s table %d add %s", PATH_IPFW, acls->real_number, acls->rule); + } acls = acls->next; }; acls = b->params.acl_rule; while (acls != NULL) { - buf = IFaceParseACL(acls->rule, iface->ifname); + buf = IfaceParseACL(acls->rule, iface); ExecCmd(LG_IFACE2, b->name, "%s add %d %s via %s", PATH_IPFW, acls->real_number, buf, iface->ifname); Freee(buf); acls = acls->next; @@ -671,8 +691,15 @@ IfaceDown(Bund b) }; acl = iface->tables; while (acl != NULL) { - ExecCmd(LG_IFACE2, b->name, "%s table %d delete %s", - PATH_IPFW, acl->real_number, acl->rule); + if (strncmp(acl->rule, "peer_addr", 9) == 0) { + char hisaddr[20]; + ExecCmd(LG_IFACE2, b->name, "%s table %d delete %s", + PATH_IPFW, acl->real_number, + u_addrtoa(&iface->peer_addr, hisaddr, sizeof(hisaddr))); + } else { + ExecCmd(LG_IFACE2, b->name, "%s table %d delete %s", + PATH_IPFW, acl->real_number, acl->rule); + } aclnext = acl->next; Freee(acl); acl = aclnext; @@ -840,20 +867,25 @@ IfaceFindACL (struct acl_pool *ap, char * ifname, int } /* - * IFaceParseACL () + * IfaceParseACL () * - * Parces ACL and replaces %r, %p and %q macroses + * Parses ACL and replaces %r, %p and %q macroses * by the real numbers of rules, queues and pipes. + * + * Also replaces %a1 and a2 with the remote(peer) + * or local(self) IP address respectively. */ static char * -IFaceParseACL (char * src, char * ifname) +IfaceParseACL (char * src, IfaceState iface) { char *buf,*buf1; char *begin,*param,*end; char t; int num,real_number; struct acl_pool *ap; + char hisaddr[20]; + int ipmode = 0; /* 0 - normal macro, 1 - IP address macro */ buf = Malloc(MB_IPFW, ACL_LEN); buf1 = Malloc(MB_IPFW, ACL_LEN); @@ -878,15 +910,35 @@ IFaceParseACL (char * src, char * ifname) case 't': ap = table_pool; break; + case 'a': + ipmode = 1; + if (num == 1) + u_addrtoa(&iface->peer_addr, hisaddr, sizeof(hisaddr)); + else if (num == 2) + u_rangetoa(&iface->self_addr, hisaddr, sizeof(hisaddr)); + else + ipmode = 0; + ap = NULL; + break; default: ap = NULL; }; - real_number = IfaceFindACL(ap,ifname,num); - if (end != NULL) { - snprintf(buf1, ACL_LEN, "%s%d %s", begin, real_number, end); - } else { - snprintf(buf1, ACL_LEN, "%s%d", begin, real_number); - }; + if (ipmode) + { + if (end != NULL) + snprintf(buf1, ACL_LEN, "%s%s %s", begin, hisaddr, end); + else + snprintf(buf1, ACL_LEN, "%s%s", begin, hisaddr); + ipmode = 0; + } + else + { + real_number = IfaceFindACL(ap, iface->ifname, num); + if (end != NULL) + snprintf(buf1, ACL_LEN, "%s%d %s", begin, real_number, end); + else + snprintf(buf1, ACL_LEN, "%s%d", begin, real_number); + } strlcpy(buf, buf1, ACL_LEN); }; }; @@ -940,22 +992,21 @@ IfaceIpIfaceUp(Bund b, int ready) /* Proxy ARP for peer if desired and peer's address is known */ u_addrclear(&iface->proxy_addr); if (Enabled(&iface->options, IFACE_CONF_PROXY)) { + u_addrtoa(&iface->peer_addr,hisaddr,sizeof(hisaddr)); if (u_addrempty(&iface->peer_addr)) { - Log(LG_IFACE, - ("[%s] IFACE: Can't proxy arp for %s", - b->name, u_addrtoa(&iface->peer_addr,hisaddr,sizeof(hisaddr)))); + Log(LG_IFACE, ("[%s] IFACE: Can't proxy arp for %s", + b->name, hisaddr)); } else if (GetEther(&iface->peer_addr, &hwa) < 0) { - Log(LG_IFACE, - ("[%s] IFACE: No interface to proxy arp on for %s", - b->name, u_addrtoa(&iface->peer_addr,hisaddr,sizeof(hisaddr)))); + Log(LG_IFACE, ("[%s] IFACE: No