1 /* See the DRL-LICENSE file for this file's software license. */
4 * ulogd output target for DRL: GRD and FPS
6 * Ken Yocum <kyocum@cs.ucsd.edu>
8 * Original shell of this code from ulogd_NETFLOW
9 * Like that code, we keep track of per-slice data rates
10 * out of this slice. Thus we are rate limiting particular slices
11 * across multiple boxes, ensuring that their outbound rate does not
12 * exceed some fixed limit.
16 * Enforcer: linux drop percentage.
18 * This file reads packets from the netlink socket. It updates all
19 * the hashmaps which track how much data has arrived per flow.
20 * It starts two threads for this limiter.
21 * One thread handles periodic estimation.
22 * The other thread handles communication with other limiters.
27 * ulogd_DRL: attach to netlink socket, accept packets. replaces ratelimit.cc
28 * util.c: generic hashing functions, flow comparisons, sundry items.
29 * gossip.c: Recv gossip, send gossip.
30 * peer_comm.c: Thread to listen for updates from other limiters.
31 * estimate.c: Thread to calculate the local limits.
34 * Ken Yocum <kyocum@cs.ucsd.edu>
37 * Some code appropriated from ulogd_NETFLOW:
39 * Mark Huang <mlhuang@cs.princeton.edu>
40 * Copyright (C) 2004-2005 The Trustees of Princeton University
42 * Based on admindump.pl by Mic Bowman and Paul Brett
43 * Copyright (c) 2002 Intel Corporation
47 /* Enable GNU glibc extensions */
53 /* va_start() and friends */
59 /* strstr() and friends */
62 /* dirname() and basename() */
65 /* fork() and wait() */
66 #include <sys/types.h>
70 /* errno and assert() */
77 /* time() and friends */
82 #include <sys/socket.h>
83 #include <netinet/in.h>
84 #include <arpa/inet.h>
86 /* ICMP definitions */
87 #include <netinet/ip.h>
88 #include <netinet/ip_icmp.h>
93 /* pthread_create() */
99 /* Signal definitions - so that we can catch SIGHUP and update config. */
102 #include <ulogd/ulogd.h>
103 #include <ulogd/conffile.h>
105 /* Perhaps useful for files within vservers? */
106 #if !defined(STANDALONE) && HAVE_LIBPROPER
107 #include <proper/prop.h>
111 * Jenkins hash support
112 * lives in raterouter.h
116 #include "raterouter.h"
118 #include "ratetypes.h" /* needs util and pthread.h */
119 #include "calendar.h"
123 * /etc/ulogd.conf configuration options
124 * Add the config options for DRL.
127 static config_entry_t enforce_on = {
130 .type = CONFIG_TYPE_INT,
131 .options = CONFIG_OPT_NONE,
135 static config_entry_t partition = {
137 .key = "partition_set",
138 .type = CONFIG_TYPE_INT,
139 .options = CONFIG_OPT_NONE,
140 .u = { .value = 0xfffffff },
143 static config_entry_t netem_slice = {
145 .key = "netem_slice",
146 .type = CONFIG_TYPE_STRING,
147 .options = CONFIG_OPT_NONE,
148 .u = { .string = "ALL" },
151 static config_entry_t netem_loss = {
152 .next = &netem_slice,
154 .type = CONFIG_TYPE_INT,
155 .options = CONFIG_OPT_NONE,
159 static config_entry_t netem_delay = {
161 .key = "netem_delay",
162 .type = CONFIG_TYPE_INT,
163 .options = CONFIG_OPT_NONE,
167 static config_entry_t drl_configfile = {
168 .next = &netem_delay,
169 .key = "drl_configfile",
170 .type = CONFIG_TYPE_STRING,
171 .options = CONFIG_OPT_MANDATORY,
172 .u = { .string = "drl.xml" },
175 /** The administrative bandwidth limit (mbps) for the local node. The node
176 * will not set a limit higher than this, even when distributed capacity is
177 * available. Set to 0 for no limit. */
178 static config_entry_t nodelimit = {
179 .next = &drl_configfile,
181 .type = CONFIG_TYPE_INT,
182 .options = CONFIG_OPT_MANDATORY,
186 /** Determines the verbosity of logging. */
187 static config_entry_t drl_loglevel = {
189 .key = "drl_loglevel",
190 .type = CONFIG_TYPE_INT,
191 .options = CONFIG_OPT_MANDATORY,
192 .u = { .value = LOG_WARN },
195 /** The path of the logfile. */
196 static config_entry_t drl_logfile = {
197 .next = &drl_loglevel,
198 .key = "drl_logfile",
199 .type = CONFIG_TYPE_STRING,
200 .options = CONFIG_OPT_MANDATORY,
201 .u = { .string = "drl_logfile.log" },
204 /** The choice of DRL protocol. */
205 static config_entry_t policy = {
206 .next = &drl_logfile,
208 .type = CONFIG_TYPE_STRING,
209 .options = CONFIG_OPT_MANDATORY,
210 .u = { .string = "GRD" },
213 /** The estimate interval, in milliseconds. */
214 static config_entry_t estintms = {
217 .type = CONFIG_TYPE_INT,
218 .options = CONFIG_OPT_MANDATORY,
219 .u = { .value = 100 },
222 #define config_entries (&estintms)
225 * Debug functionality
232 #define NIPQUAD(addr) \
233 ((unsigned char *)&addr)[0], \
234 ((unsigned char *)&addr)[1], \
235 ((unsigned char *)&addr)[2], \
236 ((unsigned char *)&addr)[3]
238 #define IPQUAD(addr) \
239 ((unsigned char *)&addr)[3], \
240 ((unsigned char *)&addr)[2], \
241 ((unsigned char *)&addr)[1], \
242 ((unsigned char *)&addr)[0]
246 /* Salt for the hash functions */
250 * Hash slice name lookups on context ID.
