#include <sys/cdefs.h>#include <sys/param.h>#include <sys/alq.h>#include <sys/errno.h>#include <sys/eventhandler.h>#include <sys/hash.h>#include <sys/kernel.h>#include <sys/kthread.h>#include <sys/lock.h>#include <sys/mbuf.h>#include <sys/module.h>#include <sys/mutex.h>#include <sys/pcpu.h>#include <sys/proc.h>#include <sys/sbuf.h>#include <sys/sdt.h>#include <sys/smp.h>#include <sys/socket.h>#include <sys/socketvar.h>#include <sys/sysctl.h>#include <sys/unistd.h>#include <net/if.h>#include <net/if_var.h>#include <net/pfil.h>#include <netinet/in.h>#include <netinet/in_kdtrace.h>#include <netinet/in_pcb.h>#include <netinet/in_systm.h>#include <netinet/in_var.h>#include <netinet/ip.h>#include <netinet/ip_var.h>#include <netinet/tcp_var.h>#include <machine/in_cksum.h>
Go to the source code of this file.
Data Structures | |
| struct | pkt_node |
| struct | flow_hash_node |
| struct | siftr_stats |
Macros | |
| #define | V_MAJOR 1 |
| #define | V_BACKBREAK 2 |
| #define | V_BACKCOMPAT 4 |
| #define | MODVERSION __CONCAT(V_MAJOR, __CONCAT(V_BACKBREAK, V_BACKCOMPAT)) |
| #define | MODVERSION_STR |
| #define | HOOK 0 |
| #define | UNHOOK 1 |
| #define | SIFTR_EXPECTED_MAX_TCP_FLOWS 65536 |
| #define | SYS_NAME "FreeBSD" |
| #define | PACKET_TAG_SIFTR 100 |
| #define | PACKET_COOKIE_SIFTR 21749576 |
| #define | SIFTR_LOG_FILE_MODE 0644 |
| #define | SIFTR_DISABLE 0 |
| #define | SIFTR_ENABLE 1 |
| #define | MAX_LOG_MSG_LEN 200 |
| #define | SIFTR_ALQ_BUFLEN (1000*MAX_LOG_MSG_LEN) |
| #define | FLOW_KEY_LEN 13 |
| #define | SIFTR_IPMODE 4 |
| #define | UPPER_SHORT(X) (((X) & 0xFFFF0000) >> 16) |
| #define | LOWER_SHORT(X) ((X) & 0x0000FFFF) |
| #define | FIRST_OCTET(X) (((X) & 0xFF000000) >> 24) |
| #define | SECOND_OCTET(X) (((X) & 0x00FF0000) >> 16) |
| #define | THIRD_OCTET(X) (((X) & 0x0000FF00) >> 8) |
| #define | FOURTH_OCTET(X) ((X) & 0x000000FF) |
| #define | V_siftr_inet_hook VNET(siftr_inet_hook) |
Functions | |
| __FBSDID ("$FreeBSD$") | |
| static | MALLOC_DEFINE (M_SIFTR, "siftr", "dynamic memory used by SIFTR") |
| static | MALLOC_DEFINE (M_SIFTR_PKTNODE, "siftr_pktnode", "SIFTR pkt_node struct") |
| static | MALLOC_DEFINE (M_SIFTR_HASHNODE, "siftr_hashnode", "SIFTR flow_hash_node struct") |
| DPCPU_DEFINE_STATIC (struct siftr_stats, ss) | |
| STAILQ_HEAD (pkthead, pkt_node) | |
| static int | siftr_sysctl_enabled_handler (SYSCTL_HANDLER_ARGS) |
| static int | siftr_sysctl_logfile_name_handler (SYSCTL_HANDLER_ARGS) |
| SYSCTL_DECL (_net_inet_siftr) | |
| SYSCTL_NODE (_net_inet, OID_AUTO, siftr, CTLFLAG_RW|CTLFLAG_MPSAFE, NULL, "siftr related settings") | |
| SYSCTL_PROC (_net_inet_siftr, OID_AUTO, enabled, CTLTYPE_UINT|CTLFLAG_RW|CTLFLAG_NEEDGIANT, &siftr_enabled, 0, &siftr_sysctl_enabled_handler, "IU", "switch siftr module operations on/off") | |
| SYSCTL_PROC (_net_inet_siftr, OID_AUTO, logfile, CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_NEEDGIANT, &siftr_logfile_shadow, sizeof(siftr_logfile_shadow), &siftr_sysctl_logfile_name_handler, "A", "file to save siftr log messages to") | |
