1 /* See the DRL-LICENSE file for this file's software license. */
4 * ulogd output target for DRL: GRD and FPS
6 * Ken Yocum <kyocum@cs.ucsd.edu>
8 * Original shell of this code from ulogd_NETFLOW
9 * Like that code, we keep track of per-slice data rates
10 * out of this slice. Thus we are rate limiting particular slices
11 * across multiple boxes, ensuring that their outbound rate does not
12 * exceed some fixed limit.
16 * Enforcer: linux drop percentage.
18 * This file reads packets from the netlink socket. It updates all
19 * the hashmaps which track how much data has arrived per flow.
20 * It starts two threads for this limiter.
21 * One thread handles periodic estimation.
22 * The other thread handles communication with other limiters.
27 * ulogd_DRL: attach to netlink socket, accept packets. replaces ratelimit.cc
28 * util.c: generic hashing functions, flow comparisons, sundry items.
29 * gossip.c: Recv gossip, send gossip.
30 * peer_comm.c: Thread to listen for updates from other limiters.
31 * estimate.c: Thread to calculate the local limits.
34 * Ken Yocum <kyocum@cs.ucsd.edu>
37 * Some code appropriated from ulogd_NETFLOW:
39 * Mark Huang <mlhuang@cs.princeton.edu>
40 * Copyright (C) 2004-2005 The Trustees of Princeton University
42 * Based on admindump.pl by Mic Bowman and Paul Brett
43 * Copyright (c) 2002 Intel Corporation
47 /* Enable GNU glibc extensions */
53 /* va_start() and friends */
59 /* strstr() and friends */
62 /* dirname() and basename() */
65 /* fork() and wait() */
66 #include <sys/types.h>
70 /* errno and assert() */
77 /* time() and friends */
82 #include <sys/socket.h>
83 #include <netinet/in.h>
84 #include <arpa/inet.h>
86 /* ICMP definitions */
87 #include <netinet/ip.h>
88 #include <netinet/ip_icmp.h>
93 /* pthread_create() */
99 /* Signal definitions - so that we can catch SIGHUP and update config. */
102 #include <ulogd/ulogd.h>
103 #include <ulogd/conffile.h>
105 /* Perhaps useful for files within vservers? */
106 #if !defined(STANDALONE) && HAVE_LIBPROPER
107 #include <proper/prop.h>
111 * Jenkins hash support
112 * lives in raterouter.h
116 #include "raterouter.h"
118 #include "ratetypes.h" /* needs util and pthread.h */
119 #include "calendar.h"
123 * /etc/ulogd.conf configuration options
124 * Add the config options for DRL.
127 static config_entry_t partition = {
129 .key = "partition_set",
130 .type = CONFIG_TYPE_INT,
131 .options = CONFIG_OPT_NONE,
132 .u = { .value = 0xfffffff },
135 static config_entry_t netem_slice = {
137 .key = "netem_slice",
138 .type = CONFIG_TYPE_STRING,
139 .options = CONFIG_OPT_NONE,
140 .u = { .string = "ALL" },
143 static config_entry_t netem_loss = {
144 .next = &netem_slice,
146 .type = CONFIG_TYPE_INT,
147 .options = CONFIG_OPT_NONE,
151 static config_entry_t netem_delay = {
153 .key = "netem_delay",
154 .type = CONFIG_TYPE_INT,
155 .options = CONFIG_OPT_NONE,
159 static config_entry_t drl_configfile = {
160 .next = &netem_delay,
161 .key = "drl_configfile",
162 .type = CONFIG_TYPE_STRING,
163 .options = CONFIG_OPT_MANDATORY,
164 .u = { .string = "drl.xml" },
167 /** The administrative bandwidth limit (mbps) for the local node. The node
168 * will not set a limit higher than this, even when distributed capacity is
169 * available. Set to 0 for no limit. */
170 static config_entry_t nodelimit = {
171 .next = &drl_configfile,
173 .type = CONFIG_TYPE_INT,
174 .options = CONFIG_OPT_MANDATORY,
178 /** Determines the verbosity of logging. */
179 static config_entry_t drl_loglevel = {
181 .key = "drl_loglevel",
182 .type = CONFIG_TYPE_INT,
183 .options = CONFIG_OPT_MANDATORY,
184 .u = { .value = LOG_WARN },
187 /** The path of the logfile. */
188 static config_entry_t drl_logfile = {
189 .next = &drl_loglevel,
190 .key = "drl_logfile",
191 .type = CONFIG_TYPE_STRING,
192 .options = CONFIG_OPT_MANDATORY,
193 .u = { .string = "drl_logfile.log" },
196 /** The choice of DRL protocol. */
197 static config_entry_t policy = {
198 .next = &drl_logfile,
200 .type = CONFIG_TYPE_STRING,
201 .options = CONFIG_OPT_MANDATORY,
202 .u = { .string = "GRD" },
205 /** The estimate interval, in milliseconds. */
206 static config_entry_t estintms = {
209 .type = CONFIG_TYPE_INT,
210 .options = CONFIG_OPT_MANDATORY,
211 .u = { .value = 100 },
214 #define config_entries (&estintms)
217 * Debug functionality
224 #define NIPQUAD(addr) \
225 ((unsigned char *)&addr)[0], \
226 ((unsigned char *)&addr)[1], \
227 ((unsigned char *)&addr)[2], \
228 ((unsigned char *)&addr)[3]
230 #define IPQUAD(addr) \
231 ((unsigned char *)&addr)[3], \
232 ((unsigned char *)&addr)[2], \
233 ((unsigned char *)&addr)[1], \
234 ((unsigned char *)&addr)[0]
238 /* Salt for the hash functions */
242 * Hash slice name lookups on context ID.