253 /* Special context IDs */
254 #define UNKNOWN_XID -1
258 CONNECTION_REFUSED_XID = 65536, /* MAX_S_CONTEXT + 1 */
265 pthread_t estimate_thread;
266 pthread_t signal_thread;
267 pthread_t comm_thread;
268 uint32_t local_ip = 0;
270 extern FILE *logfile;
271 extern uint8_t system_loglevel;
272 extern uint8_t do_enforcement;
274 /* From peer_comm.c - used to simulate partition. */
275 extern int do_partition;
276 extern int partition_set;
280 static inline uint32_t
281 hash_flow(uint8_t protocol, uint32_t src_ip, uint16_t src_port, uint32_t dst_ip, uint16_t dst_port, uint32_t hash_max)
283 unsigned char mybytes[FLOWKEYSIZE];
284 mybytes[0] = protocol;
285 *(uint32_t*)(&(mybytes[1])) = src_ip;
286 *(uint32_t*)(&(mybytes[5])) = dst_ip;
287 *(uint32_t*)(&(mybytes[9])) = (src_port << 16) | dst_port;
288 return jhash(mybytes,FLOWKEYSIZE,salt) & (hash_max - 1);
291 uint32_t sampled_hasher(const key_flow *key) {
292 /* Last arg is UINT_MAX because sampled flow keeps track of its own capacity. */
293 return hash_flow(key->protocol, key->source_ip, key->source_port, key->dest_ip, key->dest_port, UINT_MAX);
296 uint32_t standard_hasher(const key_flow *key) {
297 return hash_flow(key->protocol, key->source_ip, key->source_port, key->dest_ip, key->dest_port, STD_FLOW_HASH_SIZE);
300 uint32_t multiple_hasher(const key_flow *key) {
301 return hash_flow(key->protocol, key->source_ip, key->source_port, key->dest_ip, key->dest_port, MUL_FLOW_HASH_SIZE);
309 /* Interesting keys */
333 #define INTR_IDS (sizeof(intr_ids)/sizeof(intr_ids[0]))
334 static struct intr_id intr_ids[] = {
335 [OOB_TIME_SEC] = { "oob.time.sec", 0 },
336 [OOB_MARK] = { "oob.mark", 0 },
337 [IP_SADDR] = { "ip.saddr", 0 },
338 [IP_DADDR] = { "ip.daddr", 0 },
339 [IP_TOTLEN] = { "ip.totlen", 0 },
340 [IP_PROTOCOL] = { "ip.protocol", 0 },
341 [TCP_SPORT] = { "tcp.sport", 0 },
342 [TCP_DPORT] { "tcp.dport", 0 },
343 [TCP_ACK] = { "tcp.ack", 0 },
344 [TCP_FIN] = { "tcp.fin", 0 },
345 [TCP_SYN] = { "tcp.syn", 0 },
346 [TCP_RST] = { "tcp.rst", 0 },
347 [UDP_SPORT] = { "udp.sport", 0 },
348 [UDP_DPORT] = { "udp.dport", 0 },
349 [ICMP_TYPE] = { "icmp.type", 0 },
350 [ICMP_CODE] = { "icmp.code", 0 },
351 [GRE_FLAG_KEY] = { "gre.flag.key", 0 },
352 [GRE_VERSION] = { "gre.version", 0 },
353 [GRE_KEY] = { "gre.key", 0 },
354 [PPTP_CALLID] = { "pptp.callid", 0 },
357 #define GET_VALUE(x) intr_ids[x].res->value
359 #define DATE(t) ((t) / (24*60*60) * (24*60*60))
361 static int _output_drl(ulog_iret_t *res)
364 uint32_t src_ip, dst_ip;
365 uint16_t src_port, dst_port;
372 protocol = GET_VALUE(IP_PROTOCOL).ui8;
373 src_ip = GET_VALUE(IP_SADDR).ui32;
374 dst_ip = GET_VALUE(IP_DADDR).ui32;
375 xid = GET_VALUE(OOB_MARK).ui32;
380 src_port = GET_VALUE(TCP_SPORT).ui16;
381 dst_port = GET_VALUE(TCP_DPORT).ui16;
385 /* netflow had an issue with many udp flows and set
386 * src_port=0 to handle it. We don't.
388 src_port = GET_VALUE(UDP_SPORT).ui16;
391 * traceroutes create a large number of flows in the db
392 * this is a quick hack to catch the most common form
393 * of traceroute (basically we're mapping any UDP packet
394 * in the 33435-33524 range to the "trace" port, 33524 is
395 * 3 packets * nhops (30).
397 dst_port = GET_VALUE(UDP_DPORT).ui16;
398 if (dst_port >= 33435 && dst_port <= 33524)
403 src_port = GET_VALUE(ICMP_TYPE).ui8;
404 dst_port = GET_VALUE(ICMP_CODE).ui8;
407 * We special case some of the ICMP traffic that the kernel
408 * always generates. Since this is attributed to root, it
409 * creates significant "noise" in the output. We want to be
410 * able to quickly see that root is generating traffic.
412 if (xid == ROOT_XID) {
413 if (src_port == ICMP_ECHOREPLY)
414 xid = ICMP_ECHOREPLY_XID;
415 else if (src_port == ICMP_UNREACH)
416 xid = ICMP_UNREACH_XID;
421 if (GET_VALUE(GRE_FLAG_KEY).b) {
422 if (GET_VALUE(GRE_VERSION).ui8 == 1) {
423 /* Get PPTP call ID */
424 src_port = GET_VALUE(PPTP_CALLID).ui16;
426 /* XXX Truncate GRE keys to 16 bits */
427 src_port = (uint16_t) GET_VALUE(GRE_KEY).ui32;
430 /* No key available */
437 /* This is the default key for packets from unsupported protocols */
443 key.protocol = protocol;
444 key.source_ip = src_ip;
445 key.dest_ip = dst_ip;
446 key.source_port = src_port;
447 key.dest_port = dst_port;
448 key.packet_size = GET_VALUE(IP_TOTLEN).ui16;
449 key.packet_time = (time_t) GET_VALUE(OOB_TIME_SEC).ui32;
451 pthread_rwlock_rdlock(&limiter.limiter_lock); /* CLUNK! */
453 leaf = (leaf_t *) map_search(limiter.stable_instance.leaf_map, &xid, sizeof(xid));
455 /* Even if the packet doesn't match any specific xid, it should still
456 * count in the machine-type tables. This catches root (xid == 0) and
457 * unclassified (xid = fff) packets, which don't have map entries. */
459 ident = limiter.stable_instance.last_machine;
461 ident = leaf->parent;
465 pthread_mutex_lock(&ident->table_mutex);
467 /* Update the identity's table. */
468 ident->table_sample_function(ident->table, &key);
470 #ifdef SHADOW_ACCTING
472 /* Update the shadow perfect copy of the accounting table. */
473 standard_table_sample((standard_flow_table) ident->shadow_table, &key);
477 pthread_mutex_unlock(&ident->table_mutex);
479 ident = ident->parent;
482 pthread_rwlock_unlock(&limiter.limiter_lock); /* CLINK! */
487 /* get all key id's for the keys we are intrested in */
488 static int get_ids(void)
491 struct intr_id *cur_id;
493 for (i = 0; i < INTR_IDS; i++) {
494 cur_id = &intr_ids[i];
495 cur_id->res = keyh_getres(keyh_getid(cur_id->name));
497 ulogd_log(ULOGD_ERROR,
498 "Cannot resolve keyhash id for %s\n",
506 static void free_identity(identity_t *ident) {
508 free_comm(&ident->comm);
511 ident->table_destroy_function(ident->table);
