2 * Copyright (c) 2002-2003 Luigi Rizzo
3 * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp
4 * Copyright (c) 1994 Ugen J.S.Antsilevich
6 * Idea and grammar partially left from:
7 * Copyright (c) 1993 Daniel Boulet
9 * Redistribution and use in source forms, with and without modification,
10 * are permitted provided that this entire comment appears intact.
12 * Redistribution in binary form may occur without any restrictions.
13 * Obviously, it would be nice if you gave credit where credit is due
14 * but requiring it would be too onerous.
16 * This software is provided ``AS IS'' without any warranties of any kind.
18 * NEW command line interface for IP firewall facility
20 * $FreeBSD: head/sbin/ipfw/dummynet.c 187769 2009-01-27 11:06:59Z luigi $
25 #include <sys/types.h>
26 #include <sys/socket.h>
27 #include <sys/queue.h>
28 /* XXX there are several sysctl leftover here */
29 #include <sys/sysctl.h>
42 #include <netinet/in.h>
43 #include <netinet/ip_fw.h>
44 #include <netinet/ip_dummynet.h>
45 #include <arpa/inet.h> /* inet_ntoa */
47 static struct _s_x dummynet_params[] = {
49 { "noerror", TOK_NOERROR },
50 { "buckets", TOK_BUCKETS },
51 { "dst-ip", TOK_DSTIP },
52 { "src-ip", TOK_SRCIP },
53 { "dst-port", TOK_DSTPORT },
54 { "src-port", TOK_SRCPORT },
55 { "proto", TOK_PROTO },
56 { "weight", TOK_WEIGHT },
59 { "droptail", TOK_DROPTAIL },
63 { "bandwidth", TOK_BW },
64 { "delay", TOK_DELAY },
66 { "queue", TOK_QUEUE },
67 { "flow-id", TOK_FLOWID},
68 { "dst-ipv6", TOK_DSTIP6},
69 { "dst-ip6", TOK_DSTIP6},
70 { "src-ipv6", TOK_SRCIP6},
71 { "src-ip6", TOK_SRCIP6},
72 { "profile", TOK_PIPE_PROFILE},
73 { "dummynet-params", TOK_NULL },
74 { NULL, 0 } /* terminator */
78 * XXX to be updated to the new version,
79 * without the global struct command_opts variable
82 sort_q(void * to_be_done, const void *pa, const void *pb)
84 int rev = (co.do_sort < 0);
85 int field = rev ? -co.do_sort : co.do_sort;
87 const struct dn_flow_queue *a = pa;
88 const struct dn_flow_queue *b = pb;
92 res = a->len - b->len;
95 res = a->len_bytes - b->len_bytes;
98 case 3: /* tot pkts */
99 res = a->tot_pkts - b->tot_pkts;
102 case 4: /* tot bytes */
103 res = a->tot_bytes - b->tot_bytes;
110 return (int)(rev ? res : -res);
114 list_queues(struct dn_flow_set *fs, struct dn_flow_queue *q)
117 int index_printed, indexes = 0;
121 if (fs->rq_elements == 0)
125 qsort_r(q, fs->rq_elements, sizeof *q, NULL, sort_q);
127 /* Print IPv4 flows */
129 for (l = 0; l < fs->rq_elements; l++) {
132 /* XXX: Should check for IPv4 flows */
133 if (IS_IP6_FLOW_ID(&(q[l].id)))
136 if (!index_printed) {
138 if (indexes > 0) /* currently a no-op */
142 "mask: 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n",
144 fs->flow_mask.src_ip, fs->flow_mask.src_port,
145 fs->flow_mask.dst_ip, fs->flow_mask.dst_port);
147 printf("BKT Prot ___Source IP/port____ "
148 "____Dest. IP/port____ "
149 "Tot_pkt/bytes Pkt/Byte Drp\n");
152 printf("%3d ", q[l].hash_slot);
153 pe = getprotobynumber(q[l].id.proto);
155 printf("%-4s ", pe->p_name);
157 printf("%4u ", q[l].id.proto);
158 ina.s_addr = htonl(q[l].id.src_ip);
160 inet_ntoa(ina), q[l].id.src_port);
161 ina.s_addr = htonl(q[l].id.dst_ip);