interface to proxy arp on for %s", + b->name, hisaddr)); } else { ether = (u_char *) LLADDR(&hwa); if (ExecCmdNosh(LG_IFACE2, b->name, "%s -S %s %x:%x:%x:%x:%x:%x pub", - PATH_ARP, u_addrtoa(&iface->peer_addr,hisaddr,sizeof(hisaddr)), + PATH_ARP, hisaddr, ether[0], ether[1], ether[2], ether[3], ether[4], ether[5]) == 0) - iface->proxy_addr = iface->peer_addr; + iface->proxy_addr = iface->peer_addr; } } @@ -993,11 +1044,13 @@ IfaceIpIfaceUp(Bund b, int ready) else ns2buf[0] = '\0'; - res = ExecCmd(LG_IFACE2, b->name, "%s %s inet %s %s '%s' '%s' '%s' '%s'", - iface->up_script, iface->ifname, u_rangetoa(&iface->self_addr,selfbuf, sizeof(selfbuf)), + res = ExecCmd(LG_IFACE2, b->name, "%s %s inet %s %s '%s' '%s' '%s' '%s' '%s'", + iface->up_script, iface->ifname, + u_rangetoa(&iface->self_addr,selfbuf, sizeof(selfbuf)), u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), *b->params.authname ? b->params.authname : "-", - ns1buf, ns2buf, *b->params.peeraddr ? b->params.peeraddr : "-"); + ns1buf, ns2buf, *b->params.peeraddr ? b->params.peeraddr : "-", + b->params.filter_id ? b->params.filter_id : "-"); if (res != 0) { FsmFailure(&b->ipcp.fsm, FAIL_NEGOT_FAILURE); return (-1); @@ -1023,11 +1076,13 @@ IfaceIpIfaceDown(Bund b) if (*iface->down_script) { char selfbuf[40],peerbuf[40]; - ExecCmd(LG_IFACE2, b->name, "%s %s inet %s %s '%s' '%s'", - iface->down_script, iface->ifname, u_rangetoa(&iface->self_addr,selfbuf, sizeof(selfbuf)), + ExecCmd(LG_IFACE2, b->name, "%s %s inet %s %s '%s' '%s' '%s'", + iface->down_script, iface->ifname, + u_rangetoa(&iface->self_addr,selfbuf, sizeof(selfbuf)), u_addrtoa(&iface->peer_addr, peerbuf, sizeof(peerbuf)), *b->params.authname ? b->params.authname : "-", - *b->params.peeraddr ? b->params.peeraddr : "-"); + *b->params.peeraddr ? b->params.peeraddr : "-", + b->params.filter_id ? b->params.filter_id : "-"); } /* Delete dynamic routes */ @@ -1080,10 +1135,8 @@ IfaceIpv6IfaceUp(Bund b, int ready) iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[1] = 0x0000; iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[2] = 0x0000; iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[3] = 0x0000; - iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[4] = ((u_short*)b->ipv6cp.myintid)[0]; - iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[5] = ((u_short*)b->ipv6cp.myintid)[1]; - iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[6] = ((u_short*)b->ipv6cp.myintid)[2]; - iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[7] = ((u_short*)b->ipv6cp.myintid)[3]; + bcopy(b->ipv6cp.myintid, &iface->self_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[4], sizeof(b->ipv6cp.myintid)); + bcopy(&iface->self_ipv6_addr.u.ip6, &b->ipv6cp.want_addr, sizeof(struct in6_addr)); } else { u_addrcopy(&iface->conf.self_ipv6_addr, &iface->self_ipv6_addr); } @@ -1093,10 +1146,8 @@ IfaceIpv6IfaceUp(Bund b, int ready) iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[1] = 0x0000; iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[2] = 0x0000; iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[3] = 0x0000; - iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[4] = ((u_short*)b->ipv6cp.hisintid)[0]; - iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[5] = ((u_short*)b->ipv6cp.hisintid)[1]; - iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[6] = ((u_short*)b->ipv6cp.hisintid)[2]; - iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[7] = ((u_short*)b->ipv6cp.hisintid)[3]; + bcopy(b->ipv6cp.hisintid, &iface->peer_ipv6_addr.u.ip6.