245 /* Special context IDs */
246 #define UNKNOWN_XID -1
250 CONNECTION_REFUSED_XID = 65536, /* MAX_S_CONTEXT + 1 */
257 pthread_t estimate_thread;
258 pthread_t signal_thread;
259 pthread_t comm_thread;
260 uint32_t local_ip = 0;
262 extern FILE *logfile;
263 extern uint8_t system_loglevel;
264 extern uint8_t do_enforcement;
266 /* From peer_comm.c - used to simulate partition. */
267 extern int do_partition;
268 extern int partition_set;
272 static inline uint32_t
273 hash_flow(uint8_t protocol, uint32_t src_ip, uint16_t src_port, uint32_t dst_ip, uint16_t dst_port, uint32_t hash_max)
275 unsigned char mybytes[FLOWKEYSIZE];
276 mybytes[0] = protocol;
277 *(uint32_t*)(&(mybytes[1])) = src_ip;
278 *(uint32_t*)(&(mybytes[5])) = dst_ip;
279 *(uint32_t*)(&(mybytes[9])) = (src_port << 16) | dst_port;
280 return jhash(mybytes,FLOWKEYSIZE,salt) & (hash_max - 1);
283 uint32_t sampled_hasher(const key_flow *key) {
284 /* Last arg is UINT_MAX because sampled flow keeps track of its own capacity. */
285 return hash_flow(key->protocol, key->source_ip, key->source_port, key->dest_ip, key->dest_port, UINT_MAX);
288 uint32_t standard_hasher(const key_flow *key) {
289 return hash_flow(key->protocol, key->source_ip, key->source_port, key->dest_ip, key->dest_port, STD_FLOW_HASH_SIZE);
292 uint32_t multiple_hasher(const key_flow *key) {
293 return hash_flow(key->protocol, key->source_ip, key->source_port, key->dest_ip, key->dest_port, MUL_FLOW_HASH_SIZE);
301 /* Interesting keys */
325 #define INTR_IDS (sizeof(intr_ids)/sizeof(intr_ids[0]))
326 static struct intr_id intr_ids[] = {
327 [OOB_TIME_SEC] = { "oob.time.sec", 0 },
328 [OOB_MARK] = { "oob.mark", 0 },
329 [IP_SADDR] = { "ip.saddr", 0 },
330 [IP_DADDR] = { "ip.daddr", 0 },
331 [IP_TOTLEN] = { "ip.totlen", 0 },
332 [IP_PROTOCOL] = { "ip.protocol", 0 },
333 [TCP_SPORT] = { "tcp.sport", 0 },
334 [TCP_DPORT] { "tcp.dport", 0 },
335 [TCP_ACK] = { "tcp.ack", 0 },
336 [TCP_FIN] = { "tcp.fin", 0 },
337 [TCP_SYN] = { "tcp.syn", 0 },
338 [TCP_RST] = { "tcp.rst", 0 },
339 [UDP_SPORT] = { "udp.sport", 0 },
340 [UDP_DPORT] = { "udp.dport", 0 },
341 [ICMP_TYPE] = { "icmp.type", 0 },
342 [ICMP_CODE] = { "icmp.code", 0 },
343 [GRE_FLAG_KEY] = { "gre.flag.key", 0 },
344 [GRE_VERSION] = { "gre.version", 0 },
345 [GRE_KEY] = { "gre.key", 0 },
346 [PPTP_CALLID] = { "pptp.callid", 0 },
349 #define GET_VALUE(x) intr_ids[x].res->value
351 #define DATE(t) ((t) / (24*60*60) * (24*60*60))
353 static int _output_drl(ulog_iret_t *res)
356 uint32_t src_ip, dst_ip;
357 uint16_t src_port, dst_port;
364 protocol = GET_VALUE(IP_PROTOCOL).ui8;
365 src_ip = GET_VALUE(IP_SADDR).ui32;
366 dst_ip = GET_VALUE(IP_DADDR).ui32;
367 xid = GET_VALUE(OOB_MARK).ui32;
372 src_port = GET_VALUE(TCP_SPORT).ui16;
373 dst_port = GET_VALUE(TCP_DPORT).ui16;
377 /* netflow had an issue with many udp flows and set
378 * src_port=0 to handle it. We don't.
380 src_port = GET_VALUE(UDP_SPORT).ui16;
383 * traceroutes create a large number of flows in the db
384 * this is a quick hack to catch the most common form
385 * of traceroute (basically we're mapping any UDP packet
386 * in the 33435-33524 range to the "trace" port, 33524 is
387 * 3 packets * nhops (30).
389 dst_port = GET_VALUE(UDP_DPORT).ui16;
390 if (dst_port >= 33435 && dst_port <= 33524)
395 src_port = GET_VALUE(ICMP_TYPE).ui8;
396 dst_port = GET_VALUE(ICMP_CODE).ui8;
399 * We special case some of the ICMP traffic that the kernel
400 * always generates. Since this is attributed to root, it
401 * creates significant "noise" in the output. We want to be
402 * able to quickly see that root is generating traffic.
404 if (xid == ROOT_XID) {
405 if (src_port == ICMP_ECHOREPLY)
406 xid = ICMP_ECHOREPLY_XID;
407 else if (src_port == ICMP_UNREACH)
408 xid = ICMP_UNREACH_XID;
413 if (GET_VALUE(GRE_FLAG_KEY).b) {
414 if (GET_VALUE(GRE_VERSION).ui8 == 1) {
415 /* Get PPTP call ID */
416 src_port = GET_VALUE(PPTP_CALLID).ui16;
418 /* XXX Truncate GRE keys to 16 bits */
419 src_port = (uint16_t) GET_VALUE(GRE_KEY).ui32;
422 /* No key available */
429 /* This is the default key for packets from unsupported protocols */
435 key.protocol = protocol;
436 key.source_ip = src_ip;
437 key.dest_ip = dst_ip;
438 key.source_port = src_port;
439 key.dest_port = dst_port;
440 key.packet_size = GET_VALUE(IP_TOTLEN).ui16;
441 key.packet_time = (time_t) GET_VALUE(OOB_TIME_SEC).ui32;
443 pthread_rwlock_rdlock(&limiter.limiter_lock); /* CLUNK! */
445 leaf = (leaf_t *) map_search(limiter.stable_instance.leaf_map, &xid, sizeof(xid));
447 /* Even if the packet doesn't match any specific xid, it should still
448 * count in the machine-type tables. This catches root (xid == 0) and
449 * unclassified (xid = fff) packets, which don't have map entries. */
451 ident = limiter.stable_instance.last_machine;
453 ident = leaf->parent;
457 pthread_mutex_lock(&ident->table_mutex);
459 /* Update the identity's table. */
460 ident->table_sample_function(ident->table, &key);
462 #ifdef SHADOW_ACCTING
464 /* Update the shadow perfect copy of the accounting table. */
465 standard_table_sample((standard_flow_table) ident->shadow_table, &key);
469 pthread_mutex_unlock(&ident->table_mutex);
471 ident = ident->parent;
474 pthread_rwlock_unlock(&limiter.limiter_lock); /* CLINK! */
479 /* get all key id's for the keys we are intrested in */
480 static int get_ids(void)
483 struct intr_id *cur_id;
485 for (i = 0; i < INTR_IDS; i++) {
486 cur_id = &intr_ids[i];
487 cur_id->res = keyh_getres(keyh_getid(cur_id->name));
489 ulogd_log(ULOGD_ERROR,
490 "Cannot resolve keyhash id for %s\n",
498 static void free_identity(identity_t *ident) {
500 free_comm(&ident->comm);
503 ident->table_destroy_function(ident->table);