| SYSCTL_UINT (_net_inet_siftr, OID_AUTO, ppl, CTLFLAG_RW, &siftr_pkts_per_log, 1, "number of packets between generating a log message") | |
| SYSCTL_UINT (_net_inet_siftr, OID_AUTO, genhashes, CTLFLAG_RW, &siftr_generate_hashes, 0, "enable packet hash generation") | |
| SYSCTL_U16 (_net_inet_siftr, OID_AUTO, port_filter, CTLFLAG_RW, &siftr_port_filter, 0, "enable packet filter on a TCP port") | |
| static void | siftr_process_pkt (struct pkt_node *pkt_node) |
| static void | siftr_pkt_manager_thread (void *arg) |
| static uint32_t | hash_pkt (struct mbuf *m, uint32_t offset) |
| static int | siftr_chkreinject (struct mbuf *m, int dir, struct siftr_stats *ss) |
| static struct inpcb * | siftr_findinpcb (int ipver, struct ip *ip, struct mbuf *m, uint16_t sport, uint16_t dport, int dir, struct siftr_stats *ss) |
| static void | siftr_siftdata (struct pkt_node *pn, struct inpcb *inp, struct tcpcb *tp, int ipver, int dir, int inp_locally_locked) |
| static pfil_return_t | siftr_chkpkt (struct mbuf **m, struct ifnet *ifp, int flags, void *ruleset __unused, struct inpcb *inp) |
| VNET_DEFINE_STATIC (pfil_hook_t, siftr_inet_hook) | |
| static int | siftr_pfil (int action) |
| static int | siftr_manage_ops (uint8_t action) |
| static void | siftr_shutdown_handler (void *arg) |
| static int | deinit_siftr (void) |
| static int | init_siftr (void) |
| static int | siftr_load_handler (module_t mod, int what, void *arg) |
| DECLARE_MODULE (siftr, siftr_mod, SI_SUB_LAST, SI_ORDER_ANY) | |
| MODULE_DEPEND (siftr, alq, 1, 1, 1) | |
| MODULE_VERSION (siftr, MODVERSION) | |
Variables | |
| static volatile unsigned int | siftr_exit_pkt_manager_thread = 0 |
| static unsigned int | siftr_enabled = 0 |
| static unsigned int | siftr_pkts_per_log = 1 |
| static unsigned int | siftr_generate_hashes = 0 |
| static uint16_t | siftr_port_filter = 0 |
| static char | siftr_logfile [PATH_MAX] = "/var/log/siftr.log" |
| static char | siftr_logfile_shadow [PATH_MAX] = "/var/log/siftr.log" |
| static u_long | siftr_hashmask |
| static moduledata_t | siftr_mod |
Macro Definition Documentation
◆ FIRST_OCTET
◆ FLOW_KEY_LEN
◆ FOURTH_OCTET
◆ HOOK
◆ LOWER_SHORT
◆ MAX_LOG_MSG_LEN
◆ MODVERSION
| #define MODVERSION __CONCAT(V_MAJOR, __CONCAT(V_BACKBREAK, V_BACKCOMPAT)) |
◆ MODVERSION_STR
| #define MODVERSION_STR |
◆ PACKET_COOKIE_SIFTR
◆ PACKET_TAG_SIFTR
◆ SECOND_OCTET
◆ SIFTR_ALQ_BUFLEN
| #define SIFTR_ALQ_BUFLEN (1000*MAX_LOG_MSG_LEN) |
◆ SIFTR_DISABLE
◆ SIFTR_ENABLE
◆ SIFTR_EXPECTED_MAX_TCP_FLOWS
◆ SIFTR_IPMODE
◆ SIFTR_LOG_FILE_MODE
◆ SYS_NAME
◆ THIRD_OCTET
◆ UNHOOK
◆ UPPER_SHORT
◆ V_BACKBREAK
◆ V_BACKCOMPAT
◆ V_MAJOR
◆ V_siftr_inet_hook
Function Documentation
◆ __FBSDID()
| __FBSDID | ( | "$FreeBSD$" | ) |
◆ DECLARE_MODULE()
| DECLARE_MODULE | ( | siftr | , |
| siftr_mod | , | ||
| SI_SUB_LAST | , | ||
| SI_ORDER_ANY | |||
| ) |
◆ deinit_siftr()
|
static |
Definition at line 1510 of file siftr.c.