163 inet_ntoa(ina), q[l].id.dst_port);
164 printf("%4llu %8llu %2u %4u %3u\n",
165 align_uint64(&q[l].tot_pkts),
166 align_uint64(&q[l].tot_bytes),
167 q[l].len, q[l].len_bytes, q[l].drops);
169 printf(" S %20llu F %20llu\n",
170 align_uint64(&q[l].S), align_uint64(&q[l].F));
173 /* Print IPv6 flows */
175 for (l = 0; l < fs->rq_elements; l++) {
176 if (!IS_IP6_FLOW_ID(&(q[l].id)))
179 if (!index_printed) {
184 printf("\n mask: proto: 0x%02x, flow_id: 0x%08x, ",
185 fs->flow_mask.proto, fs->flow_mask.flow_id6);
186 inet_ntop(AF_INET6, &(fs->flow_mask.src_ip6),
188 printf("%s/0x%04x -> ", buff, fs->flow_mask.src_port);
189 inet_ntop( AF_INET6, &(fs->flow_mask.dst_ip6),
190 buff, sizeof(buff) );
191 printf("%s/0x%04x\n", buff, fs->flow_mask.dst_port);
193 printf("BKT ___Prot___ _flow-id_ "
194 "______________Source IPv6/port_______________ "
195 "_______________Dest. IPv6/port_______________ "
196 "Tot_pkt/bytes Pkt/Byte Drp\n");
198 printf("%3d ", q[l].hash_slot);
199 pe = getprotobynumber(q[l].id.proto);
201 printf("%9s ", pe->p_name);
203 printf("%9u ", q[l].id.proto);
204 printf("%7d %39s/%-5d ", q[l].id.flow_id6,
205 inet_ntop(AF_INET6, &(q[l].id.src_ip6), buff, sizeof(buff)),
207 printf(" %39s/%-5d ",
208 inet_ntop(AF_INET6, &(q[l].id.dst_ip6), buff, sizeof(buff)),
210 printf(" %4llu %8llu %2u %4u %3u\n",
211 align_uint64(&q[l].tot_pkts),
212 align_uint64(&q[l].tot_bytes),
213 q[l].len, q[l].len_bytes, q[l].drops);
215 printf(" S %20llu F %20llu\n",
216 align_uint64(&q[l].S),
217 align_uint64(&q[l].F));
222 print_flowset_parms(struct dn_flow_set *fs, char *prefix)
227 char red[90]; /* Display RED parameters */
230 if (fs->flags_fs & DN_QSIZE_IS_BYTES) {
232 sprintf(qs, "%d KB", l / 1024);
234 sprintf(qs, "%d B", l);
236 sprintf(qs, "%3d sl.", l);
238 sprintf(plr, "plr %f", 1.0 * fs->plr / (double)(0x7fffffff));
241 if (fs->flags_fs & DN_IS_RED) /* RED parameters */
243 "\n\t %cRED w_q %f min_th %d max_th %d max_p %f",
244 (fs->flags_fs & DN_IS_GENTLE_RED) ? 'G' : ' ',
245 1.0 * fs->w_q / (double)(1 << SCALE_RED),
246 SCALE_VAL(fs->min_th),
247 SCALE_VAL(fs->max_th),
248 1.0 * fs->max_p / (double)(1 << SCALE_RED));
250 sprintf(red, "droptail");
252 printf("%s %s%s %d queues (%d buckets) %s\n",
253 prefix, qs, plr, fs->rq_elements, fs->rq_size, red);
257 print_extra_delay_parms(struct dn_pipe *p, char *prefix)
260 if (p->samples_no <= 0)
263 loss = p->loss_level;
264 loss /= p->samples_no;
265 printf("%s profile: name \"%s\" loss %f samples %d\n",
266 prefix, p->name, loss, p->samples_no);
270 ipfw_list_pipes(void *data, uint nbytes, int ac, char *av[])
274 struct dn_pipe *p = (struct dn_pipe *) data;
275 struct dn_flow_set *fs;
276 struct dn_flow_queue *q;
280 rulenum = strtoul(*av++, NULL, 10);
283 for (; nbytes >= sizeof *p; p = (struct dn_pipe *)next) {
284 double b = p->bandwidth;
288 if (SLIST_NEXT(p, next) != (struct dn_pipe *)DN_IS_PIPE)
289 break; /* done with pipes, now queues */
292 * compute length, as pipe have variable size
294 l = sizeof(*p) + p->fs.rq_elements * sizeof(*q);
295 next = (char *)p + l;
298 if ((rulenum != 0 && rulenum != p->pipe_nr) || co.do_pipe == 2)
302 * Print rate (or clocking interface)