506 if (ident->loop_action) {
507 ident->loop_action->valid = 0;
510 if (ident->comm_action) {
511 ident->comm_action->valid = 0;
514 pthread_mutex_destroy(&ident->table_mutex);
520 static void free_identity_map(map_handle map) {
521 identity_t *tofree = NULL;
523 map_reset_iterate(map);
524 while ((tofree = (identity_t *) map_next(map))) {
525 free_identity(tofree);
531 static void free_instance(drl_instance_t *instance) {
532 if (instance->leaves)
533 free(instance->leaves);
534 if (instance->leaf_map)
535 free_map(instance->leaf_map, 0);
536 if (instance->ident_map)
537 free_identity_map(instance->ident_map);
538 if (instance->machines)
539 free(instance->machines);
541 free(instance->sets);
543 /* FIXME: Drain the calendar first and free all the entries. */
548 memset(instance, 0, sizeof(drl_instance_t));
551 static void free_failed_config(parsed_configs configs, drl_instance_t *instance) {
553 if (configs.machines)
554 free_ident_list(configs.machines);
556 free_ident_list(configs.sets);
560 free_instance(instance);
563 static identity_t *new_identity(ident_config *config) {
564 identity_t *ident = malloc(sizeof(identity_t));
565 remote_node_t *comm_nodes = malloc(sizeof(remote_node_t)*config->peer_count);
566 ident_peer *peer = config->peers;
573 if (comm_nodes == NULL) {
578 memset(ident, 0, sizeof(identity_t));
579 memset(comm_nodes, 0, config->peer_count * sizeof(remote_node_t));
581 ident->id = config->id;
582 ident->limit = (uint32_t) (((double) config->limit * 1000.0) / 8.0);
583 ident->fixed_ewma_weight = config->fixed_ewma_weight;
584 ident->communication_intervals = config->communication_intervals;
585 ident->mainloop_intervals = config->mainloop_intervals;
586 ident->ewma_weight = pow(ident->fixed_ewma_weight,
587 (limiter.estintms/1000.0) * config->mainloop_intervals);
588 ident->parent = NULL;
590 pthread_mutex_init(&ident->table_mutex, NULL);
591 switch (config->accounting) {
594 standard_table_create(standard_hasher, &ident->common);
596 /* Ugly function pointer casting. Makes things sufficiently
597 * generic, though. */
598 ident->table_sample_function =
599 (int (*)(void *, const key_flow *)) standard_table_sample;
600 ident->table_cleanup_function =
601 (int (*)(void *)) standard_table_cleanup;
602 ident->table_update_function =
603 (void (*)(void *, struct timeval, double)) standard_table_update_flows;
604 ident->table_destroy_function =
605 (void (*)(void *)) standard_table_destroy;
610 multiple_table_create(multiple_hasher, MUL_INTERVAL_COUNT, &ident->common);
612 ident->table_sample_function =
613 (int (*)(void *, const key_flow *)) multiple_table_sample;
614 ident->table_cleanup_function =
615 (int (*)(void *)) multiple_table_cleanup;
616 ident->table_update_function =
617 (void (*)(void *, struct timeval, double)) multiple_table_update_flows;
618 ident->table_destroy_function =
619 (void (*)(void *)) multiple_table_destroy;
623 ident->table = sampled_table_create(sampled_hasher,
624 ident->limit * IDENT_CLEAN_INTERVAL,
625 SAMPLEHOLD_PERCENTAGE, SAMPLEHOLD_OVERFACTOR, &ident->common);
627 ident->table_sample_function =
628 (int (*)(void *, const key_flow *)) sampled_table_sample;
629 ident->table_cleanup_function =
630 (int (*)(void *)) sampled_table_cleanup;
631 ident->table_update_function =
632 (void (*)(void *, struct timeval, double)) sampled_table_update_flows;
633 ident->table_destroy_function =
634 (void (*)(void *)) sampled_table_destroy;
638 ident->table = simple_table_create(&ident->common);
640 ident->table_sample_function =
641 (int (*)(void *, const key_flow *)) simple_table_sample;
642 ident->table_cleanup_function =
643 (int (*)(void *)) simple_table_cleanup;
644 ident->table_update_function =
645 (void (*)(void *, struct timeval, double)) simple_table_update_flows;
646 ident->table_destroy_function =
647 (void (*)(void *)) simple_table_destroy;
651 #ifdef SHADOW_ACCTING
653 ident->shadow_table = standard_table_create(standard_hasher, &ident->shadow_common);
655 if (ident->shadow_table == NULL) {
656 ident->table_destroy_function(ident->table);
663 /* Make sure the table was allocated. */
664 if (ident->table == NULL) {
670 comm_nodes[peer_slot].addr = peer->ip;
671 comm_nodes[peer_slot].port = htons(LIMITER_LISTEN_PORT);
676 if (new_comm(&ident->comm, config, comm_nodes)) {
677 printlog(LOG_CRITICAL, "Failed to create communication structure.\n");
681 ident->comm.remote_nodes = comm_nodes;
686 /* Determines the validity of the parameters of one ident_config.
691 static int validate_config(ident_config *config) {
692 /* Limit must be a positive integer. */
693 if (config->limit < 1) {
697 /* Commfabric must be a valid choice (COMM_MESH or COMM_GOSSIP). */
698 if (config->commfabric != COMM_MESH &&
699 config->commfabric != COMM_GOSSIP) {
703 /* If commfabric is COMM_GOSSIP, this must be a positive integer. */
704 if (config->commfabric == COMM_GOSSIP && config->branch < 1) {
708 /* Accounting must be a valid choice (ACT_STANDARD, ACT_SAMPLEHOLD,
709 * ACT_SIMPLE, ACT_MULTIPLE). */
710 if (config->accounting != ACT_STANDARD &&
711 config->accounting != ACT_SAMPLEHOLD &&
712 config->accounting != ACT_SIMPLE &&
713 config->accounting != ACT_MULTIPLE) {
717 /* Ewma weight must be greater than or equal to zero. */
718 if (config->fixed_ewma_weight < 0) {
722 /* Note: Parsing stage requires that each ident has at least one peer. */
729 static int validate_configs(parsed_configs configs, drl_instance_t *instance) {
731 ident_config *mlist = configs.machines;
732 ident_config *slist = configs.sets;
733 ident_config *tmp = NULL;
737 /* ID must be non-zero and unique. */
738 /* This is ugly and hackish, but this function will be called rarely.