514 if (ident->loop_action) {
515 ident->loop_action->valid = 0;
518 if (ident->comm_action) {
519 ident->comm_action->valid = 0;
522 pthread_mutex_destroy(&ident->table_mutex);
528 static void free_identity_map(map_handle map) {
529 identity_t *tofree = NULL;
531 map_reset_iterate(map);
532 while ((tofree = (identity_t *) map_next(map))) {
533 free_identity(tofree);
539 static void free_instance(drl_instance_t *instance) {
540 if (instance->leaves)
541 free(instance->leaves);
542 if (instance->leaf_map)
543 free_map(instance->leaf_map, 0);
544 if (instance->ident_map)
545 free_identity_map(instance->ident_map);
546 if (instance->machines)
547 free(instance->machines);
549 free(instance->sets);
551 /* FIXME: Drain the calendar first and free all the entries. */
556 memset(instance, 0, sizeof(drl_instance_t));
559 static void free_failed_config(parsed_configs configs, drl_instance_t *instance) {
561 if (configs.machines)
562 free_ident_list(configs.machines);
564 free_ident_list(configs.sets);
568 free_instance(instance);
571 static identity_t *new_identity(ident_config *config) {
572 identity_t *ident = malloc(sizeof(identity_t));
573 remote_node_t *comm_nodes = malloc(sizeof(remote_node_t)*config->peer_count);
574 ident_peer *peer = config->peers;
581 if (comm_nodes == NULL) {
586 memset(ident, 0, sizeof(identity_t));
587 memset(comm_nodes, 0, config->peer_count * sizeof(remote_node_t));
589 ident->id = config->id;
590 ident->limit = (uint32_t) (((double) config->limit * 1000.0) / 8.0);
591 ident->fixed_ewma_weight = config->fixed_ewma_weight;
592 ident->communication_intervals = config->communication_intervals;
593 ident->mainloop_intervals = config->mainloop_intervals;
594 ident->ewma_weight = pow(ident->fixed_ewma_weight,
595 (limiter.estintms/1000.0) * config->mainloop_intervals);
596 ident->parent = NULL;
597 ident->independent = config->independent;
599 pthread_mutex_init(&ident->table_mutex, NULL);
600 switch (config->accounting) {
603 standard_table_create(standard_hasher, &ident->common);
605 /* Ugly function pointer casting. Makes things sufficiently
606 * generic, though. */
607 ident->table_sample_function =
608 (int (*)(void *, const key_flow *)) standard_table_sample;
609 ident->table_cleanup_function =
610 (int (*)(void *)) standard_table_cleanup;
611 ident->table_update_function =
612 (void (*)(void *, struct timeval, double)) standard_table_update_flows;
613 ident->table_destroy_function =
614 (void (*)(void *)) standard_table_destroy;
619 multiple_table_create(multiple_hasher, MUL_INTERVAL_COUNT, &ident->common);
621 ident->table_sample_function =
622 (int (*)(void *, const key_flow *)) multiple_table_sample;
623 ident->table_cleanup_function =
624 (int (*)(void *)) multiple_table_cleanup;
625 ident->table_update_function =
626 (void (*)(void *, struct timeval, double)) multiple_table_update_flows;
627 ident->table_destroy_function =
628 (void (*)(void *)) multiple_table_destroy;
632 ident->table = sampled_table_create(sampled_hasher,
633 ident->limit * IDENT_CLEAN_INTERVAL,
634 SAMPLEHOLD_PERCENTAGE, SAMPLEHOLD_OVERFACTOR, &ident->common);
636 ident->table_sample_function =
637 (int (*)(void *, const key_flow *)) sampled_table_sample;
638 ident->table_cleanup_function =
639 (int (*)(void *)) sampled_table_cleanup;
640 ident->table_update_function =
641 (void (*)(void *, struct timeval, double)) sampled_table_update_flows;
642 ident->table_destroy_function =
643 (void (*)(void *)) sampled_table_destroy;
647 ident->table = simple_table_create(&ident->common);
649 ident->table_sample_function =
650 (int (*)(void *, const key_flow *)) simple_table_sample;
651 ident->table_cleanup_function =
652 (int (*)(void *)) simple_table_cleanup;
653 ident->table_update_function =
654 (void (*)(void *, struct timeval, double)) simple_table_update_flows;
655 ident->table_destroy_function =
656 (void (*)(void *)) simple_table_destroy;
660 #ifdef SHADOW_ACCTING
662 ident->shadow_table = standard_table_create(standard_hasher, &ident->shadow_common);
664 if (ident->shadow_table == NULL) {
665 ident->table_destroy_function(ident->table);
672 /* Make sure the table was allocated. */
673 if (ident->table == NULL) {
679 comm_nodes[peer_slot].addr = peer->ip;
680 comm_nodes[peer_slot].port = htons(LIMITER_LISTEN_PORT);
685 if (new_comm(&ident->comm, config, comm_nodes)) {
686 printlog(LOG_CRITICAL, "Failed to create communication structure.\n");
690 ident->comm.remote_nodes = comm_nodes;
695 /* Determines the validity of the parameters of one ident_config.
700 static int validate_config(ident_config *config) {
701 /* Limit must be a positive integer. */
702 if (config->limit < 1) {
706 /* Commfabric must be a valid choice (COMM_MESH or COMM_GOSSIP). */
707 if (config->commfabric != COMM_MESH &&
708 config->commfabric != COMM_GOSSIP) {
712 /* If commfabric is COMM_GOSSIP, this must be a positive integer. */
713 if (config->commfabric == COMM_GOSSIP && config->branch < 1) {
717 /* Accounting must be a valid choice (ACT_STANDARD, ACT_SAMPLEHOLD,
718 * ACT_SIMPLE, ACT_MULTIPLE). */
719 if (config->accounting != ACT_STANDARD &&
720 config->accounting != ACT_SAMPLEHOLD &&
721 config->accounting != ACT_SIMPLE &&
722 config->accounting != ACT_MULTIPLE) {
726 /* Ewma weight must be greater than or equal to zero. */
727 if (config->fixed_ewma_weight < 0) {
731 /* Note: Parsing stage requires that each ident has at least one peer. */
738 static int validate_configs(parsed_configs configs, drl_instance_t *instance) {
740 ident_config *mlist = configs.machines;
741 ident_config *slist = configs.sets;
742 ident_config *tmp = NULL;
746 /* ID must be non-zero and unique. */
747 /* This is ugly and hackish, but this function will be called rarely.