__u6_addr.__u6_addr16[4], sizeof(b->ipv6cp.hisintid)); + bcopy(&iface->peer_ipv6_addr.u.ip6, &b->ipv6cp.peer_addr, sizeof(struct in6_addr)); } else { u_addrcopy(&iface->conf.peer_ipv6_addr, &iface->peer_ipv6_addr); } @@ -1137,12 +1188,13 @@ IfaceIpv6IfaceUp(Bund b, int ready) char selfbuf[48],peerbuf[48]; int res; - res = ExecCmd(LG_IFACE2, b->name, "%s %s inet6 %s%%%s %s%%%s '%s' '%s'", + res = ExecCmd(LG_IFACE2, b->name, "%s %s inet6 %s%%%s %s%%%s '%s' '%s' '%s'", iface->up_script, iface->ifname, u_addrtoa(&iface->self_ipv6_addr, selfbuf, sizeof(selfbuf)), iface->ifname, u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, *b->params.authname ? b->params.authname : "-", - *b->params.peeraddr ? b->params.peeraddr : "-"); + *b->params.peeraddr ? b->params.peeraddr : "-", + b->params.filter_id ? b->params.filter_id : "-"); if (res != 0) { FsmFailure(&b->ipv6cp.fsm, FAIL_NEGOT_FAILURE); return (-1); @@ -1169,12 +1221,13 @@ IfaceIpv6IfaceDown(Bund b) if (*iface->down_script) { char selfbuf[48],peerbuf[48]; - ExecCmd(LG_IFACE2, b->name, "%s %s inet6 %s%%%s %s%%%s '%s' '%s'", + ExecCmd(LG_IFACE2, b->name, "%s %s inet6 %s%%%s %s%%%s '%s' '%s' '%s'", iface->down_script, iface->ifname, u_addrtoa(&iface->self_ipv6_addr, selfbuf, sizeof(selfbuf)), iface->ifname, u_addrtoa(&iface->peer_ipv6_addr, peerbuf, sizeof(peerbuf)), iface->ifname, *b->params.authname ? b->params.authname : "-", - *b->params.peeraddr ? b->params.peeraddr : "-"); + *b->params.peeraddr ? b->params.peeraddr : "-", + b->params.filter_id ? b->params.filter_id : "-"); } /* Delete dynamic routes */ @@ -1843,9 +1896,9 @@ add_scope(struct sockaddr *sa, int ifindex) if (!IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr) && !IN6_IS_ADDR_MC_LINKLOCAL(&sa6->sin6_addr)) return; - if (*(u_int16_t *)&sa6->sin6_addr.s6_addr[2] != 0) + if (sa6->sin6_addr.__u6_addr.__u6_addr16[1] != 0) return; - *(u_int16_t *)&sa6->sin6_addr.s6_addr[2] = htons(ifindex); + sa6->sin6_addr.__u6_addr.__u6_addr16[1] = htons(ifindex); } #endif @@ -2090,7 +2143,6 @@ IfaceNgIpInit(Bund b, int ready) snprintf(hook, sizeof(hook), "4%d", b->id); } else { - snprintf(path, sizeof(path), "[%x]:", b->nodeID); strcpy(hook, NG_PPP_HOOK_INET); @@ -2180,13 +2232,13 @@ IfaceNgIpInit(Bund b, int ready) #ifdef USE_NG_NETFLOW #ifdef NG_NETFLOW_CONF_INGRESS if (b->iface.nfin_up || b->iface.nfout_up) - IfaceSetupNetflow(b, b->iface.nfin_up, b->iface.nfout_up); + IfaceSetupNetflow(b, b->iface.nfin_up, b->iface.nfout_up, 0); #else /* NG_NETFLOW_CONF_INGRESS */ if (b->iface.nfin_up) - IfaceSetupNetflow(b, 1, 0); + IfaceSetupNetflow(b, 1, 0, 0); if (b->iface.nfout_up) - IfaceSetupNetflow(b, 0, 1); + IfaceSetupNetflow(b, 0, 1, 0); #endif /* NG_NETFLOW_CONF_INGRESS */ #endif /* USE_NG_NETFLOW */ } @@ -2230,15 +2282,15 @@ IfaceNgIpShutdown(Bund b) #ifdef USE_NG_NETFLOW #ifdef NG_NETFLOW_CONF_INGRESS if (b->iface.nfin_up || b->iface.nfout_up) - IfaceShutdownNetflow(b, b->iface.nfin_up, b->iface.nfout_up); + IfaceShutdownNetflow(b, b->iface.nfin_up, b->iface.nfout_up, 0); b->iface.nfin_up = 0; b->iface.nfout_up = 0; #else /* NG_NETFLOW_CONF_INGRESS */ if (b->iface.nfin_up) - IfaceShutdownNetflow(b, 1, 0); + IfaceShutdownNetflow(b, 1, 0, 0); b->iface.nfin_up = 0; if (b->iface.nfout_up) - IfaceShutdownNetflow(b, 0, 1); + IfaceShutdownNetflow(b, 0, 1, 0); b->iface.nfout_up = 0; #endif /* NG_NETFLOW_CONF_INGRESS */ #endif @@ -2299,8 +2351,8 @@ IfaceNgIpv6Init(Bund b, int ready) } #else /* NG_NETFLOW_CONF_INGRESS */ /* Connect a netflow node if configured */ - if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN, 1)) { - if (IfaceInitNetflow(b, path, hook, 1, 0)) + if (Enabled(&b->iface.options, IFACE_CONF_NETFLOW_IN)) { + if (IfaceInitNetflow(b, path, hook, 1, 0, 1)) goto fail; b->iface.nfin_up = 1; } @@ -2314,6 +2366,11 @@ IfaceNgIpv6Init(Bund b, int ready) #endif /* USE_NG_NETFLOW */ } +#ifdef USE_NG_BPF + if (IfaceInitLimits(b, path, hook)) + goto fail; +#endif + /* Connect graph to the iface node. */ strcpy(cn.ourhook, hook); snprintf(cn.path, sizeof(cn.path), "%s:", b->iface.ngname); @@ -2329,17 +2386,21 @@ IfaceNgIpv6Init(Bund b, int ready) #ifdef USE_NG_NETFLOW #ifdef NG_NETFLOW_CONF_INGRESS if (b->iface.nfin_up || b->iface.nfout_up) - IfaceSetupNetflow(b, b->iface.nfin_up, b->iface.nfout_up); + IfaceSetupNetflow(b, b->iface.nfin_up, b->iface.nfout_up, 1); #else /* NG_NETFLOW_CONF_INGRESS */ if (b->iface.nfin_up) - IfaceSetupNetflow(b, 1, 0); + IfaceSetupNetflow(b, 1, 0, 1); if (b->iface.nfout_up) - IfaceSetupNetflow(b, 0, 1); + IfaceSetupNetflow(b, 0, 1, 1); #endif /* NG_NETFLOW_CONF_INGRESS */ #endif /* USE_NG_NETFLOW */ } +#ifdef USE_NG_BPF + IfaceSetupLimits(b); +#endif + /* OK */ return(0); @@ -2356,21 +2417,24 @@ IfaceNgIpv6Shutdown(Bund b) { char path[NG_PATHSIZ]; +#ifdef USE_NG_BPF + IfaceShutdownLimits(b); /* Limits must shutdown first to save final stats. */ +#endif if (b->iface.tee6_up) IfaceShutdownTee(b, 1); b->iface.tee6_up = 0; #ifdef USE_NG_NETFLOW #ifdef NG_NETFLOW_CONF_INGRESS if (b->iface.nfin_up || b->iface.nfout_up) - IfaceShutdownNetflow(b, b->iface.nfin_up, b->iface.nfout_up); + IfaceShutdownNetflow(b, b->iface.nfin_up, b->iface.nfout_up, 1); b->iface.nfin_up = 0; b->iface.nfout_up = 0; #else /* NG_NETFLOW_CONF_INGRESS */ if (b->iface.nfin_up) - IfaceShutdownNetflow(b, 1, 0); + IfaceShutdownNetflow(b, 1, 0, 1); b->iface.nfin_up = 0; if (b->iface.nfout_up) - IfaceShutdownNetflow(b, 0, 1); + IfaceShutdownNetflow(b, 0, 1, 1); b->iface.nfout_up = 0; #endif /* NG_NETFLOW_CONF_INGRESS */ #endif @@ -2469,8 +2533,8 @@ IfaceSetupNAT(Bund b) uint32_t *const nat_id = (uint32_t *)(void *)u.reply.data; #endif + snprintf(path, sizeof(path), "mpd%d-%s-nat:", gPid, b->name); if (u_addrempty(&nat->alias_addr)) { - snprintf(path, sizeof(path), "mpd%d-%s-nat:", gPid, b->name); if (NgSendMsg(gLinksCsock, path, NGM_NAT_COOKIE, NGM_NAT_SET_IPADDR, &b->iface.self_addr.addr.u.ip4, @@ -2705,10 +2769,11 @@ IfaceInitNetflow(Bund b, char *path, char *hook, char int nif; #ifdef NG_NETFLOW_CONF_INGRESS - nif = gNetflowIface + b->id; + nif = gNetflowIface + b->id*2; #else - nif = gNetflowIface + b->id*2 + out; + nif = gNetflowIface + b->id*4 + out*2; #endif + nif += v6 ? 