CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
PROJECT(stc-manager C CXX)
SET(PACKAGE ${PROJECT_NAME})
-SET(INTERFACES "${CMAKE_SOURCE_DIR}/interfaces")
+SET(INTERFACES "${CMAKE_SOURCE_DIR}/dbus-interface")
SET(PREFIX ${CMAKE_INSTALL_PREFIX})
SET(LIBDIR ${PREFIX}/${LIB_PATH})
-SET(DATA_DIR ${CMAKE_SOURCE_DIR}/data)
+SET(DATA_DIR ${CMAKE_SOURCE_DIR}/res)
-ADD_SUBDIRECTORY(interfaces)
-ADD_SUBDIRECTORY(src)
+ADD_SUBDIRECTORY(dbus-interface)
+ADD_SUBDIRECTORY(manager)
ADD_SUBDIRECTORY(plugin)
+ADD_SUBDIRECTORY(misc)
IF(BUILD_GTESTS)
- ADD_SUBDIRECTORY(unittest)
+ ADD_SUBDIRECTORY(tests)
ENDIF(BUILD_GTESTS)
+++ /dev/null
-
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
- APPENDIX: How to apply the Apache License to your work.
-
- To apply the Apache License to your work, attach the following
- boilerplate notice, with the fields enclosed by brackets "[]"
- replaced with your own identifying information. (Don't include
- the brackets!) The text should be enclosed in the appropriate
- comment syntax for the file format. We also recommend that a
- file or class name and description of purpose be included on the
- same "printed page" as the copyright notice for easier
- identification within third-party archives.
-
- Copyright [yyyy] [name of copyright owner]
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--- /dev/null
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+++ /dev/null
-bash:inst
-cd:inst
-cp:inst
-mv:inst
-rm:inst
-mkdir:inst
-rmdir:inst
-cat:inst
-more:inst
-touch:inst
-find:inst
-ls:inst
-sed:inst
-rpm:inst
-sh:inst
-sleep:inst
-grep:inst
-pgrep:inst
-killall:inst
-systemctl:inst
-xargs:inst
-modprobe:inst
-pkgcmd:inst
-mount:inst
-chmod:inst
-awk:inst
-ps:inst
-wlan.sh:script
-wpa_supp.sh:script
-stc-manager:sys
-stc-iptables:sys
-dlogutil:sys
-wifi-loader:sys
-wrt-loader:sys
-dotnet-launcher:sys
-iptables:sys
-ip6tables:sys
-net-cls-release:sys
-init:sys
-amd:sys
-launchpad-loader:sys
-launchpad-process-pool:sys
-deviced:sys
-systemd:sys
-systemd-udevd:sys
-systemd-user:sys
-systemd-cgroups-agent:sys
-systemd-journald:sys
-sdbd:sys
-sdbd-user:sys
-pushd:sys
-dbus-daemon:sys
-dlogsend:sys
-sync:sys
-reboot:sys
-dlog-log-critical:sys
+++ /dev/null
-CREATE TABLE IF NOT EXISTS fw_lock (
- name TEXT PRIMARY KEY,
- state INT
-);
-
-CREATE TABLE IF NOT EXISTS fw_chains (
- chain TEXT PRIMARY KEY,
- target INT,
- priority INT
-);
-
-CREATE TABLE IF NOT EXISTS fw_rules (
- key BIGINT PRIMARY KEY,
- chain TEXT NOT NULL,
- direction INT,
- s_ip_type INT,
- d_ip_type INT,
- s_port_type INT,
- d_port_type INT,
- protocol INT,
- family INT,
- s_ip1 TEXT NOT NULL,
- s_ip2 TEXT NOT NULL,
- d_ip1 TEXT NOT NULL,
- d_ip2 TEXT NOT NULL,
- s_port1 INT,
- s_port2 INT,
- d_port1 INT,
- d_port2 INT,
- ifname TEXT NOT NULL,
- target INT,
- log_level INT,
- log_prefix TEXT NOT NULL,
- nflog_group INT,
- nflog_prefix TEXT NOT NULL,
- nflog_range INT,
- nflog_threshold INT,
- identifier TEXT NOT NULL
-);
-
-CREATE INDEX IF NOT EXISTS rules_index ON fw_rules (chain, target);
+++ /dev/null
-PRAGMA journal_mode = PERSIST;
-PRAGMA user_version = 1;
-
-CREATE TABLE IF NOT EXISTS statistics (
- id INTEGER PRIMARY KEY AUTOINCREMENT,
- binpath TEXT NOT NULL,
- received BIGINT,
- sent BIGINT,
- time_stamp BIGINT,
- iftype INT,
- is_roaming INT,
- hw_net_protocol_type INT,
- ifname TEXT,
- subscriber_id TEXT,
- ground INT
-);
-
-CREATE TABLE IF NOT EXISTS restrictions (
- restriction_id INTEGER PRIMARY KEY AUTOINCREMENT,
- binpath TEXT,
- iftype INT,
- ifname TEXT,
- rstn_type INT,
- roaming INT,
- subscriber_id TEXT NOT NULL,
- data_limit BIGINT,
- data_warn_limit BIGINT,
- monthly_limit BIGINT,
- weekly_limit BIGINT,
- daily_limit BIGINT,
- month_start_date INT
-);
-
-CREATE INDEX IF NOT EXISTS restrictions_index ON restrictions (binpath, iftype, ifname);
-
-CREATE TABLE IF NOT EXISTS counters (
- restriction_id INTEGER NOT NULL,
- data_counter BIGINT,
- warn_counter BIGINT,
- monthly_counter BIGINT,
- weekly_counter BIGINT,
- daily_counter BIGINT,
- month_start_date INT,
- month_start_ts BIGINT,
- week_start_ts BIGINT,
- day_start_ts BIGINT,
- PRIMARY KEY (restriction_id)
-);
--- /dev/null
+ADD_CUSTOM_COMMAND(
+ WORKING_DIRECTORY
+ OUTPUT dbus
+ COMMAND gdbus-codegen --interface-prefix net.stc.
+ --generate-c-code generated-code
+ --c-namespace Stc
+ --c-generate-object-manager
+ --generate-docbook generated-code-docs
+ ${INTERFACES}/stcmanager-iface-manager.xml
+ ${INTERFACES}/stcmanager-iface-restriction.xml
+ ${INTERFACES}/stcmanager-iface-statistics.xml
+ ${INTERFACES}/stcmanager-iface-firewall.xml
+ ${INTERFACES}/stcmanager-iface-pcap.xml
+ COMMENT "Generating GDBus .c/.h")
+
+ADD_CUSTOM_TARGET(GENERATED_DBUS_CODE DEPENDS dbus)
--- /dev/null
+<node>
+ <interface name="net.stc.firewall">
+ <method name='Lock'>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='Unlock'>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+
+ <method name='GetLock'>
+ <arg type='i' name='state' direction='out'/>
+ </method>
+ <method name='AddChain'>
+ <arg type='s' name='chain' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='RemoveChain'>
+ <arg type='s' name='chain' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='FlushChain'>
+ <arg type='s' name='chain' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='GetAllChain'>
+ <arg type='aa{sv}' name='parameters' direction='out'/>
+ </method>
+ <method name='SetChain'>
+ <arg type='s' name='chain' direction='in'/>
+ <arg type='u' name='target' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='UnsetChain'>
+ <arg type='s' name='chain' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+
+ <method name='AddRule'>
+ <arg type='a{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='RemoveRule'>
+ <arg type='a{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='UpdateRule'>
+ <arg type='a{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='GetAllRule'>
+ <arg type='aa{sv}' name='parameters' direction='out'/>
+ </method>
+ </interface>
+</node>
--- /dev/null
+<node>
+ <interface name="net.stc.manager">
+ <method name='Stop'>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='CommitIptables'>
+ <arg type='s' name='option' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ <arg type='i' name='error_num' direction='out'/>
+ <arg type='s' name='error_str' direction='out'/>
+ </method>
+ <method name='CommitIp6tables'>
+ <arg type='s' name='option' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ <arg type='i' name='error_num' direction='out'/>
+ <arg type='s' name='error_str' direction='out'/>
+ </method>
+ </interface>
+</node>
--- /dev/null
+<node>
+ <interface name="net.stc.pcap">
+ <method name='Start'>
+ <arg type='a{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='Stop'>
+ <arg type='a{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ <method name='GetAll'>
+ <arg type='aa{sv}' name='parameters' direction='out'/>
+ </method>
+ <method name='FindAllDevs'>
+ <arg type='aa{sv}' name='parameters' direction='out'/>
+ </method>
+ </interface>
+</node>
--- /dev/null
+<node>
+ <interface name="net.stc.restriction">
+ <method name='Set'>
+ <arg type='a{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+
+ <method name='Get'>
+ <arg type='s' name='app_id' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ <arg type='a{sv}' name='parameters' direction='out'/>
+ </method>
+
+ <method name='GetAll'>
+ <arg type='i' name='error_code' direction='out'/>
+ <arg type='aa{sv}' name='parameters' direction='out'/>
+ </method>
+
+ <method name='GetType'>
+ <arg type='s' name='app_id' direction='in'/>
+ <arg type='i' name='iftype' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ <arg type='i' name='type' direction='out'/>
+ </method>
+
+ <method name='Unset'>
+ <arg type='a{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+
+ <method name='SetList'>
+ <arg type='aa{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+
+ <method name='UnsetList'>
+ <arg type='aa{sv}' name='parameters' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+
+ <method name='Stop'>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+
+ <signal name='WarnThresholdCrossed'>
+ <arg type='s' name='app_id'/>
+ </signal>
+
+ <signal name='RestrictionThresholdCrossed'>
+ <arg type='s' name='app_id'/>
+ </signal>
+ </interface>
+</node>
--- /dev/null
+<node>
+ <interface name="net.stc.statistics">
+ <method name='Init'>
+ </method>
+ <method name='GetAll'>
+ <arg type='a{sv}' name='select_rule' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ <arg type='aa{sv}' name='statistics' direction='out'/>
+ </method>
+
+ <method name='Get'>
+ <arg type='s' name='app_id' direction='in'/>
+ <arg type='a{sv}' name='select_rule' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ <arg type='aa{sv}' name='statistics' direction='out'/>
+ </method>
+
+ <method name='Reset'>
+ <arg type='a{sv}' name='reset_rule' direction='in'/>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ </interface>
+</node>
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_DATAUSAGE_COUNTER_H__
+#define __STC_DATAUSAGE_COUNTER_H__
+
+#include "stc-db.h"
+
+struct counter_arg {
+ int sock;
+ int ans_len;
+ GTree *nf_cntrs;
+ int initiate;
+ int noti_fd;
+ int serialized_counters; /* number of counters which was serialized in
+ current request */
+ struct net_counter_opts *opts;
+ struct application_stat_tree *result;
+ time_t last_run_time;
+};
+
+typedef struct counter_arg counter_arg_s;
+
+struct net_counter_opts {
+ sig_atomic_t update_period;
+ sig_atomic_t flush_period;
+ sig_atomic_t state;
+ int app_stat[STC_IFACE_LAST_ELEM - 1];
+};
+
+/**
+ * @desc Reschedule existing traffic counter function
+ * Rescheduling logic is following, we will postpone
+ * execution on delay seconds.
+ */
+void reschedule_count_timer(const struct counter_arg *carg, const double delay);
+
+struct counter_arg *init_counter_arg(struct net_counter_opts *opts);
+
+void finalize_carg(struct counter_arg *carg);
+
+GTree *create_nfacct_tree(void);
+
+#endif /* __STC_DATAUSAGE_COUNTER_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __TABLE_COUNTERS_H__
+#define __TABLE_COUNTERS_H__
+
+typedef struct {
+ long long int restriction_id;
+ long long int data_counter;
+ long long int warn_counter;
+ long long int monthly_counter;
+ long long int weekly_counter;
+ long long int daily_counter;
+ int32_t month_start_date;
+ long long int month_start_ts;
+ long long int week_start_ts;
+ long long int day_start_ts;
+} table_counters_info;
+
+typedef stc_cb_ret_e(*table_counters_info_cb)(const table_counters_info *info,
+ void *user_data);
+
+stc_error_e table_counters_get(long long int restriction_id,
+ table_counters_info *info);
+
+stc_error_e table_counters_update_counters(const table_counters_info *info);
+
+stc_error_e table_counters_get_timestamps(long long int restriction_id,
+ table_counters_info *info);
+
+stc_error_e table_counters_update_timestamps(const table_counters_info *info);
+
+stc_error_e table_counters_delete(long long int restriction_id);
+
+stc_error_e table_counters_prepare(sqlite3 *db);
+
+void table_counters_finalize(void);
+
+#endif /*__TABLE_COUNTERS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __TABLE_FIREWALL_H__
+#define __TABLE_FIREWALL_H__
+
+#include <arpa/inet.h>
+#include "helper-firewall.h"
+
+typedef stc_cb_ret_e
+(*firewall_chain_cb)(const firewall_chain_s *info, void *user_data);
+
+typedef stc_cb_ret_e
+(*firewall_rule_cb)(const firewall_rule_s *info, void *user_data);
+
+stc_error_e table_firewall_insert_lock(char *name, int state);
+stc_error_e table_firewall_update_lock(char *name, int state);
+stc_error_e table_firewall_get_lock(char *name, int *state);
+
+stc_error_e table_firewall_insert_chain(firewall_chain_s *info);
+stc_error_e table_firewall_delete_chain(firewall_chain_s *info);
+stc_error_e table_firewall_flush_chain(firewall_chain_s *info);
+stc_error_e table_firewall_update_chain(firewall_chain_s *info);
+stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb,
+ void *user_data);
+
+stc_error_e table_firewall_insert_rule(firewall_rule_s *info);
+stc_error_e table_firewall_delete_rule(firewall_rule_s *info);
+stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key);
+stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb,
+ void *user_data);
+
+stc_error_e table_firewall_prepare(sqlite3 *db);
+void table_firewall_finalize(void);
+
+#endif /*__TABLE_FIREWALL_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __TABLE_RESTRICTIONS_H__
+#define __TABLE_RESTRICTIONS_H__
+
+typedef struct {
+ char *app_id;
+ char *ifname;
+ char *subscriber_id;
+ char *mac;
+ stc_iface_type_e iftype;
+ stc_rstn_type_e rstn_type;
+ stc_roaming_type_e roaming;
+ long long int data_limit;
+ long long int data_warn_limit;
+ long long int monthly_limit;
+ long long int weekly_limit;
+ long long int daily_limit;
+ int month_start_date;
+ long long int restriction_id;
+} table_restrictions_info;
+
+typedef stc_cb_ret_e
+(*table_restrictions_info_cb)(const table_restrictions_info *info,
+ void *user_data);
+
+stc_error_e table_restrictions_foreach(table_restrictions_info_cb info_cb,
+ void *user_data);
+
+stc_error_e table_restrictions_per_app(const gchar *app_id,
+ table_restrictions_info_cb info_cb,
+ void *user_data);
+
+
+stc_error_e table_restrictions_get_restriction_type_subscriber_id(const char *app_id,
+ stc_iface_type_e iftype,
+ const char *subscriber_id,
+ stc_rstn_type_e *type);
+
+stc_error_e table_restrictions_get_restriction_type(const char *app_id,
+ stc_iface_type_e iftype,
+ stc_rstn_type_e *type);
+
+stc_error_e table_restrictions_update(table_restrictions_info *info);
+
+stc_error_e table_restrictions_delete(const char *app_id,
+ const stc_iface_type_e iftype,
+ const char *ifname,
+ const char *subscriber_id,
+ const stc_roaming_type_e roaming);
+
+stc_error_e table_restrictions_prepare(sqlite3 *db);
+
+void table_restrictions_finalize(void);
+
+#endif /*__TABLE_RESTRICTIONS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __TABLE_STATISTICS_H__
+#define __TABLE_STATISTICS_H__
+
+typedef struct {
+ char *app_id;
+ char *ifname;
+ char *subscriber_id;
+ stc_iface_type_e iftype;
+ stc_db_tm_interval_s *interval;
+ stc_data_counter_s cnt;
+ stc_roaming_type_e roaming;
+ stc_hw_net_protocol_type_e hw_net_protocol_type;
+ stc_app_state_e ground;
+} table_statistics_info;
+
+typedef struct {
+ char *app_id;
+ char *subscriber_id;
+ stc_iface_type_e iftype;
+ stc_db_tm_interval_s *interval;
+} table_statistics_reset_rule;
+
+typedef struct {
+ char *app_id;
+ time_t from;
+ time_t to;
+ stc_iface_type_e iftype;
+ int granularity;
+} table_statistics_select_rule;
+
+typedef stc_cb_ret_e
+(*table_statistics_info_cb)(const table_statistics_info *info, void *user_data);
+
+stc_error_e table_statistics_reset_first_n_entries(int num);
+
+stc_error_e table_statistics_reset(const table_statistics_reset_rule *rule);
+
+stc_error_e table_statistics_foreach_app(const table_statistics_select_rule *rule,
+ table_statistics_info_cb info_cb,
+ void *user_data);
+
+stc_error_e table_statistics_per_app(const char *app_id,
+ const table_statistics_select_rule *rule,
+ table_statistics_info_cb info_cb,
+ void *user_data);
+
+stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key,
+ stc_db_app_stats *stat,
+ time_t last_touch_time);
+
+stc_error_e table_statistics_prepare(sqlite3 *db);
+
+void table_statistics_finalize(void);
+
+#endif /*__TABLE_STATISTICS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_DB_H__
+#define __STC_DB_H__
+
+#include "stc-manager.h"
+
+#define MAX_DB_RETRY_COUNT 5
+#define MAX_USLEEP_TIMEOUT 500000
+#define SQLITE_BUSY_TIMEOUT 500000
+#define MAX_IFACE_LENGTH 32
+
+/**
+ * @brief Commulative structure for holding stc storage information
+ */
+typedef struct {
+ stc_data_counter_s cnt;
+// stc_db_net_restrictions rst;
+} stc_db_common_info;
+
+typedef struct {
+ time_t from;
+ time_t to;
+} stc_db_tm_interval_s;
+
+/*
+ * General structure containing information for storing
+ * app_id - package name as unique application identifier
+ * snd_count - sent bytes
+ * rcv_count - received bytes
+ * pid - process identifier
+ * ifindex - network interface index, iftype holds in key @see stc_iface_type
+ * is_roaming - is traffic consumed at roaming, @see stc_roaming_type
+ */
+typedef struct {
+ char *app_id;
+ long long int rcv_count;
+ long long int snd_count;
+
+#ifndef CONFIG_DATAUSAGE_NFACCT
+ pid_t pid;
+ int ifindex;
+#endif
+ stc_roaming_type_e is_roaming;
+
+ /* foreground/background state is here,
+ * not in classid_iftype_key, it means
+ * we'll not able to handle simultaneously
+ * counter per one application for background and
+ * foreground within one counting cycle,
+ * so every time application goes to background/foreground
+ * we'll request its counter update */
+ stc_app_state_e ground;
+} stc_db_app_stats;
+
+typedef struct {
+ uint32_t classid;
+ int iftype;
+ /* pointer to telephony's subscriber_id */
+ char *subscriber_id;
+ char ifname[MAX_IFACE_LENGTH];
+} stc_db_classid_iftype_key;
+
+/**
+ * @desc This function init db oversize erase timer.
+ */
+stc_error_e stc_init_db_guard(void);
+
+/**
+ * @desc This function deinit db oversize erase timer.
+ */
+void stc_deinit_db_guard(void);
+
+/**
+ * @desc This function initializes storage module.
+ */
+gboolean stc_db_initialize(void);
+
+/**
+ * @desc This function deinitializes storage module.
+ */
+gboolean stc_db_deinitialize(void);
+
+#endif /* _STC_DB_H_ */
+++ /dev/null
-ADD_CUSTOM_COMMAND(
- WORKING_DIRECTORY
- OUTPUT dbus
- COMMAND gdbus-codegen --interface-prefix net.stc.
- --generate-c-code generated-code
- --c-namespace Stc
- --c-generate-object-manager
- --generate-docbook generated-code-docs
- ${INTERFACES}/stcmanager-iface-manager.xml
- ${INTERFACES}/stcmanager-iface-restriction.xml
- ${INTERFACES}/stcmanager-iface-statistics.xml
- ${INTERFACES}/stcmanager-iface-firewall.xml
- ${INTERFACES}/stcmanager-iface-pcap.xml
- COMMENT "Generating GDBus .c/.h")
-
-ADD_CUSTOM_TARGET(GENERATED_DBUS_CODE DEPENDS dbus)
+++ /dev/null
-<node>
- <interface name="net.stc.firewall">
- <method name='Lock'>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='Unlock'>
- <arg type='i' name='error_code' direction='out'/>
- </method>
-
- <method name='GetLock'>
- <arg type='i' name='state' direction='out'/>
- </method>
- <method name='AddChain'>
- <arg type='s' name='chain' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='RemoveChain'>
- <arg type='s' name='chain' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='FlushChain'>
- <arg type='s' name='chain' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='GetAllChain'>
- <arg type='aa{sv}' name='parameters' direction='out'/>
- </method>
- <method name='SetChain'>
- <arg type='s' name='chain' direction='in'/>
- <arg type='u' name='target' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='UnsetChain'>
- <arg type='s' name='chain' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
-
- <method name='AddRule'>
- <arg type='a{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='RemoveRule'>
- <arg type='a{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='UpdateRule'>
- <arg type='a{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='GetAllRule'>
- <arg type='aa{sv}' name='parameters' direction='out'/>
- </method>
- </interface>
-</node>
+++ /dev/null
-<node>
- <interface name="net.stc.manager">
- <method name='Stop'>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='CommitIptables'>
- <arg type='s' name='option' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- <arg type='i' name='error_num' direction='out'/>
- <arg type='s' name='error_str' direction='out'/>
- </method>
- <method name='CommitIp6tables'>
- <arg type='s' name='option' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- <arg type='i' name='error_num' direction='out'/>
- <arg type='s' name='error_str' direction='out'/>
- </method>
- </interface>
-</node>
+++ /dev/null
-<node>
- <interface name="net.stc.pcap">
- <method name='Start'>
- <arg type='a{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='Stop'>
- <arg type='a{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- <method name='GetAll'>
- <arg type='aa{sv}' name='parameters' direction='out'/>
- </method>
- <method name='FindAllDevs'>
- <arg type='aa{sv}' name='parameters' direction='out'/>
- </method>
- </interface>
-</node>
+++ /dev/null
-<node>
- <interface name="net.stc.restriction">
- <method name='Set'>
- <arg type='a{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
-
- <method name='Get'>
- <arg type='s' name='app_id' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- <arg type='a{sv}' name='parameters' direction='out'/>
- </method>
-
- <method name='GetAll'>
- <arg type='i' name='error_code' direction='out'/>
- <arg type='aa{sv}' name='parameters' direction='out'/>
- </method>
-
- <method name='GetType'>
- <arg type='s' name='app_id' direction='in'/>
- <arg type='i' name='iftype' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- <arg type='i' name='type' direction='out'/>
- </method>
-
- <method name='Unset'>
- <arg type='a{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
-
- <method name='SetList'>
- <arg type='aa{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
-
- <method name='UnsetList'>
- <arg type='aa{sv}' name='parameters' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
-
- <method name='Stop'>
- <arg type='i' name='error_code' direction='out'/>
- </method>
-
- <signal name='WarnThresholdCrossed'>
- <arg type='s' name='app_id'/>
- </signal>
-
- <signal name='RestrictionThresholdCrossed'>
- <arg type='s' name='app_id'/>
- </signal>
- </interface>
-</node>
+++ /dev/null
-<node>
- <interface name="net.stc.statistics">
- <method name='Init'>
- </method>
- <method name='GetAll'>
- <arg type='a{sv}' name='select_rule' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- <arg type='aa{sv}' name='statistics' direction='out'/>
- </method>
-
- <method name='Get'>
- <arg type='s' name='app_id' direction='in'/>
- <arg type='a{sv}' name='select_rule' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- <arg type='aa{sv}' name='statistics' direction='out'/>
- </method>
-
- <method name='Reset'>
- <arg type='a{sv}' name='reset_rule' direction='in'/>
- <arg type='i' name='error_code' direction='out'/>
- </method>
- </interface>
-</node>
--- /dev/null
+CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
+
+SET(REQUIRES_LIST ${REQUIRES_LIST}
+ glib-2.0
+ gio-2.0
+ gio-unix-2.0
+ dlog
+ vconf
+ capi-system-info
+ openssl1.1
+ )
+
+IF("${ENABLE_DATABASE}" STREQUAL "YES")
+ SET(REQUIRES_LIST ${REQUIRES_LIST} sqlite3)
+ENDIF()
+
+INCLUDE(FindPkgConfig)
+PKG_CHECK_MODULES(stc_pkgs REQUIRED "${REQUIRES_LIST}")
+
+FOREACH(flag ${stc_pkgs_CFLAGS})
+ SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
+ENDFOREACH(flag)
+
+SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/manager)
+SET(HELPER_SOURCE_DIR ${SOURCE_DIR}/helper)
+SET(DATABASE_SOURCE_DIR ${SOURCE_DIR}/database)
+SET(LIMITATION_SOURCE_DIR ${SOURCE_DIR}/limitation)
+SET(PLUGIN_DIR ${CMAKE_SOURCE_DIR}/plugin)
+SET(APPSTATUS_SOURCE_DIR ${PLUGIN_DIR}/appstatus)
+SET(EXCEPTION_SOURCE_DIR ${PLUGIN_DIR}/exception)
+SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs)
+SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap)
+SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether)
+SET(MONITOR_SOURCE_DIR ${PLUGIN_DIR}/monitor)
+SET(FIREWALL_SOURCE_DIR ${PLUGIN_DIR}/firewall)
+
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/dbus-interface)
+
+INCLUDE_DIRECTORIES(${SOURCE_DIR})
+INCLUDE_DIRECTORIES(${HELPER_SOURCE_DIR})
+
+INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR})
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include/db)
+
+INCLUDE_DIRECTORIES(${APPSTATUS_SOURCE_DIR})
+INCLUDE_DIRECTORIES(${EXCEPTION_SOURCE_DIR})
+INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR})
+INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR})
+INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR})
+INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR})
+INCLUDE_DIRECTORIES(${FIREWALL_SOURCE_DIR})
+
+FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c util/*.c)
+FILE(GLOB HELPER_SRCS ${HELPER_SOURCE_DIR}/*.c)
+
+SET(SRCS ${SRCS} ${SOURCE_SRCS} ${HELPER_SRCS})
+
+IF("${ENABLE_DATABASE}" STREQUAL "YES")
+ FILE(GLOB DATABASE_SRCS ${DATABASE_SOURCE_DIR}/*.c)
+
+ SET(SRCS ${SRCS} ${DATABASE_SRCS})
+
+ INSTALL(FILES ${DATA_DIR}/traffic_db.sql DESTINATION /usr/share)
+ INSTALL(FILES ${DATA_DIR}/firewall_db.sql DESTINATION /usr/share)
+ENDIF()
+
+IF(BUILD_GTESTS)
+SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fpic -Wall -Werror-implicit-function-declaration")
+SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -fprofile-arcs -ftest-coverage")
+ELSE(BUILD_GTESTS)
+SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fpic -Wall -Werror-implicit-function-declaration -fvisibility=hidden")
+SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
+ENDIF(BUILD_GTESTS)
+
+SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -pie")
+
+ADD_DEFINITIONS("-DUSE_DLOG")
+ADD_DEFINITIONS("-DDATABASE_FULL_PATH=\"${DATABASE_FULL_PATH}\"")
+ADD_DEFINITIONS("-DDATABASE_BACKUP_PATH=\"${DATABASE_BACKUP_PATH}\"")
+IF(BUILD_GTESTS)
+ ADD_DEFINITIONS(-DTIZEN_GTESTS)
+ENDIF(BUILD_GTESTS)
+
+SET(SRCS ${SRCS} ${INTERFACES}/generated-code.c)
+SET_SOURCE_FILES_PROPERTIES(${INTERFACES}/generated-code.c PROPERTIES GENERATED TRUE)
+
+ADD_EXECUTABLE(${PROJECT_NAME} ${SRCS})
+TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${stc_pkgs_LDFLAGS} -ldl)
+INSTALL(TARGETS ${PROJECT_NAME} RUNTIME DESTINATION ${BIN_DIR})
+ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE)
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <sys/stat.h>
+
+#include "stc-db.h"
+#include "db-internal.h"
+#include "table-statistics.h"
+#include "table-restrictions.h"
+#include "table-counters.h"
+#include "table-firewall.h"
+
+#define SQLITE_BUSY_TIMEOUT 500000
+
+static sqlite3 *database;
+
+//LCOV_EXCL_START
+static int __stc_db_busy(void *user, int attempts)
+{
+ __STC_LOG_FUNC_ENTER__;
+ STC_LOGE("DB locked by another process, attempts number %d",
+ attempts);
+
+ usleep(SQLITE_BUSY_TIMEOUT); /* wait for a half second*/
+ __STC_LOG_FUNC_EXIT__;
+ return 1;
+}
+
+static gboolean __stc_db_restore(const char *src, const char *dst)
+{
+ gchar *buf = NULL;
+ gsize length = 0;
+ GError *error = NULL;
+ gboolean result;
+
+ result = g_file_get_contents(src, &buf, &length, &error);
+ if (result != TRUE) {
+ STC_LOGE("Failed to read [%s]", error->message);
+ g_error_free(error);
+ return result;
+ }
+
+ result = g_file_set_contents(dst, buf, length, &error);
+ if (result != TRUE) {
+ STC_LOGE("Failed to write [%s]", error->message);
+ g_error_free(error);
+ g_free(buf);
+ return result;
+ }
+
+ STC_LOGD("Successfully restored database");
+ g_free(buf);
+
+ return result;
+}
+
+static gboolean __stc_db_table_init()
+{
+ EXEC(STC_ERROR_NONE, table_statistics_prepare(database));
+ EXEC(STC_ERROR_NONE, table_restrictions_prepare(database));
+ EXEC(STC_ERROR_NONE, table_counters_prepare(database));
+ EXEC(STC_ERROR_NONE, table_firewall_prepare(database));
+ EXEC(STC_ERROR_NONE, stc_init_db_guard());
+
+ return true;
+}
+
+static int __stc_db_open(void)
+{
+ int ret = 0;
+
+ ret = sqlite3_open(DATABASE_FULL_PATH, &database);
+ if (ret != SQLITE_OK) {
+ STC_LOGD("Failed to open database [%s]", sqlite3_errmsg(database));
+ return STC_ERROR_DB_FAILED;
+ }
+
+ STC_LOGD("Successfully opened database");
+ return ret;
+}
+
+static int __stc_db_exec(char *sql, void *cb)
+{
+ int ret;
+ char *error = NULL;
+
+ if (database == NULL)
+ return STC_ERROR_DB_FAILED;
+
+ ret = sqlite3_exec(database, sql, cb, 0, &error);
+ if (ret != SQLITE_OK) {
+ STC_LOGE("Failed to execute sql [%d:%s]", ret, error);
+ sqlite3_free(error);
+ sqlite3_close(database);
+ database = NULL;
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_DB_FAILED;
+ }
+
+ return STC_ERROR_NONE;
+}
+
+static int __stc_db_integrity_cb(void *err, int count, char **data, char **columns)
+{
+ STC_LOGD("%s [%s]", columns[0], data[0] ? data[0] : "null");
+
+ if (!g_strcmp0(columns[0], "integrity_check") && !g_strcmp0(data[0], "ok"))
+ return SQLITE_OK;
+
+ return SQLITE_ERROR;
+}
+
+static int __stc_db_check_integrity(void)
+{
+ int ret;
+ char *sql = NULL;
+
+ sql = sqlite3_mprintf("PRAGMA integrity_check");
+ ret = __stc_db_exec(sql, __stc_db_integrity_cb);
+ if (ret == STC_ERROR_NONE)
+ STC_LOGD("Successfully checked integrity");
+
+ sqlite3_free(sql);
+
+ return ret;
+}
+
+static int __stc_db_set_locking_mode(void)
+{
+ int ret;
+ char *sql = NULL;
+
+ sql = sqlite3_mprintf("PRAGMA locking_mode = NORMAL");
+ ret = __stc_db_exec(sql, NULL);
+ if (ret == STC_ERROR_NONE)
+ STC_LOGD("Successfully set locking mode");
+
+ sqlite3_free(sql);
+
+ return ret;
+}
+
+static int __stc_db_stat(void)
+{
+ struct stat db_stat = { 0 };
+
+ if (stat(DATABASE_FULL_PATH, &db_stat)) {
+ STC_LOGD("Db restoration is required [no file]");
+ return STC_ERROR_DB_FAILED;
+ } else if (db_stat.st_size == 0) {
+ STC_LOGD("Db restoration is required [size is zero]");
+ return STC_ERROR_DB_FAILED;
+ }
+
+ return STC_ERROR_NONE;
+}
+
+static int __stc_db_verify(void)
+{
+ ret_value_msg_if(__stc_db_check_integrity() != STC_ERROR_NONE,
+ STC_ERROR_DB_FAILED, "Failed to check integrity");
+
+ ret_value_msg_if(__stc_db_set_locking_mode() != STC_ERROR_NONE,
+ STC_ERROR_DB_FAILED, "Failed to set locking mode");
+
+ return STC_ERROR_NONE;
+}
+
+//LCOV_EXCL_STOP
+stc_error_e stc_db_initialize_once()
+{
+ __STC_LOG_FUNC_ENTER__;
+ int retry_count = MAX_DB_RETRY_COUNT;
+
+ if (database != NULL) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+ }
+
+ if (__stc_db_stat() != STC_ERROR_NONE) {
+ if (!__stc_db_restore(DATABASE_BACKUP_PATH, DATABASE_FULL_PATH)) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_DB_FAILED;
+ }
+ }
+
+ do {
+ if (__stc_db_open() == SQLITE_OK) {
+ if (__stc_db_verify() == STC_ERROR_NONE) {
+ STC_LOGD("Successfully verified database");
+ break;
+ } else {
+ __stc_db_restore(DATABASE_BACKUP_PATH, DATABASE_FULL_PATH);
+ }
+ }
+ usleep(MAX_USLEEP_TIMEOUT);
+ STC_LOGD("Retry opening database [%d]", MAX_DB_RETRY_COUNT - retry_count + 1);
+ } while (retry_count--);
+
+ if (retry_count == 0) {
+ STC_LOGE("Failed to initialize database");
+ sqlite3_close(database);
+ database = NULL;
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_DB_FAILED;
+ }
+
+ /* Set how many times we'll repeat our attempts for sqlite_step */
+ if (sqlite3_busy_handler(database, __stc_db_busy, NULL) != SQLITE_OK)
+ STC_LOGE("Couldn't set busy handler!");
+
+ STC_LOGD("Successfully initialize database");
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+//LCOV_EXCL_START
+sqlite3 *stc_db_get_database(void)
+{
+ if (database == NULL)
+ stc_db_initialize_once();
+
+ return database;
+}
+//LCOV_EXCL_STOP
+
+stc_error_e stc_db_initialize(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret;
+ int retry_count = MAX_DB_RETRY_COUNT;
+ database = NULL;
+
+ do {
+ stc_db_initialize_once();
+ ret = __stc_db_table_init();
+ if (ret) {
+ STC_LOGD("Successfully initialize database");
+ break;
+ } else {
+ __stc_db_restore(DATABASE_BACKUP_PATH, DATABASE_FULL_PATH);
+ sqlite3_close(database);
+ database = NULL;
+ }
+ STC_LOGD("Retry init database [%d]", MAX_DB_RETRY_COUNT - retry_count + 1);
+ } while (retry_count--);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+gboolean stc_db_deinitialize(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ if (database == NULL) {
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ table_statistics_finalize();
+ table_restrictions_finalize();
+ table_counters_finalize();
+ table_firewall_finalize();
+ sqlite3_close(database);
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <sys/stat.h>
+
+#include "stc-db.h"
+#include "table-statistics.h"
+
+#define VCONF_KEY_DB_ENTRIES_COUNT "db/stc-manager/datausage_timer"
+#define ENTRY_SIZE 128
+
+/* one hour */
+#define ERASE_TIMER_INTERVAL 3600
+/* 40 days */
+#define ERASE_INTERVAL 3600 * 24 * 40
+/* 50 Mb */
+#define DB_SIZE_THRESHOLD 1048576 * 50
+
+static guint erase_timer = 0;
+static int db_entries = 0;
+
+//LCOV_EXCL_START
+static void __change_db_entries_num_num(int num)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ db_entries += num;
+ if (vconf_set_int(VCONF_KEY_DB_ENTRIES_COUNT, db_entries))
+ STC_LOGE("Failed to set new db entries number");
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+static void __check_erase_db_oversize(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ struct stat db_stat = {0};
+ int del_entry = 0;
+
+ if (stat(DATABASE_FULL_PATH, &db_stat)) {
+ STC_LOGE("Failed to get statistics for %s errno %d",
+ DATABASE_FULL_PATH, errno);
+ __STC_LOG_FUNC_EXIT__;
+ return;
+ }
+
+ if (db_stat.st_size < DB_SIZE_THRESHOLD) {
+ STC_LOGD("Db truncation isn't required!");
+ __STC_LOG_FUNC_EXIT__;
+ return;
+ }
+
+ /* get approximate number of entries for removing */
+ del_entry = (db_stat.st_size - DB_SIZE_THRESHOLD) / ENTRY_SIZE;
+ if (STC_ERROR_NONE !=
+ table_statistics_reset_first_n_entries(del_entry)) {
+ STC_LOGE("Failed to remove first %d entries", del_entry);
+ __STC_LOG_FUNC_EXIT__;
+ return;
+ }
+
+ __change_db_entries_num_num(-del_entry);
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+static void __erase_old_entries(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ char buffer[80] = {0, };
+ table_statistics_reset_rule rule = {
+ .iftype = STC_IFACE_LAST_ELEM,
+ };
+ stc_db_tm_interval_s interval;
+ time_t until = time(0);
+ struct tm result = {0, };
+
+ until -= ERASE_INTERVAL;
+
+ interval.from = 0;
+ interval.to = until;
+ rule.interval = &interval;
+
+ strftime(buffer, 80, "%x - %I:%M%p", localtime_r(&until, &result));
+ STC_LOGD("Reset statistics till %s", buffer);
+
+ if (table_statistics_reset(&rule) != STC_ERROR_NONE)
+ STC_LOGE("Failed to reset statistics");
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+static gboolean __erase_func_cb(void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ __check_erase_db_oversize();
+ __erase_old_entries();
+
+ /* we need to continue the timer */
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+//LCOV_EXCL_STOP
+
+stc_error_e stc_init_db_guard(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ erase_timer = g_timeout_add_seconds(ERASE_TIMER_INTERVAL,
+ __erase_func_cb, NULL);
+ if (erase_timer == 0) {
+ STC_LOGE("Failed to create timer"); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+void stc_deinit_db_guard(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (erase_timer > 0) {
+ g_source_remove(erase_timer);
+ erase_timer = 0;
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * This file declares methods and variables which will be used by
+ * stc-db module internally.