739 * I'm tired of trying to be clever. */
741 printlog(LOG_CRITICAL, "Negative ident id: %d (%x) ?\n", mlist->id, mlist->id);
746 if (mlist->id == tmp->id) {
747 printlog(LOG_CRITICAL, "Duplicate ident id: %d (%x)\n", mlist->id, mlist->id);
754 if (mlist->id == tmp->id) {
755 printlog(LOG_CRITICAL, "Duplicate ident id: %d (%x)\n", mlist->id, mlist->id);
761 if (validate_config(mlist)) {
762 printlog(LOG_CRITICAL, "Invalid ident parameters for id: %d (%x)\n", mlist->id, mlist->id);
769 instance->sets = malloc(configs.set_count * sizeof(identity_t *));
770 if (instance->sets == NULL) {
774 memset(instance->sets, 0, configs.set_count * sizeof(identity_t *));
775 instance->set_count = configs.set_count;
777 /* For sets, make sure that the hierarchy is valid. */
779 ident_member *members = slist->members;
781 /* ID must be non-zero and unique. */
783 printlog(LOG_CRITICAL, "Negative ident id: %d (%x) ?\n", slist->id, slist->id);
788 if (slist->id == tmp->id) {
789 printlog(LOG_CRITICAL, "Duplicate ident id: %d (%x)\n", slist->id, slist->id);
795 if (validate_config(slist)) {
796 printlog(LOG_CRITICAL, "Invalid ident parameters for id: %d (%x)\n", slist->id, slist->id);
800 /* Allocate an identity_t for this set-type identity. */
801 instance->sets[i] = new_identity(slist);
803 if (instance->sets[i] == NULL) {
807 /* Loop through children and look up each in leaf or ident map
808 * depending on the type of child. Set the child's parent pointer
809 * to the identity we just created above, unless it is already set,
810 * in which case we have an error. */
812 identity_t *child_ident = NULL;
813 leaf_t *child_leaf = NULL;
815 switch (members->type) {
817 child_leaf = map_search(instance->leaf_map, &members->value,
818 sizeof(members->value));
819 if (child_leaf == NULL) {
822 if (child_leaf->parent != NULL) {
823 /* Error - This leaf already has a parent. */
826 child_leaf->parent = instance->sets[i];
829 child_ident = map_search(instance->ident_map, &members->value,
830 sizeof(members->value));
831 if (child_ident == NULL) {
834 if (child_ident->parent != NULL) {
835 /* Error - This identity already has a parent. */
838 child_ident->parent = instance->sets[i];
841 /* Error - shouldn't be possible. */
844 members = members->next;
847 map_insert(instance->ident_map, &instance->sets[i]->id,
848 sizeof(instance->sets[i]->id), instance->sets[i]);
856 static int fill_set_leaf_pointer(drl_instance_t *instance, identity_t *ident) {
858 identity_t *current_ident;
859 leaf_t *current_leaf;
860 leaf_t **leaves = malloc(instance->leaf_count * sizeof(leaf_t *));
861 if (leaves == NULL) {
865 map_reset_iterate(instance->leaf_map);
866 while ((current_leaf = (leaf_t *) map_next(instance->leaf_map))) {
867 current_ident = current_leaf->parent;
868 while (current_ident != NULL && current_ident != instance->last_machine) {
869 if (current_ident == ident) {
870 /* Found the ident we were looking for - add the leaf. */
871 leaves[count] = current_leaf;
875 current_ident = current_ident->parent;
879 ident->leaves = leaves;
880 ident->leaf_count = count;
885 static int init_identities(parsed_configs configs, drl_instance_t *instance) {
887 ident_config *config = configs.machines;
890 instance->cal = malloc(sizeof(struct ident_calendar) * SCHEDLEN);
892 if (instance->cal == NULL) {
896 for (i = 0; i < SCHEDLEN; ++i) {
897 TAILQ_INIT(instance->cal + i);
899 instance->cal_slot = 0;
901 instance->machines = malloc(configs.machine_count * sizeof(drl_instance_t *));
903 if (instance->machines == NULL) {
907 memset(instance->machines, 0, configs.machine_count * sizeof(drl_instance_t *));
908 instance->machine_count = configs.machine_count;
910 /* Allocate and add the machine identities. */
911 for (i = 0; i < configs.machine_count; ++i) {
912 identity_action *loop_action;
913 identity_action *comm_action;
914 instance->machines[i] = new_identity(config);
916 if (instance->machines[i] == NULL) {
920 loop_action = malloc(sizeof(identity_action));
921 comm_action = malloc(sizeof(identity_action));
923 if (loop_action == NULL || comm_action == NULL) {
927 /* The first has no parent - it is the root. All others have the
928 * previous ident as their parent. */
930 instance->machines[i]->parent = NULL;
932 instance->machines[i]->parent = instance->machines[i - 1];
935 instance->last_machine = instance->machines[i];
937 /* Add the ident to the guid->ident map. */
938 map_insert(instance->ident_map, &instance->machines[i]->id,
939 sizeof(instance->machines[i]->id), instance->machines[i]);
941 config = config->next;
943 memset(loop_action, 0, sizeof(identity_action));
944 memset(comm_action, 0, sizeof(identity_action));
945 loop_action->ident = instance->machines[i];
946 loop_action->action = ACTION_MAINLOOP;
947 loop_action->valid = 1;
948 comm_action->ident = instance->machines[i];
949 comm_action->action = ACTION_COMMUNICATE;
950 comm_action->valid = 1;
952 instance->machines[i]->loop_action = loop_action;
953 instance->machines[i]->comm_action = comm_action;
955 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
956 loop_action, calendar);
958 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
959 comm_action, calendar);
961 /* Setup the array of pointers to leaves. This is easy for machines
962 * because a machine node applies to every leaf. */
963 instance->machines[i]->leaves =
964 malloc(instance->leaf_count * sizeof(leaf_t *));