References SIFTR_DISABLE, siftr_hashmask, and siftr_manage_ops().
Referenced by siftr_load_handler().
◆ DPCPU_DEFINE_STATIC()
| DPCPU_DEFINE_STATIC | ( | struct siftr_stats | , |
| ss | |||
| ) |
◆ hash_pkt()
Definition at line 639 of file siftr.c.
References pkt_node::hash.
Referenced by siftr_chkpkt().
◆ init_siftr()
|
static |
Definition at line 1525 of file siftr.c.
References MODVERSION_STR, SIFTR_EXPECTED_MAX_TCP_FLOWS, siftr_hashmask, and siftr_shutdown_handler().
Referenced by siftr_load_handler().
◆ MALLOC_DEFINE() [1/3]
|
static |
◆ MALLOC_DEFINE() [2/3]
|
static |
◆ MALLOC_DEFINE() [3/3]
|
static |
◆ MODULE_DEPEND()
| MODULE_DEPEND | ( | siftr | , |
| alq | , | ||
| 1 | , | ||
| 1 | , | ||
| 1 | |||
| ) |
◆ MODULE_VERSION()
| MODULE_VERSION | ( | siftr | , |
| MODVERSION | |||
| ) |
◆ siftr_chkpkt()
|
static |
Definition at line 830 of file siftr.c.
References pkt_node::hash, hash_pkt(), in_cksum_skip(), inpcb::inp_flags, INP_IPV4, INP_LOCK_ASSERT, INP_RUNLOCK, INP_TIMEWAIT, inp_unlock(), intotcpcb, ip_hl, ip::ip_hl, ip::ip_len, ip::ip_p, IPPROTO_TCP, siftr_stats::n_in, siftr_stats::n_out, siftr_stats::nskip_in_malloc, siftr_stats::nskip_in_tcpcb, siftr_stats::nskip_out_malloc, siftr_stats::nskip_out_tcpcb, siftr_chkreinject(), siftr_findinpcb(), siftr_generate_hashes, siftr_port_filter, and siftr_siftdata().
Referenced by siftr_pfil().
◆ siftr_chkreinject()
|
inlinestatic |
Definition at line 674 of file siftr.c.
References siftr_stats::nskip_in_dejavu, siftr_stats::nskip_in_malloc, siftr_stats::nskip_out_dejavu, siftr_stats::nskip_out_malloc, PACKET_COOKIE_SIFTR, and PACKET_TAG_SIFTR.
Referenced by siftr_chkpkt().
◆ siftr_findinpcb()
|
inlinestatic |
Definition at line 707 of file siftr.c.
References in_pcblookup(), INP_INFO_WUNLOCK_ASSERT, INP_IPV4, INPLOOKUP_RLOCKPCB, ip::ip_dst, siftr_stats::nskip_in_inpcb, siftr_stats::nskip_out_inpcb, and V_tcbinfo.
Referenced by siftr_chkpkt().
◆ siftr_load_handler()
|
static |
Definition at line 1557 of file siftr.c.
References deinit_siftr(), and init_siftr().
◆ siftr_manage_ops()
|
static |
Definition at line 1231 of file siftr.c.
References flow_hash_node::counter, FIRST_OCTET, FOURTH_OCTET, HOOK, INP_IPV6, flow_hash_node::key, LOWER_SHORT, MODVERSION_STR, siftr_stats::n_in, siftr_stats::n_out, siftr_stats::nskip_in_inpcb, siftr_stats::nskip_in_malloc, siftr_stats::nskip_in_mtx, siftr_stats::nskip_in_tcpcb, siftr_stats::nskip_out_inpcb, siftr_stats::nskip_out_malloc, siftr_stats::nskip_out_mtx, siftr_stats::nskip_out_tcpcb, SECOND_OCTET, SIFTR_ALQ_BUFLEN, SIFTR_DISABLE, SIFTR_ENABLE, siftr_exit_pkt_manager_thread, siftr_hashmask, SIFTR_IPMODE, SIFTR_LOG_FILE_MODE, siftr_logfile, siftr_pfil(), siftr_pkt_manager_thread(), SYS_NAME, TCP_RTT_SCALE, THIRD_OCTET, UNHOOK, and UPPER_SHORT.