748 * I'm tired of trying to be clever. */
750 printlog(LOG_CRITICAL, "Negative ident id: %d (%x) ?\n", mlist->id, mlist->id);
755 if (mlist->id == tmp->id) {
756 printlog(LOG_CRITICAL, "Duplicate ident id: %d (%x)\n", mlist->id, mlist->id);
763 if (mlist->id == tmp->id) {
764 printlog(LOG_CRITICAL, "Duplicate ident id: %d (%x)\n", mlist->id, mlist->id);
770 if (validate_config(mlist)) {
771 printlog(LOG_CRITICAL, "Invalid ident parameters for id: %d (%x)\n", mlist->id, mlist->id);
775 if (mlist->independent) {
776 printlog(LOG_CRITICAL, "Makes no sense to have independent machine node - setting independent to false.\n");
777 mlist->independent = 0;
783 instance->sets = malloc(configs.set_count * sizeof(identity_t *));
784 if (instance->sets == NULL) {
785 printlog(LOG_CRITICAL, "Not enough memory to allocate set identity collection.\n");
789 memset(instance->sets, 0, configs.set_count * sizeof(identity_t *));
790 instance->set_count = configs.set_count;
792 /* For sets, make sure that the hierarchy is valid. */
794 ident_member *members = slist->members;
796 /* ID must be non-zero and unique. */
798 printlog(LOG_CRITICAL, "Negative ident id: %d (%x) ?\n", slist->id, slist->id);
803 if (slist->id == tmp->id) {
804 printlog(LOG_CRITICAL, "Duplicate ident id: %d (%x)\n", slist->id, slist->id);
810 if (validate_config(slist)) {
811 printlog(LOG_CRITICAL, "Invalid ident parameters for id: %d (%x)\n", slist->id, slist->id);
815 /* Allocate an identity_t for this set-type identity. */
816 instance->sets[i] = new_identity(slist);
818 if (instance->sets[i] == NULL) {
819 printlog(LOG_CRITICAL, "Not enough memory to allocate set identity.\n");
823 /* Loop through children and look up each in leaf or ident map
824 * depending on the type of child. Set the child's parent pointer
825 * to the identity we just created above, unless it is already set,
826 * in which case we have an error. */
828 identity_t *child_ident = NULL;
829 leaf_t *child_leaf = NULL;
831 switch (members->type) {
833 child_leaf = map_search(instance->leaf_map, &members->value,
834 sizeof(members->value));
835 if (child_leaf == NULL) {
836 printlog(LOG_CRITICAL, "xid: child leaf not found.\n");
839 if (child_leaf->parent != NULL) {
840 /* Error - This leaf already has a parent. */
841 printlog(LOG_CRITICAL, "xid: child already has a parent.\n");
844 child_leaf->parent = instance->sets[i];
847 child_ident = map_search(instance->ident_map, &members->value,
848 sizeof(members->value));
849 if (child_ident == NULL) {
850 printlog(LOG_CRITICAL, "guid: child identity not found.\n");
853 if (child_ident->parent != NULL) {
854 /* Error - This identity already has a parent. */
855 printlog(LOG_CRITICAL, "guid: child identity already has a parent.\n");
858 child_ident->parent = instance->sets[i];
861 /* Error - shouldn't be possible. */
864 members = members->next;
867 map_insert(instance->ident_map, &instance->sets[i]->id,
868 sizeof(instance->sets[i]->id), instance->sets[i]);
876 static int fill_set_leaf_pointer(drl_instance_t *instance, identity_t *ident) {
878 identity_t *current_ident;
879 leaf_t *current_leaf;
880 leaf_t **leaves = malloc(instance->leaf_count * sizeof(leaf_t *));
881 if (leaves == NULL) {
885 map_reset_iterate(instance->leaf_map);
886 while ((current_leaf = (leaf_t *) map_next(instance->leaf_map))) {
887 current_ident = current_leaf->parent;
888 while (current_ident != NULL && current_ident != instance->last_machine) {
889 if (current_ident == ident) {
890 /* Found the ident we were looking for - add the leaf. */
891 leaves[count] = current_leaf;
895 current_ident = current_ident->parent;
899 ident->leaves = leaves;
900 ident->leaf_count = count;
905 static int init_identities(parsed_configs configs, drl_instance_t *instance) {
907 ident_config *config = configs.machines;
910 instance->cal = malloc(sizeof(struct ident_calendar) * SCHEDLEN);
912 if (instance->cal == NULL) {
916 for (i = 0; i < SCHEDLEN; ++i) {
917 TAILQ_INIT(instance->cal + i);
919 instance->cal_slot = 0;
921 instance->machines = malloc(configs.machine_count * sizeof(drl_instance_t *));
923 if (instance->machines == NULL) {
927 memset(instance->machines, 0, configs.machine_count * sizeof(drl_instance_t *));
928 instance->machine_count = configs.machine_count;
930 /* Allocate and add the machine identities. */
931 for (i = 0; i < configs.machine_count; ++i) {
932 identity_action *loop_action;
933 identity_action *comm_action;
934 instance->machines[i] = new_identity(config);
936 if (instance->machines[i] == NULL) {
940 loop_action = malloc(sizeof(identity_action));
941 comm_action = malloc(sizeof(identity_action));
943 if (loop_action == NULL || comm_action == NULL) {
947 /* The first has no parent - it is the root. All others have the
948 * previous ident as their parent. */
950 instance->machines[i]->parent = NULL;
952 instance->machines[i]->parent = instance->machines[i - 1];
955 instance->last_machine = instance->machines[i];
957 /* Add the ident to the guid->ident map. */
958 map_insert(instance->ident_map, &instance->machines[i]->id,
959 sizeof(instance->machines[i]->id), instance->machines[i]);
961 config = config->next;
963 memset(loop_action, 0, sizeof(identity_action));
964 memset(comm_action, 0, sizeof(identity_action));
965 loop_action->ident = instance->machines[i];
966 loop_action->action = ACTION_MAINLOOP;
967 loop_action->valid = 1;
968 comm_action->ident = instance->machines[i];
969 comm_action->action = ACTION_COMMUNICATE;
970 comm_action->valid = 1;
972 instance->machines[i]->loop_action = loop_action;
973 instance->machines[i]->comm_action = comm_action;
975 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
976 loop_action, calendar);