965 if (instance->machines[i]->leaves == NULL) {
968 instance->machines[i]->leaf_count = instance->leaf_count;
969 for (j = 0; j < instance->leaf_count; ++j) {
970 instance->machines[i]->leaves[j] = &instance->leaves[j];
974 /* Connect the set subtree to the machines. Any set or leaf without a
975 * parent will take the last machine as its parent. */
978 map_reset_iterate(instance->leaf_map);
979 while ((leaf = (leaf_t *) map_next(instance->leaf_map))) {
980 if (leaf->parent == NULL) {
981 leaf->parent = instance->last_machine;
986 for (i = 0; i < instance->set_count; ++i) {
987 identity_action *loop_action;
988 identity_action *comm_action;
990 if (instance->sets[i]->parent == NULL) {
991 instance->sets[i]->parent = instance->last_machine;
994 loop_action = malloc(sizeof(identity_action));
995 comm_action = malloc(sizeof(identity_action));
997 if (loop_action == NULL || comm_action == NULL) {
1001 memset(loop_action, 0, sizeof(identity_action));
1002 memset(comm_action, 0, sizeof(identity_action));
1003 loop_action->ident = instance->sets[i];
1004 loop_action->action = ACTION_MAINLOOP;
1005 loop_action->valid = 1;
1006 comm_action->ident = instance->sets[i];
1007 comm_action->action = ACTION_COMMUNICATE;
1008 comm_action->valid = 1;
1010 instance->sets[i]->loop_action = loop_action;
1011 instance->sets[i]->comm_action = comm_action;
1013 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
1014 loop_action, calendar);
1016 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
1017 comm_action, calendar);
1019 /* Setup the array of pointers to leaves. This is harder for sets,
1020 * but this doesn't need to be super-efficient because it happens
1021 * rarely and it isn't on the critical path for reconfig(). */
1022 if (fill_set_leaf_pointer(instance, instance->sets[i])) {
1031 static void print_instance(drl_instance_t *instance) {
1032 leaf_t *leaf = NULL;
1033 identity_t *ident = NULL;
1035 if (system_loglevel == LOG_DEBUG) {
1036 map_reset_iterate(instance->leaf_map);
1037 while ((leaf = (leaf_t *) map_next(instance->leaf_map))) {
1038 printf("%x:", leaf->xid);
1039 ident = leaf->parent;
1041 printf("%d:",ident->id);
1042 ident = ident->parent;
1044 printf("Leaf's parent pointer is %p\n", leaf->parent);
1047 printf("instance->last_machine is %p\n", instance->last_machine);
1051 static int assign_htb_hierarchy(drl_instance_t *instance) {
1053 int next_node = 0x100;
1055 /* Chain machine nodes under 1:10. */
1056 for (i = 0; i < instance->machine_count; ++i) {
1057 if (instance->machines[i]->parent == NULL) {
1059 instance->machines[i]->htb_parent = 0x10;
1062 instance->machines[i]->htb_parent =
1063 instance->machines[i]->parent->htb_node;
1066 instance->machines[i]->htb_node = next_node;
1072 /* Add set nodes under machine nodes. Iterate backwards to ensure parent is
1074 for (j = (instance->set_count - 1); j >= 0; --j) {
1075 if (instance->sets[j]->parent == NULL) {
1076 instance->sets[j]->htb_parent = 0x10;
1078 instance->sets[j]->htb_parent = instance->sets[j]->parent->htb_node;
1080 instance->sets[j]->htb_node = next_node;
1088 /* Added this so that I could comment one line and kill off all of the
1089 * command execution. */
1090 static inline int execute_cmd(const char *cmd) {
1094 static inline int add_htb_node(const char *iface, const uint32_t parent_major, const uint32_t parent_minor,
1095 const uint32_t classid_major, const uint32_t classid_minor,
1096 const uint64_t rate, const uint64_t ceil) {
1099 sprintf(cmd, "tc class add dev %s parent %x:%x classid %x:%x htb rate %llubit ceil %llubit",
1100 iface, parent_major, parent_minor, classid_major, classid_minor, rate, ceil);
1101 printlog(LOG_WARN, "INIT: HTB_cmd: %s\n", cmd);
1103 return execute_cmd(cmd);
1106 static inline int add_htb_netem(const char *iface, const uint32_t parent_major,
1107 const uint32_t parent_minor, const uint32_t handle,
1108 const int loss, const int delay) {
1111 sprintf(cmd, "/sbin/tc qdisc del dev %s parent %x:%x handle %x pfifo", iface, parent_major,
1112 parent_minor, handle);
1113 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1114 if (execute_cmd(cmd))
1115 printlog(LOG_DEBUG, "HTB_cmd: Previous deletion did not succeed.\n");
1117 sprintf(cmd, "/sbin/tc qdisc replace dev %s parent %x:%x handle %x netem loss %d%% delay %dms",
1118 iface, parent_major, parent_minor, handle, loss, delay);
1119 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1120 return execute_cmd(cmd);
1123 static int create_htb_hierarchy(drl_instance_t *instance) {
1126 uint64_t gigabit = 1024 * 1024 * 1024;
1128 /* Nuke the hierarchy. */
1129 sprintf(cmd, "tc qdisc del dev eth0 root handle 1: htb");
1131 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1133 /* Re-initialize the basics. */
1134 sprintf(cmd, "tc qdisc add dev eth0 root handle 1: htb default 1fff");
1135 if (execute_cmd(cmd)) {
1138 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1140 if (add_htb_node("eth0", 1, 0, 1, 1, gigabit, gigabit))
1143 /* Add back 1:10. (Nodelimit : kilobits/sec -> bits/second)*/
1144 if (limiter.nodelimit) {
1145 if (add_htb_node("eth0", 1, 1, 1, 0x10, 8, (uint64_t) limiter.nodelimit * 1024))
1148 if (add_htb_node("eth0", 1, 1, 1, 0x10, 8, gigabit))
1153 for (i = 0; i < instance->machine_count; ++i) {
1154 if (add_htb_node("eth0", 1, instance->machines[i]->htb_parent, 1,
1155 instance->machines[i]->htb_node, 8, instance->machines[i]->limit * 1024)) {