+ *
+ * @file db-internal.h
+ */
+
+#ifndef __STC_DB_INTERNAL_H__
+#define __STC_DB_INTERNAL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+/*****************************************************************************
+ * Macros and Typedefs
+ *****************************************************************************/
+
+#define DB_ACTION(command) do { \
+ if ((command) != SQLITE_OK) { \
+ error_code = STC_ERROR_DB_FAILED; \
+ goto handle_error; \
+ } \
+} while (0)
+
+/*****************************************************************************
+ * Enumerations and Structures
+ *****************************************************************************/
+
+void stc_db_finalize_statistics(void);
+
+stc_error_e stc_db_initialize_once(void);
+sqlite3 *stc_db_get_database(void);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* _STC_DB_INTERNAL_H_ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * This file implements counters entity handler methods.
+ *
+ * @file table-counter.c
+ */
+
+#include "stc-db.h"
+#include "db-internal.h"
+#include "table-counters.h"
+
+#define DELETE_COUNTER "DELETE FROM counters WHERE restriction_id=?"
+
+#define SELECT_RESTRICTION_ID "SELECT restriction_id FROM counters " \
+ " WHERE restriction_id = ?"
+
+#define SELECT_COUNTER "SELECT data_counter, warn_counter, monthly_counter, weekly_counter, daily_counter " \
+ " FROM counters WHERE restriction_id = ?"
+
+#define UPDATE_COUNTER "UPDATE counters " \
+ " SET data_counter = ?, warn_counter = ?, monthly_counter = ?, weekly_counter = ?, daily_counter = ? " \
+ " WHERE restriction_id = ?"
+
+#define INSERT_COUNTER "INSERT INTO counters " \
+ " (restriction_id, data_counter, warn_counter, monthly_counter, weekly_counter, daily_counter) " \
+ " VALUES (?, ?, ?, ?, ?, ?)"
+
+#define SELECT_TIMESTAMP "SELECT month_start_date, month_start_ts, week_start_ts, day_start_ts " \
+ " FROM counters WHERE restriction_id = ?"
+
+#define UPDATE_TIMESTAMP "UPDATE counters " \
+ " SET month_start_date = ?, month_start_ts = ?, week_start_ts = ?, day_start_ts = ? " \
+ " WHERE restriction_id = ?"
+
+#define INSERT_TIMESTAMP "INSERT INTO counters " \
+ " (restriction_id, month_start_date, month_start_ts, week_start_ts, day_start_ts) " \
+ " VALUES (?, ?, ?, ?, ?)"
+
+static void __finalize_delete(void);
+
+#define PREPARE_DELETE(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_delete(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_select(void);
+
+#define PREPARE_SELECT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_select(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_update(void);
+
+#define PREPARE_UPDATE(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_update(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_insert(void);
+
+#define PREPARE_INSERT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_insert(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+ } while (0)
+
+
+
+#define FINALIZE(stm) do { \
+ if (stm) { \
+ sqlite3_finalize(stm); \
+ stm = NULL; \
+ } \
+} while (0)
+
+static sqlite3_stmt *delete_counter;
+static sqlite3_stmt *select_restriction_id;
+static sqlite3_stmt *select_counter;
+static sqlite3_stmt *update_counter;
+static sqlite3_stmt *insert_counter;
+static sqlite3_stmt *select_timestamp;
+static sqlite3_stmt *update_timestamp;
+static sqlite3_stmt *insert_timestamp;
+
+static int __prepare_delete(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_DELETE(delete_counter, DELETE_COUNTER);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_delete(void)
+{
+ FINALIZE(delete_counter);
+}
+
+static int __prepare_select(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_SELECT(select_counter, SELECT_COUNTER);
+ PREPARE_SELECT(select_timestamp, SELECT_TIMESTAMP);
+ PREPARE_SELECT(select_restriction_id, SELECT_RESTRICTION_ID);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_select(void)
+{
+ FINALIZE(select_counter);
+ FINALIZE(select_timestamp);
+ FINALIZE(select_restriction_id);
+}
+
+static int __prepare_update(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_UPDATE(update_counter, UPDATE_COUNTER);
+ PREPARE_UPDATE(update_timestamp, UPDATE_TIMESTAMP);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_update(void)
+{
+ FINALIZE(update_counter);
+ FINALIZE(update_timestamp);
+}
+
+static int __prepare_insert(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_INSERT(insert_counter, INSERT_COUNTER);
+ PREPARE_INSERT(insert_timestamp, INSERT_TIMESTAMP);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_insert(void)
+{
+ FINALIZE(insert_counter);
+ FINALIZE(insert_timestamp);
+}
+
+static bool __table_counters_is_entry_present(long long int restriction_id)
+{
+ bool ret = FALSE;
+ int rc;
+ long long int l_restriction_id = -1;
+ sqlite3_stmt *stmt = select_restriction_id;
+
+ if (sqlite3_bind_int(stmt, 1, restriction_id) != SQLITE_OK) {
+ ret = FALSE;
+ goto handle_error;
+ }
+
+ rc = sqlite3_step(stmt);
+
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ l_restriction_id = sqlite3_column_int64(stmt, 0);
+ STC_LOGD("restriction id [%llu]", l_restriction_id);
+ ret = TRUE;
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to get restriction id : %s",
+ sqlite3_errmsg(stc_db_get_database()));
+ }
+
+handle_error:
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ ret = FALSE;
+
+ return ret;
+}
+
+API stc_error_e table_counters_get(long long int restriction_id,
+ table_counters_info *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_counter;
+ int rc;
+
+ if (info == NULL)
+ goto handle_error;
+
+ info->restriction_id = restriction_id;
+
+ DB_ACTION(sqlite3_bind_int64(stmt, 1, restriction_id));
+
+ do {
+ rc = sqlite3_step(stmt);
+
+ //LCOV_EXCL_START
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ info->data_counter = sqlite3_column_int64(stmt, 0);
+ info->warn_counter = sqlite3_column_int64(stmt, 1);
+ info->monthly_counter = sqlite3_column_int64(stmt, 2);
+ info->weekly_counter = sqlite3_column_int64(stmt, 3);
+ info->daily_counter = sqlite3_column_int64(stmt, 4);
+
+ STC_LOGD("rstn_id[%llu] data[%lld] warn[%lld] "
+ "monthly[%lld] weekly[%lld] daily[%lld]",
+ restriction_id, info->data_counter,
+ info->warn_counter, info->monthly_counter,
+ info->weekly_counter, info->daily_counter);
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to enumerate counters: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+
+ error_code = STC_ERROR_DB_FAILED;
+ __STC_LOG_FUNC_EXIT__;
+ }
+ //LCOV_EXCL_STOP
+ } while (rc == SQLITE_ROW);
+
+handle_error:
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+//LCOV_EXCL_START
+API stc_error_e table_counters_update_counters(const table_counters_info *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = update_counter;
+
+ if (!info->data_counter) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ if (__table_counters_is_entry_present(info->restriction_id) == FALSE)
+ stmt = insert_counter;
+
+ DB_ACTION(sqlite3_bind_int64(stmt, 1, info->restriction_id));
+ DB_ACTION(sqlite3_bind_int64(stmt, 2, info->data_counter));
+ DB_ACTION(sqlite3_bind_int64(stmt, 3, info->warn_counter));
+ DB_ACTION(sqlite3_bind_int64(stmt, 4, info->monthly_counter));
+ DB_ACTION(sqlite3_bind_int64(stmt, 5, info->weekly_counter));
+ DB_ACTION(sqlite3_bind_int64(stmt, 6, info->daily_counter));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to update counter: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ __STC_LOG_FUNC_EXIT__;
+ goto handle_error;
+ }
+
+ STC_LOGD("Counter updated for restriction_id [%llu]",
+ info->restriction_id);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+//LCOV_EXCL_STOP
+
+API stc_error_e table_counters_get_timestamps(long long int restriction_id,
+ table_counters_info *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_timestamp;
+ int rc;
+
+ if (info == NULL) {
+ __STC_LOG_FUNC_EXIT__;
+ goto handle_error;
+ }
+
+ info->restriction_id = restriction_id;
+
+ DB_ACTION(sqlite3_bind_int64(stmt, 1, restriction_id));
+
+ do {
+ rc = sqlite3_step(stmt);
+
+ //LCOV_EXCL_START
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ info->month_start_date = sqlite3_column_int(stmt, 0);
+ info->month_start_ts = sqlite3_column_int64(stmt, 1);
+ info->week_start_ts = sqlite3_column_int64(stmt, 2);
+ info->day_start_ts = sqlite3_column_int64(stmt, 3);
+
+ STC_LOGD("rstn_id [%llu] month_start_date [%d], "
+ "month_start_ts [%lld], week_start_ts [%lld], "
+ "day_start_ts [%lld]", restriction_id,
+ info->month_start_date, info->month_start_ts,
+ info->week_start_ts, info->day_start_ts);
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to enumerate counters: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+
+ error_code = STC_ERROR_DB_FAILED;
+ __STC_LOG_FUNC_EXIT__;
+ }
+ //LCOV_EXCL_STOP
+ } while (rc == SQLITE_ROW);
+
+handle_error:
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+//LCOV_EXCL_START
+API stc_error_e table_counters_update_timestamps(const table_counters_info *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = update_timestamp;
+
+ if (__table_counters_is_entry_present(info->restriction_id) == FALSE)
+ stmt = insert_timestamp;
+
+ DB_ACTION(sqlite3_bind_int64(stmt, 1, info->restriction_id));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, info->month_start_date));
+ DB_ACTION(sqlite3_bind_int64(stmt, 3, info->month_start_ts));
+ DB_ACTION(sqlite3_bind_int64(stmt, 4, info->week_start_ts));
+ DB_ACTION(sqlite3_bind_int64(stmt, 5, info->day_start_ts));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to update timestamps: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ __STC_LOG_FUNC_EXIT__;
+ goto handle_error;
+ }
+
+ STC_LOGD("Timestamps updated for restriction_id [%llu]",
+ info->restriction_id);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+//LCOV_EXCL_STOP
+
+
+API stc_error_e table_counters_delete(long long int restriction_id)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = delete_counter;
+
+ DB_ACTION(sqlite3_bind_int64(stmt, 1, restriction_id));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to delete counter: %s\n", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ STC_LOGD("Counter deleted for restriction_id [%llu]", restriction_id);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+stc_error_e table_counters_prepare(sqlite3 *db)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e error_code = STC_ERROR_NONE;
+
+ if (db == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ DB_ACTION(__prepare_delete(db));
+ DB_ACTION(__prepare_select(db));
+ DB_ACTION(__prepare_update(db));
+ DB_ACTION(__prepare_insert(db));
+
+handle_error:
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+void table_counters_finalize(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ __finalize_delete();
+ __finalize_select();
+ __finalize_update();
+ __finalize_insert();
+ __STC_LOG_FUNC_EXIT__;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * This file implements restrictions entity handler methods.
+ *
+ * @file table-restrictions.c
+ */
+
+#include "stc-db.h"
+#include "db-internal.h"
+#include "table-firewall.h"
+
+#define BUF_SIZE_FOR_IP 64
+
+/* DELETE statements */
+#define DELETE_FIREWALL_CHAIN "DELETE FROM fw_chains " \
+ "WHERE chain = ?"
+
+#define DELETE_FIREWALL_RULE "DELETE FROM fw_rules " \
+ "WHERE key = ?"
+
+#define DELETE_FIREWALL_RULE_PER_CHAIN "DELETE FROM fw_rules " \
+ "WHERE chain = ?"
+
+/* SELECT statements */
+#define SELECT_FIREWALL_LOCK "SELECT state FROM fw_lock " \
+ "WHERE name = ?"
+
+#define SELECT_FIREWALL_CHAIN "SELECT chain, " \
+ "target, priority FROM fw_chains"
+
+#define SELECT_FIREWALL_RULE "SELECT key, " \
+ "chain, direction, s_ip_type, d_ip_type, s_port_type, " \
+ "d_port_type, protocol, family, s_ip1, s_ip2, d_ip1, d_ip2, " \
+ "s_port1, s_port2, d_port1, d_port2, ifname, target, " \
+ "log_level, log_prefix, " \
+ "nflog_group, nflog_prefix, nflog_range, nflog_threshold, " \
+ "identifier " \
+ "FROM fw_rules"
+
+#define SELECT_FIREWALL_RULE_PER_CHAIN "SELECT key, " \
+ "chain, direction, s_ip_type, d_ip_type, s_port_type, " \
+ "d_port_type, protocol, family, s_ip1, s_ip2, d_ip1, d_ip2, " \
+ "s_port1, s_port2, d_port1, d_port2, ifname, target, " \
+ "log_level, log_prefix, " \
+ "nflog_group, nflog_prefix, nflog_range, nflog_threshold, " \
+ "identifier " \
+ "FROM fw_rules INDEXED BY rules_index " \
+ "WHERE chain = ?"
+
+/* UPDATE statement */
+#define UPDATE_FIREWALL_LOCK "UPDATE fw_lock " \
+ "SET state = ? WHERE name = ?"
+
+#define UPDATE_FIREWALL_CHAIN "UPDATE fw_chains " \
+ "SET target = ?, priority = ? " \
+ "WHERE chain = ?"
+
+#define UPDATE_FIREWALL_RULE "UPDATE fw_rules " \
+ "SET chain = ?, direction = ?, s_ip_type = ?, d_ip_type = ?, " \
+ "s_port_type = ?, d_port_type = ?, protocol = ?, family = ?, " \
+ "s_ip1 = ?, s_ip2 = ?, d_ip1 = ?, d_ip2 = ?, s_port1 = ?, " \
+ "s_port2 = ?, d_port1 = ?, d_port2 = ?, ifname = ?, target = ?, " \
+ "log_level = ?, log_prefix = ?, " \
+ "nflog_group = ?, nflog_prefix = ?, nflog_range = ?, nflog_threshold = ?, " \
+ "identifier = ?, key = ? " \
+ "WHERE key = ?"
+
+/* INSERT statement */
+#define INSERT_FIREWALL_LOCK "INSERT INTO fw_lock " \
+ "(name, state) VALUES (?, ?)"
+
+#define INSERT_FIREWALL_CHAIN "INSERT INTO fw_chains " \
+ "(chain, target, priority) " \
+ "VALUES (?, ?, ?)"
+
+#define INSERT_FIREWALL_RULE "INSERT INTO fw_rules " \
+ "(key, chain, direction, s_ip_type, d_ip_type, s_port_type, " \
+ "d_port_type, protocol, family, s_ip1, s_ip2, d_ip1, d_ip2, " \
+ "s_port1, s_port2, d_port1, d_port2, ifname, target, " \
+ "log_level, log_prefix, " \
+ "nflog_group, nflog_prefix, nflog_range, nflog_threshold, " \
+ "identifier) " \
+ "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, " \
+ "?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
+
+static void __finalize_delete(void);
+
+#define PREPARE_DELETE(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_delete(); \
+ STC_LOGE("Failed to prepare \"%s\" query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_select(void);
+
+#define PREPARE_SELECT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_select(); \
+ STC_LOGE("Failed to prepare \"%s\" query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_update(void);
+
+#define PREPARE_UPDATE(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_update(); \
+ STC_LOGE("Failed to prepare \"%s\" query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_insert(void);
+
+#define PREPARE_INSERT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_insert(); \
+ STC_LOGE("Failed to prepare \"%s\" query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+#define FINALIZE(stm) do { \
+ if (stm) { \
+ sqlite3_finalize(stm); \
+ stm = NULL; \
+ } \
+} while (0)
+
+/* DELETE statements */
+static sqlite3_stmt *delete_fw_chain;
+static sqlite3_stmt *delete_fw_rule;
+static sqlite3_stmt *delete_fw_rule_per_chain;
+
+/* SELECT statements */
+static sqlite3_stmt *select_fw_lock;
+static sqlite3_stmt *select_fw_chain;
+static sqlite3_stmt *select_fw_rule;
+static sqlite3_stmt *select_fw_rule_per_chain;
+
+/* UPDATE statements */
+static sqlite3_stmt *update_fw_lock;
+static sqlite3_stmt *update_fw_chain;
+static sqlite3_stmt *update_fw_rule;
+
+/* INSERT statements */
+static sqlite3_stmt *insert_fw_lock;
+static sqlite3_stmt *insert_fw_chain;
+static sqlite3_stmt *insert_fw_rule;
+
+static int __prepare_delete(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_DELETE(delete_fw_chain, DELETE_FIREWALL_CHAIN);
+ PREPARE_DELETE(delete_fw_rule, DELETE_FIREWALL_RULE);
+ PREPARE_DELETE(delete_fw_rule_per_chain, DELETE_FIREWALL_RULE_PER_CHAIN);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_delete(void)
+{
+ FINALIZE(delete_fw_chain);
+ FINALIZE(delete_fw_rule);
+ FINALIZE(delete_fw_rule_per_chain);
+}
+
+static int __prepare_select(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_SELECT(select_fw_lock, SELECT_FIREWALL_LOCK);
+ PREPARE_SELECT(select_fw_chain, SELECT_FIREWALL_CHAIN);
+ PREPARE_SELECT(select_fw_rule, SELECT_FIREWALL_RULE);
+ PREPARE_SELECT(select_fw_rule_per_chain, SELECT_FIREWALL_RULE_PER_CHAIN);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_select(void)
+{
+ FINALIZE(select_fw_lock);
+ FINALIZE(select_fw_chain);
+ FINALIZE(select_fw_rule);
+ FINALIZE(select_fw_rule_per_chain);
+}
+
+static int __prepare_update(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_UPDATE(update_fw_lock, UPDATE_FIREWALL_LOCK);
+ PREPARE_UPDATE(update_fw_chain, UPDATE_FIREWALL_CHAIN);
+ PREPARE_UPDATE(update_fw_rule, UPDATE_FIREWALL_RULE);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_update(void)
+{
+ FINALIZE(update_fw_lock);
+ FINALIZE(update_fw_chain);
+ FINALIZE(update_fw_rule);
+}
+
+static int __prepare_insert(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_INSERT(insert_fw_lock, INSERT_FIREWALL_LOCK);
+ PREPARE_INSERT(insert_fw_chain, INSERT_FIREWALL_CHAIN);
+ PREPARE_INSERT(insert_fw_rule, INSERT_FIREWALL_RULE);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_insert(void)
+{
+ FINALIZE(insert_fw_lock);
+ FINALIZE(insert_fw_chain);
+ FINALIZE(insert_fw_rule);
+}
+
+API stc_error_e table_firewall_insert_lock(char *name, int state)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = insert_fw_lock;
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, name ? name : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, state));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to insert firewall lock state: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall lock state inserted [%d]", state);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_update_lock(char *name, int state)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = update_fw_lock;
+
+ DB_ACTION(sqlite3_bind_int(stmt, 1, state));
+ DB_ACTION(sqlite3_bind_text(stmt, 2, name ? name : "",
+ -1, SQLITE_TRANSIENT));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to update firewall lock state: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall lock state updated [%d]", state);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_get_lock(char *name, int *state)
+{
+ int rc;
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_fw_lock;
+
+ if (!name)
+ return STC_ERROR_DB_FAILED;
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, name,
+ -1, SQLITE_TRANSIENT));
+
+ rc = sqlite3_step(stmt);
+
+ switch (rc) {
+ case SQLITE_DONE:
+ STC_LOGD("There is no lock state [%s]", name);
+ error_code = STC_ERROR_NO_DATA;
+ goto handle_error;
+ case SQLITE_ROW:
+ *state = sqlite3_column_int(stmt, 0);
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to get firewall lock state: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall lock state [%d]", *state);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_insert_chain(firewall_chain_s *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = insert_fw_chain;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, info->target));
+ DB_ACTION(sqlite3_bind_int(stmt, 3, info->priority));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to insert firewall chain: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall chain inserted [%s]", info->chain);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_delete_chain(firewall_chain_s *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = delete_fw_chain;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
+ -1, SQLITE_TRANSIENT));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to delete firewall chain %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall chain deleted [%s]", info->chain);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_flush_chain(firewall_chain_s *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = delete_fw_rule_per_chain;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
+ -1, SQLITE_TRANSIENT));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to flush firewall chain %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall chain flushed [%s]", info->chain);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_update_chain(firewall_chain_s *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = update_fw_chain;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_int(stmt, 1, info->target));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, info->priority));
+ DB_ACTION(sqlite3_bind_text(stmt, 3, info->chain ? info->chain : "",
+ -1, SQLITE_TRANSIENT));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to update firewall chain: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall chain updated [%s]", info->chain);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb,
+ void *user_data)
+{
+ firewall_chain_s info;
+ int rc;
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_fw_chain;
+
+ do {
+ rc = sqlite3_step(stmt);
+
+ memset(&info, 0, sizeof(info));
+
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ info.chain = (char *)sqlite3_column_text(stmt, 0);
+ info.target = sqlite3_column_int(stmt, 1);
+ info.priority = sqlite3_column_int(stmt, 2);
+
+ if (info_cb(&info, user_data) == STC_CANCEL)
+ rc = SQLITE_DONE;
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to enumerate firewall chains: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+
+ error_code = STC_ERROR_DB_FAILED;
+ }
+ } while (rc == SQLITE_ROW);
+
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_insert_rule(firewall_rule_s *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ char buf[BUF_SIZE_FOR_IP];
+ sqlite3_stmt *stmt = insert_fw_rule;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_int64(stmt, 1, info->key));
+ DB_ACTION(sqlite3_bind_text(stmt, 2, info->chain ? info->chain : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 3, info->direction));
+ DB_ACTION(sqlite3_bind_int(stmt, 4, info->s_ip_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 5, info->d_ip_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 6, info->s_port_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 7, info->d_port_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 8, info->protocol));
+ DB_ACTION(sqlite3_bind_int(stmt, 9, info->family));
+ if (info->family == STC_FW_FAMILY_V4) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->s_ip1.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->s_ip2.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->d_ip1.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->d_ip2.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 13, buf, -1, SQLITE_TRANSIENT));
+ } else if (info->family == STC_FW_FAMILY_V6) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->s_ip1.Ipv6.s6_addr32[0], info->s_ip1.Ipv6.s6_addr32[1],
+ info->s_ip1.Ipv6.s6_addr32[2], info->s_ip1.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->s_ip2.Ipv6.s6_addr32[0], info->s_ip2.Ipv6.s6_addr32[1],
+ info->s_ip2.Ipv6.s6_addr32[2], info->s_ip2.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->d_ip1.Ipv6.s6_addr32[0], info->d_ip1.Ipv6.s6_addr32[1],
+ info->d_ip1.Ipv6.s6_addr32[2], info->d_ip1.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->d_ip2.Ipv6.s6_addr32[0], info->d_ip2.Ipv6.s6_addr32[1],
+ info->d_ip2.Ipv6.s6_addr32[2], info->d_ip2.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 13, buf, -1, SQLITE_TRANSIENT));
+ } else {
+ DB_ACTION(sqlite3_bind_text(stmt, 10, "", -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 11, "", -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 12, "", -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 13, "", -1, SQLITE_TRANSIENT));
+ }
+ DB_ACTION(sqlite3_bind_int(stmt, 14, info->s_port1));
+ DB_ACTION(sqlite3_bind_int(stmt, 15, info->s_port2));
+ DB_ACTION(sqlite3_bind_int(stmt, 16, info->d_port1));
+ DB_ACTION(sqlite3_bind_int(stmt, 17, info->d_port2));
+ DB_ACTION(sqlite3_bind_text(stmt, 18, info->ifname ? info->ifname : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 19, info->target));
+ DB_ACTION(sqlite3_bind_int(stmt, 20, info->log_level));
+ DB_ACTION(sqlite3_bind_text(stmt, 21, info->log_prefix ? info->log_prefix : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 22, info->nflog_group));
+ DB_ACTION(sqlite3_bind_text(stmt, 23, info->nflog_prefix ? info->nflog_prefix : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 24, info->nflog_range));
+ DB_ACTION(sqlite3_bind_int(stmt, 25, info->nflog_threshold));
+ DB_ACTION(sqlite3_bind_text(stmt, 26, info->identifier ? info->identifier : "",
+ -1, SQLITE_TRANSIENT));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to insert firewall rule: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall rule inserted [%s]", info->chain);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_delete_rule(firewall_rule_s *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = delete_fw_rule;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_int64(stmt, 1, info->key));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to delete firewall rule %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall rule deleted [%s]", info->chain);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ char buf[BUF_SIZE_FOR_IP];
+ sqlite3_stmt *stmt = update_fw_rule;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, info->direction));
+ DB_ACTION(sqlite3_bind_int(stmt, 3, info->s_ip_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 4, info->d_ip_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 5, info->s_port_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 6, info->d_port_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 7, info->protocol));
+ DB_ACTION(sqlite3_bind_int(stmt, 8, info->family));
+ if (info->family == STC_FW_FAMILY_V4) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->s_ip1.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 9, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->s_ip2.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->d_ip1.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x", info->d_ip2.Ipv4.s_addr);
+ DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
+ } else if (info->family == STC_FW_FAMILY_V6) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->s_ip1.Ipv6.s6_addr32[0], info->s_ip1.Ipv6.s6_addr32[1],
+ info->s_ip1.Ipv6.s6_addr32[2], info->s_ip1.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 9, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->s_ip2.Ipv6.s6_addr32[0], info->s_ip2.Ipv6.s6_addr32[1],
+ info->s_ip2.Ipv6.s6_addr32[2], info->s_ip2.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->d_ip1.Ipv6.s6_addr32[0], info->d_ip1.Ipv6.s6_addr32[1],
+ info->d_ip1.Ipv6.s6_addr32[2], info->d_ip1.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
+
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ info->d_ip2.Ipv6.s6_addr32[0], info->d_ip2.Ipv6.s6_addr32[1],
+ info->d_ip2.Ipv6.s6_addr32[2], info->d_ip2.Ipv6.s6_addr32[3]);
+ DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
+ } else {
+ DB_ACTION(sqlite3_bind_text(stmt, 9, "", -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 10, "", -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 11, "", -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 12, "", -1, SQLITE_TRANSIENT));
+ }
+ DB_ACTION(sqlite3_bind_int(stmt, 13, info->s_port1));
+ DB_ACTION(sqlite3_bind_int(stmt, 14, info->s_port2));
+ DB_ACTION(sqlite3_bind_int(stmt, 15, info->d_port1));
+ DB_ACTION(sqlite3_bind_int(stmt, 16, info->d_port2));
+ DB_ACTION(sqlite3_bind_text(stmt, 17, info->ifname ? info->ifname : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 18, info->target));
+ DB_ACTION(sqlite3_bind_int(stmt, 19, info->log_level));
+ DB_ACTION(sqlite3_bind_text(stmt, 20, info->log_prefix ? info->log_prefix : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 21, info->nflog_group));
+ DB_ACTION(sqlite3_bind_text(stmt, 22, info->nflog_prefix ? info->nflog_prefix : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 23, info->nflog_range));
+ DB_ACTION(sqlite3_bind_int(stmt, 24, info->nflog_threshold));
+ DB_ACTION(sqlite3_bind_text(stmt, 25, info->identifier ? info->identifier : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int64(stmt, 26, info->key));
+ DB_ACTION(sqlite3_bind_int64(stmt, 27, key));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to update firewall rule %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED;
+ goto handle_error;
+ }
+
+ STC_LOGD("Firewall rule updated [%s]", info->chain);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+API stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb,
+ void *user_data)
+{
+ firewall_rule_s info;
+ int rc;
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_fw_rule;
+
+ do {
+ rc = sqlite3_step(stmt);
+
+ memset(&info, 0, sizeof(info));
+
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ info.key = sqlite3_column_int64(stmt, 0);
+ info.chain = (char *)sqlite3_column_text(stmt, 1);
+ info.direction = sqlite3_column_int(stmt, 2);
+ info.s_ip_type = sqlite3_column_int(stmt, 3);
+ info.d_ip_type = sqlite3_column_int(stmt, 4);
+ info.s_port_type = sqlite3_column_int(stmt, 5);
+ info.d_port_type = sqlite3_column_int(stmt, 6);
+ info.protocol = sqlite3_column_int(stmt, 7);
+ info.family = sqlite3_column_int(stmt, 8);
+ if (info.family == STC_FW_FAMILY_V4) {
+ sscanf((char *)sqlite3_column_text(stmt, 9), "%08x",
+ &(info.s_ip1.Ipv4.s_addr));
+ sscanf((char *)sqlite3_column_text(stmt, 10), "%08x",
+ &(info.s_ip2.Ipv4.s_addr));
+ sscanf((char *)sqlite3_column_text(stmt, 11), "%08x",
+ &(info.d_ip1.Ipv4.s_addr));
+ sscanf((char *)sqlite3_column_text(stmt, 12), "%08x",
+ &(info.d_ip2.Ipv4.s_addr));
+ } else if (info.family == STC_FW_FAMILY_V6) {
+ sscanf((char *)sqlite3_column_text(stmt, 9), "%08x:%08x:%08x:%08x",
+ &(info.s_ip1.Ipv6.s6_addr32[0]), &(info.s_ip1.Ipv6.s6_addr32[1]),
+ &(info.s_ip1.Ipv6.s6_addr32[2]), &(info.s_ip1.Ipv6.s6_addr32[3]));
+ sscanf((char *)sqlite3_column_text(stmt, 10), "%08x:%08x:%08x:%08x",
+ &(info.s_ip2.Ipv6.s6_addr32[0]), &(info.s_ip2.Ipv6.s6_addr32[1]),
+ &(info.s_ip2.Ipv6.s6_addr32[2]), &(info.s_ip2.Ipv6.s6_addr32[3]));
+ sscanf((char *)sqlite3_column_text(stmt, 11), "%08x:%08x:%08x:%08x",
+ &(info.d_ip1.Ipv6.s6_addr32[0]), &(info.d_ip1.Ipv6.s6_addr32[1]),
+ &(info.d_ip1.Ipv6.s6_addr32[2]), &(info.d_ip1.Ipv6.s6_addr32[3]));
+ sscanf((char *)sqlite3_column_text(stmt, 12), "%08x:%08x:%08x:%08x",
+ &(info.d_ip2.Ipv6.s6_addr32[0]), &(info.d_ip2.Ipv6.s6_addr32[1]),
+ &(info.d_ip2.Ipv6.s6_addr32[2]), &(info.d_ip2.Ipv6.s6_addr32[3]));
+ }
+ info.s_port1 = sqlite3_column_int(stmt, 13);
+ info.s_port2 = sqlite3_column_int(stmt, 14);
+ info.d_port1 = sqlite3_column_int(stmt, 15);
+ info.d_port2 = sqlite3_column_int(stmt, 16);
+ info.ifname = (char *)sqlite3_column_text(stmt, 17);
+ info.target = sqlite3_column_int(stmt, 18);
+ info.log_level = sqlite3_column_int(stmt, 19);
+ info.log_prefix = (char *)sqlite3_column_text(stmt, 20);
+ info.nflog_group = sqlite3_column_int(stmt, 21);
+ info.nflog_prefix = (char *)sqlite3_column_text(stmt, 22);
+ info.nflog_range = sqlite3_column_int(stmt, 23);
+ info.nflog_threshold = sqlite3_column_int(stmt, 24);
+ info.identifier = (char *)sqlite3_column_text(stmt, 25);
+
+ if (info_cb(&info, user_data) == STC_CANCEL)
+ rc = SQLITE_DONE;
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to enumerate firewall rules: %s\n",
+ sqlite3_errmsg(stc_db_get_database()));
+
+ error_code = STC_ERROR_DB_FAILED;
+ }
+ } while (rc == SQLITE_ROW);
+
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+stc_error_e table_firewall_prepare(sqlite3 *db)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e error_code = STC_ERROR_NONE;
+
+ if (db == NULL) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_FAIL;
+ }
+
+ DB_ACTION(__prepare_delete(db));
+ DB_ACTION(__prepare_select(db));
+ DB_ACTION(__prepare_update(db));
+ DB_ACTION(__prepare_insert(db));
+
+handle_error:
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+void table_firewall_finalize(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ __finalize_delete();
+ __finalize_select();
+ __finalize_update();
+ __finalize_insert();
+ __STC_LOG_FUNC_EXIT__;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * This file implements restrictions entity handler methods.
+ *
+ * @file table-restrictions.c
+ */
+
+#include "stc-db.h"
+#include "db-internal.h"
+#include "table-restrictions.h"
+
+/* DELETE statements */
+#define DELETE_RESTRICTIONS "DELETE FROM restrictions " \
+ " WHERE binpath = ? AND iftype = ? AND ifname = ? " \
+ " AND subscriber_id = ? AND roaming = ?"
+
+/* SELECT statements */
+#define SELECT_RESTRICTIONS "SELECT binpath, data_limit, " \
+ " iftype, rstn_type, roaming, ifname, subscriber_id, " \
+ " data_warn_limit, monthly_limit, weekly_limit, daily_limit, month_start_date, " \
+ " restriction_id FROM restrictions"
+
+#define SELECT_RESTRICTIONS_PER_APP "SELECT binpath, data_limit, " \
+ " iftype, rstn_type, roaming, ifname, subscriber_id, " \
+ " data_warn_limit, monthly_limit, weekly_limit, daily_limit, month_start_date, " \
+ " restriction_id " \
+ " FROM restrictions INDEXED BY restrictions_index " \
+ " WHERE binpath = ?"
+
+#define SELECT_RESTRICTION_TYPE "SELECT rstn_type " \
+ " FROM restrictions INDEXED BY restrictions_index " \
+ " WHERE binpath = ? AND iftype = ?"
+
+#define SELECT_RESTRICTION_TYPE_SUBSCRIBER_ID "SELECT rstn_type " \
+ " FROM restrictions INDEXED BY restrictions_index " \
+ " WHERE binpath = ? AND iftype = ? AND subscriber_id = ?"
+
+#define SELECT_RESTRICTION_ID "SELECT restriction_id FROM restrictions " \
+ " WHERE binpath = ? AND iftype = ? AND subscriber_id = ? AND " \
+ " roaming = ? AND ifname = ?"
+
+/* UPDATE statement */
+#define UPDATE_NET_RESTRICTIONS "UPDATE restrictions " \
+ " SET binpath = ?, data_limit = ?, iftype = ?, rstn_type = ?, " \
+ " roaming = ?, ifname = ?, subscriber_id = ?, data_warn_limit = ?, " \
+ " monthly_limit = ?, weekly_limit = ?, daily_limit = ? " \
+ " WHERE restriction_id = ?"