Referenced by deinit_siftr(), siftr_shutdown_handler(), and siftr_sysctl_enabled_handler().
◆ siftr_pfil()
|
static |
Definition at line 1143 of file siftr.c.
References HOOK, siftr_chkpkt(), UNHOOK, V_inet_pfil_head, and V_siftr_inet_hook.
Referenced by siftr_manage_ops().
◆ siftr_pkt_manager_thread()
|
static |
Definition at line 562 of file siftr.c.
References siftr_exit_pkt_manager_thread, siftr_process_pkt(), and STAILQ_HEAD().
Referenced by siftr_manage_ops().
◆ siftr_process_pkt()
|
static |
Definition at line 336 of file siftr.c.
References pkt_node::conn_state, flow_hash_node::counter, pkt_node::direction, FIRST_OCTET, pkt_node::flags, FLOW_KEY_LEN, pkt_node::flowid, pkt_node::flowtype, FOURTH_OCTET, pkt_node::hash, INP_IPV6, pkt_node::ip_faddr, pkt_node::ip_laddr, pkt_node::ipver, flow_hash_node::key, LOWER_SHORT, MAX_LOG_MSG_LEN, pkt_node::max_seg_size, siftr_stats::nskip_in_malloc, siftr_stats::nskip_out_malloc, pkt_node::rcv_buf_cc, pkt_node::rcv_buf_hiwater, pkt_node::rcv_scale, pkt_node::rcv_wnd, pkt_node::rxt_length, pkt_node::sack_enabled, SECOND_OCTET, pkt_node::sent_inflight_bytes, siftr_hashmask, siftr_pkts_per_log, pkt_node::smoothed_rtt, pkt_node::snd_buf_cc, pkt_node::snd_buf_hiwater, pkt_node::snd_bwnd, pkt_node::snd_cwnd, pkt_node::snd_scale, pkt_node::snd_ssthresh, pkt_node::snd_wnd, pkt_node::t_segqlen, pkt_node::tcp_foreignport, pkt_node::tcp_localport, THIRD_OCTET, pkt_node::tval, and UPPER_SHORT.
Referenced by siftr_pkt_manager_thread().
◆ siftr_shutdown_handler()
|
static |
Definition at line 1499 of file siftr.c.
References SIFTR_DISABLE, siftr_enabled, and siftr_manage_ops().
Referenced by init_siftr().
◆ siftr_siftdata()
|
inlinestatic |
Definition at line 757 of file siftr.c.
References pkt_node::conn_state, pkt_node::direction, pkt_node::flags, pkt_node::flowid, pkt_node::flowtype, inpcb::inp_flowid, inpcb::inp_flowtype, INP_IPV4, INP_RUNLOCK, inpcb::inp_socket, pkt_node::ip_faddr, pkt_node::ip_laddr, pkt_node::ipver, pkt_node::max_seg_size, pkt_node::rcv_buf_cc, pkt_node::rcv_buf_hiwater, pkt_node::rcv_scale, tcpcb::rcv_scale, pkt_node::rcv_wnd, tcpcb::rcv_wnd, pkt_node::rxt_length, pkt_node::sack_enabled, pkt_node::sent_inflight_bytes, pkt_node::smoothed_rtt, pkt_node::snd_buf_cc, pkt_node::snd_buf_hiwater, pkt_node::snd_bwnd, pkt_node::snd_cwnd, tcpcb::snd_cwnd, tcpcb::snd_max, pkt_node::snd_scale, tcpcb::snd_scale, pkt_node::snd_ssthresh, tcpcb::snd_ssthresh, tcpcb::snd_una, pkt_node::snd_wnd, tcpcb::snd_wnd, tcpcb::t_flags, tcpcb::t_maxseg, tcpcb::t_rxtcur, pkt_node::t_segqlen, tcpcb::t_segqlen, tcpcb::t_srtt, tcpcb::t_state, pkt_node::tcp_foreignport, pkt_node::tcp_localport, TCP_PROBE1, TF_SACK_PERMIT, and pkt_node::tval.
Referenced by siftr_chkpkt().
◆ siftr_sysctl_enabled_handler()
|
static |
Definition at line 1476 of file siftr.c.
References SIFTR_DISABLE, siftr_enabled, and siftr_manage_ops().