1162 /* Add back 1:20. */
1164 if (instance->last_machine == NULL) {
1165 sprintf(cmd, "/sbin/tc class add dev eth0 parent 1:1 classid 1:20 htb rate 8bit ceil 1000mbit");
1167 sprintf(cmd, "/sbin/tc class add dev eth0 parent 1:%x classid 1:20 htb rate 8bit ceil 1000mbit",
1168 instance->last_machine->htb_node);
1171 sprintf(cmd, "/sbin/tc class add dev eth0 parent 1:1 classid 1:20 htb rate 8bit ceil 1000mbit");
1174 if (execute_cmd(cmd)) {
1177 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1180 for (j = (instance->set_count - 1); j >= 0; --j) {
1181 if (add_htb_node("eth0", 1, instance->sets[j]->htb_parent, 1,
1182 instance->sets[j]->htb_node, 8, instance->sets[j]->limit * 1024)) {
1187 /* Add leaves. FIXME: Set static sliver limit as ceil here! */
1188 for (k = 0; k < instance->leaf_count; ++k) {
1189 if (instance->leaves[k].parent == NULL) {
1190 if (add_htb_node("eth0", 1, 0x10, 1, (0x1000 | instance->leaves[k].xid), 8, gigabit))
1193 if (add_htb_node("eth0", 1, instance->leaves[k].parent->htb_node, 1, (0x1000 | instance->leaves[k].xid), 8, gigabit))
1197 /* Add exempt node for the leaf under 1:20 as 1:2<xid> */
1198 if (add_htb_node("eth0", 1, 0x20, 1, (0x2000 | instance->leaves[k].xid), 8, gigabit))
1202 /* Add 1:1000 and 1:2000 */
1203 if (instance->last_machine == NULL) {
1204 if (add_htb_node("eth0", 1, 0x10, 1, 0x1000, 8, gigabit))
1207 if (add_htb_node("eth0", 1, instance->last_machine->htb_node, 1, 0x1000, 8, gigabit))
1211 if (add_htb_node("eth0", 1, 0x20, 1, 0x2000, 8, gigabit))
1214 /* Add 1:1fff and 1:2fff */
1215 if (instance->last_machine == NULL) {
1216 if (add_htb_node("eth0", 1, 0x10, 1, 0x1fff, 8, gigabit))
1219 if (add_htb_node("eth0", 1, instance->last_machine->htb_node, 1, 0x1fff, 8, gigabit))
1223 if (add_htb_node("eth0", 1, 0x20, 1, 0x2fff, 8, gigabit))
1226 /* Artifical delay or loss for experimentation. */
1227 if (netem_delay.u.value || netem_loss.u.value) {
1228 if (!strcmp(netem_slice.u.string, "ALL")) {
1229 /* By default, netem applies to all leaves. */
1230 if (add_htb_netem("eth0", 1, 0x1000, 0x1000, netem_loss.u.value, netem_delay.u.value))
1232 if (add_htb_netem("eth0", 1, 0x1fff, 0x1fff, netem_loss.u.value, netem_delay.u.value))
1235 for (k = 0; k < instance->leaf_count; ++k) {
1236 if (add_htb_netem("eth0", 1, (0x1000 | instance->leaves[k].xid),
1237 (0x1000 | instance->leaves[k].xid), netem_loss.u.value, netem_delay.u.value)) {
1241 //FIXME: add exempt delay/loss here on 0x2000 ... ?
1244 /* netem_slice is not the default ALL value. Only apply netem
1245 * to the slice that is set in netem_slice.u.string. */
1248 sscanf(netem_slice.u.string, "%x", &slice_xid);
1250 if (add_htb_netem("eth0", 1, slice_xid, slice_xid, netem_loss.u.value, netem_delay.u.value))
1257 /* Only for artificial delay testing. */
1258 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:1000 handle 1000 pfifo");
1261 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1000 handle 1000 netem loss 0 delay 40ms");
1263 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:11f9 handle 11f9 pfifo");
1266 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:11f9 handle 11f9 netem loss 0 delay 40ms");
1268 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:11fa handle 11fa pfifo");
1271 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:11fa handle 11fa netem loss 0 delay 40ms");
1273 /* End delay testing */
1280 static int setup_tc_grd(drl_instance_t *instance) {
1284 for (i = 0; i < instance->leaf_count; ++i) {
1285 /* Delete the old pfifo qdisc that might have been there before. */
1286 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:1%x handle 1%x pfifo",
1287 instance->leaves[i].xid, instance->leaves[i].xid);
1289 if (execute_cmd(cmd)) {
1290 printlog(LOG_DEBUG, "GRD: pfifo qdisc wasn't there!\n");
1293 /* Add the netem qdisc. */
1295 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1%x handle 1%x netem loss 0 delay 40ms",
1296 instance->leaves[i].xid, instance->leaves[i].xid);
1298 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1%x handle 1%x netem loss 0 delay 0ms",
1299 instance->leaves[i].xid, instance->leaves[i].xid);
1302 if (execute_cmd(cmd)) {
1307 /* Do the same for 1000 and 1fff. */
1308 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:1000 handle 1000 pfifo");
1310 if (execute_cmd(cmd)) {
1311 printlog(LOG_DEBUG, "GRD: pfifo qdisc wasn't there!\n");
1314 /* Add the netem qdisc. */
1316 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1000 handle 1000 netem loss 0 delay 40ms");
1318 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1000 handle 1000 netem loss 0 delay 0ms");
1321 if (execute_cmd(cmd)) {
1325 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:1fff handle 1fff pfifo");
1327 if (execute_cmd(cmd)) {
1328 printlog(LOG_DEBUG, "GRD: pfifo qdisc wasn't there!\n");
1331 /* Add the netem qdisc. */
1333 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1fff handle 1fff netem loss 0 delay 40ms");
1335 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1fff handle 1fff netem loss 0 delay 0ms");
1338 if (execute_cmd(cmd)) {
1347 * Initialize this limiter with options
1348 * Open UDP socket for peer communication
1350 static int init_drl(void) {
1351 parsed_configs configs;
1352 struct sockaddr_in server_address;
1354 memset(&limiter, 0, sizeof(limiter_t));
1356 /* Setup logging. */
