summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfigure20
-rw-r--r--configure.ac2
-rw-r--r--plugins/eventlog/Makefile.am5
-rw-r--r--plugins/eventlog/Makefile.in5
-rw-r--r--plugins/royparse/Makefile.am5
-rw-r--r--plugins/royparse/Makefile.in5
-rwxr-xr-xplugins/rssm/dnscap-rssm-rssac0029
-rw-r--r--plugins/rssm/rssm.c37
-rw-r--r--plugins/rssm/test1.gold8
-rwxr-xr-xplugins/rssm/test1.sh2
-rwxr-xr-xplugins/rssm/test2.sh2
-rw-r--r--src/daemon.c52
-rw-r--r--src/dnscap.1.in3
-rw-r--r--src/options.c11
-rw-r--r--src/options.h4
15 files changed, 147 insertions, 23 deletions
diff --git a/configure b/configure
index bc272c0..a2637b1 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for dnscap 2.0.3.
+# Generated by GNU Autoconf 2.69 for dnscap 2.1.0.
#
# Report bugs to <dnscap-users@dns-oarc.net>.
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='dnscap'
PACKAGE_TARNAME='dnscap'
-PACKAGE_VERSION='2.0.3'
-PACKAGE_STRING='dnscap 2.0.3'
+PACKAGE_VERSION='2.1.0'
+PACKAGE_STRING='dnscap 2.1.0'
PACKAGE_BUGREPORT='dnscap-users@dns-oarc.net'
PACKAGE_URL='https://github.com/DNS-OARC/dnscap/issues'
@@ -1353,7 +1353,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures dnscap 2.0.3 to adapt to many kinds of systems.
+\`configure' configures dnscap 2.1.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1424,7 +1424,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of dnscap 2.0.3:";;
+ short | recursive ) echo "Configuration of dnscap 2.1.0:";;
esac
cat <<\_ACEOF
@@ -1556,7 +1556,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-dnscap configure 2.0.3
+dnscap configure 2.1.0
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1979,7 +1979,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by dnscap $as_me 2.0.3, which was
+It was created by dnscap $as_me 2.1.0, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2842,7 +2842,7 @@ fi
# Define the identity of the package.
PACKAGE='dnscap'
- VERSION='2.0.3'
+ VERSION='2.1.0'
cat >>confdefs.h <<_ACEOF
@@ -15015,7 +15015,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by dnscap $as_me 2.0.3, which was
+This file was extended by dnscap $as_me 2.1.0, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -15082,7 +15082,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-dnscap config.status 2.0.3
+dnscap config.status 2.1.0
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index 843e8c9..e3000a7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -33,7 +33,7 @@
# POSSIBILITY OF SUCH DAMAGE.
AC_PREREQ(2.61)
-AC_INIT([dnscap], [2.0.3], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues])
+AC_INIT([dnscap], [2.1.0], [dnscap-users@dns-oarc.net], [dnscap], [https://github.com/DNS-OARC/dnscap/issues])
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
AC_CONFIG_SRCDIR([src/dnscap.c])
AC_CONFIG_HEADER([src/config.h])
diff --git a/plugins/eventlog/Makefile.am b/plugins/eventlog/Makefile.am
index e29af63..d18531c 100644
--- a/plugins/eventlog/Makefile.am
+++ b/plugins/eventlog/Makefile.am
@@ -4,11 +4,12 @@ CLEANFILES = *.gcda *.gcno *.gcov
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
- $(SECCOMPFLAGS)
+ $(SECCOMPFLAGS) \
+ $(libldns_CFLAGS)
pkglib_LTLIBRARIES = eventlog.la
eventlog_la_SOURCES = eventlog.c
-eventlog_la_LDFLAGS = -module -avoid-version
+eventlog_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