304 if (p->if_name[0] != '\0')
305 sprintf(buf, "%s", p->if_name);
307 sprintf(buf, "unlimited");
308 else if (b >= 1000000)
309 sprintf(buf, "%7.3f Mbit/s", b/1000000);
311 sprintf(buf, "%7.3f Kbit/s", b/1000);
313 sprintf(buf, "%7.3f bit/s ", b);
315 sprintf(prefix, "%05d: %s %4d ms ",
316 p->pipe_nr, buf, p->delay);
318 print_extra_delay_parms(p, prefix);
320 print_flowset_parms(&(p->fs), prefix);
322 q = (struct dn_flow_queue *)(p+1);
323 list_queues(&(p->fs), q);
325 for (fs = next; nbytes >= sizeof *fs; fs = next) {
328 if (SLIST_NEXT(fs, next) != (struct dn_flow_set *)DN_IS_QUEUE)
330 l = sizeof(*fs) + fs->rq_elements * sizeof(*q);
331 next = (char *)fs + l;
334 if (rulenum != 0 && ((rulenum != fs->fs_nr && co.do_pipe == 2) ||
335 (rulenum != fs->parent_nr && co.do_pipe == 1))) {
339 q = (struct dn_flow_queue *)(fs+1);
340 sprintf(prefix, "q%05d: weight %d pipe %d ",
341 fs->fs_nr, fs->weight, fs->parent_nr);
342 print_flowset_parms(fs, prefix);
348 * Delete pipe or queue i
351 ipfw_delete_pipe(int pipe_or_queue, int i)
355 memset(&p, 0, sizeof p);
356 if (pipe_or_queue == 1)
357 p.pipe_nr = i; /* pipe */
359 p.fs.fs_nr = i; /* queue */
360 i = do_cmd(IP_DUMMYNET_DEL, &p, sizeof p);
363 warn("rule %u: setsockopt(IP_DUMMYNET_DEL)", i);
369 * Code to parse delay profiles.
371 * Some link types introduce extra delays in the transmission
372 * of a packet, e.g. because of MAC level framing, contention on
373 * the use of the channel, MAC level retransmissions and so on.
374 * From our point of view, the channel is effectively unavailable
375 * for this extra time, which is constant or variable depending
376 * on the link type. Additionally, packets may be dropped after this
377 * time (e.g. on a wireless link after too many retransmissions).
378 * We can model the additional delay with an empirical curve
379 * that represents its distribution.
381 * cumulative probability
391 * +-------*------------------->
394 * The empirical curve may have both vertical and horizontal lines.
395 * Vertical lines represent constant delay for a range of
396 * probabilities; horizontal lines correspond to a discontinuty
397 * in the delay distribution: the pipe will use the largest delay
398 * for a given probability.
400 * To pass the curve to dummynet, we must store the parameters
401 * in a file as described below, and issue the command
403 * ipfw pipe <n> config ... bw XXX profile <filename> ...
405 * The file format is the following, with whitespace acting as
406 * a separator and '#' indicating the beginning a comment:
409 * the number of samples used in the internal
410 * representation (2..1024; default 100);
413 * The probability above which packets are lost.
414 * (0.0 <= L <= 1.0, default 1.0 i.e. no loss);
417 * Optional a name (listed by "ipfw pipe show")
418 * to identify the distribution;
420 * "delay prob" | "prob delay"
421 * One of these two lines is mandatory and defines
422 * the format of the following lines with data points.
425 * 2 or more lines representing points in the curve,
426 * with either delay or probability first, according
427 * to the chosen format.
428 * The unit for delay is milliseconds.