1 : 0; Log(LG_IFACE2, ("[%s] IFACE: Connecting netflow%s (%s)", b->name, v6?"6":"", out?"out":"in")); @@ -2754,7 +2819,7 @@ IfaceInitNetflow(Bund b, char *path, char *hook, char } static int -IfaceSetupNetflow(Bund b, char in, char out) +IfaceSetupNetflow(Bund b, char in, char out, int v6) { char path[NG_PATHSIZ]; struct ng_netflow_setdlt nf_setdlt; @@ -2765,11 +2830,12 @@ IfaceSetupNetflow(Bund b, char in, char out) int nif; #ifdef NG_NETFLOW_CONF_INGRESS - nif = gNetflowIface + b->id; + nif = gNetflowIface + b->id*2; #else - nif = gNetflowIface + b->id*2 + out; + nif = gNetflowIface + b->id*4 + out*2; #endif - + nif += v6 ? 1 : 0; + /* Configure data link type and interface index. */ snprintf(path, sizeof(path), "[%x]:", gNetflowNodeID); nf_setdlt.iface = nif; @@ -2811,17 +2877,18 @@ fail: } static void -IfaceShutdownNetflow(Bund b, char in, char out) +IfaceShutdownNetflow(Bund b, char in, char out, int v6) { char path[NG_PATHSIZ]; char hook[NG_HOOKSIZ]; int nif; #ifdef NG_NETFLOW_CONF_INGRESS - nif = gNetflowIface + b->id; + nif = gNetflowIface + b->id*2; #else - nif = gNetflowIface + b->id*2 + out; + nif = gNetflowIface + b->id*4 + out*2; #endif + nif += v6 ? 1 : 0; snprintf(path, NG_PATHSIZ, "[%x]:", gNetflowNodeID); snprintf(hook, NG_HOOKSIZ, "%s%d", NG_NETFLOW_HOOK_DATA, nif); @@ -3618,9 +3685,11 @@ IfaceSetName(Bund b, const char * ifname) b->name, iface->ifname, ifname)); if (ioctl(s, SIOCSIFNAME, (caddr_t)&ifr) < 0) { - Perror("[%s] IFACE: ioctl(%s, SIOCSIFNAME)", b->name, iface->ifname); - close(s); - return(-1); + if (errno != EEXIST) { + Perror("[%s] IFACE: ioctl(%s, SIOCSIFNAME)", b->name, iface->ifname); + close(s); + return(-1); + } } close(s); @@ -3645,6 +3714,9 @@ IfaceSetName(Bund b, const char * ifname) * %I for interface name; * %l for name of bundle's first link * %M for peer MAC address of bundle's first link + * %o for local outer ("physical") address of bundle's first link + * %O for peer outer ("physical") address of bundle's first link + * %P for peer outer ("physical") port of bundle's first link * %S for interface status (DoD/UP/DOWN) * %t for type of bundle's first link (pppoe, pptp, l2tp etc.) * %u for self auth name (or dash if self auth name not used) @@ -3748,14 +3820,14 @@ IfaceSetDescr(Bund b, const char * template) /* peer address */ case 'A': { - u_addrtoa (&iface->peer_addr, buf, sizeof(buf)); + u_addrtoa(&iface->peer_addr, buf, sizeof(buf)); DST_COPY(buf); } break; /* interface index */ case 'i': { - snprintf (buf, sizeof(buf), "%u", iface->ifindex); + snprintf(buf, sizeof(buf), "%u", iface->ifindex); DST_COPY(buf); } break; @@ -3767,15 +3839,40 @@ IfaceSetDescr(Bund b, const char * template) case 'l': DST_COPY(b->links[0] ? b->links[0]->name : NULL); break; + /* peer MAC address */ case 'M': - if(b->links[0]) { + if (b->links[0]) { PhysType const pt = b->links[0]->type; if (pt && pt->peermacaddr) { - (*pt->peermacaddr)(b->links[0], buf, sizeof(buf)); - DST_COPY(buf); + (*pt->peermacaddr)(b->links[0], buf, sizeof(buf)); + DST_COPY(buf); } else { DST_COPY("-"); } + } else { + DST_COPY("-"); + } + break; + /* local "physycal" address */ + case 'o': + if (b->links[0] && PhysGetSelfAddr(b->links[0], buf, sizeof(buf)) == 0) { + DST_COPY(buf); + } else { + DST_COPY("-"); + } + break; + /* peer "physycal" address */ + case 'O': + if (b->links[0] && PhysGetPeerAddr(b->links[0], buf, sizeof(buf)) == 0) { + DST_COPY(buf); + } else { + DST_COPY("-"); + } + break; + /* peer port */ + case 'P': + if (b->links[0] && PhysGetPeerPort(b->links[0], buf, sizeof(buf)) == 0) { + DST_COPY(buf); } else { DST_COPY("-"); }