1357 system_loglevel = (uint8_t) drl_loglevel.u.value;
1358 logfile = fopen(drl_logfile.u.string, "w");
1360 if (logfile == NULL) {
1361 printf("Couldn't open logfile - ");
1366 printlog(LOG_CRITICAL, "ulogd_DRL initializing . . .\n");
1368 limiter.nodelimit = (uint32_t) (((double) nodelimit.u.value * 1000000.0) / 8.0);
1370 init_hashing(); /* for all hash maps */
1372 pthread_rwlock_init(&limiter.limiter_lock,NULL);
1374 /* determine our local IP by iterating through interfaces */
1375 if ((limiter.ip = get_local_ip())==0) {
1376 printlog(LOG_CRITICAL,
1377 "ulogd_DRL unable to aquire local IP address, not registering.\n");
1380 limiter.localaddr = inet_addr(limiter.ip);
1381 limiter.port = htons(LIMITER_LISTEN_PORT);
1382 limiter.udp_socket = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
1383 if (limiter.udp_socket < 0) {
1384 printlog(LOG_CRITICAL, "Failed to create UDP socket().\n");
1388 memset(&server_address, 0, sizeof(server_address));
1389 server_address.sin_family = AF_INET;
1390 server_address.sin_addr.s_addr = limiter.localaddr;
1391 server_address.sin_port = limiter.port;
1393 if (bind(limiter.udp_socket, (struct sockaddr *) &server_address, sizeof(server_address)) < 0) {
1394 printlog(LOG_CRITICAL, "Failed to bind UDP socket.\n");
1398 printlog(LOG_WARN, " POLICY: %s\n",policy.u.string);
1399 if (strcasecmp(policy.u.string,"GRD") == 0) {
1400 limiter.policy = POLICY_GRD;
1401 } else if (strcasecmp(policy.u.string,"FPS") == 0) {
1402 limiter.policy = POLICY_FPS;
1404 printlog(LOG_CRITICAL,
1405 "Unknown DRL policy %s, aborting.\n",policy.u.string);
1409 limiter.estintms = estintms.u.value;
1410 if (limiter.estintms > 1000) {
1411 printlog(LOG_CRITICAL,
1412 "DRL: sorry estimate intervals must be less than 1 second.");
1413 printlog(LOG_CRITICAL,
1414 " Simple source mods will allow larger intervals. Using 1 second.\n");
1415 limiter.estintms = 1000;
1417 printlog(LOG_WARN, " Est interval: %dms\n",limiter.estintms);
1419 /* Acquire the big limiter lock for writing. Prevents pretty much
1420 * anything else from happening while the hierarchy is being changed. */
1421 pthread_rwlock_wrlock(&limiter.limiter_lock);
1423 limiter.stable_instance.ident_map = allocate_map();
1424 if (limiter.stable_instance.ident_map == NULL) {
1425 printlog(LOG_CRITICAL, "Failed to allocate memory for identity map.\n");
1429 if (get_eligible_leaves(&limiter.stable_instance)) {
1430 printlog(LOG_CRITICAL, "Failed to read eligigle leaves.\n");
1434 if (parse_drl_config(drl_configfile.u.string, &configs)) {
1435 /* Parse error occured. Return non-zero to notify init_drl(). */
1436 printlog(LOG_CRITICAL, "Failed to parse the DRL configuration file (%s).\n",
1437 drl_configfile.u.string);
1441 /* Validate identity hierarchy! */
1442 if (validate_configs(configs, &limiter.stable_instance)) {
1443 /* Clean up everything. */
1444 free_failed_config(configs, &limiter.stable_instance);
1445 printlog(LOG_CRITICAL, "Invalid DRL configuration file (%s).\n",
1446 drl_configfile.u.string);
1450 if (init_identities(configs, &limiter.stable_instance)) {
1451 free_failed_config(configs, &limiter.stable_instance);
1452 printlog(LOG_CRITICAL, "Failed to initialize identities.\n");
1456 /* At this point, we should be done with configs. */
1457 free_ident_list(configs.machines);
1458 free_ident_list(configs.sets);
1460 /* Debugging - FIXME: remove this? */
1461 print_instance(&limiter.stable_instance);
1463 switch (limiter.policy) {
1465 if (assign_htb_hierarchy(&limiter.stable_instance)) {
1466 free_instance(&limiter.stable_instance);
1467 printlog(LOG_CRITICAL, "Failed to assign HTB hierarchy.\n");
1471 if (create_htb_hierarchy(&limiter.stable_instance)) {
1472 free_instance(&limiter.stable_instance);
1473 printlog(LOG_CRITICAL, "Failed to create HTB hierarchy.\n");
1479 if (setup_tc_grd(&limiter.stable_instance)) {
1480 free_instance(&limiter.stable_instance);
1481 printlog(LOG_CRITICAL, "Failed to initialize tc calls for GRD.\n");
1490 partition_set = partition.u.value;
1492 pthread_rwlock_unlock(&limiter.limiter_lock);
1494 if (pthread_create(&limiter.udp_recv_thread, NULL, limiter_receive_thread, NULL)) {
1495 printlog(LOG_CRITICAL, "Unable to start UDP receive thread.\n");
1499 printlog(LOG_WARN, "ulogd_DRL init finished.\n");
1504 static void reconfig() {
1505 parsed_configs configs;
1507 printlog(LOG_DEBUG, "--Starting reconfig()--\n");
1510 memset(&configs, 0, sizeof(parsed_configs));
1511 memset(&limiter.new_instance, 0, sizeof(drl_instance_t));
1513 limiter.new_instance.ident_map = allocate_map();
1514 if (limiter.new_instance.ident_map == NULL) {
1515 printlog(LOG_CRITICAL, "Failed to allocate ident_map during reconfig().\n");
1519 if (get_eligible_leaves(&limiter.new_instance)) {
1520 free_failed_config(configs, &limiter.new_instance);
1521 printlog(LOG_CRITICAL, "Failed to read leaves during reconfig().\n");
1525 if (parse_drl_config(drl_configfile.u.string, &configs)) {
1526 free_failed_config(configs, &limiter.new_instance);
1527 printlog(LOG_CRITICAL, "Failed to parse config during reconfig().\n");
1531 if (validate_configs(configs, &limiter.new_instance)) {
1532 free_failed_config(configs, &limiter.new_instance);
1533 printlog(LOG_CRITICAL, "Validation failed during reconfig().\n");
1534 pthread_rwlock_unlock(&limiter.limiter_lock);
1538 if (init_identities(configs, &limiter.new_instance)) {