+
+/* INSERT statement */
+#define INSERT_NET_RESTRICTIONS "INSERT INTO restrictions " \
+ " (binpath, data_limit, iftype, rstn_type, " \
+ " roaming, ifname, subscriber_id, data_warn_limit, " \
+ " monthly_limit, weekly_limit, daily_limit, month_start_date) " \
+ " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
+
+static void __finalize_delete(void);
+
+#define PREPARE_DELETE(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_delete(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_select(void);
+
+#define PREPARE_SELECT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_select(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_update(void);
+
+#define PREPARE_UPDATE(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_update(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_insert(void);
+
+#define PREPARE_INSERT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_insert(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+#define FINALIZE(stm) do { \
+ if (stm) { \
+ sqlite3_finalize(stm); \
+ stm = NULL; \
+ } \
+} while (0)
+
+/* DELETE statements */
+static sqlite3_stmt *delete_restrictions;
+
+/* SELECT statements */
+static sqlite3_stmt *select_restriction;
+static sqlite3_stmt *select_restriction_per_app;
+static sqlite3_stmt *select_restriction_type;
+static sqlite3_stmt *select_restriction_type_subscriber_id;
+static sqlite3_stmt *select_restriction_id;
+
+/* REPLACE statements */
+static sqlite3_stmt *update_net_restrictions;
+
+/* INSERT statements */
+static sqlite3_stmt *insert_net_restrictions;
+
+static int __prepare_delete(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_DELETE(delete_restrictions, DELETE_RESTRICTIONS);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_delete(void)
+{
+ FINALIZE(delete_restrictions);
+}
+
+static int __prepare_select(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_SELECT(select_restriction, SELECT_RESTRICTIONS);
+ PREPARE_SELECT(select_restriction_per_app, SELECT_RESTRICTIONS_PER_APP);
+ PREPARE_SELECT(select_restriction_type, SELECT_RESTRICTION_TYPE);
+ PREPARE_SELECT(select_restriction_type_subscriber_id, SELECT_RESTRICTION_TYPE_SUBSCRIBER_ID);
+ PREPARE_SELECT(select_restriction_id, SELECT_RESTRICTION_ID);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_select(void)
+{
+ FINALIZE(select_restriction);
+ FINALIZE(select_restriction_per_app);
+ FINALIZE(select_restriction_type);
+ FINALIZE(select_restriction_type_subscriber_id);
+ FINALIZE(select_restriction_id);
+}
+
+static int __prepare_replace(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_UPDATE(update_net_restrictions, UPDATE_NET_RESTRICTIONS);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_update(void)
+{
+ FINALIZE(update_net_restrictions);
+}
+
+static int __prepare_insert(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_UPDATE(insert_net_restrictions, INSERT_NET_RESTRICTIONS);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_insert(void)
+{
+ FINALIZE(insert_net_restrictions);
+}
+
+stc_error_e table_restrictions_per_app(const gchar* app_id,
+ const table_restrictions_info_cb restriction_cb,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ table_restrictions_info data;
+ int rc;
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_restriction_per_app;
+
+ if (!app_id) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, app_id, -1,
+ SQLITE_TRANSIENT));
+ data.app_id = (char *)app_id;
+
+ do {
+ rc = sqlite3_step(stmt);
+
+ memset(&data, 0, sizeof(data));
+
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ data.app_id = (char *)sqlite3_column_text(stmt, 0);
+ data.data_limit = sqlite3_column_int64(stmt, 1);
+ data.iftype = (stc_iface_type_e)sqlite3_column_int(stmt, 2);
+ data.rstn_type =
+ (stc_rstn_type_e)sqlite3_column_int(stmt, 3);
+ data.roaming = sqlite3_column_int(stmt, 4);
+ data.ifname = (char *)sqlite3_column_text(stmt, 5);
+ data.subscriber_id = (char *)sqlite3_column_text(stmt, 6);
+ data.data_warn_limit = sqlite3_column_int64(stmt, 7);
+ data.monthly_limit = sqlite3_column_int64(stmt, 8);
+ data.weekly_limit = sqlite3_column_int64(stmt, 9);
+ data.daily_limit = sqlite3_column_int64(stmt, 10);
+ data.restriction_id = sqlite3_column_int64(stmt, 11);
+
+ if (restriction_cb(&data, user_data) == STC_CANCEL)
+ rc = SQLITE_DONE; //LCOV_EXCL_LINE
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to enumerate restrictions: %s\n", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+ } while (rc == SQLITE_ROW);
+
+handle_error:
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+API stc_error_e table_restrictions_foreach(const table_restrictions_info_cb restriction_cb,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ table_restrictions_info data;
+ int rc;
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_restriction;
+
+ do {
+ rc = sqlite3_step(stmt);
+
+ memset(&data, 0, sizeof(data));
+
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ data.app_id = (char *)sqlite3_column_text(stmt, 0);
+ data.data_limit = sqlite3_column_int64(stmt, 1);
+ data.iftype = (stc_iface_type_e)sqlite3_column_int(stmt, 2);
+ data.rstn_type =
+ (stc_rstn_type_e)sqlite3_column_int(stmt, 3);
+ data.roaming = sqlite3_column_int(stmt, 4);
+ data.ifname = (char *)sqlite3_column_text(stmt, 5);
+ data.subscriber_id = (char *)sqlite3_column_text(stmt, 6);
+ data.data_warn_limit = sqlite3_column_int64(stmt, 7);
+ data.monthly_limit = sqlite3_column_int64(stmt, 8);
+ data.weekly_limit = sqlite3_column_int64(stmt, 9);
+ data.daily_limit = sqlite3_column_int64(stmt, 10);
+ data.month_start_date = sqlite3_column_int(stmt, 11);
+ data.restriction_id = sqlite3_column_int64(stmt, 12);
+
+ if (restriction_cb(&data, user_data) == STC_CANCEL)
+ rc = SQLITE_DONE; //LCOV_EXCL_LINE
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to enumerate restrictions: %s\n", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+ } while (rc == SQLITE_ROW);
+
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+stc_error_e table_restrictions_get_restriction_type_subscriber_id(const char *app_id,
+ stc_iface_type_e iftype,
+ const char *subscriber_id,
+ stc_rstn_type_e *type)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int error_code = STC_ERROR_NONE;
+ int ret;
+ bool state_subscriber_id = 0;
+
+ if (type == NULL) {
+ STC_LOGE("Please provide valid argument!"); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ *type = STC_RSTN_TYPE_UNKNOWN;
+ ret = sqlite3_reset(select_restriction_type_subscriber_id);
+ if (ret != SQLITE_OK) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+
+ ret = sqlite3_reset(select_restriction_type);
+ if (ret != SQLITE_OK) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+
+ if (subscriber_id == NULL) {
+ state_subscriber_id = 0;
+ DB_ACTION(sqlite3_bind_text(select_restriction_type, 1,
+ app_id ? app_id : "", -1,
+ SQLITE_STATIC));
+ DB_ACTION(sqlite3_bind_int(select_restriction_type, 2,
+ iftype));
+ ret = sqlite3_step(select_restriction_type);
+ } else {
+ state_subscriber_id = 1;
+ DB_ACTION(sqlite3_bind_text(select_restriction_type_subscriber_id, 1,
+ app_id ? app_id : "", -1,
+ SQLITE_STATIC));
+ DB_ACTION(sqlite3_bind_int(select_restriction_type_subscriber_id, 2,
+ iftype));
+ DB_ACTION(sqlite3_bind_text(select_restriction_type_subscriber_id, 3,
+ subscriber_id, -1, SQLITE_STATIC));
+ ret = sqlite3_step(select_restriction_type_subscriber_id);
+ }
+
+ switch (ret) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ if (state_subscriber_id)
+ *type = (stc_rstn_type_e)sqlite3_column_int(select_restriction_type_subscriber_id, 0);
+ else
+ *type = (stc_rstn_type_e)sqlite3_column_int(select_restriction_type, 0);
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Can't perform sql query: %s\n", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+
+handle_error:
+ ret = sqlite3_reset(select_restriction_type);
+ if (ret != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ ret = sqlite3_reset(select_restriction_type_subscriber_id);
+ if (ret != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+stc_error_e table_restrictions_get_restriction_type(const char *app_id,
+ stc_iface_type_e iftype,
+ stc_rstn_type_e *type)
+{
+ __STC_LOG_FUNC_ENTER__;
+ __STC_LOG_FUNC_EXIT__;
+ return table_restrictions_get_restriction_type_subscriber_id(app_id, iftype,
+ NULL, type);
+}
+
+stc_error_e table_restrictions_delete(const char *app_id,
+ const stc_iface_type_e iftype,
+ const char *ifname,
+ const char *subscriber_id,
+ const stc_roaming_type_e roaming)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = delete_restrictions;
+
+ STC_LOGD("app_id[%s] iftype[%d] ifname[%s] subscriber_id[%s] roaming[%d]",
+ app_id, iftype, ifname, subscriber_id, roaming);
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, app_id ? app_id : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, iftype));
+ DB_ACTION(sqlite3_bind_text(stmt, 3, ifname ? ifname : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 4, subscriber_id ? subscriber_id : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 5, roaming));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to remove restrictions by network interface %s\n", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ STC_LOGD("Restriction deleted for app_id [%s]", app_id);
+
+handle_error:
+
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+stc_error_e __get_restriction_id(table_restrictions_info *info)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int rc;
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = select_restriction_id;
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, info->app_id ? info->app_id : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, info->iftype));
+ DB_ACTION(sqlite3_bind_text(stmt, 3, info->subscriber_id ? info->subscriber_id : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int(stmt, 4, info->roaming));
+ DB_ACTION(sqlite3_bind_text(stmt, 5, info->ifname ? info->ifname : "",
+ -1, SQLITE_TRANSIENT));
+
+ rc = sqlite3_step(stmt);
+
+ switch (rc) {
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ROW:
+ info->restriction_id = sqlite3_column_int64(stmt, 0);
+ STC_LOGD("restriction id [%llu]", info->restriction_id);
+ break;
+ case SQLITE_ERROR:
+ default:
+ STC_LOGE("Failed to get restriction id: %s\n", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+
+handle_error:
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+stc_error_e table_restrictions_update(table_restrictions_info *info)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = insert_net_restrictions;
+
+ if (!info) {
+ error_code = STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ if (__get_restriction_id(info) != STC_ERROR_NONE) {
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ if (info->restriction_id)
+ stmt = update_net_restrictions;
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, info->app_id ? info->app_id : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int64(stmt, 2, info->data_limit));
+ DB_ACTION(sqlite3_bind_int(stmt, 3, info->iftype));
+ DB_ACTION(sqlite3_bind_int(stmt, 4, info->rstn_type));
+ DB_ACTION(sqlite3_bind_int(stmt, 5, info->roaming));
+ DB_ACTION(sqlite3_bind_text(stmt, 6, info->ifname ? info->ifname : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_text(stmt, 7, info->subscriber_id ? info->subscriber_id : "",
+ -1, SQLITE_TRANSIENT));
+ DB_ACTION(sqlite3_bind_int64(stmt, 8, info->data_warn_limit));
+ DB_ACTION(sqlite3_bind_int64(stmt, 9, info->monthly_limit));
+ DB_ACTION(sqlite3_bind_int64(stmt, 10, info->weekly_limit));
+ DB_ACTION(sqlite3_bind_int64(stmt, 11, info->daily_limit));
+
+ if (info->restriction_id)
+ DB_ACTION(sqlite3_bind_int64(stmt, 12, info->restriction_id));
+ else
+ DB_ACTION(sqlite3_bind_int64(stmt, 12, info->month_start_date));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to set network restriction: %s\n", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ if (info->restriction_id) {
+ STC_LOGD("Restriction updated app_id [%s]", info->app_id);
+ } else {
+ STC_LOGD("Restriction inserted app_id [%s]", info->app_id);
+ if (__get_restriction_id(info) != STC_ERROR_NONE)
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+stc_error_e table_restrictions_prepare(sqlite3 *db)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e error_code = STC_ERROR_NONE;
+
+ if (db == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ DB_ACTION(__prepare_delete(db));
+ DB_ACTION(__prepare_select(db));
+ DB_ACTION(__prepare_replace(db));
+ DB_ACTION(__prepare_insert(db));
+
+handle_error:
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+void table_restrictions_finalize(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ __finalize_delete();
+ __finalize_select();
+ __finalize_update();
+ __finalize_insert();
+ __STC_LOG_FUNC_EXIT__;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * This file implements statistics entity handler methods.
+ *
+ * @file table-statistics.c
+ */
+
+#include "stc-db.h"
+#include "table-statistics.h"
+#include "db-internal.h"
+
+/* DELETE statements */
+#define DELETE_ALL "delete from statistics where time_stamp between ? and ?"
+
+#define DELETE_APP "delete from statistics where binpath=? and " \
+ "time_stamp between ? and ? "
+
+#define DELETE_IFACE "delete from statistics where iftype=? and " \
+ "time_stamp between ? and ?"
+
+#define DELETE_APP_IFACE "delete from statistics where binpath=? and " \
+ "iftype=? and time_stamp between ? and ?"
+
+#define DELETE_FIRST_BY_NUMBER "delete from statistics where time_stamp in " \
+ "(select time_stamp from statistics desc limit ?)"
+
+/* SELECT statements */
+#define SELECT_FOR_PERIOD "select binpath, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, " \
+ "sum(sent) as sent, subscriber_id, ground, iftype, ifname from statistics " \
+ "where time_stamp between ? and ? " \
+ "group by binpath, is_roaming, subscriber_id order by received desc"
+
+#define SELECT_FOR_PERIOD_IFACE "select binpath, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, " \
+ "sum(sent) as sent, subscriber_id, ground, iftype, ifname from statistics " \
+ "where time_stamp between ? and ? " \
+ "and iftype=? group by binpath, is_roaming, subscriber_id order by received desc"
+
+#define SELECT_CHUNKS "select binpath, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, " \
+ "sum(sent) as sent, subscriber_id, ground, iftype, ifname, " \
+ "time_stamp - time_stamp % ? as timestamp " \
+ "from statistics where time_stamp between ? and ? " \
+ "group by binpath, timestamp, subscriber_id order by timestamp"
+
+#define SELECT_CHUNKS_IFACE "select binpath, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, " \
+ "sum(sent) as sent, subscriber_id, ground, iftype, ifname, " \
+ "time_stamp - time_stamp % ? as timestamp " \
+ "from statistics where time_stamp between ? and ? and iftype=?" \
+ "group by binpath, timestamp, subscriber_id order by timestamp"
+
+#define SELECT_APP_DETAILS "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground from statistics " \
+ "where time_stamp between ? and ? and binpath=? " \
+ "group by binpath, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
+ "is_roaming " \
+ "order by time_stamp, binpath, iftype, ifname, subscriber_id, " \
+ "hw_net_protocol_type, is_roaming"
+
+#define SELECT_APP_DETAILS_IFACE "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground from statistics " \
+ "where time_stamp between ? and ? and binpath=? and iftype=?" \
+ "group by hw_net_protocol_type, is_roaming, iftype, ifname, subscriber_id " \
+ "order by time_stamp, hw_net_protocol_type, is_roaming, iftype, " \
+ "ifname, subscriber_id"
+
+#define SELECT_CHUNKS_APP "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
+ "from statistics " \
+ "group by iftype, ifname, timestamp, hw_net_protocol_type, is_roaming " \
+ "order by timestamp, iftype, ifname, hw_net_protocol_type, is_roaming"
+
+#define SELECT_CHUNKS_APP_IFACE "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
+ "from statistics where time_stamp between ? and ? and binpath = ? " \
+ "and iftype = ? " \
+ "group by timestamp, hw_net_protocol_type, is_roaming, " \
+ "iftype, ifname, subscriber_id " \
+ "order by timestamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
+ "is_roaming"
+
+#define SELECT_TOTAL "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground from statistics " \
+ "where (time_stamp between ? and ?) " \
+ "and binpath NOT LIKE 'TOTAL_%' " \
+ "group by iftype, ifname, subscriber_id, hw_net_protocol_type, is_roaming " \
+ "order by time_stamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
+ "is_roaming"
+
+#define SELECT_TOTAL_IFACE "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground from statistics " \
+ "where (time_stamp between ? and ?) and iftype=? " \
+ "and binpath NOT LIKE 'TOTAL_%' " \
+ "group by hw_net_protocol_type, is_roaming, " \
+ "iftype, ifname, subscriber_id " \
+ "order by time_stamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
+ "is_roaming"
+
+#define SELECT_CHUNKS_TOTAL "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
+ "from statistics where time_stamp between ? and ? " \
+ "and binpath NOT LIKE 'TOTAL_%' " \
+ "group by timestamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
+ "is_roaming " \
+ "order by timestamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
+ "is_roaming"
+
+#define SELECT_CHUNKS_TOTAL_IFACE "select iftype, hw_net_protocol_type, " \
+ "is_roaming, sum(received) as received, sum(sent) as sent, " \
+ "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
+ "from statistics where time_stamp between ? and ? " \
+ "and iftype = ? " \
+ "and binpath NOT LIKE 'TOTAL_%' " \
+ "group by timestamp, hw_net_protocol_type, is_roaming, iftype, ifname, subscriber_id " \
+ "order by timestamp, hw_net_protocol_type, is_roaming, iftype, " \
+ "ifname, subscriber_id"
+
+/* INSERT statement */
+#define INSERT_VALUES "insert into statistics " \
+ "(binpath, received, sent, time_stamp, " \
+ "iftype, is_roaming, hw_net_protocol_type, " \
+ "ifname, subscriber_id, ground) " \
+ "values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
+
+static void __finalize_delete(void);
+
+#define PREPARE_DELETE(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_delete(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_select(void);
+
+#define PREPARE_SELECT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_select(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+static void __finalize_insert(void);
+
+#define PREPARE_INSERT(stm, query) do { \
+ rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
+ if (rc != SQLITE_OK) { \
+ stm = NULL; \
+ __finalize_insert(); \
+ STC_LOGE("Failed to prepare \"%s\"query" \
+ , query); \
+ return rc; \
+ } \
+} while (0)
+
+#define FINALIZE(stm) do { \
+ if (stm) { \
+ sqlite3_finalize(stm); \
+ stm = NULL; \
+ } \
+} while (0)
+
+/* DELETE statements */
+/* the following array is strictly ordered
+ * to find required statement the following code will be used:
+ * (app ? 1 : 0) | (iftype ? 2 : 0)
+ */
+static sqlite3_stmt *delete_query[5];
+
+/* SELECT statements */
+static sqlite3_stmt *select_for_period;
+static sqlite3_stmt *select_for_period_iface;
+static sqlite3_stmt *select_chunks;
+static sqlite3_stmt *select_chunks_iface;
+static sqlite3_stmt *select_app_details;
+static sqlite3_stmt *select_app_details_iface;
+static sqlite3_stmt *select_chunks_app;
+static sqlite3_stmt *select_chunks_app_iface;
+static sqlite3_stmt *select_total;
+static sqlite3_stmt *select_total_iface;
+static sqlite3_stmt *select_chunks_total;
+static sqlite3_stmt *select_chunks_total_iface;
+
+/* INSERT statements */
+static sqlite3_stmt *update_statistics_query;
+
+static int __prepare_delete(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_DELETE(delete_query[0], DELETE_ALL);
+ PREPARE_DELETE(delete_query[1], DELETE_APP);
+ PREPARE_DELETE(delete_query[2], DELETE_IFACE);
+ PREPARE_DELETE(delete_query[3], DELETE_APP_IFACE);
+ PREPARE_DELETE(delete_query[4], DELETE_FIRST_BY_NUMBER);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_delete(void)
+{
+ unsigned int i;
+ for (i = 0; i < sizeof(delete_query) / sizeof(*delete_query); i++)
+ FINALIZE(delete_query[i]);
+}
+
+static int __prepare_select(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_SELECT(select_for_period, SELECT_FOR_PERIOD);
+ PREPARE_SELECT(select_for_period_iface, SELECT_FOR_PERIOD_IFACE);
+ PREPARE_SELECT(select_chunks, SELECT_CHUNKS);
+ PREPARE_SELECT(select_chunks_iface, SELECT_CHUNKS_IFACE);
+ PREPARE_SELECT(select_app_details, SELECT_APP_DETAILS);
+ PREPARE_SELECT(select_app_details_iface, SELECT_APP_DETAILS_IFACE);
+ PREPARE_SELECT(select_chunks_app, SELECT_CHUNKS_APP);
+ PREPARE_SELECT(select_chunks_app_iface, SELECT_CHUNKS_APP_IFACE);
+ PREPARE_SELECT(select_total, SELECT_TOTAL);
+ PREPARE_SELECT(select_total_iface, SELECT_TOTAL_IFACE);
+ PREPARE_SELECT(select_chunks_total, SELECT_CHUNKS_TOTAL);
+ PREPARE_SELECT(select_chunks_total_iface, SELECT_CHUNKS_TOTAL_IFACE);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_select(void)
+{
+ FINALIZE(select_for_period);
+ FINALIZE(select_for_period_iface);
+ FINALIZE(select_chunks);
+ FINALIZE(select_chunks_iface);
+ FINALIZE(select_app_details);
+ FINALIZE(select_app_details_iface);
+ FINALIZE(select_chunks_app);
+ FINALIZE(select_chunks_app_iface);
+ FINALIZE(select_total);
+ FINALIZE(select_total_iface);
+ FINALIZE(select_chunks_total);
+ FINALIZE(select_chunks_total_iface);
+}
+
+static int __prepare_insert(sqlite3 *db)
+{
+ int rc;
+ static int initialized;
+
+ if (initialized)
+ return SQLITE_OK;
+
+ PREPARE_INSERT(update_statistics_query, INSERT_VALUES);
+
+ initialized = 1;
+ return rc;
+}
+
+static void __finalize_insert(void)
+{
+ FINALIZE(update_statistics_query);
+}
+
+static int __is_iftype_defined(const stc_iface_type_e iftype)
+{
+ return iftype < STC_IFACE_LAST_ELEM &&
+ iftype > STC_IFACE_UNKNOWN &&
+ iftype != STC_IFACE_ALL;
+}
+
+/* the following array is strictly ordered
+ * to find required statement the following code will be used:
+ * (iface ? 1 : 0) | (total ? 2 : 0) | (chunks ? 4 : 0)
+ */
+static sqlite3_stmt **details_stms[] = {
+ &select_app_details,
+ &select_app_details_iface,
+ &select_total,
+ &select_total_iface,
+ &select_chunks_app,
+ &select_chunks_app_iface,
+ &select_chunks_total,
+ &select_chunks_total_iface
+};
+
+static sqlite3_stmt *__select_statement(const char *app_id,
+ const table_statistics_select_rule *rule)
+{
+ const int stm_index = __is_iftype_defined(rule->iftype) |
+ ((strlen(app_id) > 0) ? 0 : 2) | (rule->granularity ? 4 : 0);
+ STC_LOGD("stm index %d", stm_index);
+ return *details_stms[stm_index];
+}
+
+//LCOV_EXCL_START
+stc_error_e table_statistics_reset_first_n_entries(int num)
+{
+ __STC_LOG_FUNC_ENTER__;
+ stc_error_e error_code = STC_ERROR_NONE;
+
+ if (!num) {
+ STC_LOGE("Invalid number of entries");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ DB_ACTION(sqlite3_bind_int(delete_query[4], 1, num));
+
+ if (sqlite3_step(delete_query[4]) != SQLITE_DONE) {
+ STC_LOGE("Failed to drop collected statistics.");
+ error_code = STC_ERROR_DB_FAILED;
+ __STC_LOG_FUNC_EXIT__;
+ }
+handle_error:
+ if (sqlite3_reset(delete_query[4]) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+//LCOV_EXCL_STOP
+
+stc_error_e table_statistics_reset(const table_statistics_reset_rule *rule)
+{
+ __STC_LOG_FUNC_ENTER__;
+ sqlite3_stmt *stmt;
+ stc_error_e error_code = STC_ERROR_NONE;
+ int pos = 1; /* running through positions where to
+ bind parameters in the query */
+
+ if (!rule || !rule->interval) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ /* pick a statement depending on parameters.
+ See comment for delete_query */
+ stmt = delete_query[(rule->app_id ? 1 : 0) |
+ (rule->iftype != STC_IFACE_UNKNOWN &&
+ rule->iftype != STC_IFACE_LAST_ELEM ? 2 : 0)];
+
+ if (rule->app_id)
+ DB_ACTION(sqlite3_bind_text(stmt, pos++, rule->app_id, -1,
+ SQLITE_TRANSIENT));
+
+ if (rule->iftype != STC_IFACE_LAST_ELEM &&
+ rule->iftype != STC_IFACE_UNKNOWN)
+ DB_ACTION(sqlite3_bind_int(stmt, pos++, rule->iftype));
+
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->interval->from));
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->interval->to));
+
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to drop collected statistics."); //LCOV_EXCL_LINE
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ STC_LOGD("Entry deleted successfully.");
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+stc_error_e table_statistics_foreach_app(const table_statistics_select_rule *rule,
+ table_statistics_info_cb info_cb,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ table_statistics_info data;
+ sqlite3_stmt *stmt;
+ stc_error_e error_code = STC_ERROR_NONE;
+ int rc;
+ int pos = 1;/* running through positions where to
+ bind parameters in the query */
+ stc_db_tm_interval_s interval;
+
+ if (!rule || !info_cb) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ memset(&data, 0, sizeof(data));
+
+ if (rule->app_id) {
+ int ret = table_statistics_per_app(rule->app_id, rule, info_cb, user_data);
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ /* pick a statement depending on parameters */
+ if (rule->granularity) {
+ stmt = __is_iftype_defined(rule->iftype) ?
+ select_chunks_iface : select_chunks;
+
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->granularity));
+ data.interval = &interval;
+ } else {
+ stmt = __is_iftype_defined(rule->iftype)
+ ? select_for_period_iface : select_for_period;
+ }
+
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->from));
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->to));
+
+ if (__is_iftype_defined(rule->iftype)) {
+ data.iftype = rule->iftype;
+ DB_ACTION(sqlite3_bind_int(stmt, pos++, rule->iftype));
+ }
+
+ do {
+ rc = sqlite3_step(stmt);
+ switch (rc) {
+ case SQLITE_ROW:
+ data.app_id = (char *)sqlite3_column_text(stmt, 0);
+ data.hw_net_protocol_type = sqlite3_column_int(stmt, 1);
+ data.roaming = sqlite3_column_int(stmt, 2);
+ data.cnt.in_bytes = sqlite3_column_int64(stmt, 3);
+ data.cnt.out_bytes = sqlite3_column_int64(stmt, 4);
+ data.subscriber_id = (char *)sqlite3_column_text(stmt, 5);
+ data.ground = sqlite3_column_int(stmt, 6);
+ data.iftype = sqlite3_column_int(stmt, 7);
+ data.ifname = (char *)sqlite3_column_text(stmt, 8);
+
+ if (rule->granularity) {
+ interval.from = sqlite3_column_int64(stmt, 9);
+ interval.to = interval.from + rule->granularity;
+ }
+
+ if (info_cb(&data, user_data) == STC_CANCEL)
+ rc = SQLITE_DONE; //LCOV_EXCL_LINE
+ break;
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ERROR:
+ default:
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ break; //LCOV_EXCL_LINE
+ }
+ } while (rc == SQLITE_ROW);
+
+handle_error:
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+API stc_error_e table_statistics_per_app(const char *app_id,
+ const table_statistics_select_rule *rule,
+ table_statistics_info_cb info_cb,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ table_statistics_info data;
+ sqlite3_stmt *stmt;
+ stc_error_e error_code = STC_ERROR_NONE;
+ int rc;
+ int pos = 1; /* running through positions
+ where to bind parameters in the query */
+ stc_db_tm_interval_s interval;
+
+ memset(&data, 0, sizeof(data));
+
+ if (!rule || !info_cb) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ /* pick a statement depending on parameters.
+ See comment for details_stms */
+ stmt = __select_statement(app_id, rule);
+
+ if (rule->granularity) {
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->granularity));
+ data.interval = &interval;
+ }
+
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->from));
+ DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->to));
+
+ if (strlen(app_id) > 0) {
+ DB_ACTION(sqlite3_bind_text(stmt, pos++, app_id, -1,
+ SQLITE_TRANSIENT));
+ data.app_id = (char *)app_id;
+ }
+
+ if (__is_iftype_defined(rule->iftype))
+ DB_ACTION(sqlite3_bind_int(stmt, pos++, rule->iftype));
+
+ do {
+ rc = sqlite3_step(stmt);
+ switch (rc) {
+ case SQLITE_ROW:
+ data.iftype = sqlite3_column_int(stmt, 0);
+ data.hw_net_protocol_type = sqlite3_column_int(stmt, 1);
+ data.roaming = sqlite3_column_int(stmt, 2);
+ data.cnt.in_bytes = sqlite3_column_int64(stmt, 3);
+ data.cnt.out_bytes = sqlite3_column_int64(stmt, 4);
+ data.ifname = (char *)sqlite3_column_text(stmt, 5);
+ data.subscriber_id = (char *)sqlite3_column_text(stmt, 6);
+ data.ground = sqlite3_column_int(stmt, 7);
+
+ if (rule->granularity) {
+ interval.from = sqlite3_column_int64(stmt, 8);
+ interval.to = interval.from + rule->granularity;
+ }
+
+ if (info_cb(&data, user_data) == STC_CANCEL)
+ rc = SQLITE_DONE; //LCOV_EXCL_LINE
+ break;
+ case SQLITE_DONE:
+ break;
+ case SQLITE_ERROR:
+ default:
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ break; //LCOV_EXCL_LINE
+ }
+ } while (rc == SQLITE_ROW);
+
+handle_error:
+ rc = sqlite3_reset(stmt);
+ if (rc != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+API stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key,
+ stc_db_app_stats *stat,
+ time_t last_touch_time)
+{
+ stc_error_e error_code = STC_ERROR_NONE;
+ sqlite3_stmt *stmt = update_statistics_query;
+ stc_hw_net_protocol_type_e hw_net_protocol_type = STC_PROTOCOL_UNKNOWN;
+ long long int rcv;
+ long long int snd;
+
+ if (!stat->rcv_count && !stat->snd_count) {
+ error_code = STC_ERROR_INVALID_PARAMETER;
+ goto handle_error;
+ }
+
+ DB_ACTION(sqlite3_bind_text(stmt, 1, stat->app_id, -1,
+ SQLITE_STATIC));
+ DB_ACTION(sqlite3_bind_int(stmt, 2, stat->rcv_count));
+ DB_ACTION(sqlite3_bind_int(stmt, 3, stat->snd_count));
+ DB_ACTION(sqlite3_bind_int64(stmt, 4, (sqlite3_int64)last_touch_time));
+ DB_ACTION(sqlite3_bind_int(stmt, 5, (int)(stat_key->iftype)));
+ DB_ACTION(sqlite3_bind_int(stmt, 6, (int)(stat->is_roaming)));
+ DB_ACTION(sqlite3_bind_int(stmt, 7, (int)hw_net_protocol_type));
+ DB_ACTION(sqlite3_bind_text(stmt, 8, stat_key->ifname ? stat_key->ifname : "",
+ -1, SQLITE_STATIC));
+ DB_ACTION(sqlite3_bind_text(stmt, 9,
+ stat_key->subscriber_id ? stat_key->subscriber_id : "" ,
+ -1, SQLITE_STATIC));
+ DB_ACTION(sqlite3_bind_int(stmt, 10, (int)stat->ground));
+
+ /*we want to reuse tree*/
+ rcv = stat->rcv_count;
+ snd = stat->snd_count;
+ stat->rcv_count = 0;
+ stat->snd_count = 0;
+ if (sqlite3_step(stmt) != SQLITE_DONE) {
+ STC_LOGE("Failed to record appstat. %s", //LCOV_EXCL_LINE
+ sqlite3_errmsg(stc_db_get_database()));
+ error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ if (STC_STAT_LOG)
+ STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m] "
+ "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd);
+
+handle_error:
+ if (sqlite3_reset(stmt) != SQLITE_OK)
+ error_code = STC_ERROR_DB_FAILED;
+
+ return error_code;
+}
+
+/**
+ * This function will be somewhere consumer and will not be placed in this file.
+ */
+#if 0
+stc_error_e table_statistics_store_result(app_stat_tree *stats)
+{
+ time_t current_time;
+
+ pthread_rwlock_rdlock(&stats->guard);
+ WALK_TREE(stats->tree, print_appstat);
+ pthread_rwlock_unlock(&stats->guard);
+
+ time(¤t_time);
+ stats->last_touch_time = current_time;
+
+ /* it's reader only, we don't modify tree, don't reduce it,
+ * due we want to reuse it in next iteration */
+ pthread_rwlock_rdlock(&stats->guard);
+ g_tree_foreach((GTree *) stats->tree, __store_application_stat,
+ &stats->last_touch_time);
+
+ pthread_rwlock_unlock(&stats->guard);
+ flush_quota_table();
+ change_db_entries_num_num(g_tree_nnodes((GTree *)stats->tree));
+
+ return STC_ERROR_NONE;
+}
+#endif
+
+stc_error_e table_statistics_prepare(sqlite3 *db)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e error_code = STC_ERROR_NONE;
+
+ if (db == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
+ }
+
+ DB_ACTION(__prepare_delete(db));
+ DB_ACTION(__prepare_select(db));
+ DB_ACTION(__prepare_insert(db));
+
+handle_error:
+
+ __STC_LOG_FUNC_EXIT__;
+ return error_code;
+}
+
+void table_statistics_finalize(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ __finalize_delete();
+ __finalize_select();
+ __finalize_insert();
+ __STC_LOG_FUNC_EXIT__;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_CONFIGURE_STUB__
+#define __STC_CONFIGURE_STUB__
+
+/* iface.c */
+inline stc_iface_type_e get_iftype_by_name(char *name)
+{
+ return STC_IFACE_UNKNOWN;
+}
+
+/* iface.c */
+inline char *get_iftype_name(stc_error_e iftype)
+{
+ return "UNKNOWN";
+}
+
+/* datausage-common.c */
+inline void keep_counter(nfacct_rule_s *counter)
+{
+ return;
+}
+
+/* datausage-common.c */
+inline void set_finalize_flag(nfacct_rule_s *counter)
+{
+ return;
+}
+
+#endif /* __STC_CONFIGURE_STUB__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "helper-cgroup.h"
+
+#define RELEASE_AGENT "release_agent"
+#define NOTIFY_ON_RELEASE "notify_on_release"
+
+#define CGROUP_FILE_NAME "cgroup.procs"
+#define CLASSID_FILE_NAME "net_cls.classid"
+
+#define MAX_PATH_LENGTH 512
+
+static bool cgroup_is_exists(const char *cgroup_full_path)
+{
+ struct stat stat_buf;
+ return stat(cgroup_full_path, &stat_buf) == 0;
+}
+
+static int cgroup_create(const char *cgroup_full_path)
+{
+ if (mkdir(cgroup_full_path,
+ S_IRUSR | S_IWUSR | S_IRGRP) < 0)
+ return -errno; //LCOV_EXCL_LINE
+
+ return 0;
+}
+
+/*
+ * @desc place pid to cgroup.procs file
+ * @return 0 in case of success, errno value in case of failure
+ */
+stc_error_e cgroup_write_pid_fullpath(const char *cgroup_full_path,
+ const int pid)
+{
+ int ret;
+
+ if (pid <= 0) {
+ STC_LOGE("try to write empty pid to %s", cgroup_full_path); //LCOV_EXCL_LINE
+ return STC_ERROR_NO_DATA; //LCOV_EXCL_LINE
+ }
+
+ ret = cgroup_write_node_uint32(cgroup_full_path, CGROUP_FILE_NAME,
+ (uint32_t)pid);
+
+ ret_value_msg_if(ret < 0, STC_ERROR_FAIL,
+ "Failed place all pid to cgroup %s", cgroup_full_path);
+ return STC_ERROR_NONE;
+}
+
+stc_error_e cgroup_write_pid(const char *cgroup_subsystem,
+ const char *cgroup_name, const int pid)
+{
+ char buf[MAX_PATH_LENGTH];
+ snprintf(buf, sizeof(buf), "%s/%s", cgroup_subsystem, cgroup_name);
+ return cgroup_write_pid_fullpath(buf, pid);
+}
+
+//LCOV_EXCL_START
+stc_error_e cgroup_write_pidtree(const char *cgroup_subsystem,
+ const char *cgroup_name, const int pid)
+{
+ char buf[MAX_PATH_LENGTH];
+
+ /*/proc/%d/task/%d/children */
+ char child_buf[21 + MAX_DEC_SIZE(int) + MAX_DEC_SIZE(int) + 1];
+ char pidbuf[MAX_DEC_SIZE(int)];
+ stc_error_e ret;
+
+ FILE *f;
+
+ snprintf(buf, sizeof(buf), "%s/%s", cgroup_subsystem, cgroup_name);
+ /* place parent */
+ ret = cgroup_write_pid_fullpath(buf, pid);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "Failed to put parent process %d into %s cgroup",
+ pid, cgroup_name);
+
+ snprintf(child_buf, sizeof(child_buf), PROC_TASK_CHILDREN,
+ pid, pid);
+ f = fopen(child_buf, "r");
+ ret_value_msg_if(!f, STC_ERROR_FAIL, "Failed to get child pids!");
+ while (fgets(pidbuf, sizeof(pidbuf), f) != NULL) {
+ int child_pid = atoi(pidbuf);
+ if (child_pid < 0) {
+ STC_LOGE("Invalid child pid!");
+ fclose(f);
+ return STC_ERROR_FAIL;
+ }
+ stc_error_e ret = cgroup_write_pid_fullpath(buf, child_pid);
+ if (ret != STC_ERROR_NONE) {
+ STC_LOGE("Failed to put parent process %d into %s cgroup",
+ pid, cgroup_name);
+ fclose(f);
+ return ret;
+ }
+ }
+ fclose(f);
+ return STC_ERROR_NONE;
+}
+//LCOV_EXCL_STOP
+
+int cgroup_write_node_uint32(const char *cgroup_name,
+ const char *file_name, uint32_t value)
+{
+ char buf[MAX_PATH_LENGTH];
+ snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name);
+
+ if (STC_STAT_LOG)
+ STC_LOGD("cgroup_buf %s, value %d\n", buf, value); //LCOV_EXCL_LINE
+
+ return fwrite_uint(buf, value);
+}
+
+int cgroup_write_node_str(const char *cgroup_name,
+ const char *file_name, const char *string)
+{
+ char buf[MAX_PATH_LENGTH];
+ snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name);
+
+ if (STC_STAT_LOG)
+ STC_LOGD("cgroup_buf %s, string %s\n", buf, string); //LCOV_EXCL_LINE
+
+ return fwrite_str(buf, string);
+}
+
+int cgroup_read_node_uint32(const char *cgroup_name,
+ const char *file_name, uint32_t *value)
+{
+ char buf[MAX_PATH_LENGTH];
+ int ret;
+ snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name);
+ ret = fread_uint(buf, value);
+
+ if (STC_STAT_LOG)
+ STC_LOGD("cgroup_buf %s, value %d\n", buf, *value); //LCOV_EXCL_LINE
+
+ return ret;
+}
+
+int cgroup_make_subdir(const char *parentdir, const char *cgroup_name,
+ bool *already)
+{
+ char buf[MAX_PATH_LENGTH];
+ bool cgroup_exists;
+ int ret = 0;
+
+ if (parentdir)
+ ret = snprintf(buf, sizeof(buf), "%s/%s",
+ parentdir, cgroup_name);
+ else
+ ret = snprintf(buf, sizeof(buf), "%s",
+ cgroup_name);
+
+ ret_value_msg_if(ret > sizeof(buf), STC_ERROR_FAIL,
+ "Not enought buffer size for %s%s",
+ parentdir, cgroup_name);
+
+ cgroup_exists = cgroup_is_exists(buf);
+ if (!cgroup_exists) {
+ bool cgroup_remount = false;
+
+ if (parentdir && !strncmp(parentdir, DEFAULT_CGROUP,
+ sizeof(DEFAULT_CGROUP))) {
+ ret = mount("tmpfs", DEFAULT_CGROUP, "tmpfs", //LCOV_EXCL_LINE
+ MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME,
+ "mode=755");
+ if (ret < 0) {
+ STC_LOGE("Fail to RW mount cgroup directory. Can't make %s cgroup", cgroup_name); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+ cgroup_remount = true;
+ }
+
+ ret = cgroup_create(buf);
+ ret_value_msg_if(ret < 0, STC_ERROR_FAIL,
+ "Fail to create cgroup %s : err %d",
+ cgroup_name, errno);
+
+ if (cgroup_remount) {
+ ret = mount("tmpfs", DEFAULT_CGROUP, "tmpfs", //LCOV_EXCL_LINE
+ MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME|MS_RDONLY,
+ "mode=755");
+ if (ret < 0)
+ STC_LOGD("Fail to RO mount"); //LCOV_EXCL_LINE
+ }
+ }
+
+ if (already)
+ *already = cgroup_exists;
+
+ return STC_ERROR_NONE;
+}
+
+int cgroup_set_release_agent(const char *cgroup_subsys,
+ const char *release_agent)
+{
+ _cleanup_free_ char *buf = NULL;
+ int r;
+
+ r = asprintf(&buf, "%s/%s", DEFAULT_CGROUP, cgroup_subsys);
+ if (r < 0)
+ return -ENOMEM;
+
+ r = cgroup_write_node_str(buf, RELEASE_AGENT, release_agent);
+ if (r < 0)
+ return r;
+
+ return cgroup_write_node_str(buf, NOTIFY_ON_RELEASE, "1");
+}
+
+API void cgroup_init(void)
+{
+ /* create stc cgroup directory */
+ cgroup_make_subdir(CGROUP_NETWORK, STC_CGROUP_NAME, NULL);
+
+ /* create background cgroup directory */
+ cgroup_make_subdir(STC_CGROUP_NETWORK, STC_BACKGROUND_CGROUP_NAME,
+ NULL);
+
+ /* create foreground cgroup directory */
+ cgroup_make_subdir(STC_CGROUP_NETWORK, STC_FOREGROUND_CGROUP_NAME,
+ NULL);
+
+ /* create tethering cgroup directory */
+ cgroup_make_subdir(STC_CGROUP_NETWORK, STC_TETHERING_CGROUP_NAME,
+ NULL);
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * Cgroup creation interface
+ */
+#ifndef __STC_HELPER_CGROUP_H__
+#define __STC_HELPER_CGROUP_H__
+
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/mount.h>
+#include <stdlib.h>
+
+#include "stc-manager.h"
+#include "helper-file.h"
+
+#define DEFAULT_CGROUP "/sys/fs/cgroup"
+#define CGROUP_NETWORK DEFAULT_CGROUP "/net_cls"
+#define STC_CGROUP_NETWORK CGROUP_NETWORK "/stc"
+#define BACKGROUND_CGROUP_NETWORK STC_CGROUP_NETWORK "/BACKGROUND"
+#define FOREGROUND_CGROUP_NETWORK STC_CGROUP_NETWORK "/FOREGROUND"
+#define TETHERING_CGROUP_NETWORK STC_CGROUP_NETWORK "/TETHERING"
+#define PROC_TASK_CHILDREN "/proc/%d/task/%d/children"
+#define STC_CGROUP_NAME "stc"
+#define STC_BACKGROUND_CGROUP_NAME "BACKGROUND"
+#define STC_FOREGROUND_CGROUP_NAME "FOREGROUND"
+#define STC_TETHERING_CGROUP_NAME "TETHERING"
+
+/**
+ * @desc Get one unsigned int32 value from cgroup
+ * @param cgroup_name - cgroup path
+ * @param file_name - cgroup content to write
+ * @param value - out parameter, value to fill
+ * @return negative value if error
+ */
+int cgroup_read_node_uint32(const char *cgroup_name, const char *file_name,
+ uint32_t *value);
+
+/**
+ * @desc Put unsigned int32 value to cgroup,
+ * @param cgroup_name - cgroup path
+ * @param file_name - cgroup content to write
+ * @param value - unsigned int32 data to write
+ * @return negative value if error
+ */
+int cgroup_write_node_uint32(const char *cgroup_name, const char *file_name,
+ uint32_t value);
+
+/**
+ * @desc Put value to cgroup,
+ * @param cgroup_name - cgroup path
+ * @param file_name - cgroup content to write
+ * @param string -string to write
+ * @return negative value if error
+ */
+int cgroup_write_node_str(const char *cgroup_name, const char *file_name,
+ const char *string);
+
+/**
+ * @desc make cgroup,
+ * @param parentdir - parent cgroup path
+ * @param cgroup_name - cgroup subdirectory to write
+ * @param already - true if subdir already exists, NULL pointer is possible
+ * as formal argument, in this case it will not be filled
+ * @return negative value if error
+ */
+int cgroup_make_subdir(const char *parentdir, const char *cgroup_name,
+ bool *already);
+
+/**
+ * @desc write pid into cgroup_subsystem/cgroup_name file,
+ * @param cgroup_subsystem path to /sys/fs/cgroup/subsystem
+ * @param cgroup_name - name in /sys/fs/cgroup/subsystem/
+ * @return negative value if error
+ */
+stc_error_e cgroup_write_pid(const char *cgroup_subsystem,
+ const char *cgroup_name, const int pid);
+
+stc_error_e cgroup_write_pid_fullpath(const char *cgroup_full_path,
+ const int pid);
+
+/**
+ * @desc doing the same as @see cgroup_write_pid,
+ * but also put into cgroup first level child processes
+ */
+stc_error_e cgroup_write_pidtree(const char *cgroup_subsystem,
+ const char *cgroup_name, const int pid);
+
+/**
+ * @desc this function sets release agent path into cgroup subsystem
+ * and enables this mechanism
+ * @param cgroup_sussys - cgroup subsystem name, it's relative path to cgroup,
+ * relativelly default cgroup path (DEFAULT_CGROUP)
+ * @param release_agent full path to release agent executable
+ * @return negative value if error
+ */
+int cgroup_set_release_agent(const char *cgroup_subsys,
+ const char *release_agent);
+
+/**
+ * @desc get PIDs of processes in a certain cgroup, an allocated array must be provided
+ * @return 0 if pids were read and array filled
+ */
+int cgroup_get_pids(const char *name, GArray **pids);
+
+/**
+ * @desc initializes cgroups.