430 * Data points does not need to be ordered or equal to the number
431 * specified in the "samples" line. ipfw will sort and interpolate
432 * the curve as needed.
434 * Example of a profile file:
440 0 200 # minimum overhead is 200ms
447 * Internally, we will convert the curve to a fixed number of
448 * samples, and when it is time to transmit a packet we will
449 * model the extra delay as extra bits in the packet.
453 /* XXX move to an array definition ? */
454 #define ED_MAX_LINE_LEN 256+ED_MAX_NAME_LEN
455 #define ED_TOK_SAMPLES "samples"
456 #define ED_TOK_LOSS "loss-level"
457 #define ED_TOK_NAME "name"
458 #define ED_TOK_DELAY "delay"
459 #define ED_TOK_PROB "prob"
460 #define ED_TOK_BW "bw"
461 #define ED_SEPARATORS " \t\n"
462 #define ED_MIN_SAMPLES_NO 2
465 * returns 1 if s is a non-negative number, with at least one '.'
468 is_valid_number(const char *s)
470 int i, dots_found = 0;
473 for (i = 0; i<len; ++i)
474 if (!isdigit(s[i]) && (s[i] !='.' || ++dots_found > 1))
480 * Take as input a string describing a bandwidth value
481 * and return the numeric bandwidth value.
482 * set clocking interface or bandwidth value
485 read_bandwidth(char *arg, int *bandwidth, char *if_name, int namelen)
487 if (*bandwidth != -1)
488 warn("duplicate token, override bandwidth value!");
490 if (arg[0] >= 'a' && arg[0] <= 'z') {
491 if (namelen >= IFNAMSIZ)
492 warn("interface name truncated");
495 strncpy(if_name, arg, namelen);
496 if_name[namelen] = '\0';
498 } else { /* read bandwidth value */
502 bw = strtoul(arg, &end, 0);
503 if (*end == 'K' || *end == 'k') {
506 } else if (*end == 'M') {
511 _substrcmp2(end, "Bi", "Bit/s") != 0) ||
512 _substrcmp2(end, "by", "bytes") == 0)
516 errx(EX_DATAERR, "bandwidth too large");
529 compare_points(const void *vp1, const void *vp2)
531 const struct point *p1 = vp1;
532 const struct point *p2 = vp2;
535 res = p1->prob - p2->prob;
537 res = p1->delay - p2->delay;
546 #define ED_EFMT(s) EX_DATAERR,"error in %s at line %d: "#s,filename,lineno
549 load_extra_delays(const char *filename, struct dn_pipe *p)
551 char line[ED_MAX_LINE_LEN];
558 char profile_name[ED_MAX_NAME_LEN];
559 int delay_first = -1;
561 struct point points[ED_MAX_SAMPLES_NO];
564 profile_name[0] = '\0';
565 f = fopen(filename, "r");
567 err(EX_UNAVAILABLE, "fopen: %s", filename);
569 while (fgets(line, ED_MAX_LINE_LEN, f)) { /* read commands */
570 char *s, *cur = line, *name = NULL, *arg = NULL;
576 s = strsep(&cur, ED_SEPARATORS);
577 if (s == NULL || *s == '#')
582 errx(ED_EFMT("too many arguments"));
588 if (name == NULL) /* empty line */
591 errx(ED_EFMT("missing arg for %s"), name);
593 if (!strcasecmp(name, ED_TOK_SAMPLES)) {
595 errx(ED_EFMT("duplicate ``samples'' line"));
597 errx(ED_EFMT("invalid number of samples"));
599 if (samples>ED_MAX_SAMPLES_NO)
600 errx(ED_EFMT("too many samples, maximum is %d"),
603 } else if (!strcasecmp(name, ED_TOK_BW)) {
604 read_bandwidth(arg, &p->bandwidth, p->if_name, sizeof(p->if_name));