diff --git a/plugins/eventlog/Makefile.in b/plugins/eventlog/Makefile.in
index 6dd2dcc..fe6a9a6 100644
--- a/plugins/eventlog/Makefile.in
+++ b/plugins/eventlog/Makefile.in
@@ -520,11 +520,12 @@ CLEANFILES = *.gcda *.gcno *.gcov test1.out *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
- $(SECCOMPFLAGS)
+ $(SECCOMPFLAGS) \
+ $(libldns_CFLAGS)
pkglib_LTLIBRARIES = eventlog.la
eventlog_la_SOURCES = eventlog.c
-eventlog_la_LDFLAGS = -module -avoid-version
+eventlog_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
all: all-am
diff --git a/plugins/royparse/Makefile.am b/plugins/royparse/Makefile.am
index 795a277..5b907cb 100644
--- a/plugins/royparse/Makefile.am
+++ b/plugins/royparse/Makefile.am
@@ -4,11 +4,12 @@ CLEANFILES = *.gcda *.gcno *.gcov
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
- $(SECCOMPFLAGS)
+ $(SECCOMPFLAGS) \
+ $(libldns_CFLAGS)
pkglib_LTLIBRARIES = royparse.la
royparse_la_SOURCES = royparse.c
-royparse_la_LDFLAGS = -module -avoid-version
+royparse_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
diff --git a/plugins/royparse/Makefile.in b/plugins/royparse/Makefile.in
index bf1e922..d2e0ee5 100644
--- a/plugins/royparse/Makefile.in
+++ b/plugins/royparse/Makefile.in
@@ -520,11 +520,12 @@ CLEANFILES = *.gcda *.gcno *.gcov test1.out* *.pcap-dist
AM_CFLAGS = -I$(srcdir) \
-I$(top_srcdir)/src \
-I$(top_srcdir)/isc \
- $(SECCOMPFLAGS)
+ $(SECCOMPFLAGS) \
+ $(libldns_CFLAGS)
pkglib_LTLIBRARIES = royparse.la
royparse_la_SOURCES = royparse.c
-royparse_la_LDFLAGS = -module -avoid-version
+royparse_la_LDFLAGS = -module -avoid-version $(libldns_LIBS)
TESTS = test1.sh
EXTRA_DIST = $(TESTS)
all: all-am
diff --git a/plugins/rssm/dnscap-rssm-rssac002 b/plugins/rssm/dnscap-rssm-rssac002
index cf0b144..30c0b3b 100755
--- a/plugins/rssm/dnscap-rssm-rssac002
+++ b/plugins/rssm/dnscap-rssm-rssac002
@@ -37,7 +37,7 @@ use warnings;
use YAML;
unless (scalar @ARGV > 1) {
- print "usage: dnscap-rssm-rssac002 [--no-recompile|--keep-dnscap-rssm|--sort] <YAML files to merge...>\n";
+ print "usage: dnscap-rssm-rssac002 [--no-recompile|--keep-dnscap-rssm|--sort|--skip-unsupported] <YAML files to merge...>\n";
exit(1);
}
@@ -46,6 +46,7 @@ my $earliest_start_period;
my $recompile = 1;
my $keep_dnscap_rssm = 0;
my $sort = 0;
+my $skip_unsupported = 0;
foreach my $file (@ARGV) {
if ($file eq '--no-recompile') {
@@ -57,6 +58,9 @@ foreach my $file (@ARGV) {
} elsif ($file eq '--sort') {
$sort = 1;
next;
+ } elsif ($file eq '--skip-unsupported') {
+ $skip_unsupported = 1;
+ next;
}
foreach my $doc (YAML::LoadFile($file)) {
my $version = delete $doc->{version};
@@ -76,6 +80,9 @@ foreach my $file (@ARGV) {
die "$file: not valid RSSAC002 YAML, missing metric";
}
unless ($version eq 'rssac002v3') {
+ if ($skip_unsupported) {
+ next;
+ }
die "$file: unsupported RSSAC002 version $version";
}
diff --git a/plugins/rssm/rssm.c b/plugins/rssm/rssm.c
index f106645..1847cc0 100644
--- a/plugins/rssm/rssm.c
+++ b/plugins/rssm/rssm.c
@@ -75,6 +75,9 @@ static int aggregated_into_counters = 0;
static char* service_name = 0;
static int rssac002v3_yaml = 0;
+// RSSAC002v5 draft metrics
+static int label_count = 0;
+
output_t rssm_output;
#define MAX_SIZE_INDEX 4096
@@ -82,6 +85,7 @@ output_t rssm_output;
#define MAX_TBL_ADDRS 2000000
#define MAX_TBL_ADDRS2 200000
#define MAX_RCODE (1 << 12)
+#define MAX_LABELS 128
typedef struct {