+ */
+void cgroup_init(void);
+
+#endif /*__STC_HELPER_CGROUP_H__*/
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "helper-file.h"
+
+#define BUF_MAX (BUFSIZ)
+#define BUF_INC_SIZE (512 << 10)
+
+int fwrite_str(const char *path, const char *str)
+{
+ _cleanup_fclose_ FILE *f = NULL;
+ int ret;
+
+ assert(path);
+ assert(str);
+
+ f = fopen(path, "w");
+ ret_value_if(!f, -errno);
+
+ ret = fputs(str, f);
+ ret_value_if(ret == EOF, errno ? -errno : -EIO);
+
+ return STC_ERROR_NONE;
+}
+
+int fwrite_uint(const char *path, const uint32_t number)
+{
+ _cleanup_free_ char *digit_buf = NULL;
+ int ret;
+
+ ret = asprintf(&digit_buf, "%d", number);
+ ret_value_if(ret < 0, -ENOMEM);
+
+ return fwrite_str(path, digit_buf);
+}
+
+int fread_uint(const char *path, uint32_t *number)
+{
+ _cleanup_fclose_ FILE *f = NULL;
+ int ret;
+
+ f = fopen(path, "r");
+ ret_value_if(!f, -errno);
+
+ ret = fscanf(f, "%u", number);
+ ret_value_if(ret == EOF, -errno);
+
+ return STC_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_HELPER_FILE_H__
+#define __STC_HELPER_FILE_H__
+
+#include <assert.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+
+#include "stc-manager.h"
+
+/**
+ * @desc write string to the file
+ * @param path - path to the file, str - string is written to the file
+ * @return negative value if error
+ */
+int fwrite_str(const char *path, const char *str);
+
+int fwrite_uint(const char *path, const uint32_t number);
+
+int fwrite_ulong(const char *path, const unsigned long number);
+
+int fread_str(const char *path, char **str);
+
+int fread_uint(const char *path, uint32_t *number);
+
+int fread_ulong(const char *path, unsigned long *number);
+
+int fwrite_array(const char *path, const void *array,
+ const size_t size_of_elem,
+ const size_t numb_of_elem);
+
+#endif /*__STC_HELPER_FILE_H__*/
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-manager-gdbus.h"
+#include "helper-firewall.h"
+
+#define STC_FIREWALL_DBUS_SERVICE "net.stc.iptables"
+#define STC_FIREWALL_DBUS_RULE_INTERFACE STC_FIREWALL_DBUS_SERVICE ".rule"
+#define STC_FIREWALL_DBUS_CHAIN_INTERFACE STC_FIREWALL_DBUS_SERVICE ".chain"
+#define STC_FIREWALL_DBUS_RULE_PATH "/net/stc/iptables/rule"
+#define STC_FIREWALL_DBUS_CHAIN_PATH "/net/stc/iptables/chain"
+
+#define STC_FIREWALL_DBUS_METHOD_ADD_CHAIN "IptAddChain"
+#define STC_FIREWALL_DBUS_METHOD_REMOVE_CHAIN "IptRemoveChain"
+#define STC_FIREWALL_DBUS_METHOD_FLUSH_CHAIN "IptFlushChain"
+#define STC_FIREWALL6_DBUS_METHOD_ADD_CHAIN "Ip6tAddChain"
+#define STC_FIREWALL6_DBUS_METHOD_REMOVE_CHAIN "Ip6tRemoveChain"
+#define STC_FIREWALL6_DBUS_METHOD_FLUSH_CHAIN "Ip6tFlushChain"
+
+#define STC_FIREWALL_DBUS_METHOD_ADD_RULE "IptAddRule"
+#define STC_FIREWALL_DBUS_METHOD_INSERT_RULE "IptInsertRule"
+#define STC_FIREWALL_DBUS_METHOD_REMOVE_RULE "IptRemoveRule"
+#define STC_FIREWALL6_DBUS_METHOD_ADD_RULE "Ip6tAddRule"
+#define STC_FIREWALL6_DBUS_METHOD_INSERT_RULE "Ip6tInsertRule"
+#define STC_FIREWALL6_DBUS_METHOD_REMOVE_RULE "Ip6tRemoveRule"
+
+#define BUF_SIZE_FOR_IP 64
+
+static void __fw_add_rule_info_to_builder(GVariantBuilder *builder,
+ firewall_rule_s *rule)
+{
+ if (builder == NULL || rule == NULL)
+ return;
+
+ g_variant_builder_add(builder, "{sv}", RULE_CHAIN,
+ g_variant_new_string(rule->chain));
+
+ if (rule->direction != STC_FW_DIRECTION_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_DIRECTION,
+ g_variant_new_uint16(rule->direction));
+
+ if (rule->ifname && rule->ifname[0] != '\0')
+ g_variant_builder_add(builder, "{sv}", RULE_IFNAME,
+ g_variant_new_string(rule->ifname));
+ }
+
+ switch (rule->family) {
+ case STC_FW_FAMILY_V4:
+ if (rule->s_ip_type != STC_FW_IP_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_SIPTYPE,
+ g_variant_new_uint16(rule->s_ip_type));
+
+ if (rule->s_ip1.Ipv4.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_SIP1,
+ g_variant_new_uint32(rule->s_ip1.Ipv4.s_addr));
+
+ if (rule->s_ip2.Ipv4.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_SIP2,
+ g_variant_new_uint32(rule->s_ip2.Ipv4.s_addr));
+ }
+
+ if (rule->d_ip_type != STC_FW_IP_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_DIPTYPE,
+ g_variant_new_uint16(rule->d_ip_type));
+
+ if (rule->d_ip1.Ipv4.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_DIP1,
+ g_variant_new_uint32(rule->d_ip1.Ipv4.s_addr));
+
+ if (rule->d_ip2.Ipv4.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_DIP2,
+ g_variant_new_uint32(rule->d_ip2.Ipv4.s_addr));
+ }
+
+ break;
+ case STC_FW_FAMILY_V6:
+ {
+ char buf[BUF_SIZE_FOR_IP];
+
+ if (rule->s_ip_type != STC_FW_IP_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_SIPTYPE,
+ g_variant_new_uint16(rule->s_ip_type));
+
+ if (rule->s_ip1.Ipv6.s6_addr32[0] || rule->s_ip1.Ipv6.s6_addr32[1] ||
+ rule->s_ip1.Ipv6.s6_addr32[2] || rule->s_ip1.Ipv6.s6_addr32[3]) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1],
+ rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3]);
+ g_variant_builder_add(builder, "{sv}", RULE_SIP1,
+ g_variant_new_string(buf));
+ }
+
+ if (rule->s_ip2.Ipv6.s6_addr32[0] || rule->s_ip2.Ipv6.s6_addr32[1] ||
+ rule->s_ip2.Ipv6.s6_addr32[2] || rule->s_ip2.Ipv6.s6_addr32[3]) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ rule->s_ip2.Ipv6.s6_addr32[0], rule->s_ip2.Ipv6.s6_addr32[1],
+ rule->s_ip2.Ipv6.s6_addr32[2], rule->s_ip2.Ipv6.s6_addr32[3]);
+ g_variant_builder_add(builder, "{sv}", RULE_SIP2,
+ g_variant_new_string(buf));
+ }
+ }
+
+ if (rule->d_ip_type != STC_FW_IP_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_DIPTYPE,
+ g_variant_new_uint16(rule->d_ip_type));
+
+ if (rule->d_ip1.Ipv6.s6_addr32[0] || rule->d_ip1.Ipv6.s6_addr32[1] ||
+ rule->d_ip1.Ipv6.s6_addr32[2] || rule->d_ip1.Ipv6.s6_addr32[3]) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1],
+ rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]);
+ g_variant_builder_add(builder, "{sv}", RULE_DIP1,
+ g_variant_new_string(buf));
+ }
+
+ if (rule->d_ip2.Ipv6.s6_addr32[0] || rule->d_ip2.Ipv6.s6_addr32[1] ||
+ rule->d_ip2.Ipv6.s6_addr32[2] || rule->d_ip2.Ipv6.s6_addr32[3]) {
+ memset(buf, 0, sizeof(buf));
+ snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
+ rule->d_ip2.Ipv6.s6_addr32[0], rule->d_ip2.Ipv6.s6_addr32[1],
+ rule->d_ip2.Ipv6.s6_addr32[2], rule->d_ip2.Ipv6.s6_addr32[3]);
+ g_variant_builder_add(builder, "{sv}", RULE_DIP2,
+ g_variant_new_string(buf));
+ }
+ }
+
+ }
+ break;
+ default:
+ break;
+ }
+
+ if (rule->protocol != STC_FW_PROTOCOL_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_PROTOCOL,
+ g_variant_new_uint16(rule->protocol));
+
+ if (rule->s_port_type != STC_FW_PORT_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_SPORTTYPE,
+ g_variant_new_uint16(rule->s_port_type));
+
+ if (rule->s_port1)
+ g_variant_builder_add(builder, "{sv}", RULE_SPORT1,
+ g_variant_new_uint32(rule->s_port1));
+
+ if (rule->s_port2)
+ g_variant_builder_add(builder, "{sv}", RULE_SPORT2,
+ g_variant_new_uint32(rule->s_port2));
+ }
+
+ if (rule->d_port_type != STC_FW_PORT_NONE) {
+ g_variant_builder_add(builder, "{sv}", RULE_DPORTTYPE,
+ g_variant_new_uint16(rule->d_port_type));
+
+ if (rule->d_port1)
+ g_variant_builder_add(builder, "{sv}", RULE_DPORT1,
+ g_variant_new_uint32(rule->d_port1));
+
+ if (rule->d_port2)
+ g_variant_builder_add(builder, "{sv}", RULE_DPORT2,
+ g_variant_new_uint32(rule->d_port2));
+ }
+ }
+
+ if (rule->target_str && rule->target_str[0] != '\0')
+ g_variant_builder_add(builder, "{sv}", RULE_TARGET,
+ g_variant_new_string(rule->target_str));
+
+ if (rule->target != STC_FW_RULE_TARGET_NONE)
+ g_variant_builder_add(builder, "{sv}", RULE_TARGETTYPE,
+ g_variant_new_uint16(rule->target));
+
+ switch (rule->target) {
+ case STC_FW_RULE_TARGET_LOG:
+ g_variant_builder_add(builder, "{sv}", RULE_LOG_LEVEL,
+ g_variant_new_uint16(rule->log_level));
+
+ if (rule->log_prefix && rule->log_prefix[0] != '\0')
+ g_variant_builder_add(builder, "{sv}", RULE_LOG_PREFIX,
+ g_variant_new_string(rule->log_prefix));
+ break;
+ case STC_FW_RULE_TARGET_NFLOG:
+ g_variant_builder_add(builder, "{sv}", RULE_NFLOG_GROUP,
+ g_variant_new_uint16(rule->nflog_group));
+
+ if (rule->nflog_prefix && rule->nflog_prefix[0] != '\0')
+ g_variant_builder_add(builder, "{sv}", RULE_NFLOG_PREFIX,
+ g_variant_new_string(rule->nflog_prefix));
+
+ g_variant_builder_add(builder, "{sv}", RULE_NFLOG_RANGE,
+ g_variant_new_uint16(rule->nflog_range));
+
+ g_variant_builder_add(builder, "{sv}", RULE_NFLOG_THRESHOLD,
+ g_variant_new_uint16(rule->nflog_threshold));
+ break;
+ default:
+ break;
+ }
+}
+
+static int __fw_add_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_CHAIN_PATH,
+ STC_FIREWALL_DBUS_CHAIN_INTERFACE,
+ STC_FIREWALL_DBUS_METHOD_ADD_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully added firewall chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw6_add_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_CHAIN_PATH,
+ STC_FIREWALL_DBUS_CHAIN_INTERFACE,
+ STC_FIREWALL6_DBUS_METHOD_ADD_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully added firewall6 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw_remove_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_CHAIN_PATH,
+ STC_FIREWALL_DBUS_CHAIN_INTERFACE,
+ STC_FIREWALL_DBUS_METHOD_REMOVE_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully removed firewall chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw6_remove_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_CHAIN_PATH,
+ STC_FIREWALL_DBUS_CHAIN_INTERFACE,
+ STC_FIREWALL6_DBUS_METHOD_REMOVE_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully removed firewall6 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw_flush_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_CHAIN_PATH,
+ STC_FIREWALL_DBUS_CHAIN_INTERFACE,
+ STC_FIREWALL_DBUS_METHOD_FLUSH_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully flushed firewall chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw6_flush_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_CHAIN_PATH,
+ STC_FIREWALL_DBUS_CHAIN_INTERFACE,
+ STC_FIREWALL6_DBUS_METHOD_FLUSH_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully flushed firewall6 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw_set_chain(firewall_chain_s *chain)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ firewall_rule_s rule;
+ memset(&rule, 0, sizeof(firewall_rule_s));
+
+ switch (chain->target) {
+ case STC_FW_CHAIN_TARGET_INPUT:
+ rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_IN);
+ break;
+ case STC_FW_CHAIN_TARGET_OUTPUT:
+ rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_OUT);
+ break;
+ default:
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ rule.target_str = g_strdup(chain->chain);
+ ret = firewall_rule_insert(&rule);
+
+ g_free(rule.chain);
+ g_free(rule.target_str);
+
+ return ret;
+}
+
+static int __fw_unset_chain(firewall_chain_s *chain)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ firewall_rule_s rule;
+ memset(&rule, 0, sizeof(firewall_rule_s));
+
+ switch (chain->target) {
+ case STC_FW_CHAIN_TARGET_INPUT:
+ rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_IN);
+ break;
+ case STC_FW_CHAIN_TARGET_OUTPUT:
+ rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_OUT);
+ break;
+ default:
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ rule.target_str = g_strdup(chain->chain);
+ ret = firewall_rule_remove(&rule);
+
+ g_free(rule.chain);
+ g_free(rule.target_str);
+
+ return ret;
+}
+
+static int __fw_append_rule(GDBusConnection *connection,
+ firewall_rule_s *rule)
+{
+ int result = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __fw_add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_RULE_PATH,
+ STC_FIREWALL_DBUS_RULE_INTERFACE,
+ STC_FIREWALL_DBUS_METHOD_ADD_RULE,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully added firewall rule [%d:%s]",
+ result, rule->chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw_insert_rule(GDBusConnection *connection,
+ firewall_rule_s *rule)
+{
+ int result = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __fw_add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_RULE_PATH,
+ STC_FIREWALL_DBUS_RULE_INTERFACE,
+ STC_FIREWALL_DBUS_METHOD_INSERT_RULE,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully inserted firewall rule [%d:%s]",
+ result, rule->chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw6_append_rule(GDBusConnection *connection,
+ firewall_rule_s *rule)
+{
+ int result = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __fw_add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_RULE_PATH,
+ STC_FIREWALL_DBUS_RULE_INTERFACE,
+ STC_FIREWALL6_DBUS_METHOD_ADD_RULE,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully added firewall6 rule [%d:%s]",
+ result, rule->chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw6_insert_rule(GDBusConnection *connection,
+ firewall_rule_s *rule)
+{
+ int result = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __fw_add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_RULE_PATH,
+ STC_FIREWALL_DBUS_RULE_INTERFACE,
+ STC_FIREWALL6_DBUS_METHOD_INSERT_RULE,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully inserted firewall6 rule [%d:%s]",
+ result, rule->chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw_remove_rule(GDBusConnection *connection,
+ firewall_rule_s *rule)
+{
+ int result = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __fw_add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_RULE_PATH,
+ STC_FIREWALL_DBUS_RULE_INTERFACE,
+ STC_FIREWALL_DBUS_METHOD_REMOVE_RULE,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully removed firewall rule [%d:%s]",
+ result, rule->chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __fw6_remove_rule(GDBusConnection *connection,
+ firewall_rule_s *rule)
+{
+ int result = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __fw_add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_FIREWALL_DBUS_SERVICE,
+ STC_FIREWALL_DBUS_RULE_PATH,
+ STC_FIREWALL_DBUS_RULE_INTERFACE,
+ STC_FIREWALL6_DBUS_METHOD_REMOVE_RULE,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method");
+ return STC_ERROR_FAIL;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully removed firewall6 rule [%d:%s]",
+ result, rule->chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+API stc_error_e firewall_chain_add(firewall_chain_s *chain)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ ret = __fw_add_chain(stc->connection, chain->chain);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ ret = __fw6_add_chain(stc->connection, chain->chain);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+API stc_error_e firewall_chain_remove(firewall_chain_s *chain)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ ret = __fw_remove_chain(stc->connection, chain->chain);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ ret = __fw6_remove_chain(stc->connection, chain->chain);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+stc_error_e firewall_chain_flush(firewall_chain_s *chain)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ ret = __fw_flush_chain(stc->connection, chain->chain);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ ret = __fw6_flush_chain(stc->connection, chain->chain);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+API stc_error_e firewall_chain_set(firewall_chain_s *chain)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e ret = STC_ERROR_NONE;
+ ret = __fw_set_chain(chain);
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+API stc_error_e firewall_chain_unset(firewall_chain_s *chain)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e ret = STC_ERROR_NONE;
+ ret = __fw_unset_chain(chain);
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+API stc_error_e firewall_rule_append(firewall_rule_s *rule)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ switch (rule->family) {
+ case STC_FW_FAMILY_V4:
+ ret = __fw_append_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ case STC_FW_FAMILY_V6:
+ ret = __fw6_append_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ default:
+ ret = __fw_append_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ ret = __fw6_append_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ }
+
+ return ret;
+}
+
+stc_error_e firewall_rule_insert(firewall_rule_s *rule)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ switch (rule->family) {
+ case STC_FW_FAMILY_V4:
+ ret = __fw_insert_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ case STC_FW_FAMILY_V6:
+ ret = __fw6_insert_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ default:
+ ret = __fw_insert_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ ret = __fw6_insert_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ }
+
+ return ret;
+}
+
+stc_error_e firewall_rule_remove(firewall_rule_s *rule)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ switch (rule->family) {
+ case STC_FW_FAMILY_V4:
+ ret = __fw_remove_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ case STC_FW_FAMILY_V6:
+ ret = __fw6_remove_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ default:
+ ret = __fw_remove_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+
+ ret = __fw6_remove_rule(stc->connection, rule);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+ }
+ break;
+ }
+
+ return ret;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_HELPER_FIREWALL_H__
+#define __STC_HELPER_FIREWALL_H__
+
+#include <arpa/inet.h>
+
+#include "stc-manager.h"
+#include "stc-error.h"
+
+#define FIREWALL_CHAIN_TARGET_IN "INPUT"
+#define FIREWALL_CHAIN_TARGET_OUT "OUTPUT"
+
+#define FIREWALL_RULE_TARGET_ACCEPT "ACCEPT"
+#define FIREWALL_RULE_TARGET_DROP "DROP"
+#define FIREWALL_RULE_TARGET_LOG "LOG"
+#define FIREWALL_RULE_TARGET_NFLOG "NFLOG"
+
+#define RULE_CHAIN "chain"
+#define RULE_DIRECTION "direction"
+#define RULE_IFNAME "ifname"
+#define RULE_PROTOCOL "protocol"
+#define RULE_TARGET "target"
+#define RULE_TARGETTYPE "target_type"
+
+#define RULE_FAMILY "family"
+#define RULE_SIPTYPE "s_ip_type"
+#define RULE_SIP1 "s_ip1"
+#define RULE_SIP2 "s_ip2"
+#define RULE_DIPTYPE "d_ip_type"
+#define RULE_DIP1 "d_ip1"
+#define RULE_DIP2 "d_ip2"
+#define RULE_SPORTTYPE "s_port_type"
+#define RULE_SPORT1 "s_port1"
+#define RULE_SPORT2 "s_port2"
+#define RULE_DPORTTYPE "d_port_type"
+#define RULE_DPORT1 "d_port1"
+#define RULE_DPORT2 "d_port2"
+
+#define RULE_LOG_LEVEL "log_level"
+#define RULE_LOG_PREFIX "log_prefix"
+#define RULE_NFLOG_GROUP "nflog_group"
+#define RULE_NFLOG_PREFIX "nflog_prefix"
+#define RULE_NFLOG_RANGE "nflog_range"
+#define RULE_NFLOG_THRESHOLD "nflog_threshold"
+
+typedef enum {
+ FIREWALL_UNKONWN,
+ FIREWALL_UNLOCKED,
+ FIREWALL_LOCKED
+} firewall_lock_e;
+
+typedef union {
+ struct in_addr Ipv4;
+ struct in6_addr Ipv6;
+} ip_addr_u;
+
+typedef struct {
+ char *chain;
+ stc_fw_chain_target_e target;
+ guint priority;
+} firewall_chain_s;
+
+typedef struct {
+ guint key;
+ char *chain;
+ stc_fw_direction_e direction;
+ stc_fw_ip_type_e s_ip_type;
+ stc_fw_ip_type_e d_ip_type;
+ stc_fw_port_type_e s_port_type;
+ stc_fw_port_type_e d_port_type;
+ stc_fw_protocol_type_e protocol;
+ stc_fw_family_type_e family;
+ ip_addr_u s_ip1;
+ ip_addr_u s_ip2;
+ ip_addr_u d_ip1;
+ ip_addr_u d_ip2;
+ guint s_port1;
+ guint s_port2;
+ guint d_port1;
+ guint d_port2;
+ char *ifname;
+ stc_fw_rule_target_e target;
+ char *target_str;
+ guchar log_level;
+ char *log_prefix;
+ guint nflog_group;
+ char *nflog_prefix;
+ guint nflog_range;
+ guint nflog_threshold;
+ char *identifier;
+} firewall_rule_s;
+
+stc_error_e firewall_chain_add(firewall_chain_s *chain);
+stc_error_e firewall_chain_remove(firewall_chain_s *chain);
+stc_error_e firewall_chain_flush(firewall_chain_s *chain);
+stc_error_e firewall_chain_set(firewall_chain_s *chain);
+stc_error_e firewall_chain_unset(firewall_chain_s *chain);
+
+stc_error_e firewall_rule_append(firewall_rule_s *rule);
+stc_error_e firewall_rule_insert(firewall_rule_s *rule);
+stc_error_e firewall_rule_remove(firewall_rule_s *rule);
+
+#endif /*__STC_HELPER_FIREWALL_H__*/
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <glib.h>
+
+#include "helper-inotify.h"
+#include "stc-manager-util.h"
+
+typedef struct {
+ GIOChannel *channel;
+ uint watch;
+ int wd;
+
+ inotify_event_cb cb;
+} stc_inotify_s;
+
+static GHashTable *g_inotify_hash;
+
+static void __inotify_destroy(gpointer user_data)
+{
+ int fd;
+ stc_inotify_s *inotify = user_data;
+
+ if (!inotify->channel)
+ return;
+
+ if (inotify->watch > 0)
+ g_source_remove(inotify->watch);
+
+ if (inotify->wd >= 0) {
+ fd = g_io_channel_unix_get_fd(inotify->channel);
+ inotify_rm_watch(fd, inotify->wd);
+ }
+
+ g_io_channel_unref(inotify->channel);
+}
+
+static gboolean __inotify_data(GIOChannel *channel,
+ GIOCondition cond, gpointer user_data)
+{
+ stc_inotify_s *inotify = user_data;
+ char buf[256];
+ char *next_event = buf;
+ gsize bytes_read;
+ GIOStatus status;
+
+ if (cond & (G_IO_NVAL | G_IO_ERR | G_IO_HUP)) {
+ inotify->watch = 0;
+ return false;
+ }
+
+ status = g_io_channel_read_chars(channel, buf,
+ sizeof(buf), &bytes_read, NULL);
+ if (status != G_IO_STATUS_NORMAL) {
+ if (status == G_IO_STATUS_AGAIN)
+ return true;
+ else {
+ STC_LOGE("Failed to read from inotify channel");
+ inotify->watch = 0;
+ return false;
+ }
+ }
+
+ while (bytes_read > 0) {
+ struct inotify_event *event =
+ (struct inotify_event *)next_event;
+ gchar *ident = NULL;
+ gsize len = 0;
+
+ len = sizeof(*event) + event->len;
+ if (bytes_read < len)
+ break;
+
+ if (event->len)
+ ident = next_event + sizeof(*event);
+
+ next_event += len;
+ bytes_read -= len;
+
+ (inotify->cb)(event, ident);
+ }
+
+ return true;
+}
+
+int inotify_register(const char *path, inotify_event_cb cb)
+{
+ int fd;
+ stc_inotify_s *inotify;
+
+ if (!cb)
+ return -EINVAL;
+
+ inotify = g_hash_table_lookup(g_inotify_hash, path);
+ if (inotify) {
+ inotify->cb = cb;
+ return 0;
+ }
+
+ inotify = g_try_new0(stc_inotify_s, 1);
+ if (!inotify)
+ return -ENOMEM;
+
+ fd = inotify_init();
+ if (fd < 0) {
+ FREE(inotify);
+ return -EIO;
+ }
+
+ inotify->wd = inotify_add_watch(fd, path, IN_MODIFY);
+ if (inotify->wd < 0) {
+ STC_LOGE("Failed to create watch [%s]", path);
+ FREE(inotify);
+ close(fd);
+ return -EIO;
+ }
+
+ inotify->channel = g_io_channel_unix_new(fd);
+ if (!inotify->channel) {
+ STC_LOGE("Failed to create channel");
+ inotify_rm_watch(fd, inotify->wd);
+ FREE(inotify);
+ close(fd);
+ return -EIO;
+ }
+
+ g_io_channel_set_close_on_unref(inotify->channel, TRUE);
+ g_io_channel_set_encoding(inotify->channel, NULL, NULL);
+ g_io_channel_set_buffered(inotify->channel, FALSE);
+
+ inotify->watch = g_io_add_watch(inotify->channel,
+ G_IO_IN | G_IO_HUP | G_IO_NVAL | G_IO_ERR,
+ __inotify_data, inotify);
+
+ inotify->cb = cb;
+
+ g_hash_table_insert(g_inotify_hash, g_strdup(path), inotify);
+ return 0;
+}
+
+void inotify_deregister(const char *path)
+{
+ stc_inotify_s *inotify;
+
+ inotify = g_hash_table_lookup(g_inotify_hash, path);
+ if (!inotify)
+ return;
+
+ g_hash_table_remove(g_inotify_hash, path);
+}
+
+int inotify_initialize(void)
+{
+ g_inotify_hash = g_hash_table_new_full(g_str_hash, g_str_equal,
+ g_free, __inotify_destroy);
+
+ return 0;
+}
+
+void inotify_deinitialize(void)
+{
+ g_hash_table_destroy(g_inotify_hash);
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_HELPER_INOTIFY_H__
+#define __STC_HELPER_INOTIFY_H__
+
+#include <sys/inotify.h>
+
+struct inotify_event;
+typedef void (* inotify_event_cb) (struct inotify_event *event, const char *ident);
+
+int inotify_register(const char *path, inotify_event_cb cb);
+void inotify_deregister(const char *path);
+
+int inotify_initialize(void);
+void inotify_deinitialize(void);
+
+#endif /*__STC_HELPER_INOTIFY_H__*/
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-manager-gdbus.h"
+#include "helper-iptables.h"
+
+#define STC_IPTABLES_DBUS_SERVICE "net.stc.iptables"
+#define STC_IPTABLES_DBUS_RULE_INTERFACE STC_IPTABLES_DBUS_SERVICE ".rule"
+#define STC_IPTABLES_DBUS_CHAIN_INTERFACE STC_IPTABLES_DBUS_SERVICE ".chain"
+#define STC_IPTABLES_DBUS_RULE_PATH "/net/stc/iptables/rule"
+#define STC_IPTABLES_DBUS_CHAIN_PATH "/net/stc/iptables/chain"
+#define STC_IPTABLES_DBUS_METHOD_IPT_ADD_CHAIN "IptAddChain"
+#define STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_CHAIN "IptRemoveChain"
+#define STC_IPTABLES_DBUS_METHOD_IPT_FLUSH_CHAIN "IptFlushChain"
+#define STC_IPTABLES_DBUS_METHOD_IP6T_ADD_CHAIN "Ip6tAddChain"
+#define STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_CHAIN "Ip6tRemoveChain"
+#define STC_IPTABLES_DBUS_METHOD_IP6T_FLUSH_CHAIN "Ip6tFlushChain"
+#define STC_IPTABLES_DBUS_METHOD_IPT_ADD_RULE "IptAddRule"
+#define STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_RULE "IptRemoveRule"
+#define STC_IPTABLES_DBUS_METHOD_IP6T_ADD_RULE "Ip6tAddRule"
+#define STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_RULE "Ip6tRemoveRule"
+#define STC_IPTABLES_DBUS_METHOD_IPT_ADD_LIST "IptAddList"
+#define STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_LIST "IptRemoveList"
+#define STC_IPTABLES_DBUS_METHOD_IP6T_ADD_LIST "Ip6tAddList"
+#define STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_LIST "Ip6tRemoveList"
+
+#define RULE_CHAIN "chain"
+#define RULE_DIRECTION "direction"
+#define RULE_IFNAME "ifname"
+#define RULE_CGROUP "cgroup"
+#define RULE_NFACCT "nfacct"
+#define RULE_TARGET "target"
+#define RULE_SIPTYPE "s_ip_type"
+#define RULE_SIP1 "s_ip1"
+#define RULE_SIP2 "s_ip2"
+#define RULE_DIPTYPE "d_ip_type"
+#define RULE_DIP1 "d_ip1"
+#define RULE_DIP2 "d_ip2"
+
+static void __add_rule_info_to_builder(GVariantBuilder *builder,
+ iptables_rule_s *rule)
+{
+ if (builder == NULL || rule == NULL)
+ return; //LCOV_EXCL_LINE
+
+ g_variant_builder_add(builder, "{sv}", RULE_CHAIN,
+ g_variant_new_string(rule->chain));
+
+ g_variant_builder_add(builder, "{sv}", RULE_DIRECTION,
+ g_variant_new_uint16(rule->direction));
+
+ if (rule->ifname)
+ g_variant_builder_add(builder, "{sv}", RULE_IFNAME,
+ g_variant_new_string(rule->ifname));
+
+ if (rule->classid > 0)
+ g_variant_builder_add(builder, "{sv}", RULE_CGROUP,
+ g_variant_new_uint32(rule->classid));
+
+ if (rule->nfacct_name)
+ g_variant_builder_add(builder, "{sv}", RULE_NFACCT,
+ g_variant_new_string(rule->nfacct_name));
+
+ if (rule->target)
+ g_variant_builder_add(builder, "{sv}", RULE_TARGET,
+ g_variant_new_string(rule->target));
+
+ g_variant_builder_add(builder, "{sv}", RULE_SIPTYPE,
+ g_variant_new_uint16(rule->s_iprange_type));
+
+ g_variant_builder_add(builder, "{sv}", RULE_DIPTYPE,
+ g_variant_new_uint16(rule->d_iprange_type));
+
+ if (rule->s_ip1.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_SIP1,
+ g_variant_new_uint32(rule->s_ip1.s_addr));
+
+ if (rule->s_ip2.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_SIP2,
+ g_variant_new_uint32(rule->s_ip2.s_addr));
+
+ if (rule->d_ip1.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_DIP1,
+ g_variant_new_uint32(rule->d_ip1.s_addr));
+
+ if (rule->d_ip2.s_addr)
+ g_variant_builder_add(builder, "{sv}", RULE_DIP2,
+ g_variant_new_uint32(rule->d_ip2.s_addr));
+}
+
+static void __add_rule_reply(
+ GObject *source_object, GAsyncResult *res, gpointer user_data)
+{
+ GDBusConnection *conn = NULL;
+ GVariant *dbus_data = NULL;
+ GError *dbus_error = NULL;
+ int result = 0;
+ char *nfacct_name = user_data;
+
+ conn = G_DBUS_CONNECTION(source_object);
+ dbus_data = g_dbus_connection_call_finish(conn, res, &dbus_error);
+ if (dbus_error != NULL) {
+ STC_LOGE("Dbus reply error [%s]", dbus_error->message);
+ g_error_free(dbus_error);
+ } else {
+ g_variant_get(dbus_data, "(i)", &result);
+ STC_LOGI("Added rule [%d:%s]", result, nfacct_name);
+ }
+
+ g_free(nfacct_name);
+}
+
+static void __remove_rule_reply(
+ GObject *source_object, GAsyncResult *res, gpointer user_data)
+{
+ GDBusConnection *conn = NULL;
+ GVariant *dbus_data = NULL;
+ GError *dbus_error = NULL;
+ int result = 0;
+ char *nfacct_name = user_data;
+
+ conn = G_DBUS_CONNECTION(source_object);
+ dbus_data = g_dbus_connection_call_finish(conn, res, &dbus_error);
+ if (dbus_error != NULL) {
+ STC_LOGE("Dbus reply error [%s]", dbus_error->message);
+ g_error_free(dbus_error);
+ } else {
+ g_variant_get(dbus_data, "(i)", &result);
+ STC_LOGI("Removed rule [%d:%s]", result, nfacct_name);
+ }
+
+ g_free(nfacct_name);
+}
+
+static void __add_list_info_to_builder(GVariantBuilder *builder,
+ GSList *iptables_list)
+{
+ GSList *list;
+ GVariantBuilder sub_builder;
+
+ for (list = iptables_list; list; list = list->next) {
+ iptables_rule_s *rule = list->data;
+
+ g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
+
+ g_variant_builder_add(&sub_builder, "{sv}", RULE_CHAIN,
+ g_variant_new_string(rule->chain));
+
+ g_variant_builder_add(&sub_builder, "{sv}", RULE_DIRECTION,
+ g_variant_new_uint16(rule->direction));
+
+ if (rule->ifname)
+ g_variant_builder_add(&sub_builder, "{sv}", RULE_IFNAME,
+ g_variant_new_string(rule->ifname));
+
+ if (rule->classid > 0)
+ g_variant_builder_add(&sub_builder, "{sv}", RULE_CGROUP,
+ g_variant_new_uint32(rule->classid));
+
+ if (rule->nfacct_name)
+ g_variant_builder_add(&sub_builder, "{sv}", RULE_NFACCT,
+ g_variant_new_string(rule->nfacct_name));
+
+ if (rule->target)
+ g_variant_builder_add(&sub_builder, "{sv}", RULE_TARGET,
+ g_variant_new_string(rule->target));
+
+ g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder));
+ }
+}
+
+static int __iptables_rule_add(GDBusConnection *connection,
+ iptables_rule_s *rule)
+{
+ int result = STC_ERROR_NONE;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ char *nfacct_name = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ nfacct_name = g_strdup_printf("4:%s", rule->nfacct_name);
+
+ result = stc_manager_gdbus_call_async(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_RULE_PATH,
+ STC_IPTABLES_DBUS_RULE_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IPT_ADD_RULE,
+ params,
+ __add_rule_reply,
+ nfacct_name);
+
+ if (result != STC_ERROR_NONE) {
+ STC_LOGE("Failed to invoke dbus method async");
+ g_free(nfacct_name);
+ }
+
+ return result;
+}
+
+static int __iptables_rule_remove(GDBusConnection *connection,
+ iptables_rule_s *rule)
+{
+ int result = STC_ERROR_NONE;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ char *nfacct_name = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ nfacct_name = g_strdup_printf("4:%s", rule->nfacct_name);
+
+ result = stc_manager_gdbus_call_async(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_RULE_PATH,
+ STC_IPTABLES_DBUS_RULE_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_RULE,
+ params,
+ __remove_rule_reply,
+ nfacct_name);
+
+ if (result != STC_ERROR_NONE) {
+ STC_LOGE("Failed to invoke dbus method async");
+ g_free(nfacct_name);
+ }
+
+ return result;
+}
+
+static int __ip6tables_rule_add(GDBusConnection *connection,
+ iptables_rule_s *rule)
+{
+ int result = STC_ERROR_NONE;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ char *nfacct_name = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ nfacct_name = g_strdup_printf("6:%s", rule->nfacct_name);
+
+ result = stc_manager_gdbus_call_async(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_RULE_PATH,
+ STC_IPTABLES_DBUS_RULE_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IP6T_ADD_RULE,
+ params,
+ __add_rule_reply,
+ nfacct_name);
+
+ if (result != STC_ERROR_NONE) {
+ STC_LOGE("Failed to invoke dbus method async");
+ g_free(nfacct_name);
+ }
+
+ return result;
+}
+
+static int __ip6tables_rule_remove(GDBusConnection *connection,
+ iptables_rule_s *rule)
+{
+ int result = STC_ERROR_NONE;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ char *nfacct_name = NULL;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+ __add_rule_info_to_builder(builder, rule);
+ params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ nfacct_name = g_strdup_printf("6:%s", rule->nfacct_name);
+
+ result = stc_manager_gdbus_call_async(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_RULE_PATH,
+ STC_IPTABLES_DBUS_RULE_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_RULE,
+ params,
+ __remove_rule_reply,
+ nfacct_name);
+
+ if (result != STC_ERROR_NONE) {
+ STC_LOGE("Failed to invoke dbus method async");
+ g_free(nfacct_name);
+ }
+
+ return result;
+}
+
+static int __iptables_list_add(GDBusConnection *connection,
+ GSList *iptables_list, iptables_ip_type_e iptype)
+{
+ stc_error_e result = STC_ERROR_NONE;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+ const char *method = (iptype == IP_TYPE_IPV4) ?