◆ siftr_sysctl_logfile_name_handler()
|
static |
Definition at line 1193 of file siftr.c.
References SIFTR_ALQ_BUFLEN, SIFTR_LOG_FILE_MODE, and siftr_logfile.
◆ STAILQ_HEAD()
| STAILQ_HEAD | ( | pkthead | , |
| pkt_node | |||
| ) |
Definition at line 285 of file siftr.c.
Referenced by siftr_pkt_manager_thread().
◆ SYSCTL_DECL()
| SYSCTL_DECL | ( | _net_inet_siftr | ) |
◆ SYSCTL_NODE()
| SYSCTL_NODE | ( | _net_inet | , |
| OID_AUTO | , | ||
| siftr | , | ||
| CTLFLAG_RW| | CTLFLAG_MPSAFE, | ||
| NULL | , | ||
| "siftr related settings" | |||
| ) |
◆ SYSCTL_PROC() [1/2]
| SYSCTL_PROC | ( | _net_inet_siftr | , |
| OID_AUTO | , | ||
| enabled | , | ||
| CTLTYPE_UINT|CTLFLAG_RW| | CTLFLAG_NEEDGIANT, | ||
| & | siftr_enabled, | ||
| 0 | , | ||
| & | siftr_sysctl_enabled_handler, | ||
| "IU" | , | ||
| "switch siftr module operations on/off" | |||
| ) |
◆ SYSCTL_PROC() [2/2]
| SYSCTL_PROC | ( | _net_inet_siftr | , |
| OID_AUTO | , | ||
| logfile | , | ||
| CTLTYPE_STRING|CTLFLAG_RW| | CTLFLAG_NEEDGIANT, | ||
| & | siftr_logfile_shadow, | ||
| sizeof(siftr_logfile_shadow) | , | ||
| & | siftr_sysctl_logfile_name_handler, | ||
| "A" | , | ||
| "file to save siftr log messages to" | |||
| ) |
◆ SYSCTL_U16()
| SYSCTL_U16 | ( | _net_inet_siftr | , |
| OID_AUTO | , | ||
| port_filter | , | ||
| CTLFLAG_RW | , | ||
| & | siftr_port_filter, | ||
| 0 | , | ||
| "enable packet filter on a TCP port" | |||
| ) |
◆ SYSCTL_UINT() [1/2]
| SYSCTL_UINT | ( | _net_inet_siftr | , |
| OID_AUTO | , | ||
| genhashes | , | ||
| CTLFLAG_RW | , | ||
| & | siftr_generate_hashes, | ||
| 0 | , | ||
| "enable packet hash generation" | |||
| ) |
◆ SYSCTL_UINT() [2/2]
| SYSCTL_UINT | ( | _net_inet_siftr | , |
| OID_AUTO | , | ||
| ppl | , | ||
| CTLFLAG_RW | , | ||
| & | siftr_pkts_per_log, | ||
| 1 | , | ||
| "number of packets between generating a log message" | |||
| ) |
◆ VNET_DEFINE_STATIC()
| VNET_DEFINE_STATIC | ( | pfil_hook_t | , |
| siftr_inet_hook | |||
| ) |
Variable Documentation
◆ siftr_enabled
|
static |
Definition at line 277 of file siftr.c.
Referenced by siftr_shutdown_handler(), and siftr_sysctl_enabled_handler().
◆ siftr_exit_pkt_manager_thread
|
static |
Definition at line 276 of file siftr.c.
Referenced by siftr_manage_ops(), and siftr_pkt_manager_thread().
◆ siftr_generate_hashes
|
static |
Definition at line 279 of file siftr.c.
Referenced by siftr_chkpkt().
◆ siftr_hashmask
|
static |
Definition at line 284 of file siftr.c.
Referenced by deinit_siftr(), init_siftr(), siftr_manage_ops(), and siftr_process_pkt().
◆ siftr_logfile
|
static |
Definition at line 282 of file siftr.c.
Referenced by siftr_manage_ops(), and siftr_sysctl_logfile_name_handler().
◆ siftr_logfile_shadow
|
static |
◆ siftr_mod
|
static |
◆ siftr_pkts_per_log
|
static |
Definition at line 278 of file siftr.c.
Referenced by siftr_process_pkt().
◆ siftr_port_filter
|
static |
Definition at line 280 of file siftr.c.
Referenced by siftr_chkpkt().
