diff options
-rwxr-xr-x | configure | 20 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | plugins/eventlog/Makefile.am | 5 | ||||
-rw-r--r-- | plugins/eventlog/Makefile.in | 5 | ||||
-rw-r--r-- | plugins/royparse/Makefile.am | 5 | ||||
-rw-r--r-- | plugins/royparse/Makefile.in | 5 | ||||
-rwxr-xr-x | plugins/rssm/dnscap-rssm-rssac002 | 9 | ||||
-rw-r--r-- | plugins/rssm/rssm.c | 37 | ||||
-rw-r--r-- | plugins/rssm/test1.gold | 8 | ||||
-rwxr-xr-x | plugins/rssm/test1.sh | 2 | ||||
-rwxr-xr-x | plugins/rssm/test2.sh | 2 | ||||
-rw-r--r-- | src/daemon.c | 52 | ||||
-rw-r--r-- | src/dnscap.1.in | 3 | ||||
-rw-r--r-- | src/options.c | 11 | ||||
-rw-r--r-- | src/options.h | 4 |
15 files changed, 147 insertions, 23 deletions
@@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for dnscap 2.0.3. +# Generated by GNU Autoconf 2.69 for dnscap 2.1.0. # # Report bugs to <dnscap-users@dns-oarc.net>. # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='dnscap' PACKAGE_TARNAME='dnscap' -PACKAGE_VERSION='2.0.3' -PACKAGE_STRING='dnscap 2.0.3' +PACKAGE_VERSION='2.1.0' +PACKAGE_STRING='dnscap 2.1.0' PACKAGE_BUGREPORT='dnscap-users@dns-oarc.net' PACKAGE_URL='https://github.com/DNS-OARC/dnscap/issues' @@ -1353,7 +1353,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures dnscap 2.0.3 to adapt to many kinds of systems. +\`configure' configures dnscap 2.1.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1424,7 +1424,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of dnscap 2.0.3:";; + short | recursive ) echo "Configuration of dnscap 2.1.0:";; esac cat <<\_ACEOF @@ -1556,7 +1556,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -dnscap configure 2.0.3 +dnscap configure 2.1.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1979,7 +1979,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by dnscap $as_me 2.0.3, which was +It was created by dnscap $as_me 2.1.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2842,7 +2842,7 @@ fi # Define the identity of the package. PACKAGE='dnscap' - VERSION='2.0.3' + VERSION='2.1.0' cat >>confdefs.h <<_ACEOF @@ -15015,7 +15015,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by dnscap $as_me 2.0.3, which was +This file was extended by dnscap $as_me 2.1.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -15082,7 +15082,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -dnscap config.status 2.0.3 +dnscap config.status 2.1.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 843e8c9..e3000a7 100644 --- a/configure.ac +++ b/configure.ac @@ -33,7 +33,7 @@ # POSSIBILITY OF SUCH DAMAGE. AC_PREREQ(2.61) -AC_INIT([dnscap], [2.0.3], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues]) +AC_INIT([dnscap], [2.1.0], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues]) AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects]) AC_CONFIG_SRCDIR([src/dnscap.c]) AC_CONFIG_HEADER([src/config.h]) diff --git a/plugins/eventlog/Makefile.am b/plugins/eventlog/Makefile.am index e29af63..d18531c 100644 --- a/plugins/eventlog/Makefile.am +++ b/plugins/eventlog/Makefile.am @@ -4,11 +4,12 @@ CLEANFILES = *.gcda *.gcno *.gcov AM_CFLAGS = -I$(srcdir) \ -I$(top_srcdir)/src \ -I$(top_srcdir)/isc \ - $(SECCOMPFLAGS) + $(SECCOMPFLAGS) \ + $(libldns_CFLAGS) pkglib_LTLIBRARIES = eventlog.la eventlog_la_SOURCES = eventlog.c -eventlog_la_LDFLAGS = -module -avoid-version +eventlog_la_LDFLAGS = -module -avoid-version $(libldns_LIBS) TESTS = test1.sh EXTRA_DIST = $(TESTS) diff --git a/plugins/eventlog/Makefile.in b/plugins/eventlog/Makefile.in index 6dd2dcc..fe6a9a6 100644 --- a/plugins/eventlog/Makefile.in +++ b/plugins/eventlog/Makefile.in @@ -520,11 +520,12 @@ CLEANFILES = *.gcda *.gcno *.gcov test1.out *.pcap-dist AM_CFLAGS = -I$(srcdir) \ -I$(top_srcdir)/src \ -I$(top_srcdir)/isc \ - $(SECCOMPFLAGS) + $(SECCOMPFLAGS) \ + $(libldns_CFLAGS) pkglib_LTLIBRARIES = eventlog.la eventlog_la_SOURCES = eventlog.c -eventlog_la_LDFLAGS = -module -avoid-version +eventlog_la_LDFLAGS = -module -avoid-version $(libldns_LIBS) TESTS = test1.sh EXTRA_DIST = $(TESTS) all: all-am diff --git a/plugins/royparse/Makefile.am b/plugins/royparse/Makefile.am index 795a277..5b907cb 100644 --- a/plugins/royparse/Makefile.am +++ b/plugins/royparse/Makefile.am @@ -4,11 +4,12 @@ CLEANFILES = *.gcda *.gcno *.gcov AM_CFLAGS = -I$(srcdir) \ -I$(top_srcdir)/src \ -I$(top_srcdir)/isc \ - $(SECCOMPFLAGS) + $(SECCOMPFLAGS) \ + $(libldns_CFLAGS) pkglib_LTLIBRARIES = royparse.la royparse_la_SOURCES = royparse.c -royparse_la_LDFLAGS = -module -avoid-version +royparse_la_LDFLAGS = -module -avoid-version $(libldns_LIBS) TESTS = test1.sh EXTRA_DIST = $(TESTS) diff --git a/plugins/royparse/Makefile.in b/plugins/royparse/Makefile.in index bf1e922..d2e0ee5 100644 --- a/plugins/royparse/Makefile.in +++ b/plugins/royparse/Makefile.in @@ -520,11 +520,12 @@ CLEANFILES = *.gcda *.gcno *.gcov test1.out* *.pcap-dist AM_CFLAGS = -I$(srcdir) \ -I$(top_srcdir)/src \ -I$(top_srcdir)/isc \ - $(SECCOMPFLAGS) + $(SECCOMPFLAGS) \ + $(libldns_CFLAGS) pkglib_LTLIBRARIES = royparse.la royparse_la_SOURCES = royparse.c -royparse_la_LDFLAGS = -module -avoid-version +royparse_la_LDFLAGS = -module -avoid-version $(libldns_LIBS) TESTS = test1.sh EXTRA_DIST = $(TESTS) all: all-am diff --git a/plugins/rssm/dnscap-rssm-rssac002 b/plugins/rssm/dnscap-rssm-rssac002 index cf0b144..30c0b3b 100755 --- a/plugins/rssm/dnscap-rssm-rssac002 +++ b/plugins/rssm/dnscap-rssm-rssac002 @@ -37,7 +37,7 @@ use warnings; use YAML; unless (scalar @ARGV > 1) { - print "usage: dnscap-rssm-rssac002 [--no-recompile|--keep-dnscap-rssm|--sort] <YAML files to merge...>\n"; + print "usage: dnscap-rssm-rssac002 [--no-recompile|--keep-dnscap-rssm|--sort|--skip-unsupported] <YAML files to merge...>\n"; exit(1); } @@ -46,6 +46,7 @@ my $earliest_start_period; my $recompile = 1; my $keep_dnscap_rssm = 0; my $sort = 0; +my $skip_unsupported = 0; foreach my $file (@ARGV) { if ($file eq '--no-recompile') { @@ -57,6 +58,9 @@ foreach my $file (@ARGV) { } elsif ($file eq '--sort') { $sort = 1; next; + } elsif ($file eq '--skip-unsupported') { + $skip_unsupported = 1; + next; } foreach my $doc (YAML::LoadFile($file)) { my $version = delete $doc->{version}; @@ -76,6 +80,9 @@ foreach my $file (@ARGV) { die "$file: not valid RSSAC002 YAML, missing metric"; } unless ($version eq 'rssac002v3') { + if ($skip_unsupported) { + next; + } die "$file: unsupported RSSAC002 version $version"; } diff --git a/plugins/rssm/rssm.c b/plugins/rssm/rssm.c index f106645..1847cc0 100644 --- a/plugins/rssm/rssm.c +++ b/plugins/rssm/rssm.c @@ -75,6 +75,9 @@ static int aggregated_into_counters = 0; static char* service_name = 0; static int rssac002v3_yaml = 0; +// RSSAC002v5 draft metrics +static int label_count = 0; + output_t rssm_output; #define MAX_SIZE_INDEX 4096 @@ -82,6 +85,7 @@ output_t rssm_output; #define MAX_TBL_ADDRS 2000000 #define MAX_TBL_ADDRS2 200000 #define MAX_RCODE (1 << 12) +#define MAX_LABELS 128 typedef struct { hashtbl* tbl; @@ -111,6 +115,7 @@ struct { uint64_t udp_response_size[MAX_SIZE_INDEX]; uint64_t tcp_response_size[MAX_SIZE_INDEX]; uint64_t rcodes[MAX_RCODE]; + uint64_t labels[MAX_LABELS]; my_hashtbl sources; my_hashtbl2 aggregated; uint64_t num_ipv4_sources; @@ -178,13 +183,14 @@ void rssm_usage() "\t with the prefix \"aggregated-source\" or ...