+ STC_IPTABLES_DBUS_METHOD_IPT_ADD_LIST :
+ STC_IPTABLES_DBUS_METHOD_IP6T_ADD_LIST;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+ __add_list_info_to_builder(builder, iptables_list);
+ params = g_variant_new("(aa{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_RULE_PATH,
+ STC_IPTABLES_DBUS_RULE_INTERFACE,
+ method,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+
+ STC_LOGD("%s to add list [%s:%d]",
+ result == STC_ERROR_NONE ? "Successed" : "Failed",
+ iptype == IP_TYPE_IPV4 ? "IPv4" : "IPv6", result);
+
+ g_variant_unref(message);
+ return result;
+}
+
+static int __iptables_list_remove(GDBusConnection *connection,
+ GSList *iptables_list, iptables_ip_type_e iptype)
+{
+ int result = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *params = NULL;
+ GVariant *message = NULL;
+ const char *method = (iptype == IP_TYPE_IPV4) ?
+ STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_LIST :
+ STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_LIST;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+ __add_list_info_to_builder(builder, iptables_list);
+ params = g_variant_new("(aa{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_RULE_PATH,
+ STC_IPTABLES_DBUS_RULE_INTERFACE,
+ method,
+ params);
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+
+ STC_LOGD("%s to add list [%s:%d]",
+ result == STC_ERROR_NONE ? "Successed" : "Failed",
+ iptype == IP_TYPE_IPV4 ? "IPv4" : "IPv6", result);
+
+ g_variant_unref(message);
+ return STC_ERROR_NONE;
+}
+
+static int __iptables_add_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_CHAIN_PATH,
+ STC_IPTABLES_DBUS_CHAIN_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IPT_ADD_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully added ipv4 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __ip6tables_add_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_CHAIN_PATH,
+ STC_IPTABLES_DBUS_CHAIN_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IP6T_ADD_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully added ipv6 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __iptables_remove_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_CHAIN_PATH,
+ STC_IPTABLES_DBUS_CHAIN_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully removed ipv4 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __ip6tables_remove_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_CHAIN_PATH,
+ STC_IPTABLES_DBUS_CHAIN_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully removed ipv6 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __iptables_flush_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_CHAIN_PATH,
+ STC_IPTABLES_DBUS_CHAIN_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IPT_FLUSH_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully flushed ipv4 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __ip6tables_flush_chain(GDBusConnection *connection,
+ const char *chain)
+{
+ int result = 0;
+ GVariant *message = NULL;
+
+ message = stc_manager_gdbus_call_sync(connection,
+ STC_IPTABLES_DBUS_SERVICE,
+ STC_IPTABLES_DBUS_CHAIN_PATH,
+ STC_IPTABLES_DBUS_CHAIN_INTERFACE,
+ STC_IPTABLES_DBUS_METHOD_IP6T_FLUSH_CHAIN,
+ g_variant_new("(s)", chain));
+
+ if (message == NULL) {
+ STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_get(message, "(i)", &result);
+ STC_LOGD("Successfully flushed ipv6 chain [%d:%s]", result, chain);
+ g_variant_unref(message);
+
+ return STC_ERROR_NONE;
+}
+
+static int __iptables_add_chain_jump_rule(const char *chain,
+ const char *target)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ iptables_rule_s iptables_rule;
+ memset(&iptables_rule, 0, sizeof(iptables_rule_s));
+
+ iptables_rule.target = g_strdup(target);
+ iptables_rule.chain = g_strdup(chain);
+
+ ret = iptables_add(&iptables_rule, IP_TYPE_IPV4_IPV6);
+
+ g_free(iptables_rule.target);
+ g_free(iptables_rule.chain);
+
+ return ret;
+}
+
+static stc_error_e _iptables_add_in_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_add_chain(stc->connection, STC_IN_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_IN_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_IN_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_IN_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _iptables_add_out_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_add_chain(stc->connection, STC_OUT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_OUT_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_OUT_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain(stc->connection, STC_OUT_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _ip6tables_add_in_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __ip6tables_add_chain(stc->connection, STC_IN_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_IN_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_IN_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_IN_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _ip6tables_add_out_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __ip6tables_add_chain(stc->connection, STC_OUT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_OUT_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_OUT_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_add_chain(stc->connection, STC_OUT_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _iptables_add_in_chain_jump_rule(void)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _iptables_add_out_chain_jump_rule(void)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _iptables_remove_in_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_remove_chain(stc->connection, STC_IN_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_IN_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_IN_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_IN_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _iptables_remove_out_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_remove_chain(stc->connection, STC_OUT_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_OUT_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_OUT_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_remove_chain(stc->connection, STC_OUT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _ip6tables_remove_in_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_IN_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_IN_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_IN_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_IN_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _ip6tables_remove_out_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_OUT_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_OUT_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_OUT_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_OUT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _iptables_flush_in_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_flush_chain(stc->connection, STC_IN_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_IN_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_IN_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_IN_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _iptables_flush_out_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __iptables_flush_chain(stc->connection, STC_OUT_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_OUT_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_OUT_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_OUT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _ip6tables_flush_in_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_IN_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_IN_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_IN_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_IN_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+static stc_error_e _ip6tables_flush_out_chain(stc_s *stc)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_OUT_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_OUT_FG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_OUT_BG_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_OUT_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+done:
+ return ret;
+}
+
+stc_error_e iptables_add(iptables_rule_s *rule, iptables_ip_type_e iptype)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection)
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+
+ if (iptype == IP_TYPE_IPV4 ||
+ iptype == IP_TYPE_IPV4_IPV6) {
+ ret = __iptables_rule_add(stc->connection, rule);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ if (iptype == IP_TYPE_IPV6 ||
+ iptype == IP_TYPE_IPV4_IPV6)
+ ret = __ip6tables_rule_add(stc->connection, rule);
+
+done:
+ return ret;
+}
+
+stc_error_e iptables_remove(iptables_rule_s *rule, iptables_ip_type_e iptype)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection)
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+
+ if (iptype == IP_TYPE_IPV4 ||
+ iptype == IP_TYPE_IPV4_IPV6) {
+ ret = __iptables_rule_remove(stc->connection, rule);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ if (iptype == IP_TYPE_IPV6 ||
+ iptype == IP_TYPE_IPV4_IPV6)
+ ret = __ip6tables_rule_remove(stc->connection, rule);
+
+done:
+ return ret;
+}
+
+stc_error_e iptables_add_list(GSList *iptables_list, iptables_ip_type_e iptype)
+{
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection)
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+
+ return __iptables_list_add(stc->connection, iptables_list, iptype);
+}
+
+stc_error_e iptables_remove_list(GSList *iptables_list, iptables_ip_type_e iptype)
+{
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection)
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+
+ return __iptables_list_remove(stc->connection, iptables_list, iptype);
+}
+
+API stc_error_e iptables_flush_chains(void)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection)
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+
+ ret = _iptables_flush_in_chain(stc);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = _iptables_flush_out_chain(stc);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_FRWD_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __iptables_flush_chain(stc->connection, STC_TETHER_CHAIN);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = _ip6tables_flush_in_chain(stc);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = _ip6tables_flush_out_chain(stc);
+ if (ret != STC_ERROR_NONE)
+ goto done; //LCOV_EXCL_LINE
+
+ ret = __ip6tables_flush_chain(stc->connection, STC_FRWD_CHAIN);
+done:
+ return ret;
+}
+
+stc_error_e iptables_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ ret = _iptables_add_in_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _iptables_add_out_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __iptables_add_chain(stc->connection, STC_FRWD_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __iptables_add_chain(stc->connection, STC_TETHER_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _ip6tables_add_in_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _ip6tables_add_out_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __ip6tables_add_chain(stc->connection, STC_FRWD_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __ip6tables_add_chain(stc->connection, STC_TETHER_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _iptables_add_in_chain_jump_rule();
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _iptables_add_out_chain_jump_rule();
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __iptables_add_chain_jump_rule("FORWARD", STC_FRWD_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __iptables_add_chain_jump_rule("FORWARD", STC_TETHER_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__;
+ goto done;
+ }
+
+done:
+ __STC_LOG_FUNC_ENTER__;
+ return ret;
+}
+
+stc_error_e iptables_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_error_e ret = STC_ERROR_NONE;
+ stc_s *stc = stc_get_manager();
+
+ if (!stc || !stc->connection) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ ret = _iptables_remove_in_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _iptables_remove_out_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __iptables_remove_chain(stc->connection, STC_TETHER_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __iptables_remove_chain(stc->connection, STC_FRWD_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _ip6tables_remove_in_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = _ip6tables_remove_out_chain(stc);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+ ret = __ip6tables_remove_chain(stc->connection, STC_FRWD_CHAIN);
+ if (ret != STC_ERROR_NONE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ goto done; //LCOV_EXCL_LINE
+ }
+
+done:
+ __STC_LOG_FUNC_ENTER__;
+ return ret;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_HELPER_IPTABLES_H__
+#define __STC_HELPER_IPTABLES_H__
+
+#include <arpa/inet.h>
+#include "stc-manager.h"
+#include "stc-error.h"
+
+#define STC_IN_CHAIN "STC_IN"
+#define STC_OUT_CHAIN "STC_OUT"
+#define STC_FRWD_CHAIN "STC_FRWD"
+#define STC_TETHER_CHAIN "STC_TETHER"
+
+#define STC_IN_DROP_CHAIN "STC_IN_DROP"
+#define STC_IN_FG_CHAIN "STC_IN_FG"
+#define STC_IN_ACCEPT_CHAIN "STC_IN_ACCEPT"
+#define STC_IN_BG_DROP_CHAIN "STC_IN_BG_DROP"
+#define STC_IN_BG_CHAIN "STC_IN_BG"
+
+#define STC_OUT_DROP_CHAIN "STC_OUT_DROP"
+#define STC_OUT_FG_CHAIN "STC_OUT_FG"
+#define STC_OUT_ACCEPT_CHAIN "STC_OUT_ACCEPT"
+#define STC_OUT_BG_DROP_CHAIN "STC_OUT_BG_DROP"
+#define STC_OUT_BG_CHAIN "STC_OUT_BG"
+
+typedef enum {
+ IPTABLES_DIRECTION_NONE,
+ IPTABLES_DIRECTION_IN,
+ IPTABLES_DIRECTION_OUT
+} iptables_rule_direction_e;
+
+typedef enum {
+ IP_TYPE_UNKNOWN,
+ IP_TYPE_IPV4,
+ IP_TYPE_IPV6,
+ IP_TYPE_IPV4_IPV6,
+ IP_TYPE_LAST_ELEM
+} iptables_ip_type_e;
+
+typedef enum {
+ IPTABLES_IP_NONE,
+ IPTABLES_IP_SINGLE,
+ IPTABLES_IP_MASK,
+ IPTABLES_IP_RANGE
+} iptables_iprange_type_e;
+
+typedef struct {
+ char *chain;
+ char *ifname;
+ char *nfacct_name;
+ char *target;
+ iptables_iprange_type_e s_iprange_type;
+ iptables_iprange_type_e d_iprange_type;
+ struct in_addr s_ip1;
+ struct in_addr s_ip2;
+ struct in_addr d_ip1;
+ struct in_addr d_ip2;
+ iptables_rule_direction_e direction;
+ uint32_t classid;
+} iptables_rule_s;
+
+stc_error_e iptables_add(iptables_rule_s *rule, iptables_ip_type_e iptype);
+stc_error_e iptables_remove(iptables_rule_s *rule, iptables_ip_type_e iptype);
+stc_error_e iptables_add_list(GSList *iptables_list, iptables_ip_type_e iptype);
+stc_error_e iptables_remove_list(GSList *iptables_list, iptables_ip_type_e iptype);
+stc_error_e iptables_flush_chains(void);
+stc_error_e iptables_init(void);
+stc_error_e iptables_deinit(void);
+
+#endif /*__STC_HELPER_IPTABLES_H__*/
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dirent.h>
+#include <glib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "helper-cgroup.h"
+#include "counter.h"
+#include "stc-db.h"
+#include "helper-file.h"
+#include "helper-net-cls.h"
+
+#define CUR_CLASSID_PATH "/var/lib/stc/cur_classid"
+#define CLASSID_FILE_NAME "net_cls.classid"
+
+typedef GArray task_classid_array;
+
+static uint32_t __produce_classid(check_classid_used_cb check_classid_cb)
+{
+ uint32_t classid = STC_RESERVED_CLASSID_MAX;
+ int ret = fread_uint(CUR_CLASSID_PATH, &classid);
+ if (ret < 0)
+ STC_LOGI("Can not read current classid"); //LCOV_EXCL_LINE
+
+ classid += 1;
+
+ if (check_classid_cb) {
+ int classid_test_count = 0;
+ for (classid_test_count = 0; classid_test_count < INT32_MAX;
+ ++classid) {
+ if (!check_classid_cb(classid))
+ break;
+ }
+ }
+
+ ret = fwrite_uint(CUR_CLASSID_PATH, ++classid);
+ if (ret < 0)
+ STC_LOGE("Can not write classid"); //LCOV_EXCL_LINE
+
+ return classid;
+}
+
+static int __place_classid_to_cgroup(const char *cgroup, const char *subdir,
+ uint32_t *classid,
+ check_classid_used_cb cb)
+{
+ char buf[MAX_PATH_LENGTH];
+ uint32_t result_classid = (classid && *classid) ? *classid :
+ __produce_classid(cb);
+
+ /* set classid as out argument */
+ if (classid && !*classid)
+ *classid = result_classid;
+
+ snprintf(buf, sizeof(buf), "%s/%s", cgroup, subdir);
+ return cgroup_write_node_uint32(buf, CLASSID_FILE_NAME, result_classid);
+}
+
+static stc_error_e __get_classid_from_cgroup(const char *cgroup,
+ const char *subdir, uint32_t *classid)
+{
+ char buf[MAX_PATH_LENGTH];
+ snprintf(buf, sizeof(buf), "%s/%s", cgroup, subdir);
+
+ int ret = cgroup_read_node_uint32(buf, CLASSID_FILE_NAME, classid);
+ if (ret < 0) {
+ *classid = STC_UNKNOWN_CLASSID;
+ return STC_ERROR_NO_DATA;
+ }
+
+ return STC_ERROR_NONE;
+}
+
+API stc_error_e init_current_classid(void)
+{
+ int ret = 0;
+ struct stat stat_buf;
+
+ if (stat(STC_CGROUP_NETWORK, &stat_buf) != 0) {
+ uint32_t classid = STC_RESERVED_CLASSID_MAX;
+ ret = fwrite_uint(CUR_CLASSID_PATH, classid);
+ if (ret < 0) {
+ STC_LOGE("Can not init current classid"); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+ }
+
+ return STC_ERROR_NONE;
+}
+
+API uint32_t get_classid_by_app_id(const char *app_id, int create)
+{
+ bool exists;
+ int ret = STC_ERROR_NONE;
+ uint32_t classid = STC_UNKNOWN_CLASSID;
+ const char *path_to_net_cgroup_dir = NULL;
+
+ if (app_id == NULL)
+ return STC_UNKNOWN_CLASSID;
+
+ if (!strcmp(app_id, STC_TOTAL_BACKGROUND))
+ return STC_BACKGROUND_APP_CLASSID;
+
+ if (!strcmp(app_id, STC_TOTAL_DATACALL))
+ return STC_TOTAL_DATACALL_CLASSID;
+
+ if (!strcmp(app_id, STC_TOTAL_WIFI))
+ return STC_TOTAL_WIFI_CLASSID;
+
+ if (!strcmp(app_id, STC_TOTAL_BLUETOOTH))
+ return STC_TOTAL_BLUETOOTH_CLASSID;
+
+ if (!strcmp(app_id, STC_TOTAL_IPV4))
+ return STC_TOTAL_IPV4_CLASSID;
+
+ if (!strcmp(app_id, STC_TOTAL_IPV6))
+ return STC_TOTAL_IPV6_CLASSID;
+
+ if (!strcmp(app_id, STC_TOTAL_TETHERING))
+ return STC_TETHERING_APP_CLASSID;
+
+ if (strstr(app_id, STC_BACKGROUND_APP_SUFFIX))
+ path_to_net_cgroup_dir = BACKGROUND_CGROUP_NETWORK;
+ else if (strstr(app_id, STC_TETHERING_APP_SUFFIX))
+ path_to_net_cgroup_dir = TETHERING_CGROUP_NETWORK;
+ else
+ path_to_net_cgroup_dir = FOREGROUND_CGROUP_NETWORK;
+
+ /* just read */
+ if (!create)
+ ret = __get_classid_from_cgroup(path_to_net_cgroup_dir, //LCOV_EXCL_LINE
+ app_id, &classid);
+
+ if (ret != STC_ERROR_NONE)
+ return STC_UNKNOWN_CLASSID;
+
+ if (classid != STC_UNKNOWN_CLASSID)
+ return classid;
+
+ ret = cgroup_make_subdir(path_to_net_cgroup_dir, (char *)app_id,
+ &exists);
+ if (ret)
+ goto handle_error;
+
+ if (exists)
+ ret = __get_classid_from_cgroup(path_to_net_cgroup_dir,
+ app_id, &classid);
+ else
+ ret = __place_classid_to_cgroup(path_to_net_cgroup_dir,
+ (char *)app_id, &classid, NULL);
+ if (ret)
+ goto handle_error; //LCOV_EXCL_LINE
+
+ return classid;
+
+handle_error:
+ if (STC_DEBUG_LOG)
+ STC_LOGE("error_code: [%d]", ret); //LCOV_EXCL_LINE
+ return STC_UNKNOWN_CLASSID; //LCOV_EXCL_LINE
+}
+
+API stc_error_e place_pids_to_net_cgroup(const int pid, const char *app_id)
+{
+ char child_buf[21 + MAX_DEC_SIZE(int) + MAX_DEC_SIZE(int) + 1];
+ const char *path_to_net_cgroup_dir = NULL;
+
+ snprintf(child_buf, sizeof(child_buf), PROC_TASK_CHILDREN, pid, pid);
+
+ if (app_id == NULL) {
+ STC_LOGE("package name must be not empty"); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ if (strstr(app_id, STC_BACKGROUND_APP_SUFFIX))
+ path_to_net_cgroup_dir = BACKGROUND_CGROUP_NETWORK;
+ else if (strstr(app_id, STC_TETHERING_APP_SUFFIX))
+ path_to_net_cgroup_dir = TETHERING_CGROUP_NETWORK;
+ else
+ path_to_net_cgroup_dir = FOREGROUND_CGROUP_NETWORK; //LCOV_EXCL_LINE
+
+ if (access(child_buf, F_OK))
+ return cgroup_write_pid(path_to_net_cgroup_dir, app_id, pid);
+
+ return cgroup_write_pidtree(path_to_net_cgroup_dir, app_id, pid); //LCOV_EXCL_LINE
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_HELPER_NET_CLS_H__
+#define __STC_HELPER_NET_CLS_H__
+
+#include <sys/types.h>
+#include <glib.h>
+#include <stdbool.h>
+
+#include "stc-manager.h"
+
+#define PATH_TO_NET_CGROUP_DIR CGROUP_NETWORK
+
+enum {
+ ERROR_CANT_CREATE_NL_SOCKET = 1,
+ ERROR_UPDATE_PID_LIST = 2,
+ ERROR_UPDATE_CLASSIDS_LIST = 3,
+};
+
+typedef GArray int_array;
+
+stc_error_e init_current_classid(void);
+
+/**
+ * @desc take classid from net_cls cgroup by appid
+ * This function converts appid to pkgname.
+ * @param pkg_name - name of the cgroup
+ * @param create - in case of true - create cgroup if it's not exists
+ * @return classid
+ */
+uint32_t get_classid_by_app_id(const char *app_id, int create);
+
+typedef gboolean(*check_classid_used_cb)(guint32 classid);
+
+stc_error_e place_pids_to_net_cgroup(const int pid, const char *pkg_name);
+
+#endif /*__STC_HELPER_NET_CLS_H__*/
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <inttypes.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#include <arpa/inet.h>
+
+#include "counter.h"
+#include "helper-nfacct-rule.h"
+#include "helper-iptables.h"
+
+#include "configure_stub.h"
+
+#define IPTABLES "/usr/sbin/iptables"
+#define IP6TABLES "/usr/sbin/ip6tables"
+#define IPTABLES_CHECK "-C"
+#define APPEND "-A"
+#define DELETE "-D"
+#define INSERT "-I"
+
+#define NFACCT_NAME_MOD " -m nfacct --nfacct-name %s"
+#define REJECT_RULE "REJECT"
+#define ACCEPT_RULE "ACCEPT"
+#define OUT_RULE "OUTPUT"
+#define IN_RULE "INPUT"
+#define FORWARD_RULE "FORWARD"
+
+/* TODO idea to use the same rule both for BLOCK (REJECT) and WARNING (ACCEPT) */
+#define RULE_APP_OUT "%s -w %s OUTPUT -o %s -m cgroup --cgroup %u %s %s"
+#define RULE_APP_IN "%s -w %s INPUT -i %s -m cgroup --cgroup %u %s %s"
+
+/* iptables -w [I/A/D] [OUTPUT/FORWARD/INPUT] -o/-i iface -m nfacct --nfacct-name name -j ACCEPT/REJECT */
+
+#define RULE_IFACE_OUT "%s -w %s %s -o %s %s %s"
+#define RULE_IFACE_IN "%s -w %s %s -i %s %s %s"
+
+#define NFNL_SUBSYS_ACCT 7
+#define BUF_SIZE_FOR_ERR 100
+
+static void prepare_netlink_msg(struct genl *req, int type, int flag)
+{
+ int seq = time(NULL);
+ memset(req, 0, sizeof(struct genl));
+ req->n.nlmsg_len = NLMSG_LENGTH(GENL_HDRLEN);
+ req->n.nlmsg_type = (NFNL_SUBSYS_ACCT << 8) | type;
+ req->n.nlmsg_flags = NLM_F_REQUEST | flag;
+ req->n.nlmsg_seq = seq;
+}
+
+static void add_value_attr(struct genl *req, const void *data, int len,
+ int type)
+{
+ int payload;
+ /* get tail */
+ struct nlattr *na = (struct nlattr *)((char *)req +
+ NLMSG_ALIGN(req->n.nlmsg_len));
+
+ na->nla_type = type;
+ payload = len + NLA_HDRLEN;
+ na->nla_len = payload;
+ memcpy(NLA_DATA(na), data, len);
+ req->n.nlmsg_len += NLMSG_ALIGN(payload);
+}
+
+/*
+ * following 2 function should be used in combination.
+ * start_nest_attr returns nlattr structure, which should be completed by
+ * end_nest_attr,
+ * before these invocations any number of netlink arguments could be inserted
+ * */
+static struct nlattr *start_nest_attr(struct genl *req, uint16_t type)
+{
+ struct nlattr *start = (struct nlattr *)((char *)req +
+ NLMSG_ALIGN(req->n.nlmsg_len));
+
+ start->nla_type = NLA_F_NESTED | type;
+ req->n.nlmsg_len += NLMSG_ALIGN(sizeof(struct nlattr));
+ return start;
+}
+
+static void end_nest_attr(struct genl *req, struct nlattr *start)
+{
+ start->nla_len = (__u16)((char *)req +
+ NLMSG_ALIGN(req->n.nlmsg_len) - (char *)start);
+}
+
+static void add_string_attr(struct genl *req, const char *str, int type)
+{
+ add_value_attr(req, str, strlen(str) + 1, type);
+}
+
+static void add_uint64_attr(struct genl *req, const long long unsigned int v, int type)
+{
+ add_value_attr(req, &v, sizeof(v), type);
+}
+
+/* macros or templare, due uint64 and uint32 is the same functions */
+static void add_uint32_attr(struct genl *req, const uint32_t v, int type)
+{
+ add_value_attr(req, &v, sizeof(v), type);
+}
+
+static stc_error_e send_nfacct_request(int sock, struct genl *req)
+{
+ struct sockaddr_nl nladdr = {.nl_family = AF_NETLINK};
+ int ret = sendto(sock, (char *)(&req->n), req->n.nlmsg_len, 0,
+ (struct sockaddr *)&nladdr, sizeof(nladdr));
+ ret_value_msg_if(ret < 0, STC_ERROR_FAIL,
+ "Failed to send nfacct request, error [%d]", ret);
+
+ return STC_ERROR_NONE;
+}
+
+static stc_error_e nfacct_send_new(nfacct_rule_s *counter)
+{
+ int ret = STC_ERROR_NONE;
+ struct genl *req = MALLOC0(struct genl, 1);
+ if (req == NULL) {
+ STC_LOGE("Failed allocate memory to genl request message"); //LCOV_EXCL_LINE
+ return STC_ERROR_OUT_OF_MEMORY; //LCOV_EXCL_LINE
+ }
+
+ prepare_netlink_msg(req, NFNL_MSG_ACCT_NEW, NLM_F_CREATE | NLM_F_ACK);
+ add_string_attr(req, counter->name, NFACCT_NAME);
+
+ /* padding */
+ add_uint64_attr(req, 0, NFACCT_PKTS);
+ add_uint64_attr(req, 0, NFACCT_BYTES);
+ //LCOV_EXCL_START
+ if (counter->quota) {
+ STC_LOGD("quota bytes %lld", counter->quota);
+
+ add_uint32_attr(req, htobe32(NFACCT_F_QUOTA_BYTES),
+ NFACCT_FLAGS);
+ add_uint64_attr(req, htobe64(counter->quota), NFACCT_QUOTA);
+ }
+ //LCOV_EXCL_STOP
+
+ ret = send_nfacct_request(counter->carg->sock, req);
+ FREE(req);
+ return ret;
+}
+
+stc_error_e nfacct_send_del(nfacct_rule_s *counter)
+{
+ int ret = STC_ERROR_NONE;
+ struct genl *req = MALLOC0(struct genl, 1);
+ if (req == NULL) {
+ STC_LOGE("Failed allocate memory to genl request message"); //LCOV_EXCL_LINE
+ return STC_ERROR_OUT_OF_MEMORY; //LCOV_EXCL_LINE
+ }
+
+ prepare_netlink_msg(req, NFNL_MSG_ACCT_DEL, NLM_F_ACK);
+ add_string_attr(req, counter->name, NFACCT_NAME);
+
+ ret = send_nfacct_request(counter->carg->sock, req);
+ FREE(req);
+ return ret;
+}
+#define NFACCT_F_QUOTAS (NFACCT_F_QUOTA_BYTES | NFACCT_F_QUOTA_PKTS)
+
+static stc_error_e internal_nfacct_send_get(struct counter_arg *carg,
+ enum nfnl_acct_msg_types get_type,
+ const char *name,
+ int mask, int filter)
+{
+ int ret = STC_ERROR_NONE;
+ struct nlattr *na;
+ int flag = !name ? NLM_F_DUMP : 0;
+ struct genl *req = MALLOC0(struct genl, 1);
+ if (req == NULL) {
+ STC_LOGE("Failed allocate memory to genl request message"); //LCOV_EXCL_LINE
+ return STC_ERROR_OUT_OF_MEMORY; //LCOV_EXCL_LINE
+ }
+
+ prepare_netlink_msg(req, get_type, flag);
+ /* due we don't get counter with quota any where else,
+ * here we will request just counters by default */
+ if (name)
+ add_string_attr(req, name, NFACCT_NAME);
+
+ na = start_nest_attr(req, NFACCT_FILTER);
+ add_uint32_attr(req, htonl(mask), NFACCT_FILTER_ATTR_MASK);
+ add_uint32_attr(req, htonl(filter), NFACCT_FILTER_ATTR_VALUE);
+ end_nest_attr(req, na);
+
+ ret = send_nfacct_request(carg->sock, req);
+ FREE(req);
+ return ret;
+}
+
+stc_error_e nfacct_send_get_counters(struct counter_arg *carg, const char *name)
+{
+ /* get and reset countes value */
+ return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET_CTRZERO, name,
+ NFACCT_F_QUOTAS, 0);
+}
+
+stc_error_e nfacct_send_get_quotas(struct counter_arg *carg, const char *name)
+{
+ /* just get counters */
+ return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET, name,
+ NFACCT_F_QUOTA_BYTES,
+ NFACCT_F_QUOTA_BYTES);
+}
+
+API stc_error_e nfacct_send_get_all(struct counter_arg *carg)
+{
+ /* get and reset everything, used when quiting */
+ return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET_CTRZERO, NULL,
+ 0, 0);
+}
+
+stc_error_e nfacct_send_get(nfacct_rule_s *rule)
+{
+ if (rule->intend == NFACCT_BLOCK || rule->intend == NFACCT_WARN)
+ return nfacct_send_get_quotas(rule->carg, rule->name);
+ else if (rule->intend == NFACCT_COUNTER)
+ return nfacct_send_get_counters(rule->carg, rule->name);
+
+ return STC_ERROR_INVALID_PARAMETER;
+}
+
+static nfacct_rule_direction convert_to_iotype(int type)
+{
+ return (type < NFACCT_COUNTER_LAST_ELEM &&
+ type > NFACCT_COUNTER_UNKNOWN) ? type : NFACCT_COUNTER_UNKNOWN;
+}
+
+static stc_iface_type_e convert_to_iftype(int type)
+{
+ return (type < STC_IFACE_LAST_ELEM &&
+ type > STC_IFACE_UNKNOWN) ? type : STC_IFACE_UNKNOWN;
+}
+
+API bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt)
+{
+ char *iftype_part;
+ char *classid_part;
+ char *io_part;
+ char *ifname_part;
+ char *save_ptr = NULL;
+ char name[NFACCT_NAME_MAX] = {0}; /* parse buffer to avoid cnt_name modification */
+
+ strncpy(name, cnt_name, sizeof(name) - 1);
+
+ switch (name[0]) {
+ case 'c':
+ cnt->intend = NFACCT_COUNTER;
+ break;
+ case 'w':
+ cnt->intend = NFACCT_WARN;
+ break;
+ case 'r':
+ cnt->intend = NFACCT_BLOCK;
+ break;
+ case 'a':
+ cnt->intend = NFACCT_ALLOW;
+ break;
+ case 't':
+ cnt->intend = NFACCT_TETH_COUNTER; //LCOV_EXCL_LINE
+ break; //LCOV_EXCL_LINE
+ default:
+ return false;
+ }
+
+ STRING_SAVE_COPY(cnt->name, cnt_name);
+
+#if 0
+ /* ========================================================
+ * NOTE:-
+ * Below parsing for tethering case is not in use
+ * stc-manager needs to ignore this for NFACCT_TETH_COUNTER
+ * this is disbaled for future use.