978 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
979 comm_action, calendar);
981 /* Setup the array of pointers to leaves. This is easy for machines
982 * because a machine node applies to every leaf. */
983 instance->machines[i]->leaves =
984 malloc(instance->leaf_count * sizeof(leaf_t *));
985 if (instance->machines[i]->leaves == NULL) {
988 instance->machines[i]->leaf_count = instance->leaf_count;
989 for (j = 0; j < instance->leaf_count; ++j) {
990 instance->machines[i]->leaves[j] = &instance->leaves[j];
994 /* Connect the set subtree to the machines. Any set or leaf without a
995 * parent will take the last machine as its parent. */
998 map_reset_iterate(instance->leaf_map);
999 while ((leaf = (leaf_t *) map_next(instance->leaf_map))) {
1000 if (leaf->parent == NULL) {
1001 leaf->parent = instance->last_machine;
1006 for (i = 0; i < instance->set_count; ++i) {
1007 identity_action *loop_action;
1008 identity_action *comm_action;
1010 if (instance->sets[i]->parent == NULL && instance->sets[i]->independent == 0) {
1011 instance->sets[i]->parent = instance->last_machine;
1014 loop_action = malloc(sizeof(identity_action));
1015 comm_action = malloc(sizeof(identity_action));
1017 if (loop_action == NULL || comm_action == NULL) {
1021 memset(loop_action, 0, sizeof(identity_action));
1022 memset(comm_action, 0, sizeof(identity_action));
1023 loop_action->ident = instance->sets[i];
1024 loop_action->action = ACTION_MAINLOOP;
1025 loop_action->valid = 1;
1026 comm_action->ident = instance->sets[i];
1027 comm_action->action = ACTION_COMMUNICATE;
1028 comm_action->valid = 1;
1030 instance->sets[i]->loop_action = loop_action;
1031 instance->sets[i]->comm_action = comm_action;
1033 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
1034 loop_action, calendar);
1036 TAILQ_INSERT_TAIL(instance->cal + (instance->cal_slot & SCHEDMASK),
1037 comm_action, calendar);
1039 /* Setup the array of pointers to leaves. This is harder for sets,
1040 * but this doesn't need to be super-efficient because it happens
1041 * rarely and it isn't on the critical path for reconfig(). */
1042 if (fill_set_leaf_pointer(instance, instance->sets[i])) {
1051 static void print_instance(drl_instance_t *instance) {
1052 leaf_t *leaf = NULL;
1053 identity_t *ident = NULL;
1055 if (system_loglevel == LOG_DEBUG) {
1056 map_reset_iterate(instance->leaf_map);
1057 while ((leaf = (leaf_t *) map_next(instance->leaf_map))) {
1058 printf("%x:", leaf->xid);
1059 ident = leaf->parent;
1061 printf("%d:",ident->id);
1062 ident = ident->parent;
1064 printf("Leaf's parent pointer is %p\n", leaf->parent);
1067 printf("instance->last_machine is %p\n", instance->last_machine);
1071 static int assign_htb_hierarchy(drl_instance_t *instance) {
1073 int next_node = 0x100;
1075 /* Chain machine nodes under 1:10. */
1076 for (i = 0; i < instance->machine_count; ++i) {
1077 if (instance->machines[i]->parent == NULL) {
1079 instance->machines[i]->htb_parent = 0x10;
1082 instance->machines[i]->htb_parent =
1083 instance->machines[i]->parent->htb_node;
1086 instance->machines[i]->htb_node = next_node;
1092 /* Add set nodes under machine nodes. Iterate backwards to ensure parent is
1094 for (j = (instance->set_count - 1); j >= 0; --j) {
1095 if (instance->sets[j]->parent == NULL) {
1096 /* Independent node - goes under 0x10 away from machine nodes. */
1097 instance->sets[j]->htb_parent = 0x10;
1099 instance->sets[j]->htb_parent = instance->sets[j]->parent->htb_node;
1101 instance->sets[j]->htb_node = next_node;
1109 /* Added this so that I could comment one line and kill off all of the
1110 * command execution. */
1111 static inline int execute_cmd(const char *cmd) {
1115 static inline int add_htb_node(const char *iface, const uint32_t parent_major, const uint32_t parent_minor,
1116 const uint32_t classid_major, const uint32_t classid_minor,
1117 const uint64_t rate, const uint64_t ceil) {
1120 sprintf(cmd, "tc class add dev %s parent %x:%x classid %x:%x htb rate %llubit ceil %llubit",
1121 iface, parent_major, parent_minor, classid_major, classid_minor, rate, ceil);
1122 printlog(LOG_WARN, "INIT: HTB_cmd: %s\n", cmd);
1124 return execute_cmd(cmd);
1127 static inline int add_htb_netem(const char *iface, const uint32_t parent_major,
1128 const uint32_t parent_minor, const uint32_t handle,
1129 const int loss, const int delay) {
1132 sprintf(cmd, "/sbin/tc qdisc del dev %s parent %x:%x handle %x pfifo", iface, parent_major,
1133 parent_minor, handle);
1134 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1135 if (execute_cmd(cmd))
1136 printlog(LOG_DEBUG, "HTB_cmd: Previous deletion did not succeed.\n");
1138 sprintf(cmd, "/sbin/tc qdisc replace dev %s parent %x:%x handle %x netem loss %d%% delay %dms",
1139 iface, parent_major, parent_minor, handle, loss, delay);
1140 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1141 return execute_cmd(cmd);
1144 static int create_htb_hierarchy(drl_instance_t *instance) {
1147 uint64_t gigabit = 1024 * 1024 * 1024;
1149 /* Nuke the hierarchy. */
1150 sprintf(cmd, "tc qdisc del dev eth0 root handle 1: htb");
1152 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1154 /* Re-initialize the basics. */
1155 sprintf(cmd, "tc qdisc add dev eth0 root handle 1: htb default 1fff");
1156 if (execute_cmd(cmd)) {
1159 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1161 if (add_htb_node("eth0", 1, 0, 1, 1, gigabit, gigabit))
1164 /* Add back 1:10. (Nodelimit : kilobits/sec -> bits/second)*/
1165 if (limiter.nodelimit) {
1166 if (add_htb_node("eth0", 1, 1, 1, 0x10, 8, (uint64_t) limiter.nodelimit * 1024))
1169 if (add_htb_node("eth0", 1, 1, 1, 0x10, 8, gigabit))
1174 for (i = 0; i < instance->machine_count; ++i) {