hashtbl* tbl;
@@ -111,6 +115,7 @@ struct {
uint64_t udp_response_size[MAX_SIZE_INDEX];
uint64_t tcp_response_size[MAX_SIZE_INDEX];
uint64_t rcodes[MAX_RCODE];
+ uint64_t labels[MAX_LABELS];
my_hashtbl sources;
my_hashtbl2 aggregated;
uint64_t num_ipv4_sources;
@@ -178,13 +183,14 @@ void rssm_usage()
"\t with the prefix \"aggregated-source\" or ...\n"
"\t-a <name> write aggregated IPv6(/64) sources to\n"
"\t <name>.<timesec>.<timeusec>\n"
+ "\t-L Add \"label-count\" metric (RSSAC002v5 WIP)\n"
"\t-D don't fork on close\n");
}
void rssm_getopt(int* argc, char** argv[])
{
int c;
- while ((c = getopt(*argc, *argv, "?w:Yn:Ss:Aa:D")) != EOF) {
+ while ((c = getopt(*argc, *argv, "?w:Yn:Ss:Aa:DL")) != EOF) {
switch (c) {
case 'w':
if (counts_prefix)
@@ -218,6 +224,9 @@ void rssm_getopt(int* argc, char** argv[])
case 'D':
dont_fork_on_close = 1;
break;
+ case 'L':
+ label_count = 1;
+ break;
case '?':
rssm_usage();
if (!optopt || optopt == '?') {
@@ -424,6 +433,15 @@ void rssm_save_counts(const char* sbuf)
fprintf(fp, "aggregated-sources: {}\n");
}
}
+
+ if (label_count) {
+ fprintf(fp, "\n---\nversion: rssac002v5-draft\nservice: %s\nstart-period: %s\nmetric: label-count\n", service_name, tz);
+ for (i = 0; i < MAX_LABELS; i++) {
+ if (counts.labels[i]) {
+ fprintf(fp, "%d: %" PRIu64 "\n", i, counts.labels[i]);
+ }
+ }
+ }
} else {
fprintf(fp, "first-packet-time %ld\n", (long)open_ts.tv_sec);
fprintf(fp, "last-packet-time %ld\n", (long)close_ts.tv_sec);
@@ -474,6 +492,13 @@ void rssm_save_counts(const char* sbuf)
fprintf(fp, "aggregated-source %s %" PRIu64 "\n", ia_str(counts.aggregated.addrs[i]), counts.aggregated.count[i]);
}
}
+ if (label_count) {
+ for (i = 0; i < MAX_LABELS; i++) {
+ if (counts.labels[i]) {
+ fprintf(fp, "label-count %d %" PRIu64 "\n", i, counts.labels[i]);
+ }
+ }
+ }
}
fclose(fp);
fprintf(stderr, "rssm: done\n");
@@ -666,6 +691,16 @@ void rssm_output(const char* descr, iaddr from, iaddr to, uint8_t proto, unsigne
counts.dns_tcp_queries_received_ipv6++;
}
}
+ if (label_count) {
+ ldns_rr_list* question_list = ldns_pkt_question(pkt);
+ if (question_list) {
+ ldns_rr* rr = ldns_rr_list_rr(question_list, 0);
+ if (rr) {
+ uint8_t lc = ldns_rr_label_count(rr);
+ counts.labels[lc < MAX_LABELS ? lc : MAX_LABELS - 1] += 1;
+ }
+ }
+ }
} else {
uint16_t rcode = ldns_pkt_get_rcode(pkt);
if (IPPROTO_UDP == proto) {
diff --git a/plugins/rssm/test1.gold b/plugins/rssm/test1.gold
index 86957d0..cdfee7d 100644
--- a/plugins/rssm/test1.gold
+++ b/plugins/rssm/test1.gold
@@ -56,3 +56,11 @@ service: test1
start-period: 2016-10-20T15:23:01Z
metric: dnscap-rssm-aggregated-sources
aggregated-sources: {}
+
+---
+version: rssac002v5-draft
+service: test1
+start-period: 2016-10-20T15:23:01Z
+metric: label-count
+2: 24
+6: 17
diff --git a/plugins/rssm/test1.sh b/plugins/rssm/test1.sh
index d43b947..13759f9 100755
--- a/plugins/rssm/test1.sh
+++ b/plugins/rssm/test1.sh
@@ -6,6 +6,6 @@ if [ -z "$plugin" ]; then
exit 1
fi
-../../src/dnscap -N -T -r "$srcdir/../../src/test/dns.pcap" -P "$plugin" -w test1 -Y -n test1 -A -S -D
+../../src/dnscap -N -T -r "$srcdir/../../src/test/dns.pcap" -P "$plugin" -w test1 -Y -n test1 -A -S -D -L
diff test1.20161020.152301.075993 "$srcdir/test1.gold"
diff --git a/plugins/rssm/test2.sh b/plugins/rssm/test2.sh
index 11f44af..ad019bd 100755
--- a/plugins/rssm/test2.sh