1539 free_failed_config(configs, &limiter.new_instance);
1540 printlog(LOG_CRITICAL, "Initialization failed during reconfig().\n");
1541 pthread_rwlock_unlock(&limiter.limiter_lock);
1545 free_ident_list(configs.machines);
1546 free_ident_list(configs.sets);
1548 /* Debugging - FIXME: remove this? */
1549 print_instance(&limiter.new_instance);
1552 pthread_rwlock_wrlock(&limiter.limiter_lock);
1554 switch (limiter.policy) {
1556 if (assign_htb_hierarchy(&limiter.new_instance)) {
1557 free_instance(&limiter.new_instance);
1558 printlog(LOG_CRITICAL, "Failed to assign HTB hierarchy during reconfig().\n");
1559 pthread_rwlock_unlock(&limiter.limiter_lock);
1563 if (create_htb_hierarchy(&limiter.new_instance)) {
1564 free_instance(&limiter.new_instance);
1565 printlog(LOG_CRITICAL, "Failed to create HTB hierarchy during reconfig().\n");
1567 /* Re-create old instance. */
1568 if (create_htb_hierarchy(&limiter.stable_instance)) {
1569 /* Error reinstating the old one - big problem. */
1570 printlog(LOG_CRITICAL, "Failed to reinstate HTB hierarchy during reconfig().\n");
1571 printlog(LOG_CRITICAL, "Giving up...\n");
1576 pthread_rwlock_unlock(&limiter.limiter_lock);
1582 if (setup_tc_grd(&limiter.new_instance)) {
1583 free_instance(&limiter.new_instance);
1584 printlog(LOG_CRITICAL, "GRD tc calls failed during reconfig().\n");
1586 /* Try to re-create old instance. */
1587 if (setup_tc_grd(&limiter.stable_instance)) {
1588 printlog(LOG_CRITICAL, "Failed to reinstate old GRD qdiscs during reconfig().\n");
1589 printlog(LOG_CRITICAL, "Giving up...\n");
1597 /* Should be impossible. */
1598 printf("Pigs are flying?\n");
1602 /* Switch over new to stable instance. */
1603 free_instance(&limiter.stable_instance);
1604 memcpy(&limiter.stable_instance, &limiter.new_instance, sizeof(drl_instance_t));
1606 /* Success! - Unlock */
1607 pthread_rwlock_unlock(&limiter.limiter_lock);
1610 static ulog_output_t drl_op = {
1612 .output = &_output_drl,
1613 .signal = NULL, /* This appears to be broken. Using my own handler. */
1618 /* Tests the amount of time it takes to call reconfig(). */
1619 static void time_reconfig(int iterations) {
1620 struct timeval start, end;
1623 gettimeofday(&start, NULL);
1624 for (i = 0; i < iterations; ++i) {
1627 gettimeofday(&end, NULL);
1629 printf("%d reconfigs() took %d seconds and %d microseconds.\n",
1630 iterations, end.tv_sec - start.tv_sec, end.tv_usec - start.tv_usec);
1633 // Seems to take about 85ms / iteration
1636 static int stop_enforcement(drl_instance_t *instance) {
1640 for (i = 0; i < instance->machine_count; ++i) {
1641 sprintf(cmd, "/sbin/tc class change dev eth0 parent 1:%x classid 1:%x htb rate 8bit ceil 100mbit",
1642 instance->machines[i]->htb_parent,
1643 instance->machines[i]->htb_node);
1645 if (execute_cmd(cmd)) {
1650 for (i = 0; i < instance->set_count; ++i) {
1651 sprintf(cmd, "/sbin/tc class change dev eth0 parent 1:%x classid 1:%x htb rate 8bit ceil 100mbit",
1652 instance->sets[i]->htb_parent,
1653 instance->sets[i]->htb_node);
1655 if (execute_cmd(cmd)) {
1663 static void *signal_thread_func(void *args) {
1669 sigaddset(&sigs, SIGHUP);
1670 sigaddset(&sigs, SIGUSR1);
1671 sigaddset(&sigs, SIGUSR2);
1672 pthread_sigmask(SIG_BLOCK, &sigs, NULL);
1676 sigaddset(&sigs, SIGHUP);
1677 sigaddset(&sigs, SIGUSR1);
1678 sigaddset(&sigs, SIGUSR2);
1680 err = sigwait(&sigs, &sig);
1683 printlog(LOG_CRITICAL, "sigwait() returned an error.\n");
1689 printlog(LOG_WARN, "Caught SIGHUP - re-reading XML file.\n");
1691 //time_reconfig(1000); /* instrumentation */
1695 pthread_rwlock_wrlock(&limiter.limiter_lock);
1696 if (do_enforcement) {
1698 stop_enforcement(&limiter.stable_instance);
1699 printlog(LOG_CRITICAL, "--Switching enforcement off.--\n");
1702 printlog(LOG_CRITICAL, "--Switching enforcement on.--\n");
1704 pthread_rwlock_unlock(&limiter.limiter_lock);
1707 do_partition = !do_partition;
1710 /* Intentionally blank. */
1717 /* register output plugin with ulogd */
1718 static void _drl_reg_op(void)
1720 ulog_output_t *op = &drl_op;
1721 sigset_t signal_mask;
1723 sigemptyset(&signal_mask);
1724 sigaddset(&signal_mask, SIGHUP);
1725 sigaddset(&signal_mask, SIGUSR1);
1726 sigaddset(&signal_mask, SIGUSR2);
1727 pthread_sigmask(SIG_BLOCK, &signal_mask, NULL);
1729 if (pthread_create(&signal_thread, NULL, &signal_thread_func, NULL) != 0) {
1730 printlog(LOG_CRITICAL, "Failed to create signal handling thread.\n");
1731 fprintf(stderr, "An error has occured starting ulogd_DRL. Refer to your logfile (%s) for additional information.\n", drl_logfile.u.string);
1737 printlog(LOG_CRITICAL, "Init failed. :(\n");
1738 fprintf(stderr, "An error has occured starting ulogd_DRL. Refer to your logfile (%s) for additional information.\n", drl_logfile.u.string);
1743 register_output(op);
1745 /* start up the thread that will periodically estimate the
1746 * local rate and set the local limits
1749 if (pthread_create(&estimate_thread, NULL, (void*(*)(void*)) &handle_estimation, &limiter)!=0) {
1750 printlog(LOG_CRITICAL, "Couldn't start estimate thread.\n");
1751 fprintf(stderr, "An error has occured starting ulogd_DRL. Refer to your logfile (%s) for additional information.\n", drl_logfile.u.string);
1758 /* have the opts parsed */
1759 config_parse_file("DRL", config_entries);
1762 ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
1766 /* Seed the hash function */
1767 salt = getpid() ^ time(NULL);