1175 if (add_htb_node("eth0", 1, instance->machines[i]->htb_parent, 1,
1176 instance->machines[i]->htb_node, 8, instance->machines[i]->limit * 1024)) {
1183 /* Add back 1:20. */
1185 if (instance->last_machine == NULL) {
1186 sprintf(cmd, "/sbin/tc class add dev eth0 parent 1:1 classid 1:20 htb rate 8bit ceil 1000mbit");
1188 sprintf(cmd, "/sbin/tc class add dev eth0 parent 1:%x classid 1:20 htb rate 8bit ceil 1000mbit",
1189 instance->last_machine->htb_node);
1192 sprintf(cmd, "/sbin/tc class add dev eth0 parent 1:1 classid 1:20 htb rate 8bit ceil 1000mbit");
1195 if (execute_cmd(cmd)) {
1198 printlog(LOG_DEBUG, "HTB_cmd: %s\n", cmd);
1201 for (j = (instance->set_count - 1); j >= 0; --j) {
1202 if (add_htb_node("eth0", 1, instance->sets[j]->htb_parent, 1,
1203 instance->sets[j]->htb_node, 8, instance->sets[j]->limit * 1024)) {
1208 /* Add leaves. FIXME: Set static sliver limit as ceil here! */
1209 for (k = 0; k < instance->leaf_count; ++k) {
1210 if (instance->leaves[k].parent == NULL) {
1211 if (add_htb_node("eth0", 1, 0x10, 1, (0x1000 | instance->leaves[k].xid), 8, gigabit))
1214 if (add_htb_node("eth0", 1, instance->leaves[k].parent->htb_node, 1, (0x1000 | instance->leaves[k].xid), 8, gigabit))
1218 /* Add exempt node for the leaf under 1:20 as 1:2<xid> */
1219 if (add_htb_node("eth0", 1, 0x20, 1, (0x2000 | instance->leaves[k].xid), 8, gigabit))
1223 /* Add 1:1000 and 1:2000 */
1224 if (instance->last_machine == NULL) {
1225 if (add_htb_node("eth0", 1, 0x10, 1, 0x1000, 8, gigabit))
1228 if (add_htb_node("eth0", 1, instance->last_machine->htb_node, 1, 0x1000, 8, gigabit))
1232 if (add_htb_node("eth0", 1, 0x20, 1, 0x2000, 8, gigabit))
1235 /* Add 1:1fff and 1:2fff */
1236 if (instance->last_machine == NULL) {
1237 if (add_htb_node("eth0", 1, 0x10, 1, 0x1fff, 8, gigabit))
1240 if (add_htb_node("eth0", 1, instance->last_machine->htb_node, 1, 0x1fff, 8, gigabit))
1244 if (add_htb_node("eth0", 1, 0x20, 1, 0x2fff, 8, gigabit))
1247 /* Artifical delay or loss for experimentation. */
1248 if (netem_delay.u.value || netem_loss.u.value) {
1249 if (!strcmp(netem_slice.u.string, "ALL")) {
1250 /* By default, netem applies to all leaves. */
1251 if (add_htb_netem("eth0", 1, 0x1000, 0x1000, netem_loss.u.value, netem_delay.u.value))
1253 if (add_htb_netem("eth0", 1, 0x1fff, 0x1fff, netem_loss.u.value, netem_delay.u.value))
1256 for (k = 0; k < instance->leaf_count; ++k) {
1257 if (add_htb_netem("eth0", 1, (0x1000 | instance->leaves[k].xid),
1258 (0x1000 | instance->leaves[k].xid), netem_loss.u.value, netem_delay.u.value)) {
1262 //FIXME: add exempt delay/loss here on 0x2000 ... ?
1265 /* netem_slice is not the default ALL value. Only apply netem
1266 * to the slice that is set in netem_slice.u.string. */
1269 sscanf(netem_slice.u.string, "%x", &slice_xid);
1271 if (add_htb_netem("eth0", 1, slice_xid, slice_xid, netem_loss.u.value, netem_delay.u.value))
1279 static int setup_tc_grd(drl_instance_t *instance) {
1283 for (i = 0; i < instance->leaf_count; ++i) {
1284 /* Delete the old pfifo qdisc that might have been there before. */
1285 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:1%x handle 1%x pfifo",
1286 instance->leaves[i].xid, instance->leaves[i].xid);
1288 if (execute_cmd(cmd)) {
1289 printlog(LOG_DEBUG, "GRD: pfifo qdisc wasn't there!\n");
1292 /* Add the netem qdisc. */
1293 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1%x handle 1%x netem loss 0 delay 0ms",
1294 instance->leaves[i].xid, instance->leaves[i].xid);
1296 if (execute_cmd(cmd)) {
1297 printlog(LOG_CRITICAL, "TC GRD call failed: %s\n", cmd);
1302 /* Do the same for 1000 and 1fff. */
1303 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:1000 handle 1000 pfifo");
1305 if (execute_cmd(cmd)) {
1306 printlog(LOG_DEBUG, "GRD: pfifo qdisc wasn't there!\n");
1309 /* Add the netem qdisc. */
1310 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1000 handle 1000 netem loss 0 delay 0ms");
1312 if (execute_cmd(cmd)) {
1313 printlog(LOG_CRITICAL, "TC GRD call failed: %s\n", cmd);
1317 sprintf(cmd, "/sbin/tc qdisc del dev eth0 parent 1:1fff handle 1fff pfifo");
1319 if (execute_cmd(cmd)) {
1320 printlog(LOG_DEBUG, "GRD: pfifo qdisc wasn't there!\n");
1323 /* Add the netem qdisc. */
1324 sprintf(cmd, "/sbin/tc qdisc replace dev eth0 parent 1:1fff handle 1fff netem loss 0 delay 0ms");
1326 if (execute_cmd(cmd)) {
1327 printlog(LOG_CRITICAL, "TC GRD call failed: %s\n", cmd);
1331 /* Artifical delay or loss for experimentation. */
1332 if (netem_delay.u.value || netem_loss.u.value) {
1333 if (!strcmp(netem_slice.u.string, "ALL")) {
1334 sprintf(cmd, "/sbin/tc qdisc change dev eth0 parent 1:1000 handle 1000 netem loss %d delay %dms", netem_loss.u.value, netem_delay.u.value);
1335 if (execute_cmd(cmd)) {
1336 printlog(LOG_CRITICAL, "TC GRD call failed: %s\n", cmd);
1340 sprintf(cmd, "/sbin/tc qdisc change dev eth0 parent 1:1fff handle 1fff netem loss %d delay %dms", netem_loss.u.value, netem_delay.u.value);
1341 if (execute_cmd(cmd)) {
1342 printlog(LOG_CRITICAL, "TC GRD call failed: %s\n", cmd);
1346 for (j = 0; j < instance->leaf_count; ++j) {
1347 leaf_t *current = &instance->leaves[j];
1349 current->delay = netem_delay.u.value;
1351 sprintf(cmd, "/sbin/tc qdisc change dev eth0 parent 1:1%x handle 1%x netem loss %d delay %dms", current->xid, current->xid, netem_loss.u.value, netem_delay.u.value);
1353 if (execute_cmd(cmd)) {
1354 printlog(LOG_CRITICAL, "TC GRD call failed: %s\n", cmd);
1360 leaf_t *leaf = NULL;
1362 sscanf(netem_slice.u.string, "%x", &slice_xid);
1364 leaf = (leaf_t *) map_search(instance->leaf_map, &slice_xid, sizeof(slice_xid));
1367 /* Leaf not found - invalid selection. */
1368 printf("Your experimental setup is incorrect...\n");
1372 leaf->delay = netem_delay.u.value;