+++ b/plugins/rssm/test2.sh
@@ -1,5 +1,5 @@
#!/bin/sh -xe
-"$srcdir"/dnscap-rssm-rssac002 --sort "$srcdir/test1.gold" "$srcdir/test1.gold" "$srcdir/test1.gold" > test2.out
+"$srcdir"/dnscap-rssm-rssac002 --skip-unsupported --sort "$srcdir/test1.gold" "$srcdir/test1.gold" "$srcdir/test1.gold" > test2.out
diff test2.out "$srcdir/test2.gold"
diff --git a/src/daemon.c b/src/daemon.c
index 88ce785..596b863 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -224,6 +224,57 @@ void drop_privileges(void)
#endif
}
+void write_pid_file(void)
+{
+ FILE* fp;
+ int fd, flags;
+ struct flock lock;
+
+ if (!options.pid_file)
+ return;
+
+ if ((fd = open(options.pid_file, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR)) == -1) {
+ fprintf(stderr, "unable to open PID file %s: %s", options.pid_file, strerror(errno));
+ exit(1);
+ }
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1) {
+ fprintf(stderr, "unable to get PID file flags: %s", strerror(errno));
+ exit(1);
+ }
+ flags |= FD_CLOEXEC;
+ if (fcntl(fd, F_SETFD, flags) == 1) {
+ fprintf(stderr, "unable to set PID file flags: %s", strerror(errno));
+ exit(1);
+ }
+
+ lock.l_type = F_WRLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = 0;
+ lock.l_len = 0;
+
+ if (fcntl(fd, F_SETLK, &lock) == -1) {
+ if (errno == EACCES || errno == EAGAIN) {
+ fprintf(stderr, "PID file locked by other process");
+ exit(1);
+ }
+
+ fprintf(stderr, "unable to lock PID file: %s", strerror(errno));
+ exit(1);
+ }
+
+ if (ftruncate(fd, 0) == -1) {
+ fprintf(stderr, "unable to truncate PID file: %s", strerror(errno));
+ exit(1);
+ }
+
+ fp = fdopen(fd, "w");
+ if (!fp || fprintf(fp, "%d\n", getpid()) < 1 || fflush(fp)) {
+ fprintf(stderr, "unable to write to PID file: %s", strerror(errno));
+ exit(1);
+ }
+}
+
void daemonize(void)
{
pid_t pid;
@@ -235,6 +286,7 @@ void daemonize(void)
exit(1);
} else if (pid > 0)
exit(0);
+ write_pid_file();
openlog("dnscap", 0, LOG_DAEMON);
if (setsid() < 0) {
logerr("setsid failed: %s", strerror(errno));
diff --git a/src/dnscap.1.in b/src/dnscap.1.in
index f33fcfc..58c4b90 100644
--- a/src/dnscap.1.in
+++ b/src/dnscap.1.in
@@ -163,6 +163,9 @@ functions, unless options
.B \-N
is given or only reading from files.
.TP
+.BI "\-o pid_file" =...
+Specify the file to write the PID to when running as a daemon (default none).
+.TP
.BI "\-o user" =...
Specify the user to drop privileges to (default nobody).
.TP
diff --git a/src/options.c b/src/options.c
index 29a5dad..8d03c26 100644
--- a/src/options.c
+++ b/src/options.c
@@ -228,6 +228,13 @@ int option_parse(options_t* options, const char* option)
options->bpf_hosts_apply_all = 1;
return 0;
}
+ } else if (have("pid_file")) {
+ if (options->pid_file) {
+ free(options->pid_file);
+ }
+ if ((options->pid_file = strdup(argument))) {
+ return 0;
+ }
}
return 1;
@@ -244,5 +251,9 @@ void options_free(options_t* options)
free(options->group);
options->group = 0;
}
+ if (options->pid_file) {
+ free(options->pid_file);
+ options->pid_file = 0;
+ }
}
}
diff --git a/src/options.h b/src/options.h
index 40e0ee8..99acb8d 100644
--- a/src/options.h
+++ b/src/options.h
@@ -72,6 +72,8 @@ enum dump_format {
\
0, 0, 0, 0, 0, \
\
+ 0, \
+\
0 \
}
@@ -113,6 +115,8 @@ struct options {
int reassemble_tcp_bfbparsedns;
int bpf_hosts_apply_all;
+
+ char* pid_file;
};
int option_parse(options_t* options, const char* option);