605 } else if (!strcasecmp(name, ED_TOK_LOSS)) {
607 errx(ED_EFMT("duplicated token: %s"), name);
608 if (!is_valid_number(arg))
609 errx(ED_EFMT("invalid %s"), arg);
612 errx(ED_EFMT("%s greater than 1.0"), name);
614 } else if (!strcasecmp(name, ED_TOK_NAME)) {
615 if (profile_name[0] != '\0')
616 errx(ED_EFMT("duplicated token: %s"), name);
617 strncpy(profile_name, arg, sizeof(profile_name) - 1);
618 profile_name[sizeof(profile_name)-1] = '\0';
620 } else if (!strcasecmp(name, ED_TOK_DELAY)) {
622 errx(ED_EFMT("duplicated token: %s"), name);
625 } else if (!strcasecmp(name, ED_TOK_PROB)) {
627 errx(ED_EFMT("duplicated token: %s"), name);
630 } else if (do_points) {
631 if (!is_valid_number(name) || !is_valid_number(arg))
632 errx(ED_EFMT("invalid point found"));
634 points[points_no].delay = atof(name);
635 points[points_no].prob = atof(arg);
637 points[points_no].delay = atof(arg);
638 points[points_no].prob = atof(name);
640 if (points[points_no].prob > 1.0)
641 errx(ED_EFMT("probability greater than 1.0"));
644 errx(ED_EFMT("unrecognised command '%s'"), name);
649 warnx("'%s' not found, assuming 100", ED_TOK_SAMPLES);
654 warnx("'%s' not found, assuming no loss", ED_TOK_LOSS);
658 /* make sure that there are enough points. */
659 if (points_no < ED_MIN_SAMPLES_NO)
660 errx(ED_EFMT("too few samples, need at least %d"),
663 qsort(points, points_no, sizeof(struct point), compare_points);
666 for (i = 0; i<points_no-1; ++i) {
667 double y1 = points[i].prob * samples;
668 double x1 = points[i].delay;
669 double y2 = points[i+1].prob * samples;
670 double x2 = points[i+1].delay;
676 for (; index<stop; ++index)
677 p->samples[index] = x1;
679 double m = (y2-y1)/(x2-x1);
680 double c = y1 - m*x1;
681 for (; index<stop ; ++index)
682 p->samples[index] = (index - c)/m;
685 p->samples_no = samples;
686 p->loss_level = loss * samples;
687 strncpy(p->name, profile_name, sizeof(p->name));
691 ipfw_config_pipe(int ac, char **av)
693 int samples[ED_MAX_SAMPLES_NO];
699 memset(&p, 0, sizeof p);
704 if (ac && isdigit(**av)) {
705 i = atoi(*av); av++; ac--;
713 int tok = match_token(dummynet_params, *av);
718 p.fs.flags_fs |= DN_NOERROR;
722 NEED1("plr needs argument 0..1\n");
723 d = strtod(av[0], NULL);
728 p.fs.plr = (int)(d*0x7fffffff);
733 NEED1("queue needs queue size\n");
735 p.fs.qsize = strtoul(av[0], &end, 0);
736 if (*end == 'K' || *end == 'k') {
737 p.fs.flags_fs |= DN_QSIZE_IS_BYTES;
739 } else if (*end == 'B' ||
740 _substrcmp2(end, "by", "bytes") == 0) {
741 p.fs.flags_fs |= DN_QSIZE_IS_BYTES;
747 NEED1("buckets needs argument\n");
748 p.fs.rq_size = strtoul(av[0], NULL, 0);
753 NEED1("mask needs mask specifier\n");
755 * per-flow queue, mask is dst_ip, dst_port,
756 * src_ip, src_port, proto measured in bits
760 bzero(&p.fs.flow_mask, sizeof(p.fs.flow_mask));
764 uint32_t *p32 = NULL;
765 uint16_t *p16 = NULL;
766 uint32_t *p20 = NULL;
767 struct in6_addr *pa6 = NULL;
770 tok = match_token(dummynet_params, *av);
775 * special case, all bits significant