\n" "\t-a <name> write aggregated IPv6(/64) sources to\n" "\t <name>.<timesec>.<timeusec>\n" + "\t-L Add \"label-count\" metric (RSSAC002v5 WIP)\n" "\t-D don't fork on close\n"); } void rssm_getopt(int* argc, char** argv[]) { int c; - while ((c = getopt(*argc, *argv, "?w:Yn:Ss:Aa:D")) != EOF) { + while ((c = getopt(*argc, *argv, "?w:Yn:Ss:Aa:DL")) != EOF) { switch (c) { case 'w': if (counts_prefix) @@ -218,6 +224,9 @@ void rssm_getopt(int* argc, char** argv[]) case 'D': dont_fork_on_close = 1; break; + case 'L': + label_count = 1; + break; case '?': rssm_usage(); if (!optopt || optopt == '?') { @@ -424,6 +433,15 @@ void rssm_save_counts(const char* sbuf) fprintf(fp, "aggregated-sources: {}\n"); } } + + if (label_count) { + fprintf(fp, "\n---\nversion: rssac002v5-draft\nservice: %s\nstart-period: %s\nmetric: label-count\n", service_name, tz); + for (i = 0; i < MAX_LABELS; i++) { + if (counts.labels[i]) { + fprintf(fp, "%d: %" PRIu64 "\n", i, counts.labels[i]); + } + } + } } else { fprintf(fp, "first-packet-time %ld\n", (long)open_ts.tv_sec); fprintf(fp, "last-packet-time %ld\n", (long)close_ts.tv_sec); @@ -474,6 +492,13 @@ void rssm_save_counts(const char* sbuf) fprintf(fp, "aggregated-source %s %" PRIu64 "\n", ia_str(counts.aggregated.addrs[i]), counts.aggregated.count[i]); } } + if (label_count) { + for (i = 0; i < MAX_LABELS; i++) { + if (counts.labels[i]) { + fprintf(fp, "label-count %d %" PRIu64 "\n", i, counts.labels[i]); + } + } + } } fclose(fp); fprintf(stderr, "rssm: done\n"); @@ -666,6 +691,16 @@ void rssm_output(const char* descr, iaddr from, iaddr to, uint8_t proto, unsigne counts.dns_tcp_queries_received_ipv6++; } } + if (label_count) { + ldns_rr_list* question_list = ldns_pkt_question(pkt); + if (question_list) { + ldns_rr* rr = ldns_rr_list_rr(question_list, 0); + if (rr) { + uint8_t lc = ldns_rr_label_count(rr); + counts.labels[lc < MAX_LABELS ? lc : MAX_LABELS - 1] += 1; + } + } + } } else { uint16_t rcode = ldns_pkt_get_rcode(pkt); if (IPPROTO_UDP == proto) { diff --git a/plugins/rssm/test1.gold b/plugins/rssm/test1.gold index 86957d0..cdfee7d 100644 --- a/plugins/rssm/test1.gold +++ b/plugins/rssm/test1.gold @@ -56,3 +56,11 @@ service: test1 start-period: 2016-10-20T15:23:01Z metric: dnscap-rssm-aggregated-sources aggregated-sources: {} + +--- +version: rssac002v5-draft +service: test1 +start-period: 2016-10-20T15:23:01Z +metric: label-count +2: 24 +6: 17 diff --git a/plugins/rssm/test1.sh b/plugins/rssm/test1.sh index d43b947..13759f9 100755 --- a/plugins/rssm/test1.sh +++ b/plugins/rssm/test1.sh @@ -6,6 +6,6 @@ if [ -z "$plugin" ]; then exit 1 fi -../../src/dnscap -N -T -r "$srcdir/../../src/test/dns.pcap" -P "$plugin" -w test1 -Y -n test1 -A -S -D +../../src/dnscap -N -T -r "$srcdir/../../src/test/dns.pcap" -P "$plugin" -w test1 -Y -n test1 -A -S -D -L diff test1.20161020.152301.075993 "$srcdir/test1.gold" diff --git a/plugins/rssm/test2.sh b/plugins/rssm/test2.sh index 11f44af..ad019bd 100755 --- a/plugins/rssm/test2.sh +++ b/plugins/rssm/test2.sh @@ -1,5 +1,5 @@ #!