summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2020-10-28 04:46:45 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2020-10-28 04:46:45 +0000
commit1906cd5a2adb13e1a219df2c9dd0420718efc745 (patch)
treeefc7a8c09540e9756ecf92c3bb3054a11a71714c
parentReleasing progress-linux version 1:1.2.0-1~progress5+u1. (diff)
downloadiptraf-ng-1906cd5a2adb13e1a219df2c9dd0420718efc745.tar.xz
iptraf-ng-1906cd5a2adb13e1a219df2c9dd0420718efc745.zip
Merging upstream version 1:1.2.1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--CHANGES5
-rwxr-xr-xGEN-VERSION-FILE2
-rw-r--r--Makefile5
-rw-r--r--src/capt-mmap-v2.c24
-rw-r--r--src/capt-mmap-v3.c22
-rw-r--r--src/capt-recvmmsg.c3
-rw-r--r--src/capt-recvmsg.c6
-rw-r--r--src/capt.c40
-rw-r--r--src/capt.h2
9 files changed, 73 insertions, 36 deletions
diff --git a/CHANGES b/CHANGES
index e7140a2..2a0460c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
CHANGES file for iptraf-ng
+* Tue Jul 21 2020 Vitezslav Samel <vitezslav@samel.cz> - 1.2.1
+- Makefile: protect mandatory compile flags
+- packet capture: don't reuse socket for multiple receive functions
+- TPACKET_V[23]: continue even if mlock() fails
+
* Thu Jun 04 2020 Vitezslav Samel <vitezslav@samel.cz> - 1.2.0
- ipfrag: code refactoring (Nikola Pajkovsky)
- ifstats: sort interfaces by name (Jan Engelhardt)
diff --git a/GEN-VERSION-FILE b/GEN-VERSION-FILE
index 9a8a22d..4031896 100755
--- a/GEN-VERSION-FILE
+++ b/GEN-VERSION-FILE
@@ -1,7 +1,7 @@
#!/bin/bash
GVF=VERSION-FILE
-DEF_VER=1.2.0
+DEF_VER=1.2.1
LF='
'
diff --git a/Makefile b/Makefile
index a1fd3d2..a0968af 100644
--- a/Makefile
+++ b/Makefile
@@ -18,9 +18,10 @@ VERSION-FILE: FORCE
@$(SHELL_PATH) ./GEN-VERSION-FILE
-include VERSION-FILE
-CFLAGS = -g -O2 -Wall -W -std=gnu99 -Werror=format-security -D_GNU_SOURCE
+CFLAGS = -g -O2 -Wall -W -Werror=format-security
LDFLAGS =
-ALL_CFLAGS = $(CPPFLAGS) $(CFLAGS)
+IPTRAF_CFLAGS := -std=gnu99 -D_GNU_SOURCE
+ALL_CFLAGS = $(CPPFLAGS) $(CFLAGS) $(IPTRAF_CFLAGS)
ALL_LDFLAGS = $(LDFLAGS)
STRIP ?= strip
diff --git a/src/capt-mmap-v2.c b/src/capt-mmap-v2.c
index 19757cb..f69b189 100644
--- a/src/capt-mmap-v2.c
+++ b/src/capt-mmap-v2.c
@@ -102,14 +102,17 @@ static void capt_cleanup_mmap_v2(struct capt *capt)
int capt_setup_mmap_v2(struct capt *capt)
{
+ if (capt_get_socket(capt) == -1)
+ return -1;
+
int version = TPACKET_V2;
if (setsockopt(capt->fd, SOL_PACKET, PACKET_VERSION, &version, sizeof(version)) != 0)
- return -1;
+ goto err;
int hdrlen = version;
socklen_t socklen = sizeof(hdrlen);
if (getsockopt(capt->fd, SOL_PACKET, PACKET_HDRLEN, &hdrlen, &socklen) != 0)
- return -1;
+ goto err;
struct tpacket_req req;
@@ -118,18 +121,18 @@ int capt_setup_mmap_v2(struct capt *capt)
req.tp_frame_size = FRAME_SIZE;
req.tp_block_size = req.tp_frame_nr * req.tp_frame_size;
- if(setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0)
- return -1;
+ if (setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0)
+ goto err;
size_t size = req.tp_block_size * req.tp_block_nr;
void *map = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, capt->fd, 0);
if (map == MAP_FAILED)
- return -1;
+ goto err;
- if(mlock(map, size) != 0) {
- munmap(map, size);
- return -1;
- }
+ /* try to lock this memory to RAM */
+ (void)mlock(map, size); /* no need to check return value because the mlock() is
+ * not mandatory; if it fails packet capture just works OK
+ * albeit suboptimally */
struct capt_data_mmap_v2 *data = xmallocz(sizeof(struct capt_data_mmap_v2));
@@ -151,4 +154,7 @@ int capt_setup_mmap_v2(struct capt *capt)
capt->cleanup = capt_cleanup_mmap_v2;
return 0; /* All O.K. */
+err:
+ capt_put_socket(capt);
+ return -1;
}
diff --git a/src/capt-mmap-v3.c b/src/capt-mmap-v3.c
index 6b823af..539b923 100644
--- a/src/capt-mmap-v3.c
+++ b/src/capt-mmap-v3.c
@@ -141,14 +141,17 @@ static void capt_cleanup_mmap_v3(struct capt *capt)
int capt_setup_mmap_v3(struct capt *capt)
{
+ if (capt_get_socket(capt) == -1)
+ return -1;
+
int version = TPACKET_V3;
if (setsockopt(capt->fd, SOL_PACKET, PACKET_VERSION, &version, sizeof(version)) != 0)
- return -1;
+ goto err;
int hdrlen = version;
socklen_t socklen = sizeof(hdrlen);
if (getsockopt(capt->fd, SOL_PACKET, PACKET_HDRLEN, &hdrlen, &socklen) != 0)