+ * =======================================================*/
+
+ //LCOV_EXCL_START
+ if (cnt->intend == NFACCT_TETH_COUNTER) {
+ char ifname_buf[MAX_IFACE_LENGTH];
+ int ifname_len;
+ stc_iface_type_e iface;
+ /* tbnep+:seth_w0; means comes by bt go away by mobile interface,
+ * it's outgoing traffic, due all tethering is mobile databased */
+ iftype_part = strchr(name, ':');
+ ret_value_msg_if(iftype_part == NULL,
+ false, "Invalid format of the tethering counter %s", name);
+ ifname_len = iftype_part - name - 1;
+ strncpy(ifname_buf, name + 1, ifname_len); /* skip first t */
+ ifname_buf[ifname_len] = '\0';
+ iface = get_iftype_by_name(ifname_buf);
+ /* check first part is it datacall */
+ if (iface == STC_IFACE_DATACALL) {
+ strncpy(cnt->ifname, ifname_buf, MAX_IFACE_LENGTH - 1);
+ cnt->iotype = NFACCT_COUNTER_IN;
+ } else {
+ /* +1, due : symbol and till the end of cnt_name */
+ strncpy(ifname_buf, iftype_part + 1, MAX_IFACE_LENGTH - 1);
+ iface = get_iftype_by_name(ifname_buf);
+ if (iface == STC_IFACE_DATACALL) {
+ cnt->iotype = NFACCT_COUNTER_OUT;
+ strncpy(cnt->ifname, ifname_buf, MAX_IFACE_LENGTH - 1);
+ }
+ }
+
+ if (cnt->iotype == NFACCT_COUNTER_UNKNOWN) {
+ STC_LOGE("can't determine tethering direction %s", name);
+ return false;
+ }
+ cnt->iftype = STC_IFACE_DATACALL;
+ cnt->classid = STC_TETHERING_APP_CLASSID;
+ return true;
+ }
+ //LCOV_EXCL_STOP
+#endif
+
+ io_part = strtok_r(name, "_", &save_ptr);
+ if (io_part != NULL)
+ cnt->iotype = convert_to_iotype(atoi(io_part + 1));
+ else
+ return false;
+
+ iftype_part = strtok_r(NULL, "_", &save_ptr);
+ if (iftype_part != NULL)
+ cnt->iftype = convert_to_iftype(atoi(iftype_part));
+ else
+ return false;
+
+ classid_part = strtok_r(NULL, "_", &save_ptr);
+ if (classid_part != NULL)
+ cnt->classid = atoi(classid_part);
+ else {
+ cnt->classid = STC_ALL_APP_CLASSID;
+ return cnt->intend == NFACCT_BLOCK ? true : false;
+ }
+
+ ifname_part = strtok_r(NULL, "\0", &save_ptr);
+ if (ifname_part != NULL)
+ STRING_SAVE_COPY(cnt->ifname, ifname_part);
+ else
+ return false;
+
+ return true;
+}
+
+static void _process_answer(struct netlink_serialization_params *params)
+{
+ struct rtattr *na;
+ struct rtattr *attr_list[__NFACCT_MAX] = {0};
+ struct counter_arg *carg = params->carg;
+ struct genl *ans = params->ans;;
+ struct nlmsghdr *nlhdr = &ans->n;
+ int len = GENLMSG_PAYLOAD(nlhdr);
+ int ans_len = carg->ans_len;
+
+ if (len == 0)
+ return;
+
+ /* parse reply message */
+ na = (struct rtattr *)GENLMSG_DATA(ans);
+
+ while (NLMSG_OK(nlhdr, ans_len)) {
+ fill_attribute_list(attr_list, NFACCT_MAX,
+ na, len);
+ if (!attr_list[NFACCT_NAME] ||
+ !attr_list[NFACCT_BYTES])
+ goto next;
+ params->eval_attr(attr_list, carg);
+
+next:
+ nlhdr = NLMSG_NEXT(nlhdr, ans_len);
+ if (ans_len < 0)
+ break;
+ na = (struct rtattr *)GENLMSG_DATA(nlhdr);
+ }
+
+ if (params->post_eval_attr)
+ params->post_eval_attr(carg);
+}
+
+API netlink_serialization_command *
+netlink_create_command(struct netlink_serialization_params *params)
+{
+ static netlink_serialization_command command = {0,};
+ command.deserialize_answer = _process_answer;
+ command.params = *params;
+ return &command;
+}
+
+static char *get_iptables_cmd(const nfacct_rule_action action)
+{
+ if (action == NFACCT_ACTION_APPEND)
+ return APPEND;
+ else if (action == NFACCT_ACTION_DELETE)
+ return DELETE;
+ else if (action == NFACCT_ACTION_INSERT)
+ return INSERT;
+
+ return "";
+}
+
+static char *get_iptables_chain(uint32_t classid,
+ const nfacct_rule_direction iotype,
+ const stc_app_state_e app_state,
+ const nfacct_rule_intend intend)
+{
+ if (iotype == NFACCT_COUNTER_IN) {
+ if (intend == NFACCT_COUNTER ||
+ intend == NFACCT_TETH_COUNTER) {
+ if (app_state == STC_APP_STATE_FOREGROUND)
+ return STC_IN_FG_CHAIN;
+ else
+ return STC_IN_BG_CHAIN;
+ } else if (intend == NFACCT_ALLOW ||
+ intend == NFACCT_TETH_ALLOW) {
+ return STC_IN_ACCEPT_CHAIN;
+ } else {
+ if (classid == STC_BACKGROUND_APP_CLASSID)
+ return STC_IN_BG_DROP_CHAIN;
+ else
+ return STC_IN_DROP_CHAIN;
+ }
+ } else if (iotype == NFACCT_COUNTER_OUT) {
+ if (intend == NFACCT_COUNTER ||
+ intend == NFACCT_TETH_COUNTER) {
+ if (app_state == STC_APP_STATE_FOREGROUND)
+ return STC_OUT_FG_CHAIN;
+ else
+ return STC_OUT_BG_CHAIN;
+ } else if (intend == NFACCT_ALLOW ||
+ intend == NFACCT_TETH_ALLOW) {
+ return STC_OUT_ACCEPT_CHAIN;
+ } else {
+ if (classid == STC_BACKGROUND_APP_CLASSID)
+ return STC_OUT_BG_DROP_CHAIN;
+ else
+ return STC_OUT_DROP_CHAIN;
+ }
+ } else if (iotype == NFACCT_COUNTER_FORWARD)
+ return STC_FRWD_CHAIN;
+
+ return "";
+}
+
+static char *get_iptables_jump(const nfacct_rule_jump jump)
+{
+ if (jump == NFACCT_JUMP_ACCEPT)
+ return ACCEPT_RULE;
+ else if (jump == NFACCT_JUMP_REJECT)
+ return REJECT_RULE;
+
+ return "";
+}
+
+/*
+static char *choose_iftype_name(nfacct_rule_s *rule)
+{
+ return strlen(rule->ifname) != 0 ? rule->ifname :
+ get_iftype_name(rule->iftype);
+}
+*/
+
+static stc_error_e exec_iptables_cmd(nfacct_rule_s *rule)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+ iptables_ip_type_e iptype;
+ iptables_rule_s iptables_rule;
+ memset(&iptables_rule, 0, sizeof(iptables_rule_s));
+
+ iptables_rule.nfacct_name = g_strdup(rule->name);
+ iptables_rule.ifname = g_strdup(rule->ifname);
+ iptables_rule.target = g_strdup(get_iptables_jump(rule->jump));
+
+ /* In case of tehering rules use chain 'STC_TETHER' */
+ if (rule->intend == NFACCT_TETH_COUNTER ||
+ rule->intend == NFACCT_TETH_ALLOW ||
+ rule->intend == NFACCT_TETH_BLOCK)
+ iptables_rule.chain = g_strdup(STC_TETHER_CHAIN);
+ else
+ iptables_rule.chain = g_strdup(get_iptables_chain(rule->classid,
+ rule->iotype, rule->app_state, rule->intend));
+
+ if (rule->classid < STC_RESERVED_CLASSID_MAX)
+ iptables_rule.classid = STC_UNKNOWN_CLASSID;
+ else
+ iptables_rule.classid = rule->classid;
+ iptables_rule.direction = (rule->iotype & NFACCT_COUNTER_IN) ?
+ IPTABLES_DIRECTION_IN : IPTABLES_DIRECTION_OUT;
+ iptype = (iptables_ip_type_e)rule->iptype;
+
+ /* specify the ip range type for source and destination */
+ iptables_rule.s_iprange_type = rule->src_iprange_type;
+ iptables_rule.d_iprange_type = rule->dst_iprange_type;
+
+ /* specify source and destination ip address if any */
+ if (rule->src_ip1) {
+ if (!inet_aton(rule->src_ip1, &iptables_rule.s_ip1)) {
+ ret = STC_ERROR_INVALID_PARAMETER;
+ goto free;
+ }
+ }
+
+ if (rule->src_ip2) {
+ if (!inet_aton(rule->src_ip2, &iptables_rule.s_ip2)) {
+ ret = STC_ERROR_INVALID_PARAMETER;
+ goto free;
+ }
+ }
+
+ if (rule->dst_ip1) {
+ if (!inet_aton(rule->dst_ip1, &iptables_rule.d_ip1)) {
+ ret = STC_ERROR_INVALID_PARAMETER;
+ goto free;
+ }
+ }
+
+ if (rule->dst_ip2) {
+ if (!inet_aton(rule->dst_ip2, &iptables_rule.d_ip2)) {
+ ret = STC_ERROR_INVALID_PARAMETER;
+ goto free;
+ }
+ }
+
+ if (rule->action == NFACCT_ACTION_DELETE) {
+ /* delete interface rule */
+ ret = iptables_remove(&iptables_rule, iptype);
+ } else {
+ /* add interface rule */
+ ret = iptables_add(&iptables_rule, iptype);
+ }
+
+free:
+ g_free(iptables_rule.nfacct_name);
+ g_free(iptables_rule.ifname);
+ g_free(iptables_rule.target);
+ g_free(iptables_rule.chain);
+
+ return ret;
+}
+
+static stc_error_e produce_app_rule(nfacct_rule_s *rule)
+{
+ if (rule == NULL)
+ return STC_ERROR_INVALID_PARAMETER;
+
+ char *set_cmd = get_iptables_cmd(rule->action);
+ char *jump_cmd = get_iptables_jump(rule->jump);
+ char nfacct_buf[sizeof(NFACCT_NAME_MOD) +
+ 3*MAX_DEC_SIZE(int) + 4 + 1];
+ stc_error_e ret = STC_ERROR_NONE;
+ uint32_t classid = rule->classid;
+
+ /* income part */
+ if (rule->iotype & NFACCT_COUNTER_IN) {
+ rule->quota = rule->rcv_limit;
+ rule->iotype = NFACCT_COUNTER_IN;
+ generate_counter_name(rule);
+
+ /* to support quated counter we need nfacct,
+ * don't use it in case of just block without a limit
+ * iow, send_limit = 0 and rcv_limit 0 */
+ if (rule->action != NFACCT_ACTION_DELETE) {
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+
+ ret = nfacct_send_new(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't set nfacct counter");
+ keep_counter(rule);
+ }
+
+ /* we have a counter, let's key in a rule, drop in case of
+ * send_limit/rcv_limit */
+ ret = snprintf(nfacct_buf, sizeof(nfacct_buf), NFACCT_NAME_MOD,
+ rule->name);
+ ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
+ STC_ERROR_FAIL, "Not enought buffer");
+
+ /* cgroup extention on FORWARD chain are not allowed
+ * remove classid info in case of tethering rules */
+ if (rule->intend == NFACCT_TETH_COUNTER ||
+ rule->intend == NFACCT_TETH_ALLOW ||
+ rule->intend == NFACCT_TETH_BLOCK) {
+ classid = rule->classid;
+ rule->classid = 0;
+ }
+
+ ret = exec_iptables_cmd(rule);
+
+ /* restore the classid info in case of tethering rule */
+ if (rule->intend == NFACCT_TETH_COUNTER ||
+ rule->intend == NFACCT_TETH_ALLOW ||
+ rule->intend == NFACCT_TETH_BLOCK)
+ rule->classid = classid;
+
+ ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
+ "Can't set conditional block for ingress"
+ " traffic, for classid %u, cmd %s, j %s",
+ rule->classid, set_cmd, jump_cmd);
+
+ /* remove in any case */
+ if (rule->action == NFACCT_ACTION_DELETE) {
+ /* TODO here and everywhere should be not just a del,
+ * here should be get counted value and than
+ * set new counter with that value, but it's minor issue,
+ * due it's not clear when actual counters was stored,
+ * and based on which value settings made such decition */
+ rule->iptables_rule = nfacct_send_del;
+ set_finalize_flag(rule);
+ nfacct_send_get(rule);
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+ }
+ }
+
+ if (rule->iotype & NFACCT_COUNTER_OUT) {
+ /* outcome part */
+ rule->iotype = NFACCT_COUNTER_OUT;
+ rule->quota = rule->send_limit;
+ generate_counter_name(rule);
+ if (rule->action != NFACCT_ACTION_DELETE) {
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+
+ ret = nfacct_send_new(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't set quota counter");
+ keep_counter(rule);
+ }
+
+ ret = snprintf(nfacct_buf, sizeof(nfacct_buf), NFACCT_NAME_MOD,
+ rule->name);
+ ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
+ STC_ERROR_FAIL, "Not enought buffer");
+
+ /* cgroup extention on FORWARD chain are not allowed
+ * remove classid info in case of tethering rules */
+ if (rule->intend == NFACCT_TETH_COUNTER ||
+ rule->intend == NFACCT_TETH_ALLOW ||
+ rule->intend == NFACCT_TETH_BLOCK) {
+ classid = rule->classid;
+ rule->classid = 0;
+ }
+
+ ret = exec_iptables_cmd(rule);
+
+ /* restore the classid info in case of tethering rule */
+ if (rule->intend == NFACCT_TETH_COUNTER ||
+ rule->intend == NFACCT_TETH_ALLOW ||
+ rule->intend == NFACCT_TETH_BLOCK)
+ rule->classid = classid;
+
+ ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
+ "Can't set conditional block for engress"
+ " traffic, for classid %u, cmd %s, j %s",
+ rule->classid, set_cmd, jump_cmd);
+
+ if (rule->action == NFACCT_ACTION_DELETE) {
+ rule->iptables_rule = nfacct_send_del;
+ /* not effective, it's better to replace
+ * set_finalize_flag by set_property,
+ * due keep_counter it necessary only for
+ * setting iptables_rule */
+ set_finalize_flag(rule);
+ nfacct_send_get(rule);
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+ }
+ }
+ return STC_ERROR_NONE;
+}
+
+static stc_error_e produce_iface_rule(nfacct_rule_s *rule)
+{
+ if (rule == NULL)
+ return STC_ERROR_INVALID_PARAMETER;
+
+ char *set_cmd = get_iptables_cmd(rule->action);
+ char *jump_cmd = get_iptables_jump(rule->jump);
+ char nfacct_buf[sizeof(NFACCT_NAME_MOD) +
+ 3*MAX_DEC_SIZE(int) + 4 + 1];
+ stc_error_e ret;
+
+ if (rule->iotype & NFACCT_COUNTER_IN) {
+ /* income part */
+ rule->iotype = NFACCT_COUNTER_IN;
+ rule->quota = rule->rcv_limit;
+ generate_counter_name(rule);
+
+ if (rule->action != NFACCT_ACTION_DELETE) {
+ /* send delete comman in case of creation,
+ * because nfacct doesn't reset value for nfacct quota
+ * in case of quota existing */
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+
+ ret = nfacct_send_new(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't set quota counter");
+ keep_counter(rule);
+ }
+
+ ret = snprintf(nfacct_buf, sizeof(nfacct_buf),
+ NFACCT_NAME_MOD, rule->name);
+ ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
+ STC_ERROR_FAIL, "Not enought buffer");
+
+ ret = exec_iptables_cmd(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
+ "Can't set conditional block for ingress"
+ " traffic, for iftype %d, cmd %s, j %s",
+ rule->iftype, set_cmd, jump_cmd);
+
+ //LCOV_EXCL_START
+ /* for tethering */
+ if (rule->intend == NFACCT_WARN ||
+ rule->intend == NFACCT_BLOCK) {
+ /* RULE_IFACE_OUT is not a misprint here */
+ nfacct_rule_direction temp_iotype = rule->iotype;
+
+ rule->iotype = NFACCT_COUNTER_FORWARD;
+ ret = exec_iptables_cmd(rule);
+ rule->iotype = temp_iotype;
+ ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
+ "Can't set forward rule for ingress "
+ "traffic, for iftype %d, cmd %s, j %s",
+ rule->iftype, set_cmd, jump_cmd);
+ }
+ /* tethering */
+
+ if (rule->action == NFACCT_ACTION_DELETE) {
+ rule->iptables_rule = nfacct_send_del;
+ set_finalize_flag(rule);
+ nfacct_send_get(rule);
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+ }
+ //LCOV_EXCL_STOP
+ }
+
+ if (rule->iotype & NFACCT_COUNTER_OUT) {
+ /* outcome part */
+ rule->iotype = NFACCT_COUNTER_OUT;
+ rule->quota = rule->send_limit;
+ generate_counter_name(rule);
+
+ if (rule->action != NFACCT_ACTION_DELETE) {
+ /* send delete comman in case of creation,
+ * because nfacct doesn't reset value for nfacct quota
+ * in case of quota existing */
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+
+ ret = nfacct_send_new(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't set quota counter");
+ keep_counter(rule);
+ }
+
+ ret = snprintf(nfacct_buf, sizeof(nfacct_buf),
+ NFACCT_NAME_MOD, rule->name);
+ ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
+ STC_ERROR_FAIL, "Not enough buffer");
+
+ ret = exec_iptables_cmd(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
+ "Can't set conditional block for "
+ "engress traffic, for iftype %d, cmd %s, j %s",
+ rule->iftype, set_cmd, jump_cmd);
+
+ //LCOV_EXCL_START
+ /* for tethering */
+ if (rule->intend == NFACCT_WARN ||
+ rule->intend == NFACCT_BLOCK) {
+ nfacct_rule_direction temp_iotype = rule->iotype;
+
+ rule->iotype = NFACCT_COUNTER_OUT;
+ ret = exec_iptables_cmd(rule);
+ rule->iotype = temp_iotype;
+ ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
+ "Can't set forward rule for engress "
+ "traffic, for iftype %d, cmd %s, j %s",
+ rule->iftype, set_cmd, jump_cmd);
+ }
+ /* tethering */
+
+ if (rule->action == NFACCT_ACTION_DELETE) {
+ rule->iptables_rule = nfacct_send_del;
+ set_finalize_flag(rule);
+ nfacct_send_get(rule);
+ ret = nfacct_send_del(rule);
+ ret_value_msg_if(ret != STC_ERROR_NONE, ret,
+ "can't del quota counter");
+ }
+ //LCOV_EXCL_STOP
+ }
+
+ return STC_ERROR_NONE;
+}
+
+API stc_error_e produce_net_rule(nfacct_rule_s *rule)
+{
+ stc_error_e ret = STC_ERROR_NONE;
+
+ if (rule == NULL)
+ return STC_ERROR_INVALID_PARAMETER;
+
+ if (rule->action == NFACCT_ACTION_APPEND &&
+ rule->intend == NFACCT_WARN &&
+ !rule->send_limit && !rule->rcv_limit)
+ return STC_ERROR_NONE;
+
+ if (rule->classid != STC_ALL_APP_CLASSID &&
+ rule->classid != STC_TETHERING_APP_CLASSID &&
+ rule->classid != STC_BACKGROUND_APP_CLASSID &&
+ rule->classid != STC_TOTAL_DATACALL_CLASSID &&
+ rule->classid != STC_TOTAL_WIFI_CLASSID &&
+ rule->classid != STC_TOTAL_BLUETOOTH_CLASSID &&
+ rule->classid != STC_TOTAL_IPV4_CLASSID &&
+ rule->classid != STC_TOTAL_IPV6_CLASSID)
+ ret = produce_app_rule(rule);
+ else
+ ret = produce_iface_rule(rule);
+
+ return ret;
+}
+
+static stc_error_e append_iptables_cmd(GSList **iptables_list, nfacct_rule_s *rule)
+{
+ iptables_rule_s *iptables_rule = NULL;
+
+ iptables_rule = MALLOC0(iptables_rule_s, 1);
+ if (!iptables_rule)
+ return STC_ERROR_OUT_OF_MEMORY;
+
+ iptables_rule->nfacct_name = g_strdup(rule->name);
+ iptables_rule->ifname = g_strdup(rule->ifname);
+ iptables_rule->target = g_strdup(get_iptables_jump(rule->jump));
+ iptables_rule->chain = g_strdup(get_iptables_chain(rule->classid,
+ rule->iotype, rule->app_state, rule->intend));
+ if (rule->classid < STC_RESERVED_CLASSID_MAX)
+ iptables_rule->classid = STC_UNKNOWN_CLASSID;
+ else
+ iptables_rule->classid = rule->classid;
+ iptables_rule->direction = (rule->iotype & NFACCT_COUNTER_IN) ?
+ IPTABLES_DIRECTION_IN : IPTABLES_DIRECTION_OUT;
+
+ *iptables_list = g_slist_append(*iptables_list, iptables_rule);
+
+ return STC_ERROR_NONE;
+}
+
+static void iptables_list_free(gpointer value)
+{
+ iptables_rule_s *iptables_rule = (iptables_rule_s *)value;
+
+ g_free(iptables_rule->chain);
+ g_free(iptables_rule->nfacct_name);
+ g_free(iptables_rule->ifname);
+ g_free(iptables_rule->target);
+ g_free(iptables_rule);
+}
+
+API stc_error_e produce_net_list(GSList *rule_list,
+ nfacct_rule_iptype iptype, nfacct_rule_action action)
+{
+ GSList *list = NULL;
+ GSList *iptables_list = NULL;
+ stc_error_e ret = STC_ERROR_NONE;
+
+ for (list = rule_list; list; list = list->next) {
+ nfacct_rule_s *rule = list->data;
+
+ if (rule->action == NFACCT_ACTION_APPEND &&
+ rule->intend == NFACCT_WARN &&
+ !rule->send_limit && !rule->rcv_limit)
+ continue;
+
+ generate_counter_name(rule);
+ if (rule->action != NFACCT_ACTION_DELETE) {
+ ret = nfacct_send_del(rule);
+ if (ret != STC_ERROR_NONE)
+ continue;
+
+ ret = nfacct_send_new(rule);
+ if (ret != STC_ERROR_NONE)
+ continue;
+ }
+
+ append_iptables_cmd(&iptables_list, rule);
+ }
+
+ if (action == NFACCT_ACTION_INSERT ||
+ action == NFACCT_ACTION_APPEND)
+ ret = iptables_add_list(iptables_list, iptype);
+ else if (action == NFACCT_ACTION_DELETE)
+ ret = iptables_remove_list(iptables_list, iptype);
+
+ for (list = rule_list; list; list = list->next) {
+ nfacct_rule_s *rule = list->data;
+
+ if (rule->action == NFACCT_ACTION_DELETE)
+ nfacct_send_del(rule);
+ }
+
+ g_slist_free_full(iptables_list, iptables_list_free);
+ return ret;
+}
+
+void generate_counter_name(nfacct_rule_s *counter)
+{
+ char warn_symbol = 'c';
+ if (!strlen(counter->ifname)) {
+ char *iftype_name = get_iftype_name(counter->iftype);
+ /* trace counter name, maybe name was already generated */
+ ret_msg_if(iftype_name == NULL,
+ "Can't get interface name for counter %s, iftype %d)!",
+ counter->name, counter->iftype);
+ STRING_SAVE_COPY(counter->ifname, iftype_name);
+ }
+
+ if (counter->intend == NFACCT_WARN ||
+ counter->intend == NFACCT_TETH_WARN)
+ warn_symbol = 'w';
+ else if (counter->intend == NFACCT_BLOCK ||
+ counter->intend == NFACCT_TETH_BLOCK)
+ warn_symbol = 'r';
+ else if (counter->intend == NFACCT_ALLOW ||
+ counter->intend == NFACCT_TETH_ALLOW)
+ warn_symbol = 'a';
+ else if (counter->intend == NFACCT_TETH_COUNTER)
+ warn_symbol = 't';
+ snprintf(counter->name, NFACCT_NAME_MAX, "%c%d_%d_%d_%s",
+ warn_symbol, counter->iotype, counter->iftype,
+ counter->classid, counter->ifname);
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_NFACCT_RULE_H__
+#define __STC_NFACCT_RULE_H__
+
+#include "stc-db.h"
+
+#include <stdbool.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include "helper-nl.h"
+
+#define NFACCT_NAME_MAX 64
+
+typedef enum {
+ NFACCT_COUNTER_UNKNOWN,
+ NFACCT_COUNTER_IN = (1 << 1),
+ NFACCT_COUNTER_OUT = (1 << 2),
+ NFACCT_COUNTER_FORWARD = (1 << 3),
+ NFACCT_COUNTER_LAST_ELEM
+} nfacct_rule_direction;
+
+typedef enum {
+ NFACCT_ACTION_UNKNOWN,
+ NFACCT_ACTION_APPEND,
+ NFACCT_ACTION_DELETE,
+ NFACCT_ACTION_INSERT,
+ NFACCT_ACTION_LAST_ELEM,
+} nfacct_rule_action;
+
+typedef enum {
+ NFACCT_JUMP_UNKNOWN,
+ NFACCT_JUMP_ACCEPT,
+ NFACCT_JUMP_REJECT,
+ NFACCT_JUMP_LAST_ELEM,
+} nfacct_rule_jump;
+
+typedef enum {
+ NFACCT_COUNTER,
+ NFACCT_WARN,
+ NFACCT_BLOCK,
+ NFACCT_ALLOW,
+ NFACCT_TETH_COUNTER,
+ NFACCT_TETH_WARN,
+ NFACCT_TETH_BLOCK,
+ NFACCT_TETH_ALLOW,
+ NFACCT_RULE_LAST_ELEM,
+} nfacct_rule_intend;
+
+typedef enum {
+ NFACCT_TYPE_UNKNOWN,
+ NFACCT_TYPE_IPV4,
+ NFACCT_TYPE_IPV6,
+ NFACCT_TYPE_IPV4_IPV6,
+ NFACCT_TYPE_LAST_ELEM
+} nfacct_rule_iptype;
+
+typedef enum {
+ NFACCT_IPRANGE_TYPE_NONE,
+ NFACCT_IPRANGE_TYPE_SINGLE,
+ NFACCT_IPRANGE_TYPE_MASK,
+ NFACCT_IPRANGE_TYPE_RANGE,
+} nfacct_rule_iprange_type;
+
+enum nfnl_acct_flags {
+ NFACCT_F_QUOTA_PKTS = (1 << 0),
+ NFACCT_F_QUOTA_BYTES = (1 << 1),
+ NFACCT_F_OVERQUOTA = (1 << 2), /* can't be set from userspace */
+};
+
+/**
+ * it's better to have
+ * base nfacct_rule with following fields:
+ * name, ifname, pid, classid, iftype, intend, carg, iptables_rule
+ *
+ * and inherited nfacct_rule_counter and nfacct_rule_restriction
+ * with additional field:
+ * quota, quota_id, roaming, rstn_state
+ *
+ * But ANSI C doesn't support inheritance.
+ */
+struct nfacct_rule {
+ char name[NFACCT_NAME_MAX];
+ char ifname[MAX_IFACE_LENGTH];
+
+ pid_t pid;
+ uint32_t classid;
+ stc_iface_type_e iftype;
+ nfacct_rule_action action;
+ nfacct_rule_direction iotype;
+ nfacct_rule_intend intend;
+ nfacct_rule_jump jump; /* in most cases jump is evalutation based on intend, but not always */
+ stc_app_state_e app_state;
+ stc_rstn_state_e rstn_state;
+ nfacct_rule_iptype iptype;
+ nfacct_rule_iprange_type src_iprange_type;
+ nfacct_rule_iprange_type dst_iprange_type;
+ char *src_ip1;
+ char *src_ip2;
+ char *dst_ip1;
+ char *dst_ip2;
+
+ struct counter_arg *carg;
+ stc_error_e(*iptables_rule)(struct nfacct_rule *counter);
+ long long int quota;
+ int quota_id;
+ stc_roaming_type_e roaming;
+
+ long long int send_limit;
+ long long int rcv_limit;
+};
+
+typedef struct nfacct_rule nfacct_rule_s;
+
+struct counter_arg;
+
+void generate_counter_name(nfacct_rule_s *counter);
+bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *counter);
+
+stc_error_e nfacct_send_get_all(struct counter_arg *carg);
+stc_error_e produce_net_rule(nfacct_rule_s *rule);
+stc_error_e produce_net_list(GSList *rule_list,
+ nfacct_rule_iptype iptype, nfacct_rule_action action);
+
+netlink_serialization_command *
+netlink_create_command(struct netlink_serialization_params *params);
+
+#endif /* __STC_NFACCT_RULE_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "helper-nl.h"
+
+#include <unistd.h>
+#include <linux/rtnetlink.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#define NETLINK_SOCK_RETRY_COUNT 3
+
+int __create_netlink(int protocol, uint32_t groups, int retry)
+{
+ /**
+ * TODO it's one socket, in future make set of sockets
+ * unique for protocol and groups
+ */
+ int sock;
+
+ if (retry <= 0)
+ return -EINVAL; //LCOV_EXCL_LINE
+
+ errno = 0;
+ sock = socket(PF_NETLINK, SOCK_RAW, protocol);
+ if (sock < 0) {
+ STC_LOGE("failed to open socket errno [%d], retry [%d]",
+ errno, NETLINK_SOCK_RETRY_COUNT - retry); //LCOV_EXCL_LINE
+ return __create_netlink(protocol, groups, --retry); //LCOV_EXCL_LINE
+ }
+
+ struct sockaddr_nl src_addr = { 0, };
+
+ src_addr.nl_family = AF_NETLINK;
+ src_addr.nl_groups = groups;
+
+ errno = 0;
+ if (bind(sock, (struct sockaddr *)&src_addr, sizeof(src_addr)) < 0) {
+ STC_LOGE("failed to bind socket errno [%d], retry [%d]",
+ errno, NETLINK_SOCK_RETRY_COUNT - retry); //LCOV_EXCL_LINE
+ close(sock); //LCOV_EXCL_LINE
+ return __create_netlink(protocol, groups, --retry); //LCOV_EXCL_LINE
+ }
+
+ return sock;
+}
+
+/**
+ * create_netlink(): Create netlink socket and returns it.
+ * Returns: Created socket on success and -1 on failure.
+ */
+API int create_netlink(int protocol, uint32_t groups)
+{
+ return __create_netlink(protocol, groups, NETLINK_SOCK_RETRY_COUNT);
+}
+
+void fill_attribute_list(struct rtattr **atb, const int max_len,
+ struct rtattr *rt_na, int rt_len)
+{
+ int i = 0;
+ while (RTA_OK(rt_na, rt_len)) {
+ if (rt_na->rta_type <= max_len)
+ atb[rt_na->rta_type] = rt_na;
+
+ rt_na = RTA_NEXT(rt_na, rt_len);
+ ++i;
+ if (i >= max_len)
+ break;
+ }
+}
+
+/* read netlink message from socket
+ * return opaque pointer to genl structure
+ */
+API int read_netlink(int sock, void *buf, size_t len)
+{
+ ssize_t ret;
+ struct sockaddr_nl addr;
+ struct iovec iov = {
+ .iov_base = buf,
+ .iov_len = len,
+ };
+ struct msghdr msg = {
+ .msg_name = &addr,
+ .msg_namelen = sizeof(struct sockaddr_nl),
+ .msg_iov = &iov,
+ .msg_iovlen = 1,
+ .msg_control = NULL,
+ .msg_controllen = 0,
+ .msg_flags = 0,
+ };
+ ret = recvmsg(sock, &msg, 0);
+ if (ret == -1)
+ return ret; //LCOV_EXCL_LINE
+
+ if (msg.msg_flags & MSG_TRUNC) {
+ errno = ENOSPC; //LCOV_EXCL_LINE
+ return -1; //LCOV_EXCL_LINE
+ }
+
+ if (msg.msg_namelen != sizeof(struct sockaddr_nl)) {
+ errno = EINVAL; //LCOV_EXCL_LINE
+ return -1; //LCOV_EXCL_LINE
+ }
+
+ return ret;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_HELPER_NL_H__
+#define __STC_HELPER_NL_H__
+
+//#include "app-stat.h"
+
+#include <stdint.h>
+#include <errno.h>
+#include <sys/socket.h>
+#include <linux/netlink.h>
+#include <linux/genetlink.h>
+#include <linux/rtnetlink.h>
+
+#include "stc-manager.h"
+
+#define NLA_BUF_MAX 65560 /*(65 * 1024) - used in tc_common,
+ we'll do the same */
+
+/*TODO: move to common place and rewrite because it's from TC*/
+#define NLMSG_TAIL(nmsg) \
+ ((struct rtattr *) (((void *) (nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
+
+/*TODO remove unused code */
+typedef struct {
+ struct nlmsghdr n;
+ struct tcmsg t;
+ char buf[NLA_BUF_MAX];
+} rt_param;
+
+void put_attr(rt_param *arg, int type, const void *data, int data_len);
+
+/*
+ * Generic macros for dealing with netlink sockets. Might be duplicated
+ * elsewhere. It is recommended that commercial grade applications use
+ * libnl or libnetlink and use the interfaces provided by the library
+ */
+#define GENLMSG_PAYLOAD(glh) (NLMSG_PAYLOAD(glh, 0) - GENL_HDRLEN)
+#define GENLMSG_DATA(glh) ((void *)(NLMSG_DATA(glh) + GENL_HDRLEN))
+#define NLA_DATA(na) ((void *)((char*)(na) + NLA_HDRLEN))
+
+#define NETLINK_BUF_SIZE 16536
+
+enum nfnl_acct_msg_types {
+ NFNL_MSG_ACCT_NEW,
+ NFNL_MSG_ACCT_GET,
+ NFNL_MSG_ACCT_GET_CTRZERO,
+ NFNL_MSG_ACCT_DEL,
+ NFNL_MSG_ACCT_MAX
+};
+
+enum nfnl_acct_type {
+ NFACCT_UNSPEC,
+ NFACCT_NAME,
+ NFACCT_PKTS,
+ NFACCT_BYTES,
+ NFACCT_USE,
+ NFACCT_FLAGS,
+ NFACCT_QUOTA,
+ NFACCT_FILTER,
+ __NFACCT_MAX
+};
+
+enum nfnl_attr_filter_type {
+ NFACCT_FILTER_ATTR_UNSPEC,
+ NFACCT_FILTER_ATTR_MASK,
+ NFACCT_FILTER_ATTR_VALUE,
+ __NFACCT_FILTER_ATTR_MAX
+};
+
+#define NFACCT_MAX (__NFACCT_MAX - 1)
+
+struct genl {
+ struct nlmsghdr n;
+ struct genlmsghdr g;
+ char buf[NETLINK_BUF_SIZE];
+};
+
+struct netlink_serialization_params {
+ int direction;
+ struct genl *ans;
+ struct counter_arg *carg;
+ int (*eval_attr)(struct rtattr *attr_list[__NFACCT_MAX],
+ void *user_data);
+ int (*post_eval_attr)(void *user_data);
+};
+
+typedef struct {
+ void (*deserialize_answer)(struct netlink_serialization_params *params);
+ void (*finalize)(struct netlink_serialization_params *params);
+ struct netlink_serialization_params params;
+} netlink_serialization_command;
+
+int create_netlink(int protocol, uint32_t groups);
+int read_netlink(int sock, void *buf, size_t len);
+
+void fill_attribute_list(struct rtattr **atb, const int max_len,
+ struct rtattr *rt_na, int rt_len);
+
+#endif /* __STC_HELPER_NL_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+/**
+ * @file procfs.c
+ * @desc wrapper for reading profs information.