/bin/sh -xe -"$srcdir"/dnscap-rssm-rssac002 --sort "$srcdir/test1.gold" "$srcdir/test1.gold" "$srcdir/test1.gold" > test2.out +"$srcdir"/dnscap-rssm-rssac002 --skip-unsupported --sort "$srcdir/test1.gold" "$srcdir/test1.gold" "$srcdir/test1.gold" > test2.out diff test2.out "$srcdir/test2.gold" diff --git a/src/daemon.c b/src/daemon.c index 88ce785..596b863 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -224,6 +224,57 @@ void drop_privileges(void) #endif } +void write_pid_file(void) +{ + FILE* fp; + int fd, flags; + struct flock lock; + + if (!options.pid_file) + return; + + if ((fd = open(options.pid_file, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR)) == -1) { + fprintf(stderr, "unable to open PID file %s: %s", options.pid_file, strerror(errno)); + exit(1); + } + + if ((flags = fcntl(fd, F_GETFD)) == -1) { + fprintf(stderr, "unable to get PID file flags: %s", strerror(errno)); + exit(1); + } + flags |= FD_CLOEXEC; + if (fcntl(fd, F_SETFD, flags) == 1) { + fprintf(stderr, "unable to set PID file flags: %s", strerror(errno)); + exit(1); + } + + lock.l_type = F_WRLCK; + lock.l_whence = SEEK_SET; + lock.l_start = 0; + lock.l_len = 0; + + if (fcntl(fd, F_SETLK, &lock) == -1) { + if (errno == EACCES || errno == EAGAIN) { + fprintf(stderr, "PID file locked by other process"); + exit(1); + } + + fprintf(stderr, "unable to lock PID file: %s", strerror(errno)); + exit(1); + } + + if (ftruncate(fd, 0) == -1) { + fprintf(stderr, "unable to truncate PID file: %s", strerror(errno)); + exit(1); + } + + fp = fdopen(fd, "w"); + if (!fp || fprintf(fp, "%d\n", getpid()) < 1 || fflush(fp)) { + fprintf(stderr, "unable to write to PID file: %s", strerror(errno)); + exit(1); + } +} + void daemonize(void) { pid_t pid; @@ -235,6 +286,7 @@ void daemonize(void) exit(1); } else if (pid > 0) exit(0); + write_pid_file(); openlog("dnscap", 0, LOG_DAEMON); if (setsid() < 0) { logerr("setsid failed: %s", strerror(errno)); diff --git a/src/dnscap.1.in b/src/dnscap.1.in index f33fcfc..58c4b90 100644 --- a/src/dnscap.1.in +++ b/src/dnscap.1.in @@ -163,6 +163,9 @@ functions, unless options .B \-N is given or only reading from files. .TP +.BI "\-o pid_file" =... +Specify the file to write the PID to when running as a daemon (default none). +.TP .BI "\-o user" =... Specify the user to drop privileges to (default nobody). .TP diff --git a/src/options.c b/src/options.c index 29a5dad..8d03c26 100644 --- a/src/options.c +++ b/src/options.c @@ -228,6 +228,13 @@ int option_parse(options_t* options, const char* option) options->bpf_hosts_apply_all = 1; return 0; } + } else if (have("pid_file")) { + if (options->pid_file) { + free(options->pid_file); + } + if ((options->pid_file = strdup(argument))) { + return 0; + } } return 1; @@ -244,5 +251,9 @@ void options_free(options_t* options) free(options->group); options->group = 0; } + if (options->pid_file) { + free(options->pid_file); + options->pid_file = 0; + } } } diff --git a/src/options.h b/src/options.h index 40e0ee8..99acb8d 100644 --- a/src/options.h +++ b/src/options.h @@ -72,6 +72,8 @@ enum dump_format { \ 0, 0, 0, 0, 0, \ \ + 0, \ +\ 0 \ } @@ -113,6 +115,8 @@ struct options { int reassemble_tcp_bfbparsedns; int bpf_hosts_apply_all; + + char* pid_file; }; int option_parse(options_t* options, const char* option); |