- return -1;
+ goto err;
struct tpacket_req3 req;
@@ -162,17 +165,17 @@ int capt_setup_mmap_v3(struct capt *capt)
// req.tp_feature_req_word = TP_FT_REQ_FILL_RXHASH;
if(setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0)
- return -1;
+ goto err;
size_t size = req.tp_block_size * req.tp_block_nr;
void *map = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, capt->fd, 0);
if (map == MAP_FAILED)
- return -1;
+ goto err;
- if (mlock(map, size) != 0) {
- munmap(map, size);
- return -1;
- }
+ /* try to lock this memory to RAM */
+ (void)mlock(map, size); /* no need to check return value because the mlock() is
+ * not mandatory; if it fails packet capture just works OK
+ * albeit suboptimally */
struct capt_data_mmap_v3 *data = xmallocz(sizeof(struct capt_data_mmap_v3));
@@ -193,4 +196,7 @@ int capt_setup_mmap_v3(struct capt *capt)
capt->cleanup = capt_cleanup_mmap_v3;
return 0; /* All O.K. */
+err:
+ capt_put_socket(capt);
+ return -1;
}
diff --git a/src/capt-recvmmsg.c b/src/capt-recvmmsg.c
index 712bf0d..dacc5e7 100644
--- a/src/capt-recvmmsg.c
+++ b/src/capt-recvmmsg.c
@@ -114,6 +114,9 @@ int capt_setup_recvmmsg(struct capt *capt)
{
struct capt_data_recvmmsg *data;
+ if (capt_get_socket(capt) == -1)
+ return -1;
+
data = xmallocz(sizeof(struct capt_data_recvmmsg));
data->buf = xmallocz(FRAMES * MAX_PACKET_SIZE);
data->msgvec = xmallocz(FRAMES * sizeof(*data->msgvec));
diff --git a/src/capt-recvmsg.c b/src/capt-recvmsg.c
index 4ef7263..e167809 100644
--- a/src/capt-recvmsg.c
+++ b/src/capt-recvmsg.c
@@ -64,8 +64,12 @@ static void capt_cleanup_recvmsg(struct capt *capt)
int capt_setup_recvmsg(struct capt *capt)
{
- struct capt_data_recvmsg *data = xmallocz(sizeof(struct capt_data_recvmsg));
+ struct capt_data_recvmsg *data;
+ if (capt_get_socket(capt) == -1)
+ return -1;
+
+ data = xmallocz(sizeof(struct capt_data_recvmsg));
data->buf = xmallocz(MAX_PACKET_SIZE);
data->iov.iov_len = MAX_PACKET_SIZE;
data->iov.iov_base = data->buf;
diff --git a/src/capt.c b/src/capt.c
index e14b398..324d7cc 100644
--- a/src/capt.c
+++ b/src/capt.c
@@ -15,6 +15,26 @@
#include "capt-mmap-v2.h"
#include "capt-mmap-v3.h"
+int capt_get_socket(struct capt *capt) {
+
+ /* initialize socket first with some default protocol;
+ * the right protocol is then set with bind();
+ * this overcomes the problem with getting packets
+ * from other interfaces, because the socket was not
+ * properly initialized yet */
+ int fd = socket(PF_PACKET, SOCK_RAW, 0);
+ if (fd == -1)
+ return -1;
+
+ capt->fd = fd;
+ return 0;
+}
+
+void capt_put_socket(struct capt *capt) {
+ close(capt->fd);
+ capt->fd = -1;
+}
+
static int capt_set_recv_timeout(int fd, unsigned int msec)
{
struct timeval timeout;
@@ -56,29 +76,20 @@ int capt_init(struct capt *capt, char *ifname)
capt->put_packet = NULL;
capt->get_dropped = NULL;
capt->cleanup = NULL;
+ capt->fd = -1;
capt->dropped = 0UL;
INIT_LIST_HEAD(&capt->promisc);
- /* initialize socket first with some default protocol;
- * the right protocol is then set with bind();
- * this overcomes the problem with getting packets
- * from other interfaces, because the socket was not
- * properly initialized yet */
- int fd = socket(PF_PACKET, SOCK_RAW, 0);
- if (fd == -1)
- return fd;
- capt->fd = fd;
+ /* try all available receive functions */
+ if (capt_setup_receive_function(capt) == -1)
+ goto out;
/* set socket receive timeout */
if (capt_set_recv_timeout(capt->fd, 250) == -1)
goto out;
- /* try all available receive functions */
- if (capt_setup_receive_function(capt) == -1)
- goto out;
-
if (options.promisc)
promisc_enable(capt->fd, &capt->promisc, ifname);
@@ -102,8 +113,7 @@ void capt_destroy(struct capt *capt)
if (capt->cleanup)
capt->cleanup(capt);
- close(capt->fd);
- capt->fd = -1;
+ capt_put_socket(capt);
}
static unsigned long capt_get_dropped_generic(struct capt *capt)
diff --git a/src/capt.h b/src/capt.h
index d1399b5..a36a4aa 100644
--- a/src/capt.h
+++ b/src/capt.h
@@ -27,6 +27,8 @@ struct capt {
void (*cleanup)(struct capt *capt);
};
+int capt_get_socket(struct capt *capt);
+void capt_put_socket(struct capt *capt);
int capt_init(struct capt *capt, char *ifname);
void capt_destroy(struct capt *capt);
unsigned long capt_get_dropped(struct capt *capt);