+ *
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
+ *
+ */
+
+#include <ctype.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <dirent.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include "stc-error.h"
+#include "stc-manager-util.h"
+#include "helper-procfs.h"
+
+#define USRAPPS "/usr/apps/"
+
+API int proc_get_cmdline(pid_t pid, char *cmdline)
+{
+ char buf[PROC_BUF_MAX];
+ char cmdline_buf[PROC_NAME_MAX];
+ char *filename;
+ FILE *fp;
+ char *token = NULL;
+ char *saveptr = NULL;
+
+ snprintf(buf, sizeof(buf), "/proc/%d/cmdline", pid);
+ fp = fopen(buf, "r");
+ if (fp == NULL)
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+
+ if (fgets(cmdline_buf, PROC_NAME_MAX-1, fp) == NULL) {
+ fclose(fp); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+ fclose(fp);
+
+ if (g_strstr_len(cmdline_buf, strlen(USRAPPS), USRAPPS) != NULL) {
+ /* Application */
+ filename = cmdline_buf + strlen(USRAPPS);
+ token = strtok_r(filename, "/", &saveptr);
+ if (token != NULL)
+ filename = token;
+ } else {
+ token = strtok_r(cmdline_buf, " ", &saveptr);
+ if (token != NULL)
+ filename = strrchr(token, '/');
+ else
+ filename = strrchr(cmdline_buf, '/');
+
+ if (filename == NULL)
+ filename = cmdline_buf;
+ else
+ filename = filename + 1;
+ }
+
+ strncpy(cmdline, filename, PROC_NAME_MAX - 1);
+ cmdline[PROC_NAME_MAX - 1] = '\0';
+
+ return STC_ERROR_NONE;
+}
+
+//LCOV_EXCL_START
+pid_t find_pid_from_cmdline(char *cmdline)
+{
+ pid_t pid = -1, foundpid = -1;
+ int ret = 0;
+ DIR *dp;
+ struct dirent *dentry;
+ char appname[PROC_NAME_MAX];
+
+ dp = opendir("/proc");
+ if (!dp) {
+ STC_LOGE("BACKGRD MANAGE : fail to open /proc");
+ return STC_ERROR_FAIL;
+ }
+
+ while ((dentry = readdir(dp)) != NULL) {
+ if (!isdigit(dentry->d_name[0]))
+ continue;
+
+ pid = atoi(dentry->d_name);
+ if (!pid)
+ continue;
+ ret = proc_get_cmdline(pid, appname);
+ if (ret == STC_ERROR_NONE) {
+ if (!strncmp(cmdline, appname, strlen(appname)+1)) {
+ foundpid = pid;
+ break;
+ }
+ }
+ }
+ closedir(dp);
+ return foundpid;
+}
+
+API void proc_foreach_pid(proc_pid_cb cb, void *user_data)
+{
+ pid_t pid = -1;
+ int ret = 0;
+ DIR *dp;
+ struct dirent *dentry;
+
+ dp = opendir("/proc");
+ if (!dp) {
+ STC_LOGE("failed to open /proc");
+ return;
+ }
+
+ while ((dentry = readdir(dp)) != NULL) {
+ if (!isdigit(dentry->d_name[0]))
+ continue;
+
+ pid = atoi(dentry->d_name);
+ if (!pid)
+ continue;
+
+ ret = cb(pid, user_data);
+ if (ret == false)
+ break;
+ }
+
+ closedir(dp);
+}
+
+int proc_get_label(pid_t pid, char *label)
+{
+ char buf[PROC_BUF_MAX];
+ FILE *fp;
+
+ snprintf(buf, sizeof(buf), "/proc/%d/attr/current", pid);
+ fp = fopen(buf, "r");
+ if (fp == NULL)
+ return STC_ERROR_FAIL;
+
+ if (fgets(label, PROC_NAME_MAX-1, fp) == NULL) {
+ fclose(fp);
+ return STC_ERROR_FAIL;
+ }
+ fclose(fp);
+ return STC_ERROR_NONE;
+}
+
+int proc_get_exepath(pid_t pid, char *buf, int len)
+{
+ char path[PROC_BUF_MAX];
+ int ret = 0;
+
+ snprintf(path, sizeof(path), "/proc/%d/exe", pid);
+ ret = readlink(path, buf, len-1);
+ if (ret > 0)
+ buf[ret] = '\0';
+ else
+ buf[0] = '\0';
+ return STC_ERROR_NONE;
+}
+
+static int proc_get_data(char *path, char *buf, int len)
+{
+ _cleanup_close_ int fd = -1;
+ int ret;
+
+ fd = open(path, O_RDONLY);
+ if (fd < 0)
+ return STC_ERROR_FAIL;
+
+ ret = read(fd, buf, len-1);
+ if (ret < 0) {
+ buf[0] = '\0';
+ return STC_ERROR_FAIL;
+ }
+ buf[ret] = '\0';
+ return STC_ERROR_NONE;
+}
+
+int proc_get_raw_cmdline(pid_t pid, char *buf, int len)
+{
+ char path[PROC_BUF_MAX];
+ snprintf(path, sizeof(path), "/proc/%d/cmdline", pid);
+ return proc_get_data(path, buf, len);
+}
+//LCOV_EXCL_STOP
+
+API int proc_get_status(pid_t pid, char status[][PROC_BUF_MAX])
+{
+ unsigned int i;
+ unsigned int index = 0;
+ char path[PROC_BUF_MAX];
+ char status_buf[PROC_BUF_MAX];
+ bool updated[PROC_STATUS_CNT] = {FALSE, };
+ FILE *fp;
+
+ snprintf(path, sizeof(path), "/proc/%d/status", pid);
+ fp = fopen(path, "r");
+ if (fp == NULL)
+ return STC_ERROR_FAIL;
+
+ for (i = 0; i < PROC_STATUS_CNT; ++i) {
+ char *token = NULL;
+ char *saveptr = NULL;
+
+ if (fgets(status_buf, sizeof(status_buf), fp) == NULL) {
+ fclose(fp); //LCOV_EXCL_LINE
+ return STC_ERROR_FAIL; //LCOV_EXCL_LINE
+ }
+
+ if (!updated[PROC_STATUS_NAME] && strstr(status_buf,
+ PROC_STATUS_NAME_STR))
+ index = PROC_STATUS_NAME;
+ else if (!updated[PROC_STATUS_STATE] && strstr(status_buf,
+ PROC_STATUS_STATE_STR))
+ index = PROC_STATUS_STATE;
+ else if (!updated[PROC_STATUS_TGID] && strstr(status_buf,
+ PROC_STATUS_TGID_STR))
+ index = PROC_STATUS_TGID;
+ else if (!updated[PROC_STATUS_NGID] && strstr(status_buf,
+ PROC_STATUS_NGID_STR))
+ index = PROC_STATUS_NGID;
+ else if (!updated[PROC_STATUS_PID] && strstr(status_buf,
+ PROC_STATUS_PID_STR))
+ index = PROC_STATUS_PID;
+ else if (!updated[PROC_STATUS_PPID] && strstr(status_buf,
+ PROC_STATUS_PPID_STR))
+ index = PROC_STATUS_PPID;
+ else if (!updated[PROC_STATUS_TRACERPID] && strstr(status_buf,
+ PROC_STATUS_TRACERPID_STR))
+ index = PROC_STATUS_TRACERPID;
+ else
+ continue;
+
+ token = strtok_r(status_buf, ":", &saveptr);
+ if (token != NULL) {
+ token = strtok_r(NULL, "\n", &saveptr);
+ if (token != NULL) {
+ while (isspace((unsigned char)*token))
+ token++;
+ g_strlcpy(status[index], token,
+ sizeof(status[index]));
+ updated[index] = TRUE;
+ }
+ }
+ }
+ fclose(fp);
+
+ return STC_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef __HELPER_PROCFS_H__
+#define __HELPER_PROCFS_H__
+
+#include <stdio.h>
+
+#define PROC_BUF_MAX 64
+
+typedef bool (*proc_pid_cb)(pid_t pid, void *user_data);
+
+/**
+ * @desc get command line from /proc/{pid}/cmdline
+ * @return negative value if error
+ */
+int proc_get_cmdline(pid_t pid, char *cmdline);
+
+/**
+ * @desc find pid with /proc/{pid}/cmdline
+ * it returns first entry when many pids have same cmdline
+ * @return negative value if error
+ */
+pid_t find_pid_from_cmdline(char *cmdline);
+
+/**
+ * @desc find pid from /proc
+ */
+void proc_foreach_pid(proc_pid_cb cb, void *user_data);
+
+/**
+ * @desc get smack subject label from /proc/{pid}/attr/current
+ * this label can indicate package name about child processes
+ * @return negative value if error or pid doesn't exist
+ */
+int proc_get_label(pid_t pid, char *label);
+
+/**
+ * @desc get command line from /proc/{pid}/cmdline without any truncation
+ * @return negative value if error
+ */
+int proc_get_raw_cmdline(pid_t pid, char *buf, int len);
+
+/**
+ * @desc get symblolic link about /proc/{pid}/exe
+ * @return negative value if error
+ */
+int proc_get_exepath(pid_t pid, char *buf, int len);
+
+/**
+ * @desc get status from /proc/{pid}/status
+ * @return negative value if error
+ */
+int proc_get_status(pid_t pid, char status[][PROC_BUF_MAX]);
+
+#endif /*__HELPER_PROCFS_H__*/
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-db.h"
+#include "table-firewall.h"
+#include "helper-firewall.h"
+#include "stc-firewall.h"
+#include "stc-manager-gdbus.h"
+#include "stc-manager-plugin-firewall.h"
+
+#define FIREWALL_DBUS_ERROR_NAME "net.stc.firewall.Error.Failed"
+
+#define STC_FIREWALL_DBUS_REPLY_ERROR(invocation, err_num) \
+ g_dbus_method_invocation_return_dbus_error((invocation), \
+ FIREWALL_DBUS_ERROR_NAME, \
+ stc_err_strs[-(err_num)])
+
+static const gchar *stc_err_strs[] = {
+ "ERROR_NONE",
+ "FAIL",
+ "DB_FAILED",
+ "OUT_OF_MEMORY",
+ "INVALID_PARAMETER",
+ "NO_DATA",
+ "ALREADY_DATA",
+ "UNINITIALIZED",
+ "PERMISSION_DENIED",
+ "NOTIMPL"
+};
+
+gboolean handle_firewall_lock(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_set_keep_alive(TRUE);
+
+ stc_plugin_firewall_lock();
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_unlock(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_set_keep_alive(TRUE);
+
+ stc_plugin_firewall_unlock();
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_get_lock(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariant *return_parameters = NULL;
+ int state = 0;
+
+ stc_set_keep_alive(TRUE);
+
+ stc_plugin_firewall_get_lock(&state);
+
+ return_parameters = g_variant_new("(i)", state);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_add_chain(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ gchar *chain,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ if (chain == NULL) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
+ STC_ERROR_INVALID_PARAMETER);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ ret = stc_plugin_firewall_add_chain(chain);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_remove_chain(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ gchar *chain,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ if (chain == NULL) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
+ STC_ERROR_INVALID_PARAMETER);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ ret = stc_plugin_firewall_remove_chain(chain);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_flush_chain(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ gchar *chain,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ if (chain == NULL) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
+ STC_ERROR_INVALID_PARAMETER);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ ret = stc_plugin_firewall_flush_chain(chain);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_get_all_chain(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+
+ stc_set_keep_alive(TRUE);
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+
+ stc_plugin_firewall_get_all_chain(builder);
+
+ return_parameters = g_variant_new("(aa{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_set_chain(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ gchar *chain,
+ unsigned int target,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ if (chain == NULL ||
+ target >= STC_FW_CHAIN_TARGET_MAX) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
+ STC_ERROR_INVALID_PARAMETER);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ ret = stc_plugin_firewall_set_chain(chain, target);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_unset_chain(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ gchar *chain,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ if (chain == NULL) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
+ STC_ERROR_INVALID_PARAMETER);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ ret = stc_plugin_firewall_unset_chain(chain);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_add_rule(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ ret = stc_plugin_firewall_add_rule(parameters);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_remove_rule(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ ret = stc_plugin_firewall_remove_rule(parameters);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_update_rule(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ ret = stc_plugin_firewall_update_rule(parameters);
+ if (ret != STC_ERROR_NONE) {
+ STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_firewall_get_all_rule(StcFirewall *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+
+ stc_set_keep_alive(TRUE);
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+
+ stc_plugin_firewall_get_all_rule(builder);
+
+ return_parameters = g_variant_new("(aa{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-manager-gdbus.h"
+#include "stc-manager.h"
+#include "stc-statistics.h"
+#include "stc-restriction.h"
+#include "stc-firewall.h"
+#include "stc-pcap.h"
+#include "stc-manager-util.h"
+#include "stc-manager-plugin-appstatus.h"
+#include "stc-manager-plugin-procfs.h"
+#include "stc-manager-plugin-monitor.h"
+#include "stc-manager-plugin-firewall.h"
+#include "helper-iptables.h"
+
+#define MANAGER_DBUS_ERROR_NAME "net.stc.manager.Error.Failed"
+
+#define STC_MANAGER_DBUS_REPLY_ERROR(invocation, err_num) \
+ g_dbus_method_invocation_return_dbus_error((invocation), \
+ MANAGER_DBUS_ERROR_NAME, \
+ stc_err_strs[-(err_num)])
+
+static const gchar *stc_err_strs[] = {
+ "ERROR_NONE",
+ "FAIL",
+ "DB_FAILED",
+ "OUT_OF_MEMORY",
+ "INVALID_PARAMETER",
+ "NO_DATA",
+ "ALREADY_DATA",
+ "UNINITIALIZED",
+ "PERMISSION_DENIED",
+ "NOTIMPL"
+};
+
+static gboolean __stc_manager_gdbus_statistics_init(stc_s *stc)
+{
+ __STC_LOG_FUNC_ENTER__;
+ gboolean ret = TRUE;
+ gchar *s = NULL;
+
+ StcObjectSkeleton *object = NULL;
+ StcStatistics *statistics = NULL;
+ s = g_strdup_printf(STC_DBUS_SERVICE_STATISTICS_PATH);
+
+ /* Add interface to default object path */
+ object = stc_object_skeleton_new(s);
+ g_free(s);
+
+ /* Make the newly created object export the interface
+ * net.stc.statistics (note
+ * that @object takes its own reference to @statistics).
+ */
+
+ statistics = stc_statistics_skeleton_new();
+ stc_object_skeleton_set_statistics(object, statistics);
+ g_object_unref(statistics);
+
+ /* Register for method callbacks as signal callbacks */
+
+ g_signal_connect(statistics, "handle-init",
+ G_CALLBACK(handle_statistics_init),
+ stc);
+
+ g_signal_connect(statistics, "handle-get",
+ G_CALLBACK(handle_statistics_get),
+ stc);
+
+ g_signal_connect(statistics, "handle-get-all",
+ G_CALLBACK(handle_statistics_get_all),
+ stc);
+
+ g_signal_connect(statistics, "handle-reset",
+ G_CALLBACK(handle_statistics_reset),
+ stc);
+
+ /* Export the object (@manager takes its own reference to @object) */
+ g_dbus_object_manager_server_export(stc->obj_mgr,
+ G_DBUS_OBJECT_SKELETON(object));
+ g_object_unref(object);
+
+ stc->statistics_obj = (gpointer)statistics;
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+static gboolean __stc_manager_gdbus_restriction_init(stc_s *stc)
+{
+ __STC_LOG_FUNC_ENTER__;
+ gboolean ret = TRUE;
+ gchar *s = NULL;
+
+ StcObjectSkeleton *object = NULL;
+ StcRestriction *restriction = NULL;
+ s = g_strdup_printf(STC_DBUS_SERVICE_RESTRICTION_PATH);
+
+ /* Add interface to default object path */
+ object = stc_object_skeleton_new(s);
+ g_free(s);
+
+ /* Make the newly created object export the interface
+ * net.stc.restriction (note
+ * that @object takes its own reference to @restriction).
+ */
+
+ restriction = stc_restriction_skeleton_new();
+ stc_object_skeleton_set_restriction(object, restriction);
+ g_object_unref(restriction);
+
+ /* Register for method callbacks as signal callbacks */
+
+ g_signal_connect(restriction, "handle-set",
+ G_CALLBACK(handle_restriction_set), stc);
+
+ g_signal_connect(restriction, "handle-get",
+ G_CALLBACK(handle_restriction_get), stc);
+
+ g_signal_connect(restriction, "handle-get-all",
+ G_CALLBACK(handle_restriction_get_all), stc);
+
+ g_signal_connect(restriction, "handle-get-type",
+ G_CALLBACK(handle_restriction_get_type),
+ stc);
+
+ g_signal_connect(restriction, "handle-unset",
+ G_CALLBACK(handle_restriction_unset), stc);
+
+ g_signal_connect(restriction, "handle-set-list",
+ G_CALLBACK(handle_restriction_set_list), stc);
+
+ g_signal_connect(restriction, "handle-unset-list",
+ G_CALLBACK(handle_restriction_unset_list), stc);
+
+ /* Export the object (@manager takes its own reference to @object) */
+ g_dbus_object_manager_server_export(stc->obj_mgr,
+ G_DBUS_OBJECT_SKELETON(object));
+ g_object_unref(object);
+
+ stc->restriction_obj = (gpointer)restriction;
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+static gboolean __stc_manager_gdbus_firewall_init(stc_s *stc)
+{
+ __STC_LOG_FUNC_ENTER__;
+ gboolean ret = TRUE;
+ gchar *s = NULL;
+
+ StcObjectSkeleton *object = NULL;
+ StcFirewall *firewall = NULL;
+ s = g_strdup_printf(STC_DBUS_SERVICE_FIREWALL_PATH);
+
+ /* Add interface to default object path */
+ object = stc_object_skeleton_new(s);
+ g_free(s);
+
+ firewall = stc_firewall_skeleton_new();
+ stc_object_skeleton_set_firewall(object, firewall);
+ g_object_unref(firewall);
+
+ /* Register for method callbacks as signal callbacks */
+
+ g_signal_connect(firewall, "handle-lock",
+ G_CALLBACK(handle_firewall_lock),
+ stc);
+
+ g_signal_connect(firewall, "handle-unlock",
+ G_CALLBACK(handle_firewall_unlock),
+ stc);
+
+ g_signal_connect(firewall, "handle-get-lock",
+ G_CALLBACK(handle_firewall_get_lock),
+ stc);
+
+ g_signal_connect(firewall, "handle-add-chain",
+ G_CALLBACK(handle_firewall_add_chain),
+ stc);
+
+ g_signal_connect(firewall, "handle-remove-chain",
+ G_CALLBACK(handle_firewall_remove_chain),
+ stc);
+
+ g_signal_connect(firewall, "handle-flush-chain",
+ G_CALLBACK(handle_firewall_flush_chain),
+ stc);
+
+ g_signal_connect(firewall, "handle-get-all-chain",
+ G_CALLBACK(handle_firewall_get_all_chain),
+ stc);
+
+ g_signal_connect(firewall, "handle-set-chain",
+ G_CALLBACK(handle_firewall_set_chain),
+ stc);
+
+ g_signal_connect(firewall, "handle-unset-chain",
+ G_CALLBACK(handle_firewall_unset_chain),
+ stc);
+
+ g_signal_connect(firewall, "handle-add-rule",
+ G_CALLBACK(handle_firewall_add_rule),
+ stc);
+
+ g_signal_connect(firewall, "handle-remove-rule",
+ G_CALLBACK(handle_firewall_remove_rule),
+ stc);
+
+ g_signal_connect(firewall, "handle-update-rule",
+ G_CALLBACK(handle_firewall_update_rule),
+ stc);
+
+ g_signal_connect(firewall, "handle-get-all-rule",
+ G_CALLBACK(handle_firewall_get_all_rule),
+ stc);
+
+ /* Export the object (@manager takes its own reference to @object) */
+ g_dbus_object_manager_server_export(stc->obj_mgr,
+ G_DBUS_OBJECT_SKELETON(object));
+ g_object_unref(object);
+
+ stc->firewall_obj = (gpointer)firewall;
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+static gboolean __stc_manager_gdbus_pcap_init(stc_s *stc)
+{
+ __STC_LOG_FUNC_ENTER__;
+ gboolean ret = TRUE;
+ gchar *s = NULL;
+
+ StcObjectSkeleton *object = NULL;
+ StcPcap *pcap = NULL;
+ s = g_strdup_printf(STC_DBUS_SERVICE_PCAP_PATH);
+
+ /* Add interface to default object path */
+ object = stc_object_skeleton_new(s);
+ g_free(s);
+
+ pcap = stc_pcap_skeleton_new();
+ stc_object_skeleton_set_pcap(object, pcap);
+ g_object_unref(pcap);
+
+ /* Register for method callbacks as signal callbacks */
+
+ g_signal_connect(pcap, "handle-start",
+ G_CALLBACK(handle_pcap_start),
+ stc);
+
+ g_signal_connect(pcap, "handle-stop",
+ G_CALLBACK(handle_pcap_stop),
+ stc);
+
+ g_signal_connect(pcap, "handle-get-all",
+ G_CALLBACK(handle_pcap_get_all),
+ stc);
+
+ g_signal_connect(pcap, "handle-find-all-devs",
+ G_CALLBACK(handle_pcap_find_all_devs),
+ stc);
+
+ /* Export the object (@manager takes its own reference to @object) */
+ g_dbus_object_manager_server_export(stc->obj_mgr,
+ G_DBUS_OBJECT_SKELETON(object));
+ g_object_unref(object);
+
+ stc->pcap_obj = (gpointer)pcap;
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+static gboolean __stc_manager_gdbus_manager_init(stc_s *stc)
+{
+ __STC_LOG_FUNC_ENTER__;
+ gboolean ret = TRUE;
+ gchar *s = NULL;
+
+ StcObjectSkeleton *object = NULL;
+ StcManager *manager = NULL;
+ s = g_strdup_printf(STC_DBUS_SERVICE_MANAGER_PATH);
+
+ object = stc_object_skeleton_new(s);
+ g_free(s);
+
+ manager = stc_manager_skeleton_new();
+ stc_object_skeleton_set_manager(object, manager);
+ g_object_unref(manager);
+
+ g_signal_connect(manager, "handle-stop",
+ G_CALLBACK(handle_manager_stop), stc);
+
+ g_signal_connect(manager, "handle-commit-iptables",
+ G_CALLBACK(handle_manager_commit_iptables), stc);
+
+ g_signal_connect(manager, "handle-commit-ip6tables",
+ G_CALLBACK(handle_manager_commit_ip6tables), stc);
+
+ g_dbus_object_manager_server_export(stc->obj_mgr,
+ G_DBUS_OBJECT_SKELETON(object));
+ g_object_unref(object);
+
+ stc->manager_obj = (gpointer)manager;
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
+
+static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection,
+ const gchar *name,
+ gpointer user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ stc_s* stc = (stc_s*)user_data;
+
+ stc->obj_mgr = g_dbus_object_manager_server_new("/net/stc");
+
+ STC_LOGD("path : %s", name);
+
+ stc->connection = connection;
+
+ if (__stc_manager_gdbus_statistics_init(stc) == FALSE) {
+ STC_LOGE("Can not signal connect to statistics"); //LCOV_EXCL_LINE
+ /* Deinitialize and quit manager */
+ }
+
+ if (__stc_manager_gdbus_restriction_init(stc) == FALSE) {
+ STC_LOGE("Cannot signal connect to restriction"); //LCOV_EXCL_LINE
+ /* Deinitialize and quit manager */
+ }
+
+ if (__stc_manager_gdbus_firewall_init(stc) == FALSE) {
+ STC_LOGE("Cannot signal connect to firewall"); //LCOV_EXCL_LINE
+ /* Deinitialize and quit manager */
+ }
+
+ if (__stc_manager_gdbus_pcap_init(stc) == FALSE) {
+ STC_LOGE("Cannot signal connect to pcap"); //LCOV_EXCL_LINE
+ /* Deinitialize and quit manager */
+ }
+
+ if (__stc_manager_gdbus_manager_init(stc) == FALSE) {
+ STC_LOGE("Cannot signal connect to manager"); //LCOV_EXCL_LINE
+ /* Deinitialize and quit manager */
+ }
+
+ g_dbus_object_manager_server_set_connection(stc->obj_mgr,
+ stc->connection);
+
+ iptables_init();
+ stc_plugin_firewall_update();
+ stc_plugin_monitor_init_connection(stc);
+
+ stc_plugin_appstatus_register_state_changed_cb(stc,
+ stc_plugin_procfs_app_status_changed, NULL);
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+static void __stc_manager_gdbus_on_name_acquired(GDBusConnection *connection,
+ const gchar *name,
+ gpointer user_data)
+{
+ STC_LOGD("name : %s", name);
+}
+
+//LCOV_EXCL_START
+static void __stc_manager_gdbus_on_name_lost(GDBusConnection *connection,
+ const gchar *name,
+ gpointer user_data)
+{
+ STC_LOGD("name : %s", name);
+}
+//LCOV_EXCL_STOP
+
+void stc_manager_gdbus_init(gpointer stc_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ stc_s *stc = (stc_s *)stc_data;
+
+ stc->gdbus_owner_id = g_bus_own_name(G_BUS_TYPE_SYSTEM,
+ STC_DBUS_SERVICE,
+ G_BUS_NAME_OWNER_FLAGS_NONE,
+ __stc_manager_gdbus_on_bus_acquired,
+ __stc_manager_gdbus_on_name_acquired,
+ __stc_manager_gdbus_on_name_lost,
+ stc,
+ NULL);
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+void stc_manager_gdbus_deinit(gpointer stc_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ stc_s *stc = (stc_s *)stc_data;
+
+ stc_plugin_appstatus_deregister_state_changed_cb(stc);
+ stc_plugin_monitor_deinit_connection(stc);
+
+ g_bus_unown_name(stc->gdbus_owner_id);
+
+ stc->statistics_obj = NULL;
+ stc->restriction_obj = NULL;
+ stc->firewall_obj = NULL;
+ stc->pcap_obj = NULL;
+ stc->manager_obj = NULL;
+ __STC_LOG_FUNC_EXIT__;
+}
+
+API GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection,
+ const char *dest, const char *path,
+ const char *interface_name,
+ const char *method, GVariant *params)
+{
+ GError *error = NULL;
+ GVariant *reply = NULL;
+
+ if (connection == NULL) {
+ STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
+ return reply; //LCOV_EXCL_LINE
+ }
+
+ reply = g_dbus_connection_call_sync(connection,
+ dest,
+ path,
+ interface_name,
+ method,
+ params,
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ (5 * 1000), /* 5 seconds timeout */
+ NULL,
+ &error);
+
+ if (reply == NULL) {
+ if (error != NULL) {
+ STC_LOGE("g_dbus_connection_call_sync() failed" //LCOV_EXCL_LINE
+ " error [%d: %s]", error->code, error->message);
+ g_error_free(error); //LCOV_EXCL_LINE
+ } else {
+ STC_LOGE("g_dbus_connection_call_sync() failed"); //LCOV_EXCL_LINE
+ }
+
+ return NULL;
+ }
+
+ return reply;
+}
+
+API int stc_manager_gdbus_call_async(GDBusConnection *connection,
+ const char *dest, const char *path,
+ const char *interface_name,
+ const char *method, GVariant *params,
+ GAsyncReadyCallback notify_func,
+ void *user_data)
+{
+ if (connection == NULL) {
+ STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
+ }
+
+ g_dbus_connection_call(connection,
+ dest,
+ path,
+ interface_name,
+ method,
+ params,
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ (5 * 1000), /* 5 seconds timeout */
+ NULL,
+ (GAsyncReadyCallback)notify_func,
+ (gpointer)user_data);
+
+ return STC_ERROR_NONE;
+}
+
+API guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection,
+ const gchar *sender,
+ const gchar *interface_name,
+ const gchar *member,
+ const gchar *object_path,
+ const gchar *arg0,
+ GDBusSignalFlags flags,
+ GDBusSignalCallback callback,
+ gpointer user_data,
+ GDestroyNotify user_data_free_func)
+{
+ if (connection == NULL) {
+ STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
+ return 0; //LCOV_EXCL_LINE
+ }
+
+ return g_dbus_connection_signal_subscribe(connection,
+ sender,
+ interface_name,
+ member,
+ object_path,
+ NULL,
+ G_DBUS_SIGNAL_FLAGS_NONE,
+ callback,
+ user_data,
+ user_data_free_func);
+}
+
+API void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection,
+ guint subscription_id)
+{
+ if (connection == NULL) {
+ STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ g_dbus_connection_signal_unsubscribe(connection, subscription_id);
+}
+
+API void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ gchar *key = NULL;
+ GVariant *value = NULL;
+
+ if (!cb) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ while (g_variant_iter_loop(iter, "{sv}", &key, &value)) {
+ /* DEBUG_GDBUS_KEY_VALUE(key, value); */
+ if (key)
+ cb(key, value, user_data);
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+API gboolean stc_manager_dbus_emit_signal(GDBusConnection *connection,
+ const gchar *object_path,
+ const gchar *interface_name,
+ const gchar *signal_name,
+ GVariant *parameters)
+{
+ gboolean rv = FALSE;
+ GError *error = NULL;
+
+ if (connection == NULL) {
+ STC_LOGE("GDBusconnection is NULL"); //LCOV_EXCL_LINE
+ return 0;
+ }
+
+ DEBUG_GDBUS_VARIANT("Signal params: ", parameters);
+
+ rv = g_dbus_connection_emit_signal(connection,
+ NULL,
+ object_path,
+ interface_name,
+ signal_name,
+ parameters,
+ &error);
+ if (rv != TRUE) {
+ STC_LOGE("Failed to emit signal [%s] interface [%s] Error [%s]", //LCOV_EXCL_LINE
+ signal_name, interface_name, error->message);
+ g_error_free(error); //LCOV_EXCL_LINE
+ } else {
+ STC_LOGD("[%s] signal sent on [%s] interface", signal_name,
+ interface_name);
+ }
+
+ return rv;
+}
+
+gboolean handle_manager_stop(StcManager *object,
+ GDBusMethodInvocation *invocation)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariant *return_parameters = NULL;
+
+ stc_set_keep_alive(TRUE);
+
+ STC_LOGI("stc manager stop");
+
+ return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+
+ stc_stop_manager();
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_manager_commit_iptables(StcManager *object,
+ GDBusMethodInvocation *invocation,
+ const gchar *option,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariant *return_parameters = NULL;
+ int ret = STC_ERROR_NONE;
+ int err_num = 0;
+ char *err_str = NULL;
+ char cmd[STC_CMD_SIZE] = { 0, };
+
+ stc_set_keep_alive(TRUE);
+
+ if (option == NULL) {
+ STC_MANAGER_DBUS_REPLY_ERROR(invocation,
+ STC_ERROR_INVALID_PARAMETER);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_LOGD("[%s]", option);
+ g_snprintf(cmd, STC_CMD_SIZE, "%s %s", STC_IPTABLES, option);
+
+ ret = stc_commit_iptables(cmd, &err_num, &err_str);
+
+ return_parameters = g_variant_new("(iis)", ret, err_num, err_str);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_manager_commit_ip6tables(StcManager *object,
+ GDBusMethodInvocation *invocation,
+ const gchar *option,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariant *return_parameters = NULL;
+ int ret = STC_ERROR_NONE;
+ int err_num = 0;
+ char *err_str = NULL;
+ char cmd[STC_CMD_SIZE] = { 0, };
+
+ stc_set_keep_alive(TRUE);
+
+ if (option == NULL) {
+ STC_MANAGER_DBUS_REPLY_ERROR(invocation,
+ STC_ERROR_INVALID_PARAMETER);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+ }
+
+ STC_LOGD("[%s]", option);
+ g_snprintf(cmd, STC_CMD_SIZE, "%s %s", STC_IP6TABLES, option);
+
+ ret = stc_commit_iptables(cmd, &err_num, &err_str);
+
+ return_parameters = g_variant_new("(iis)", ret, err_num, err_str);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dlfcn.h>
+
+#include "stc-manager.h"
+#include "stc-manager-plugin-appstatus.h"
+
+static gboolean stc_plugin_enabled = FALSE;
+static void *handle_plugin;
+static stc_plugin_appstatus_s *stc_plugin;
+
+//LCOV_EXCL_START
+int stc_plugin_appstatus_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ handle_plugin = dlopen(STC_PLUGIN_APPSTATUS_FILEPATH, RTLD_NOW);
+ if (!handle_plugin) {
+ STC_LOGE("Can't load %s: %s", STC_PLUGIN_APPSTATUS_FILEPATH, dlerror());
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin = dlsym(handle_plugin, "stc_plugin_appstatus");
+ if (!stc_plugin) {
+ STC_LOGE("Can't load symbol: %s", dlerror());
+ dlclose(handle_plugin);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin_enabled = TRUE;
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+int stc_plugin_appstatus_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_plugin_enabled) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin_enabled = FALSE;
+ dlclose(handle_plugin);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_appstatus_send_message(const char *content,
+ const char *type, const char *app_id, const char *iftype, const char *limit)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->send_message_to_net_popup(content,
+ type, app_id, iftype, limit);
+}
+
+int stc_plugin_appstatus_register_state_changed_cb(stc_s *stc,
+ stc_plugin_app_state_changed_cb cb, void *data)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->register_state_changed_cb(stc, cb, data);
+}
+
+int stc_plugin_appstatus_deregister_state_changed_cb(stc_s *stc)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->deregister_state_changed_cb(stc);
+}
+//LCOV_EXCL_STOP
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dlfcn.h>
+
+#include "stc-manager.h"
+#include "stc-manager-plugin-exception.h"
+
+static gboolean stc_plugin_enabled = FALSE;
+static void *handle_plugin;
+static stc_plugin_exception_s *stc_plugin;
+
+//LCOV_EXCL_START
+API int stc_plugin_exception_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ handle_plugin = dlopen(STC_PLUGIN_EXCEPTION_FILEPATH, RTLD_NOW);
+ if (!handle_plugin) {
+ STC_LOGE("Can't load %s: %s", STC_PLUGIN_EXCEPTION_FILEPATH, dlerror());
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin = dlsym(handle_plugin, "stc_plugin_exception");
+ if (!stc_plugin) {
+ STC_LOGE("Can't load symbol: %s", dlerror());
+ dlclose(handle_plugin);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->initialize_plugin();
+ stc_plugin_enabled = TRUE;
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_exception_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_plugin_enabled) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->deinitialize_plugin();
+ stc_plugin_enabled = FALSE;
+ dlclose(handle_plugin);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_fill_exception_list(void)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->fill_exception_list();
+}
+
+API int stc_plugin_update_exception_list(void)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->update_exception_list();
+}
+
+API int stc_plugin_check_exception_by_cmdline(char *cmdline)
+{
+ if (!stc_plugin_enabled)
+ return STC_ERROR_UNINITIALIZED;
+
+ if (!stc_plugin)
+ return STC_ERROR_UNINITIALIZED;
+
+ return stc_plugin->check_exception_by_cmdline(cmdline);
+}
+//LCOV_EXCL_STOP
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dlfcn.h>
+
+#include "stc-manager.h"
+#include "stc-manager-plugin-firewall.h"
+
+static gboolean stc_plugin_enabled = FALSE;
+static void *handle_plugin;
+static stc_plugin_firewall_s *stc_plugin;
+
+//LCOV_EXCL_START
+int stc_plugin_firewall_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ handle_plugin = dlopen(STC_PLUGIN_FIREWALL_FILEPATH, RTLD_NOW);
+ if (!handle_plugin) {
+ STC_LOGE("Can't load %s: %s", STC_PLUGIN_FIREWALL_FILEPATH, dlerror());
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin = dlsym(handle_plugin, "stc_plugin_firewall");
+ if (!stc_plugin) {
+ STC_LOGE("Can't load symbol: %s", dlerror());
+ dlclose(handle_plugin);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->initialize_plugin();
+ stc_plugin_enabled = TRUE;
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+int stc_plugin_firewall_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_plugin_enabled)
+ return STC_ERROR_UNINITIALIZED;
+
+ stc_plugin->deinitialize_plugin();
+ stc_plugin_enabled = FALSE;
+ dlclose(handle_plugin);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+int stc_plugin_firewall_lock(void)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->lock_firewall();
+}
+
+int stc_plugin_firewall_unlock(void)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->unlock_firewall();
+}
+
+
+int stc_plugin_firewall_get_lock(int *state)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->get_lock_firewall(state);
+}
+
+API int stc_plugin_firewall_update(void)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->update_firewall();
+}
+
+int stc_plugin_firewall_add_chain(char *chain)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->add_chain(chain);
+}
+
+int stc_plugin_firewall_remove_chain(char *chain)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->remove_chain(chain);
+}
+
+int stc_plugin_firewall_flush_chain(char *chain)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->flush_chain(chain);
+}
+
+int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->get_all_chain(builder);
+}
+
+int stc_plugin_firewall_set_chain(char *chain, uint target)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->set_chain(chain, target);
+}
+
+int stc_plugin_firewall_unset_chain(char *chain)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->unset_chain(chain);
+}
+
+int stc_plugin_firewall_add_rule(GVariant *params)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->add_rule(params);
+}
+
+int stc_plugin_firewall_remove_rule(GVariant *params)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->remove_rule(params);
+}
+
+int stc_plugin_firewall_update_rule(GVariant *params)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->update_rule(params);
+}
+
+int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->get_all_rule(builder);
+}
+//LCOV_EXCL_STOP
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dlfcn.h>
+
+#include "stc-manager.h"
+#include "stc-manager-plugin-monitor.h"
+
+static gboolean stc_plugin_enabled = FALSE;
+static void *handle_plugin;
+static stc_plugin_monitor_s *stc_plugin;
+
+//LCOV_EXCL_START
+API int stc_plugin_monitor_init(stc_manager_stop_cb stop_cb)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ handle_plugin = dlopen(STC_PLUGIN_MONITOR_FILEPATH, RTLD_NOW);
+ if (!handle_plugin) {
+ STC_LOGE("Can't load %s: %s", STC_PLUGIN_MONITOR_FILEPATH, dlerror());
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin = dlsym(handle_plugin, "stc_plugin_monitor");
+ if (!stc_plugin) {
+ STC_LOGE("Can't load symbol: %s", dlerror());
+ dlclose(handle_plugin);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->initialize_plugin(stop_cb);
+ stc_plugin_enabled = TRUE;
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_monitor_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_plugin_enabled)
+ return STC_ERROR_UNINITIALIZED;
+
+ stc_plugin->deinitialize_plugin();
+ stc_plugin_enabled = FALSE;
+ dlclose(handle_plugin);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_monitor_add_app(uint32_t classid,
+ const char *app_id,
+ const char *pkg_id,
+ const stc_app_value_s value)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->add_application(classid, app_id, pkg_id, value);
+}
+
+API int stc_plugin_monitor_remove_app(uint32_t classid,
+ const char *app_id)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->remove_application(classid, app_id);
+}
+
+API int stc_plugin_monitor_lookup_app(uint32_t classid)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->lookup_application(classid);
+}
+
+API int stc_plugin_monitor_add_rstn(table_restrictions_info *info)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->add_restriction(info);
+}
+
+API int stc_plugin_monitor_remove_rstn(table_restrictions_info *info)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->remove_restriction(info);
+}
+
+API int stc_plugin_monitor_init_connection(stc_s *stc)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->init_connection(stc);
+}
+
+API int stc_plugin_monitor_deinit_connection(stc_s *stc)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->deinit_connection(stc);
+}
+
+API int stc_plugin_monitor_add_proc(uint32_t classid,
+ const char *app_id, const stc_proc_value_s value)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->add_process(classid, app_id, value);
+}
+
+API int stc_plugin_monitor_remove_proc(uint32_t classid, pid_t pid)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->remove_process(classid, pid);
+}
+
+API int stc_plugin_monitor_move_proc(uint32_t from, uint32_t to)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->move_process(from, to);
+}
+
+API int stc_plugin_monitor_update_proc_ground(uint32_t classid,
+ const char *app_id, const stc_proc_value_s value)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->update_process_ground(classid, app_id, value);
+}
+//LCOV_EXCL_STOP
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dlfcn.h>
+
+#include "stc-manager.h"
+#include "stc-manager-plugin-pcap.h"
+
+static gboolean stc_plugin_enabled = FALSE;
+static void *handle_plugin;
+static stc_plugin_pcap_s *stc_plugin;
+
+//LCOV_EXCL_START
+int stc_plugin_pcap_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ handle_plugin = dlopen(STC_PLUGIN_PCAP_FILEPATH, RTLD_NOW);
+ if (!handle_plugin) {
+ STC_LOGE("Can't load %s: %s", STC_PLUGIN_PCAP_FILEPATH, dlerror());
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin = dlsym(handle_plugin, "stc_plugin_pcap");
