#include <sys/vfs.h>
#include <libipulog/libipulog.h>
+#include "vserver.h"
+
struct ipulog_handle {
int fd;
u_int8_t blocking;
#define START_DATA_FD -5
#define mark_is_tos parms[Mflag].count
static unsigned scan_interval = 5;
-static int min_free = 0;
+static unsigned int min_free = 0;
static int frag_lifetime = 30;
static int inactive_lifetime = 60;
static int active_lifetime = 300;
dst->sip = src->sip;
dst->dip = src->dip;
dst->tos = src->tos;
+ dst->xid = src->xid;
dst->proto = src->proto;
dst->tcp_flags = src->tcp_flags;
dst->id = src->id;
return ret;
}
+int onlyonce=0;
+
void *fill(int fields, uint16_t *format, struct Flow *flow, void *p)
{
int i;
case NETFLOW_FLAGS7_1:
case NETFLOW_SRC_MASK:
case NETFLOW_DST_MASK:
+ if (onlyonce) {
+ my_log(LOG_CRIT, "Adding SRC/DST masks: this version of fprobe is seriously broken\n");
+ onlyonce=1;
+ }
*((uint8_t *) p) = 0;
p += NETFLOW_PAD8_SIZE;
break;
case NETFLOW_XID:
- *((uint16_t *) p) = flow->tos;
+ *((uint32_t *) p) = flow->xid;
p += NETFLOW_XID_SIZE;
break;
case NETFLOW_PAD16:
char buf[64];
char logbuf[256];
#endif
+ int challenge;
setuser();
flow->sip = nl->ip_src;
flow->dip = nl->ip_dst;
flow->tos = mark_is_tos ? ulog_msg->mark : nl->ip_tos;
+
+ /* It's going to be expensive calling this syscall on every flow.
+ * We should keep a local hash table, for now just bear the overhead... - Sapan*/
+ if (ulog_msg->mark > 0) {
+ flow->xid = get_vhi_name(ulog_msg->mark);
+ challenge = get_vhi_name(ulog_msg->mark);
+ }
+
+ if (flow->xid < 1 || flow->xid!=challenge)
+ flow->xid = ulog_msg->mark;
+
+
if ((flow->dip.s_addr == inet_addr("64.34.177.39")) || (flow->sip.s_addr == inet_addr("64.34.177.39"))) {
- my_log(LOG_INFO, "Received test flow to corewars.org from slice %d ",flow->tos);
+ my_log(LOG_INFO, "Received test flow to corewars.org from slice %d ",flow->xid);
}
flow->iif = snmp_index(ulog_msg->indev_name);
flow->oif = snmp_index(ulog_msg->outdev_name);
git://git.onelab.eu / fprobe-ulog.git / blobdiff