777 p.fs.flow_mask.dst_ip = ~0;
778 p.fs.flow_mask.src_ip = ~0;
779 p.fs.flow_mask.dst_port = ~0;
780 p.fs.flow_mask.src_port = ~0;
781 p.fs.flow_mask.proto = ~0;
782 n2mask(&(p.fs.flow_mask.dst_ip6), 128);
783 n2mask(&(p.fs.flow_mask.src_ip6), 128);
784 p.fs.flow_mask.flow_id6 = ~0;
785 p.fs.flags_fs |= DN_HAVE_FLOW_MASK;
789 p32 = &p.fs.flow_mask.dst_ip;
793 p32 = &p.fs.flow_mask.src_ip;
797 pa6 = &(p.fs.flow_mask.dst_ip6);
801 pa6 = &(p.fs.flow_mask.src_ip6);
805 p20 = &p.fs.flow_mask.flow_id6;
809 p16 = &p.fs.flow_mask.dst_port;
813 p16 = &p.fs.flow_mask.src_port;
820 ac++; av--; /* backtrack */
824 errx(EX_USAGE, "mask: value missing");
826 a = strtoul(av[0]+1, &end, 0);
828 a = (a == 32) ? ~0 : (1 << a) - 1;
830 a = strtoul(av[0], &end, 0);
833 else if (p16 != NULL) {
836 "port mask must be 16 bit");
838 } else if (p20 != NULL) {
841 "flow_id mask must be 20 bit");
843 } else if (pa6 != NULL) {
846 "in6addr invalid mask len");
852 "proto mask must be 8 bit");
853 p.fs.flow_mask.proto = (uint8_t)a;
856 p.fs.flags_fs |= DN_HAVE_FLOW_MASK;
858 } /* end while, config masks */
864 NEED1("red/gred needs w_q/min_th/max_th/max_p\n");
865 p.fs.flags_fs |= DN_IS_RED;
867 p.fs.flags_fs |= DN_IS_GENTLE_RED;
869 * the format for parameters is w_q/min_th/max_th/max_p
871 if ((end = strsep(&av[0], "/"))) {
872 double w_q = strtod(end, NULL);
873 if (w_q > 1 || w_q <= 0)
874 errx(EX_DATAERR, "0 < w_q <= 1");
875 p.fs.w_q = (int) (w_q * (1 << SCALE_RED));
877 if ((end = strsep(&av[0], "/"))) {
878 p.fs.min_th = strtoul(end, &end, 0);
879 if (*end == 'K' || *end == 'k')
882 if ((end = strsep(&av[0], "/"))) {
883 p.fs.max_th = strtoul(end, &end, 0);
884 if (*end == 'K' || *end == 'k')
887 if ((end = strsep(&av[0], "/"))) {
888 double max_p = strtod(end, NULL);
889 if (max_p > 1 || max_p <= 0)
890 errx(EX_DATAERR, "0 < max_p <= 1");
891 p.fs.max_p = (int)(max_p * (1 << SCALE_RED));
897 p.fs.flags_fs &= ~(DN_IS_RED|DN_IS_GENTLE_RED);
901 NEED1("bw needs bandwidth or interface\n");
903 errx(EX_DATAERR, "bandwidth only valid for pipes");
904 read_bandwidth(av[0], &p.bandwidth, p.if_name, sizeof(p.if_name));
910 errx(EX_DATAERR, "delay only valid for pipes");
911 NEED1("delay needs argument 0..10000ms\n");
912 p.delay = strtoul(av[0], NULL, 0);
918 errx(EX_DATAERR,"weight only valid for queues");
919 NEED1("weight needs argument 0..100\n");
920 p.fs.weight = strtoul(av[0], &end, 0);
926 errx(EX_DATAERR,"pipe only valid for queues");
927 NEED1("pipe needs pipe_number\n");
928 p.fs.parent_nr = strtoul(av[0], &end, 0);
932 case TOK_PIPE_PROFILE:
934 errx(EX_DATAERR, "extra delay only valid for pipes");
935 NEED1("extra delay needs the file name\n");
936 p.samples = &samples[0];
937 load_extra_delays(av[0], &p);
942 errx(EX_DATAERR, "unrecognised option ``%s''", av[-1]);
945 if (co.do_pipe == 1) {
947 errx(EX_DATAERR, "pipe_nr must be > 0");
949 errx(EX_DATAERR, "delay must be < 10000");
950 } else { /* co.do_pipe == 2, queue */
951 if (p.fs.parent_nr == 0)
952 errx(EX_DATAERR, "pipe must be > 0");