1374 sprintf(cmd, "/sbin/tc qdisc change dev eth0 parent 1:1%x handle 1%x netem loss %d delay %dms", slice_xid, slice_xid, netem_loss.u.value, netem_delay.u.value);
1376 if (execute_cmd(cmd)) {
1377 printlog(LOG_CRITICAL, "TC GRD call failed: %s\n", cmd);
1388 * Initialize this limiter with options
1389 * Open UDP socket for peer communication
1391 static int init_drl(void) {
1392 parsed_configs configs;
1393 struct sockaddr_in server_address;
1395 memset(&limiter, 0, sizeof(limiter_t));
1397 /* Setup logging. */
1398 system_loglevel = (uint8_t) drl_loglevel.u.value;
1399 logfile = fopen(drl_logfile.u.string, "w");
1401 if (logfile == NULL) {
1402 printf("Couldn't open logfile - ");
1407 printlog(LOG_CRITICAL, "ulogd_DRL initializing . . .\n");
1409 limiter.nodelimit = (uint32_t) (((double) nodelimit.u.value * 1000000.0) / 8.0);
1411 init_hashing(); /* for all hash maps */
1413 pthread_rwlock_init(&limiter.limiter_lock,NULL);
1415 /* determine our local IP by iterating through interfaces */
1416 if ((limiter.ip = get_local_ip())==0) {
1417 printlog(LOG_CRITICAL,
1418 "ulogd_DRL unable to aquire local IP address, not registering.\n");
1421 limiter.localaddr = inet_addr(limiter.ip);
1422 limiter.port = htons(LIMITER_LISTEN_PORT);
1423 limiter.udp_socket = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
1424 if (limiter.udp_socket < 0) {
1425 printlog(LOG_CRITICAL, "Failed to create UDP socket().\n");
1429 memset(&server_address, 0, sizeof(server_address));
1430 server_address.sin_family = AF_INET;
1431 server_address.sin_addr.s_addr = limiter.localaddr;
1432 server_address.sin_port = limiter.port;
1434 if (bind(limiter.udp_socket, (struct sockaddr *) &server_address, sizeof(server_address)) < 0) {
1435 printlog(LOG_CRITICAL, "Failed to bind UDP socket.\n");
1439 printlog(LOG_WARN, " POLICY: %s\n",policy.u.string);
1440 if (strcasecmp(policy.u.string,"GRD") == 0) {
1441 limiter.policy = POLICY_GRD;
1442 } else if (strcasecmp(policy.u.string,"FPS") == 0) {
1443 limiter.policy = POLICY_FPS;
1445 printlog(LOG_CRITICAL,
1446 "Unknown DRL policy %s, aborting.\n",policy.u.string);
1450 limiter.estintms = estintms.u.value;
1451 if (limiter.estintms > 1000) {
1452 printlog(LOG_CRITICAL,
1453 "DRL: sorry estimate intervals must be less than 1 second.");
1454 printlog(LOG_CRITICAL,
1455 " Simple source mods will allow larger intervals. Using 1 second.\n");
1456 limiter.estintms = 1000;
1458 printlog(LOG_WARN, " Est interval: %dms\n",limiter.estintms);
1460 /* Acquire the big limiter lock for writing. Prevents pretty much
1461 * anything else from happening while the hierarchy is being changed. */
1462 pthread_rwlock_wrlock(&limiter.limiter_lock);
1464 limiter.stable_instance.ident_map = allocate_map();
1465 if (limiter.stable_instance.ident_map == NULL) {
1466 printlog(LOG_CRITICAL, "Failed to allocate memory for identity map.\n");
1470 if (get_eligible_leaves(&limiter.stable_instance)) {
1471 printlog(LOG_CRITICAL, "Failed to read eligigle leaves.\n");
1475 if (parse_drl_config(drl_configfile.u.string, &configs)) {
1476 /* Parse error occured. Return non-zero to notify init_drl(). */
1477 printlog(LOG_CRITICAL, "Failed to parse the DRL configuration file (%s).\n",
1478 drl_configfile.u.string);
1482 /* Validate identity hierarchy! */
1483 if (validate_configs(configs, &limiter.stable_instance)) {
1484 /* Clean up everything. */
1485 free_failed_config(configs, &limiter.stable_instance);
1486 printlog(LOG_CRITICAL, "Invalid DRL configuration file (%s).\n",
1487 drl_configfile.u.string);
1491 if (init_identities(configs, &limiter.stable_instance)) {
1492 free_failed_config(configs, &limiter.stable_instance);
1493 printlog(LOG_CRITICAL, "Failed to initialize identities.\n");
1497 /* At this point, we should be done with configs. */
1498 free_ident_list(configs.machines);
1499 free_ident_list(configs.sets);
1501 print_instance(&limiter.stable_instance);
1503 switch (limiter.policy) {
1505 if (assign_htb_hierarchy(&limiter.stable_instance)) {
1506 free_instance(&limiter.stable_instance);
1507 printlog(LOG_CRITICAL, "Failed to assign HTB hierarchy.\n");
1511 if (create_htb_hierarchy(&limiter.stable_instance)) {
1512 free_instance(&limiter.stable_instance);
1513 printlog(LOG_CRITICAL, "Failed to create HTB hierarchy.\n");
1519 if (setup_tc_grd(&limiter.stable_instance)) {
1520 free_instance(&limiter.stable_instance);
1521 printlog(LOG_CRITICAL, "Failed to initialize tc calls for GRD.\n");
1530 partition_set = partition.u.value;
1532 pthread_rwlock_unlock(&limiter.limiter_lock);
1534 if (pthread_create(&limiter.udp_recv_thread, NULL, limiter_receive_thread, NULL)) {
1535 printlog(LOG_CRITICAL, "Unable to start UDP receive thread.\n");
1539 printlog(LOG_WARN, "ulogd_DRL init finished.\n");
1544 static void reconfig() {
1545 parsed_configs configs;
1547 printlog(LOG_DEBUG, "--Starting reconfig()--\n");
1550 memset(&configs, 0, sizeof(parsed_configs));
1551 memset(&limiter.new_instance, 0, sizeof(drl_instance_t));
1553 limiter.new_instance.ident_map = allocate_map();
1554 if (limiter.new_instance.ident_map == NULL) {
1555 printlog(LOG_CRITICAL, "Failed to allocate ident_map during reconfig().\n");
1559 if (get_eligible_leaves(&limiter.new_instance)) {
1560 free_failed_config(configs, &limiter.new_instance);
1561 printlog(LOG_CRITICAL, "Failed to read leaves during reconfig().\n");
1565 if (parse_drl_config(drl_configfile.u.string, &configs)) {
1566 free_failed_config(configs, &limiter.new_instance);
1567 printlog(LOG_CRITICAL, "Failed to parse config during reconfig().\n");
1571 if (validate_configs(configs, &limiter.new_instance)) {
1572 free_failed_config(configs, &limiter.new_instance);
1573 printlog(LOG_CRITICAL, "Validation failed during reconfig().\n");