953 if (p.fs.weight >100)
954 errx(EX_DATAERR, "weight must be <= 100");
957 /* check for bandwidth value */
958 if (p.bandwidth == -1) {
960 if (p.samples_no > 0)
961 errx(EX_DATAERR, "profile requires a bandwidth limit");
964 if (p.fs.flags_fs & DN_QSIZE_IS_BYTES) {
969 if (sysctlbyname("net.inet.ip.dummynet.pipe_byte_limit",
970 &limit, &len, NULL, 0) == -1)
972 if (p.fs.qsize > limit)
973 errx(EX_DATAERR, "queue size must be < %ldB", limit);
979 if (sysctlbyname("net.inet.ip.dummynet.pipe_slot_limit",
980 &limit, &len, NULL, 0) == -1)
982 if (p.fs.qsize > limit)
983 errx(EX_DATAERR, "2 <= queue size <= %ld", limit);
985 if (p.fs.flags_fs & DN_IS_RED) {
987 int lookup_depth, avg_pkt_size;
988 double s, idle, weight, w_q;
992 if (p.fs.min_th >= p.fs.max_th)
993 errx(EX_DATAERR, "min_th %d must be < than max_th %d",
994 p.fs.min_th, p.fs.max_th);
995 if (p.fs.max_th == 0)
996 errx(EX_DATAERR, "max_th must be > 0");
999 if (sysctlbyname("net.inet.ip.dummynet.red_lookup_depth",
1000 &lookup_depth, &len, NULL, 0) == -1)
1001 errx(1, "sysctlbyname(\"%s\")",
1002 "net.inet.ip.dummynet.red_lookup_depth");
1003 if (lookup_depth == 0)
1004 errx(EX_DATAERR, "net.inet.ip.dummynet.red_lookup_depth"
1005 " must be greater than zero");
1008 if (sysctlbyname("net.inet.ip.dummynet.red_avg_pkt_size",
1009 &avg_pkt_size, &len, NULL, 0) == -1)
1011 errx(1, "sysctlbyname(\"%s\")",
1012 "net.inet.ip.dummynet.red_avg_pkt_size");
1013 if (avg_pkt_size == 0)
1015 "net.inet.ip.dummynet.red_avg_pkt_size must"
1016 " be greater than zero");
1018 len = sizeof(struct clockinfo);
1019 if (sysctlbyname("kern.clockrate", &ck, &len, NULL, 0) == -1)
1020 errx(1, "sysctlbyname(\"%s\")", "kern.clockrate");
1023 * Ticks needed for sending a medium-sized packet.
1024 * Unfortunately, when we are configuring a WF2Q+ queue, we
1025 * do not have bandwidth information, because that is stored
1026 * in the parent pipe, and also we have multiple queues
1027 * competing for it. So we set s=0, which is not very
1028 * correct. But on the other hand, why do we want RED with
1031 if (p.bandwidth==0) /* this is a WF2Q+ queue */
1034 s = (double)ck.hz * avg_pkt_size * 8 / p.bandwidth;
1037 * max idle time (in ticks) before avg queue size becomes 0.
1038 * NOTA: (3/w_q) is approx the value x so that
1039 * (1-w_q)^x < 10^-3.
1041 w_q = ((double)p.fs.w_q) / (1 << SCALE_RED);
1042 idle = s * 3. / w_q;
1043 p.fs.lookup_step = (int)idle / lookup_depth;
1044 if (!p.fs.lookup_step)
1045 p.fs.lookup_step = 1;
1047 for (t = p.fs.lookup_step; t > 1; --t)
1049 p.fs.lookup_weight = (int)(weight * (1 << SCALE_RED));
1051 if (p.samples_no <= 0) {
1052 i = do_cmd(IP_DUMMYNET_CONFIGURE, &p, sizeof p);
1054 struct dn_pipe_max pm;
1055 int len = sizeof(pm);
1057 memcpy(&pm.pipe, &p, sizeof(pm.pipe));
1058 memcpy(&pm.samples, samples, sizeof(pm.samples));
1060 i = do_cmd(IP_DUMMYNET_CONFIGURE, &pm, len);
1064 err(1, "setsockopt(%s)", "IP_DUMMYNET_CONFIGURE");
git://git.onelab.eu / ipfw.git / blob