1574 pthread_rwlock_unlock(&limiter.limiter_lock);
1578 if (init_identities(configs, &limiter.new_instance)) {
1579 free_failed_config(configs, &limiter.new_instance);
1580 printlog(LOG_CRITICAL, "Initialization failed during reconfig().\n");
1581 pthread_rwlock_unlock(&limiter.limiter_lock);
1585 free_ident_list(configs.machines);
1586 free_ident_list(configs.sets);
1588 print_instance(&limiter.new_instance);
1591 pthread_rwlock_wrlock(&limiter.limiter_lock);
1593 switch (limiter.policy) {
1595 if (assign_htb_hierarchy(&limiter.new_instance)) {
1596 free_instance(&limiter.new_instance);
1597 printlog(LOG_CRITICAL, "Failed to assign HTB hierarchy during reconfig().\n");
1598 pthread_rwlock_unlock(&limiter.limiter_lock);
1602 if (create_htb_hierarchy(&limiter.new_instance)) {
1603 free_instance(&limiter.new_instance);
1604 printlog(LOG_CRITICAL, "Failed to create HTB hierarchy during reconfig().\n");
1606 /* Re-create old instance. */
1607 if (create_htb_hierarchy(&limiter.stable_instance)) {
1608 /* Error reinstating the old one - big problem. */
1609 printlog(LOG_CRITICAL, "Failed to reinstate HTB hierarchy during reconfig().\n");
1610 printlog(LOG_CRITICAL, "Giving up...\n");
1615 pthread_rwlock_unlock(&limiter.limiter_lock);
1621 if (setup_tc_grd(&limiter.new_instance)) {
1622 free_instance(&limiter.new_instance);
1623 printlog(LOG_CRITICAL, "GRD tc calls failed during reconfig().\n");
1625 /* Try to re-create old instance. */
1626 if (setup_tc_grd(&limiter.stable_instance)) {
1627 printlog(LOG_CRITICAL, "Failed to reinstate old GRD qdiscs during reconfig().\n");
1628 printlog(LOG_CRITICAL, "Giving up...\n");
1636 /* Should be impossible. */
1637 printf("Pigs are flying?\n");
1641 /* Switch over new to stable instance. */
1642 free_instance(&limiter.stable_instance);
1643 memcpy(&limiter.stable_instance, &limiter.new_instance, sizeof(drl_instance_t));
1645 /* Success! - Unlock */
1646 pthread_rwlock_unlock(&limiter.limiter_lock);
1649 static ulog_output_t drl_op = {
1651 .output = &_output_drl,
1652 .signal = NULL, /* This appears to be broken. Using my own handler. */
1657 /* Tests the amount of time it takes to call reconfig(). */
1658 static void time_reconfig(int iterations) {
1659 struct timeval start, end;
1662 gettimeofday(&start, NULL);
1663 for (i = 0; i < iterations; ++i) {
1666 gettimeofday(&end, NULL);
1668 printf("%d reconfigs() took %d seconds and %d microseconds.\n",
1669 iterations, end.tv_sec - start.tv_sec, end.tv_usec - start.tv_usec);
1672 // Seems to take about 85ms / iteration
1675 static int stop_enforcement(drl_instance_t *instance) {
1679 for (i = 0; i < instance->machine_count; ++i) {
1680 sprintf(cmd, "/sbin/tc class change dev eth0 parent 1:%x classid 1:%x htb rate 8bit ceil 100mbit",
1681 instance->machines[i]->htb_parent,
1682 instance->machines[i]->htb_node);
1684 if (execute_cmd(cmd)) {
1689 for (i = 0; i < instance->set_count; ++i) {
1690 sprintf(cmd, "/sbin/tc class change dev eth0 parent 1:%x classid 1:%x htb rate 8bit ceil 100mbit",
1691 instance->sets[i]->htb_parent,
1692 instance->sets[i]->htb_node);
1694 if (execute_cmd(cmd)) {
1702 static void *signal_thread_func(void *args) {
1708 sigaddset(&sigs, SIGHUP);
1709 sigaddset(&sigs, SIGUSR1);
1710 sigaddset(&sigs, SIGUSR2);
1711 pthread_sigmask(SIG_BLOCK, &sigs, NULL);
1715 sigaddset(&sigs, SIGHUP);
1716 sigaddset(&sigs, SIGUSR1);
1717 sigaddset(&sigs, SIGUSR2);
1719 err = sigwait(&sigs, &sig);
1722 printlog(LOG_CRITICAL, "sigwait() returned an error.\n");
1728 printlog(LOG_WARN, "Caught SIGHUP - re-reading XML file.\n");
1730 //time_reconfig(1000); /* instrumentation */
1734 pthread_rwlock_wrlock(&limiter.limiter_lock);
1735 if (do_enforcement) {
1737 stop_enforcement(&limiter.stable_instance);
1738 printlog(LOG_CRITICAL, "--Switching enforcement off.--\n");
1741 printlog(LOG_CRITICAL, "--Switching enforcement on.--\n");
1743 pthread_rwlock_unlock(&limiter.limiter_lock);
1746 do_partition = !do_partition;
1749 /* Intentionally blank. */
1756 /* register output plugin with ulogd */
1757 static void _drl_reg_op(void)
1759 ulog_output_t *op = &drl_op;
1760 sigset_t signal_mask;
1762 sigemptyset(&signal_mask);
1763 sigaddset(&signal_mask, SIGHUP);
1764 sigaddset(&signal_mask, SIGUSR1);
1765 sigaddset(&signal_mask, SIGUSR2);
1766 pthread_sigmask(SIG_BLOCK, &signal_mask, NULL);
1768 if (pthread_create(&signal_thread, NULL, &signal_thread_func, NULL) != 0) {
1769 printlog(LOG_CRITICAL, "Failed to create signal handling thread.\n");
1770 fprintf(stderr, "An error has occured starting ulogd_DRL. Refer to your logfile (%s) for additional information.\n", drl_logfile.u.string);
1776 printlog(LOG_CRITICAL, "Init failed. :(\n");
1777 fprintf(stderr, "An error has occured starting ulogd_DRL. Refer to your logfile (%s) for additional information.\n", drl_logfile.u.string);
1782 register_output(op);
1784 /* start up the thread that will periodically estimate the
1785 * local rate and set the local limits
1788 if (pthread_create(&estimate_thread, NULL, (void*(*)(void*)) &handle_estimation, &limiter)!=0) {
1789 printlog(LOG_CRITICAL, "Couldn't start estimate thread.\n");
1790 fprintf(stderr, "An error has occured starting ulogd_DRL. Refer to your logfile (%s) for additional information.\n", drl_logfile.u.string);
1794 if (enforce_on.u.value) {
1795 pthread_rwlock_wrlock(&limiter.limiter_lock);
1797 printlog(LOG_CRITICAL, "--Switching enforcement on.--\n");
1798 pthread_rwlock_unlock(&limiter.limiter_lock);
1804 /* have the opts parsed */
1805 config_parse_file("DRL", config_entries);
1808 ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
1812 /* Seed the hash function */
1813 salt = getpid() ^ time(NULL);