+ if (!stc_plugin) {
+ STC_LOGE("Can't load symbol: %s", dlerror());
+ dlclose(handle_plugin);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->initialize_plugin();
+ stc_plugin_enabled = TRUE;
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+int stc_plugin_pcap_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_plugin_enabled) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->deinitialize_plugin();
+ stc_plugin_enabled = FALSE;
+ dlclose(handle_plugin);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+int stc_plugin_pcap_lookup_dev(void)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->lookup_dev();
+}
+
+int stc_plugin_pcap_lookup_net(void)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->lookup_net();
+}
+
+int stc_plugin_pcap_find_all_devs(GVariantBuilder *builder)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->find_all_devs(builder);
+}
+
+int stc_plugin_pcap_register_loop(const char *ifname,
+ int nflog_group)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->register_loop(ifname, nflog_group);
+}
+
+int stc_plugin_pcap_unregister_loop(const char *ifname,
+ int nflog_group)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->unregister_loop(ifname, nflog_group);
+}
+
+int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder)
+{
+ if (!stc_plugin_enabled) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't enabled");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ if (!stc_plugin) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("Plugin wasn't loaded");
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ return stc_plugin->get_all_loop(builder);
+}
+//LCOV_EXCL_STOP
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dlfcn.h>
+
+#include "stc-manager.h"
+#include "stc-manager-plugin-procfs.h"
+
+static gboolean stc_plugin_enabled = FALSE;
+static void *handle_plugin;
+static stc_plugin_procfs_s *stc_plugin;
+
+//LCOV_EXCL_START
+int stc_plugin_procfs_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ handle_plugin = dlopen(STC_PLUGIN_PROCFS_FILEPATH, RTLD_NOW);
+ if (!handle_plugin) {
+ STC_LOGE("Can't load %s: %s", STC_PLUGIN_PROCFS_FILEPATH, dlerror());
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin = dlsym(handle_plugin, "stc_plugin_procfs");
+ if (!stc_plugin) {
+ STC_LOGE("Can't load symbol: %s", dlerror());
+ dlclose(handle_plugin);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->initialize_plugin();
+ stc_plugin_enabled = TRUE;
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+int stc_plugin_procfs_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_plugin_enabled) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ stc_plugin->deinitialize_plugin();
+ stc_plugin_enabled = FALSE;
+ dlclose(handle_plugin);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+stc_error_e stc_plugin_procfs_load_pid(void)
+{
+ if (!stc_plugin_enabled)
+ return STC_ERROR_UNINITIALIZED;
+
+ if (!stc_plugin)
+ return STC_ERROR_UNINITIALIZED;
+
+ return stc_plugin->procfs_load();
+}
+
+stc_error_e stc_plugin_procfs_app_status_changed(stc_cmd_type_e cmd,
+ pid_t pid, const gchar *app_id, const gchar *pkg_id, stc_app_type_e app_type)
+{
+ if (!stc_plugin_enabled)
+ return STC_ERROR_UNINITIALIZED;
+
+ if (!stc_plugin)
+ return STC_ERROR_UNINITIALIZED;
+
+ return stc_plugin->procfs_status_changed(cmd, pid, app_id, pkg_id, app_type);
+}
+//LCOV_EXCL_STOP
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dlfcn.h>
+
+#include "stc-manager.h"
+#include "stc-manager-plugin-tether.h"
+
+static gboolean stc_tether_plugin_enabled = FALSE;
+static void *tether_plugin_handle;
+static stc_plugin_tether_s *plugin;
+
+int stc_plugin_tether_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ tether_plugin_handle = dlopen(STC_PLUGIN_TETHER_FILEPATH, RTLD_NOW);
+ if (!tether_plugin_handle) {
+ STC_LOGE("Can't load %s: %s", STC_PLUGIN_TETHER_FILEPATH, dlerror());
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ plugin = dlsym(tether_plugin_handle, "tether_plugin");
+ if (!plugin) {
+ STC_LOGE("Can't load symbol: %s", dlerror());
+ dlclose(tether_plugin_handle);
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ plugin->init();
+ stc_tether_plugin_enabled = TRUE;
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+int stc_plugin_tether_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_tether_plugin_enabled) {
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_UNINITIALIZED;
+ }
+
+ plugin->deinit();
+ stc_tether_plugin_enabled = FALSE;
+ dlclose(tether_plugin_handle);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr)
+{
+ char ip[INET_ADDRSTRLEN+1];
+
+ if (!stc_tether_plugin_enabled ||
+ mac == NULL || ipaddr == NULL) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("invalid args");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ memset(ip, 0, sizeof(ip));
+
+ if (plugin->get_station_ip(mac, ip) != STC_ERROR_NONE)
+ return STC_ERROR_FAIL;
+
+ *ipaddr = g_strdup(ip);
+ STC_LOGI("station ip(%s)", *ipaddr);
+
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_tether_get_station_by_classid(const int classid, char **mac)
+{
+ __STC_LOG_FUNC_ENTER__;
+ char mac_addr[STATION_MAC_STR_LEN+1];
+
+ if (!stc_tether_plugin_enabled || mac == NULL) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("invalid args");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ memset(mac_addr, 0, sizeof(mac_addr));
+
+ if (plugin->get_station_by_classid(classid, mac_addr) != STC_ERROR_NONE)
+ return STC_ERROR_FAIL;
+
+ *mac = g_strdup(mac_addr);
+ STC_LOGI("station mac(%s)", *mac);
+
+ return STC_ERROR_NONE;
+}
+
+API int stc_plugin_tether_set_station_classid(const char *mac, int classid)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!stc_tether_plugin_enabled || mac == NULL) {
+ if (STC_DEBUG_LOG)
+ STC_LOGE("invalid args");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ if (plugin->set_station_classid(mac, classid) != STC_ERROR_NONE)
+ return STC_ERROR_FAIL;
+
+ STC_LOGI("classid(%d) for station mac(%s) is set successfully",
+ classid, mac);
+
+ return STC_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <signal.h>
+#include <errno.h>
+#include <sys/wait.h>
+#include "stc-manager.h"
+#include "stc-manager-gdbus.h"
+#include "stc-db.h"
+#include "counter.h"
+#include "table-restrictions.h"
+#include "helper-cgroup.h"
+#include "helper-nfacct-rule.h"
+#include "helper-iptables.h"
+#include "helper-inotify.h"
+#include "stc-firewall.h"
+#include "stc-manager-plugin-appstatus.h"
+#include "stc-manager-plugin-exception.h"
+#include "stc-manager-plugin-procfs.h"
+#include "stc-manager-plugin-tether.h"
+#include "stc-manager-plugin-pcap.h"
+#include "stc-manager-plugin-monitor.h"
+#include "stc-manager-plugin-firewall.h"
+
+#define BUF_SIZE_FOR_ERR 100
+
+static stc_s *g_stc = NULL;
+static gboolean g_is_fail_exit = FALSE;
+
+static gboolean __validate_ident(const char *ident)
+{
+ unsigned int i;
+
+ if (!ident)
+ return FALSE;
+
+ for (i = 0; i < strlen(ident); ++i)
+ if (!g_ascii_isprint(ident[i]))
+ return FALSE;
+
+ return TRUE;
+}
+
+static void __stc_inotify_handler(struct inotify_event *event, const char *ident)
+{
+ if (!ident)
+ return;
+
+ if (!__validate_ident(ident)) {
+ STC_LOGE("Invalid ident [%s]", ident);
+ return;
+ }
+
+ if (!g_strcmp0(ident, INFO_CONFIG))
+ stc_util_update_log_state();
+}
+
+static void __stc_manager_deinit(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!g_stc) {
+ STC_LOGE("Memory for manager structure is not allocated");
+ return;
+ }
+
+ stc_deinit_db_guard();
+ stc_db_deinitialize();
+
+ iptables_flush_chains();
+ iptables_deinit();
+
+ stc_manager_gdbus_deinit((gpointer)g_stc);
+
+ stc_plugin_appstatus_deinit();
+ stc_plugin_exception_deinit();
+ stc_plugin_procfs_deinit();
+ stc_plugin_tether_deinit();
+ stc_plugin_pcap_deinit();
+ stc_plugin_monitor_deinit();
+ stc_plugin_firewall_deinit();
+
+ inotify_deregister(INFO_STORAGE_DIR);
+ inotify_deinitialize();
+
+ STC_LOGI("stc manager deinitialized");
+ FREE(g_stc);
+ __STC_LOG_FUNC_EXIT__;
+}
+
+void __stc_manager_stop_with_fail(void)
+{
+ STC_LOGI("plugin needs stc-manager to exit");
+
+ g_is_fail_exit = TRUE;
+
+ stc_stop_manager();
+}
+
+static stc_s *__stc_manager_init(void)
+{
+ __STC_LOG_FUNC_ENTER__;
+ stc_s *stc;
+ stc_error_e err = STC_ERROR_NONE;
+
+ stc = MALLOC0(stc_s, 1);
+ if (!stc) {
+ STC_LOGE("Failed to allocate memory for manager structure"); //LCOV_EXCL_LINE
+ return NULL; //LCOV_EXCL_LINE
+ }
+ g_stc = stc;
+
+ stc_util_initialize_config();
+
+ inotify_initialize();
+ inotify_register(INFO_STORAGE_DIR, __stc_inotify_handler);
+
+ cgroup_set_release_agent(NET_CLS_SUBSYS, NET_RELEASE_AGENT);
+
+ err = stc_db_initialize();
+ if (err != STC_ERROR_NONE) {
+ STC_LOGD("Failed to initialize stc db"); //LCOV_EXCL_LINE
+ return NULL; //LCOV_EXCL_LINE
+ }
+
+ g_stc->ondemand_mode = TRUE;
+
+ stc_plugin_appstatus_init();
+ stc_plugin_exception_init();
+ stc_plugin_procfs_init();
+ stc_plugin_tether_init();
+ if (stc_plugin_pcap_init() == STC_ERROR_NONE)
+ g_stc->ondemand_mode = FALSE;
+ if (stc_plugin_monitor_init(__stc_manager_stop_with_fail) == STC_ERROR_NONE)
+ g_stc->ondemand_mode = FALSE;
+ stc_plugin_firewall_init();
+
+ stc_plugin_procfs_load_pid();
+
+ stc_manager_gdbus_init((gpointer)stc);
+
+ STC_LOGI("stc manager initialized");
+ __STC_LOG_FUNC_EXIT__;
+ return stc;
+}
+
+static gboolean __stc_timer_expired(gpointer data)
+{
+ if (g_stc->keep_alive) {
+ g_stc->keep_alive = FALSE;
+ return TRUE;
+ }
+
+ g_main_loop_quit(g_stc->main_loop);
+
+ return FALSE;
+}
+
+API stc_s *stc_get_manager(void)
+{
+ return g_stc;
+}
+
+void stc_stop_manager(void)
+{
+ if (g_stc && g_stc->main_loop)
+ g_main_loop_quit(g_stc->main_loop);
+}
+
+int stc_commit_iptables(char *cmd, int *err_num, char **err_str)
+{
+ pid_t pid = 0;
+ int status = 0;
+ int ret = 0;
+ char err_buf[BUF_SIZE_FOR_ERR] = { 0, };
+ gchar **args = NULL;
+
+ if (cmd == NULL) {
+ STC_LOGE("Invalid arguments");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ args = g_strsplit_set(cmd, " ", -1);
+
+ errno = 0;
+ pid = fork();
+
+ if (pid == 0) {
+ errno = 0;
+
+ if (!g_strcmp0(args[1], STC_CMD_INSERT)) {
+ STC_LOGE("Invalid arguments");
+ g_strfreev(args);
+ exit(-1);
+ }
+
+ if (execv(args[0], args) == -1) {
+ STC_LOGE("Failed to execute [%s]", *err_str);
+ g_strfreev(args);
+ exit(-1);
+ }
+ } else if (pid > 0) {
+ if (waitpid(pid, &status, 0) == -1)
+ STC_LOGD("wait pid [%u] status [%d] ", pid, status);
+
+ if (WIFEXITED(status)) {
+ ret = WEXITSTATUS(status);
+ STC_LOGD("exited, status [%d]", status);
+ } else if (WIFSIGNALED(status)) {
+ STC_LOGD("killed by signal [%d]", WTERMSIG(status));
+ } else if (WIFSTOPPED(status)) {
+ STC_LOGD("stopped by signal [%d]", WSTOPSIG(status));
+ } else if (WIFCONTINUED(status)) {
+ STC_LOGD("continued");
+ }
+
+ *err_num = ret;
+ *err_str = strerror_r(ret, err_buf, BUF_SIZE_FOR_ERR);
+ STC_LOGD("return err_num [%d] err_str [%s]", *err_num, *err_str);
+
+ g_strfreev(args);
+ if (ret == 0)
+ return STC_ERROR_NONE;
+ else
+ return STC_ERROR_FAIL;
+ }
+
+ *err_num = errno;
+ *err_str = strerror_r(errno, err_buf, BUF_SIZE_FOR_ERR);
+ STC_LOGD("Failed to fork [%d:%s]", *err_num, *err_str);
+
+ g_strfreev(args);
+ return STC_ERROR_FAIL;
+}
+
+void stc_set_keep_alive(gboolean keep_alive)
+{
+ g_stc->keep_alive = keep_alive;
+}
+
+gint32 main(gint32 argc, gchar *argv[])
+{
+ GMainLoop *main_loop = NULL;
+
+ STC_LOGI("Smart Traffic Control Manager");
+
+#ifdef TIZEN_GTESTS
+ setenv("GCOV_PREFIX", "/tmp/daemon", 1);
+#endif
+
+/*
+ if (daemon(0, 0) != 0)
+ STC_LOGE("Can't start daemon"); //LCOV_EXCL_LINE
+*/
+
+ /* Initialize required subsystems */
+#if !GLIB_CHECK_VERSION(2, 35, 0)
+ g_type_init();
+#endif
+
+ g_stc = __stc_manager_init();
+ if (!g_stc)
+ goto fail;
+
+ if (g_is_fail_exit == TRUE)
+ goto fail;
+
+ /* Crate the GLIB main loop */
+ main_loop = g_main_loop_new(NULL, FALSE);
+ g_stc->main_loop = main_loop;
+
+ if (g_stc->ondemand_mode) {
+ g_stc->timer = g_timeout_add_seconds(10, __stc_timer_expired, NULL);
+ g_stc->keep_alive = FALSE;
+ }
+
+ /* Run the main loop */
+ g_main_loop_run(main_loop);
+
+fail:
+ __stc_manager_deinit();
+
+ if (main_loop)
+ g_main_loop_unref(main_loop);
+
+ if (g_is_fail_exit == TRUE)
+ exit(-1);
+
+ return 0;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-db.h"
+#include "stc-pcap.h"
+#include "stc-manager-plugin-pcap.h"
+
+#define PCAP_DBUS_ERROR_NAME "net.stc.pcap.Error.Failed"
+
+#define STC_PCAP_DBUS_REPLY_ERROR(invocation, err_num) \
+ g_dbus_method_invocation_return_dbus_error((invocation), \
+ PCAP_DBUS_ERROR_NAME, \
+ stc_err_strs[-(err_num)])
+
+static const gchar *stc_err_strs[] = {
+ "ERROR_NONE",
+ "FAIL",
+ "DB_FAILED",
+ "OUT_OF_MEMORY",
+ "INVALID_PARAMETER",
+ "NO_DATA",
+ "ALREADY_DATA",
+ "UNINITIALIZED",
+ "PERMISSION_DENIED",
+ "NOTIMPL"
+};
+
+gboolean __validate_pcap(stc_pcap_s *pcap)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (pcap == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return FALSE; //LCOV_EXCL_LINE
+ }
+
+ if (pcap->ifname == NULL ||
+ pcap->ifname[0] == '\0') {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return FALSE; //LCOV_EXCL_LINE
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+static void __stc_extract_pcap(const char *key, GVariant *value,
+ void *user_data)
+{
+ stc_pcap_s *pcap = (stc_pcap_s *) user_data;
+ if (pcap == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ if (!g_strcmp0(key, STC_PCAP_IFNAME)) {
+ gsize str_length;
+ const gchar *str = g_variant_get_string(value, &str_length);
+ pcap->ifname = g_strdup(str);
+ STC_LOGD("ifname: [%s]", pcap->ifname);
+
+ } else if (!g_strcmp0(key, STC_PCAP_NFLOG_GROUP)) {
+ pcap->nflog_group = g_variant_get_uint32(value);
+ STC_LOGD("nflog group: [%d]", pcap->nflog_group);
+
+ } else {
+ STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE
+ }
+}
+
+gboolean handle_pcap_start(StcPcap *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantIter *iter = NULL;
+ stc_pcap_s pcap;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ memset(&pcap, 0, sizeof(stc_pcap_s));
+
+ g_variant_get(parameters, "a{sv}", &iter);
+ if (iter != NULL) {
+ stc_manager_gdbus_dict_foreach(iter,
+ __stc_extract_pcap,
+ &pcap);
+ g_variant_iter_free(iter);
+ }
+
+ if (__validate_pcap(&pcap) == FALSE) {
+ STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
+ STC_ERROR_INVALID_PARAMETER);
+ g_free(pcap.ifname);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ ret = stc_plugin_pcap_register_loop(pcap.ifname, pcap.nflog_group);
+ if (ret != STC_ERROR_NONE) {
+ STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_free(pcap.ifname);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ g_free(pcap.ifname);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_pcap_stop(StcPcap *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantIter *iter = NULL;
+ stc_pcap_s pcap;
+ int ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ memset(&pcap, 0, sizeof(stc_pcap_s));
+
+ g_variant_get(parameters, "a{sv}", &iter);
+ if (iter != NULL) {
+ stc_manager_gdbus_dict_foreach(iter,
+ __stc_extract_pcap,
+ &pcap);
+ g_variant_iter_free(iter);
+ }
+
+ if (__validate_pcap(&pcap) == FALSE) {
+ STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
+ STC_ERROR_INVALID_PARAMETER);
+ g_free(pcap.ifname);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ ret = stc_plugin_pcap_unregister_loop(pcap.ifname, pcap.nflog_group);
+ if (ret != STC_ERROR_NONE) {
+ STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_free(pcap.ifname);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ g_free(pcap.ifname);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_pcap_get_all(StcPcap *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+
+ stc_set_keep_alive(TRUE);
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+
+ stc_plugin_pcap_get_all_loop(builder);
+
+ return_parameters = g_variant_new("(aa{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_pcap_find_all_devs(StcPcap *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+
+ stc_set_keep_alive(TRUE);
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+
+ stc_plugin_pcap_find_all_devs(builder);
+
+ return_parameters = g_variant_new("(aa{sv})", builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-db.h"
+#include "table-restrictions.h"
+#include "stc-restriction.h"
+#include "stc-manager-gdbus.h"
+#include "stc-manager-plugin-monitor.h"
+
+#define RESTRICTION_DBUS_ERROR_NAME "net.stc.restriction.Error.Failed"
+
+#define STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, err_num) \
+ g_dbus_method_invocation_return_dbus_error((invocation), \
+ RESTRICTION_DBUS_ERROR_NAME, \
+ stc_err_strs[-(err_num)])
+
+static const gchar *stc_err_strs[] = {
+ "ERROR_NONE",
+ "FAIL",
+ "DB_FAILED",
+ "OUT_OF_MEMORY",
+ "INVALID_PARAMETER",
+ "NO_DATA",
+ "ALREADY_DATA",
+ "UNINITIALIZED",
+ "PERMISSION_DENIED",
+ "NOTIMPL"
+};
+
+void __initialize_rstn_rule(table_restrictions_info *rule)
+{
+ rule->app_id = NULL;
+
+ rule->iftype = STC_IFACE_ALL;
+ rule->ifname = NULL;
+
+ rule->subscriber_id = NULL;
+ rule->roaming = STC_ROAMING_DISABLE;
+
+ rule->rstn_type = STC_RSTN_TYPE_UNKNOWN;
+ rule->data_limit = -1;
+ rule->data_warn_limit = -1;
+
+ rule->month_start_date = 1;
+ rule->monthly_limit = -1;
+ rule->weekly_limit = -1;
+ rule->daily_limit = -1;
+
+ rule->mac = NULL;
+}
+
+gboolean __validate_rstn_rule(table_restrictions_info *rule)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (rule == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return FALSE; //LCOV_EXCL_LINE
+ }
+
+ if (rule->iftype <= STC_IFACE_UNKNOWN ||
+ rule->iftype >= STC_IFACE_LAST_ELEM) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return FALSE; //LCOV_EXCL_LINE
+ }
+
+ if (rule->roaming > STC_ROAMING_DISABLE) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return FALSE; //LCOV_EXCL_LINE
+ }
+
+ if (rule->subscriber_id == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return FALSE; //LCOV_EXCL_LINE
+ }
+
+ if (rule->app_id == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return FALSE; //LCOV_EXCL_LINE
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+void __stc_restriction_app_info_builder_add(GVariantBuilder *builder,
+ const table_restrictions_info *info)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!builder || !info) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ g_variant_builder_add(builder, "{sv}", "app_id",
+ g_variant_new_string(info->app_id));
+
+ g_variant_builder_add(builder, "{sv}", "ifname",
+ g_variant_new_string(info->ifname));
+
+ g_variant_builder_add(builder, "{sv}", "iftype",
+ g_variant_new_uint16(info->iftype));
+
+ g_variant_builder_add(builder, "{sv}", "rstn_type",
+ g_variant_new_uint16(info->rstn_type));
+
+ g_variant_builder_add(builder, "{sv}", "data_limit",
+ g_variant_new_int64(info->data_limit));
+
+ g_variant_builder_add(builder, "{sv}", "data_warn_limit",
+ g_variant_new_int64(info->data_warn_limit));
+
+ g_variant_builder_add(builder, "{sv}", "month_start_date",
+ g_variant_new_int32(info->month_start_date));
+
+ g_variant_builder_add(builder, "{sv}", "monthly_limit",
+ g_variant_new_int64(info->monthly_limit));
+
+ g_variant_builder_add(builder, "{sv}", "weekly_limit",
+ g_variant_new_int64(info->weekly_limit));
+
+ g_variant_builder_add(builder, "{sv}", "daily_limit",
+ g_variant_new_int64(info->daily_limit));
+
+ g_variant_builder_add(builder, "{sv}", "roaming",
+ g_variant_new_uint16(info->roaming));
+
+ g_variant_builder_add(builder, "{sv}", "subscriber_id",
+ g_variant_new_string(info->subscriber_id));
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+stc_cb_ret_e __table_restrictions_foreach_app_cb(const table_restrictions_info *info,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = (GVariantBuilder *)user_data;
+ GVariantBuilder sub_builder;
+
+ if (!info || !builder) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_CANCEL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
+ __stc_restriction_app_info_builder_add(&sub_builder, info);
+
+ g_variant_builder_add_value(builder,
+ g_variant_builder_end(&sub_builder));
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_CONTINUE;
+}
+
+stc_cb_ret_e __table_restrictions_per_app_cb(const table_restrictions_info *info,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = (GVariantBuilder *)user_data;
+
+ if (!info || !builder) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_CANCEL; //LCOV_EXCL_LINE
+ }
+
+ __stc_restriction_app_info_builder_add(builder, info);
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_CONTINUE;
+}
+
+static void __stc_extract_restriction_rule(const char *key, GVariant *value,
+ void *user_data)
+{
+ table_restrictions_info *rule =
+ (table_restrictions_info *) user_data;
+ if (rule == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ if (!g_strcmp0(key, "app_id")) {
+ gsize str_length;
+ const gchar *str = g_variant_get_string(value, &str_length);
+ rule->app_id = g_strdup(str);
+ STC_LOGD("app_id: [%s]", rule->app_id);
+
+ } else if (!g_strcmp0(key, "ifname")) {
+ gsize str_length;
+ const gchar *str = g_variant_get_string(value, &str_length);
+ rule->ifname = g_strdup(str);
+ STC_LOGD("ifname: [%s]", rule->ifname);
+
+ } else if (!g_strcmp0(key, "iftype")) {
+ rule->iftype = g_variant_get_uint16(value);
+ STC_LOGD("iftype: [%u]", (unsigned int) rule->iftype);
+
+ } else if (!g_strcmp0(key, "data_limit")) {
+ rule->data_limit = g_variant_get_int64(value);
+ STC_LOGD("data_limit: [%lld]", rule->data_limit);
+
+ } else if (!g_strcmp0(key, "data_warn_limit")) {
+ rule->data_warn_limit = g_variant_get_int64(value);
+ STC_LOGD("data_warn_limit: [%lld]", rule->data_warn_limit);
+
+ } else if (!g_strcmp0(key, "month_start_date")) {
+ rule->month_start_date = g_variant_get_int32(value);
+ STC_LOGD("month_start_date: [%d]", rule->month_start_date);
+
+ } else if (!g_strcmp0(key, "monthly_limit")) {
+ rule->monthly_limit = g_variant_get_int64(value);
+ STC_LOGD("monthly_limit: [%lld]", rule->monthly_limit);
+
+ } else if (!g_strcmp0(key, "weekly_limit")) {
+ rule->weekly_limit = g_variant_get_int64(value);
+ STC_LOGD("weekly_limit: [%lld]", rule->weekly_limit);
+
+ } else if (!g_strcmp0(key, "daily_limit")) {
+ rule->daily_limit = g_variant_get_int64(value);
+ STC_LOGD("daily_limit: [%lld]", rule->daily_limit);
+
+ } else if (!g_strcmp0(key, "roaming")) {
+ rule->roaming = g_variant_get_uint16(value);
+ STC_LOGD("roaming: [%u]", rule->roaming);
+
+ } else if (!g_strcmp0(key, "subscriber_id")) {
+ gsize str_length;
+ const gchar *str = g_variant_get_string(value, &str_length);
+ rule->subscriber_id = g_strdup(str);
+ STC_LOGD("subscriber_id: [%s]", rule->subscriber_id);
+
+ } else if (!g_strcmp0(key, "rstn_type")) {
+ rule->rstn_type = g_variant_get_uint16(value);
+ STC_LOGD("type: [%u]", (unsigned int) rule->rstn_type);
+
+ } else if (!g_strcmp0(key, "mac")) {
+ gsize str_length;
+ const gchar *str = g_variant_get_string(value, &str_length);
+ rule->mac = g_strdup(str);
+ STC_LOGD("mac: [%s]", rule->mac);
+
+ } else {
+ STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE
+ }
+}
+
+static void __stc_free_restriction_rule_members(table_restrictions_info *rule)
+{
+ FREE(rule->app_id);
+ FREE(rule->ifname);
+ FREE(rule->subscriber_id);
+ FREE(rule->mac);
+}
+
+gboolean handle_restriction_set(StcRestriction *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantIter *iter = NULL;
+ table_restrictions_info rule;
+ stc_error_e ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ memset(&rule, 0, sizeof(table_restrictions_info));
+ __initialize_rstn_rule(&rule);
+
+ g_variant_get(parameters, "a{sv}", &iter);
+ if (iter != NULL) {
+ stc_manager_gdbus_dict_foreach(iter,
+ __stc_extract_restriction_rule,
+ &rule);
+ g_variant_iter_free(iter);
+ }
+
+ if (__validate_rstn_rule(&rule) == FALSE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
+ STC_ERROR_INVALID_PARAMETER);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ ret = table_restrictions_update(&rule);
+ if (ret != STC_ERROR_NONE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
+ STC_ERROR_DB_FAILED);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ stc_plugin_monitor_add_rstn(&rule);
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_restriction_unset(StcRestriction *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantIter *iter = NULL;
+ table_restrictions_info rule;
+ stc_error_e ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ memset(&rule, 0, sizeof(table_restrictions_info));
+ __initialize_rstn_rule(&rule);
+
+ g_variant_get(parameters, "a{sv}", &iter);
+ if (iter != NULL) {
+ stc_manager_gdbus_dict_foreach(iter,
+ __stc_extract_restriction_rule,
+ &rule);
+ g_variant_iter_free(iter);
+ }
+
+ if (__validate_rstn_rule(&rule) == FALSE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
+ STC_ERROR_INVALID_PARAMETER);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ ret = table_restrictions_delete(rule.app_id, rule.iftype, rule.ifname,
+ rule.subscriber_id, rule.roaming);
+ if (ret != STC_ERROR_NONE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
+ STC_ERROR_DB_FAILED);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ stc_plugin_monitor_remove_rstn(&rule);
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_restriction_set_list(StcRestriction *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantIter *iter = NULL;
+ GVariantIter *iter_row = NULL;
+ stc_error_e ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ g_variant_get(parameters, "aa{sv}", &iter);
+ while (g_variant_iter_next(iter, "a{sv}", &iter_row)) {
+ table_restrictions_info rule;
+
+ memset(&rule, 0, sizeof(table_restrictions_info));
+ __initialize_rstn_rule(&rule);
+
+ stc_manager_gdbus_dict_foreach(iter_row,
+ __stc_extract_restriction_rule, &rule);
+
+ if (__validate_rstn_rule(&rule)) {
+ ret = table_restrictions_update(&rule);
+ if (ret != STC_ERROR_NONE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_variant_iter_free(iter_row);
+ g_variant_iter_free(iter);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ ret = stc_plugin_monitor_add_rstn(&rule);
+ if (ret != STC_ERROR_NONE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_variant_iter_free(iter_row);
+ g_variant_iter_free(iter);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+ }
+
+ __stc_free_restriction_rule_members(&rule);
+ g_variant_iter_free(iter_row);
+ }
+ g_variant_iter_free(iter);
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_restriction_unset_list(StcRestriction *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *parameters,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantIter *iter = NULL;
+ GVariantIter *iter_row = NULL;
+ stc_error_e ret = STC_ERROR_NONE;
+
+ stc_set_keep_alive(TRUE);
+
+ g_variant_get(parameters, "aa{sv}", &iter);
+ while (g_variant_iter_next(iter, "a{sv}", &iter_row)) {
+ table_restrictions_info rule;
+
+ memset(&rule, 0, sizeof(table_restrictions_info));
+ __initialize_rstn_rule(&rule);
+
+ stc_manager_gdbus_dict_foreach(iter_row,
+ __stc_extract_restriction_rule, &rule);
+
+ if (__validate_rstn_rule(&rule)) {
+ ret = table_restrictions_delete(rule.app_id, rule.iftype,
+ rule.ifname, rule.subscriber_id, rule.roaming);
+ if (ret != STC_ERROR_NONE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_variant_iter_free(iter_row);
+ g_variant_iter_free(iter);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ ret = stc_plugin_monitor_remove_rstn(&rule);
+ if (ret != STC_ERROR_NONE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_variant_iter_free(iter_row);
+ g_variant_iter_free(iter);
+ __stc_free_restriction_rule_members(&rule);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+ }
+
+ __stc_free_restriction_rule_members(&rule);
+ g_variant_iter_free(iter_row);
+ }
+ g_variant_iter_free(iter);
+
+ STC_DBUS_REPLY_ERROR_NONE(invocation);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_restriction_get(StcRestriction *object,
+ GDBusMethodInvocation *invocation,
+ const gchar *app_id,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+ stc_error_e ret;
+
+ stc_set_keep_alive(TRUE);
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+
+ ret = table_restrictions_per_app(app_id,
+ __table_restrictions_per_app_cb,
+ builder);
+ if (ret < STC_ERROR_NONE) {
+ g_variant_builder_unref(builder); //LCOV_EXCL_LINE
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
+ }
+
+ return_parameters = g_variant_new("(ia{sv})", STC_ERROR_NONE, builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_restriction_get_all(StcRestriction *object,
+ GDBusMethodInvocation *invocation,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+ stc_error_e ret;
+
+ stc_set_keep_alive(TRUE);
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+
+ ret = table_restrictions_foreach(__table_restrictions_foreach_app_cb,
+ builder);
+ if (ret < STC_ERROR_NONE) {
+ g_variant_builder_unref(builder); //LCOV_EXCL_LINE
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
+ }
+
+ return_parameters = g_variant_new("(iaa{sv})", STC_ERROR_NONE, builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_restriction_get_type(StcRestriction *object,
+ GDBusMethodInvocation *invocation,
+ const gchar *app_id,
+ int iftype,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariant *return_parameters = NULL;
+ stc_rstn_type_e type = STC_RSTN_TYPE_UNKNOWN;
+ stc_error_e ret;
+
+ stc_set_keep_alive(TRUE);
+
+ ret = table_restrictions_get_restriction_type(app_id, iftype, &type);
+ if (ret < STC_ERROR_NONE) {
+ STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE;
+ }
+
+ return_parameters = g_variant_new("(ii)", STC_ERROR_NONE, type);
+ STC_DBUS_REPLY(invocation, return_parameters);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-db.h"
+#include "table-statistics.h"
+#include "stc-statistics.h"
+#include "stc-manager-gdbus.h"
+
+#define STATISTICS_DBUS_ERROR_NAME "net.stc.statistics.Error.Failed"
+
+#define STC_STATISTICS_DBUS_REPLY_ERROR(invocation, err_num) \
+ g_dbus_method_invocation_return_dbus_error((invocation), \
+ STATISTICS_DBUS_ERROR_NAME, \
+ stc_err_strs[-(err_num)])
+
+static const gchar *stc_err_strs[] = {
+ "ERROR_NONE",
+ "FAIL",
+ "DB_FAILED",
+ "OUT_OF_MEMORY",
+ "INVALID_PARAMETER",
+ "NO_DATA",
+ "ALREADY_DATA",
+ "UNINITIALIZED",
+ "PERMISSION_DENIED",
+ "NOTIMPL"
+};
+
+void __stc_extract_select_rule(const char *key, GVariant *value,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ table_statistics_select_rule *rule =
+ (table_statistics_select_rule *) user_data;
+ if (rule == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ if (!g_strcmp0(key, "from")) {
+ rule->from = g_variant_get_uint64(value);
+ STC_LOGD("from: [%lu]", rule->from);
+
+ } else if (!g_strcmp0(key, "to")) {
+ rule->to = g_variant_get_uint64(value);
+ STC_LOGD("to: [%lu]", rule->to);
+
+ } else if (!g_strcmp0(key, "iftype")) {
+ rule->iftype = g_variant_get_uint16(value);
+ STC_LOGD("iftype: [%u]", (unsigned int) rule->iftype);
+
+ } else if (!g_strcmp0(key, "app_id")) {
+ gsize length = 0;
+ rule->app_id = g_variant_dup_string(value, &length);
+ STC_LOGD("app_id: [%s]", rule->app_id);
+
+ } else if (!g_strcmp0(key, "granularity")) {
+ rule->granularity = g_variant_get_int32(value);
+ STC_LOGD("granularity: [%d]", rule->granularity);
+
+ } else {
+ STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+void __stc_extract_reset_rule(const char *key, GVariant *value,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ table_statistics_reset_rule *rule =
+ (table_statistics_reset_rule *) user_data;
+ if (rule == NULL) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ if (!g_strcmp0(key, "app_id")) {
+ gsize len = 0;
+ rule->app_id = g_variant_dup_string(value, &len);
+ STC_LOGD("app_id: [%s]", rule->app_id);
+
+ } else if (!g_strcmp0(key, "subscriber_id")) {
+ gsize len = 0;
+ rule->subscriber_id = g_variant_dup_string(value, &len);
+ STC_LOGD("subscriber_id: [%s]", rule->subscriber_id);
+
+ } else if (!g_strcmp0(key, "iftype")) {
+ rule->iftype = g_variant_get_uint16(value);
+ STC_LOGD("iftype: [%u]", (unsigned int) rule->iftype);
+
+ } else if (!g_strcmp0(key, "from")) {
+ if (!(rule->interval)) {
+ rule->interval = MALLOC0(stc_db_tm_interval_s, 1); //LCOV_EXCL_LINE
+ if (!(rule->interval)) { //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+ }
+
+ rule->interval->from = g_variant_get_uint64(value);
+ STC_LOGD("from: [%lu]", rule->interval->from);
+
+ } else if (!g_strcmp0(key, "to")) {
+ if (!(rule->interval)) {
+ rule->interval = MALLOC0(stc_db_tm_interval_s, 1); //LCOV_EXCL_LINE
+ if (!(rule->interval)) { //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+ }
+
+ rule->interval->to = g_variant_get_uint64(value);
+ STC_LOGD("to: [%lu]", rule->interval->to);
+
+ } else {
+ STC_LOGD("Unknown reset rule"); //LCOV_EXCL_LINE
+ }
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+void __stc_statistics_app_info_builder_add(GVariantBuilder *builder,
+ const table_statistics_info *info)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ if (!builder || !info) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
+ }
+
+ if (info->app_id)
+ g_variant_builder_add(builder, "{sv}", "app_id",
+ g_variant_new_string(info->app_id));
+
+ if (info->ifname)
+ g_variant_builder_add(builder, "{sv}", "ifname",
+ g_variant_new_string(info->ifname));
+
+ g_variant_builder_add(builder, "{sv}", "subscriber_id",
+ g_variant_new_string(info->subscriber_id));
+
+ g_variant_builder_add(builder, "{sv}", "iftype",
+ g_variant_new_uint16(info->iftype));
+
+ if (info->interval != NULL) {
+ g_variant_builder_add(builder, "{sv}", "interval_to",
+ g_variant_new_uint64(info->interval->to));
+
+ g_variant_builder_add(builder, "{sv}", "interval_from",
+ g_variant_new_uint64(info->interval->from));
+ }
+
+ g_variant_builder_add(builder, "{sv}", "cnt_out_bytes",
+ g_variant_new_int64(info->cnt.out_bytes));
+
+ g_variant_builder_add(builder, "{sv}", "cnt_in_bytes",
+ g_variant_new_int64(info->cnt.in_bytes));
+
+ g_variant_builder_add(builder, "{sv}", "roaming",
+ g_variant_new_uint16(info->roaming));
+
+ g_variant_builder_add(builder, "{sv}", "hw_net_protocol_type",
+ g_variant_new_uint16(info->hw_net_protocol_type));
+
+ g_variant_builder_add(builder, "{sv}", "ground",
+ g_variant_new_uint16(info->ground));
+
+ __STC_LOG_FUNC_EXIT__;
+}
+
+stc_cb_ret_e __table_statistics_foreach_app_cb(const table_statistics_info *info,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = (GVariantBuilder *)user_data;
+ GVariantBuilder sub_builder;
+
+ if (!info || !builder) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_CANCEL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
+ __stc_statistics_app_info_builder_add(&sub_builder, info);
+ g_variant_builder_add_value(builder,
+ g_variant_builder_end(&sub_builder));
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_CONTINUE;
+}
+
+stc_cb_ret_e __table_statistics_per_app_cb(const table_statistics_info *info,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariantBuilder *builder = (GVariantBuilder *)user_data;
+ GVariantBuilder sub_builder;
+
+ if (!info || !builder) {
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return STC_CANCEL; //LCOV_EXCL_LINE
+ }
+
+ g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
+ __stc_statistics_app_info_builder_add(&sub_builder, info);
+ g_variant_builder_add_value(builder,
+ g_variant_builder_end(&sub_builder));
+
+ __STC_LOG_FUNC_EXIT__;
+ return STC_CONTINUE;
+}
+
+gboolean handle_statistics_get_all(StcStatistics *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *select_rule,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ table_statistics_select_rule rule = {0, };
+ const time_t cur_time = time(0);
+ const time_t epoch = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+ stc_error_e ret;
+
+ stc_set_keep_alive(TRUE);
+
+ /* Total statistics since epoch */
+ rule.from = epoch;
+ rule.to = cur_time;
+ rule.iftype = STC_IFACE_ALL;
+
+ if (select_rule != NULL) {
+ DEBUG_GDBUS_VARIANT("Selection rule: ", select_rule);
+ GVariantIter *iter = NULL;
+
+ g_variant_get(select_rule, "a{sv}", &iter);
+ if (iter != NULL) {
+ stc_manager_gdbus_dict_foreach(iter,
+ __stc_extract_select_rule,
+ &rule);
+ g_variant_iter_free(iter);
+ }
+ } else {
+ STC_LOGD("No selection rule, using default selection rule."); //LCOV_EXCL_LINE
+ }
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+
+ ret = table_statistics_foreach_app(&rule,
+ __table_statistics_foreach_app_cb,
+ builder);
+ if (ret < STC_ERROR_NONE) {
+ g_variant_builder_unref(builder); //LCOV_EXCL_LINE
+ STC_STATISTICS_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_free(rule.app_id);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
+ }
+
+ return_parameters = g_variant_new("(iaa{sv})", STC_ERROR_NONE, builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+
+ g_free(rule.app_id);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_statistics_init(StcStatistics *object,
+ GDBusMethodInvocation *invocation)
+{
+ __STC_LOG_FUNC_ENTER__;
+
+ stc_set_keep_alive(TRUE);
+
+ STC_LOGI("stc statistics initialized");
+ stc_statistics_complete_init(object, invocation);
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_statistics_get(StcStatistics *object,
+ GDBusMethodInvocation *invocation,
+ const gchar *app_id,
+ GVariant *select_rule,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ table_statistics_select_rule rule = {0, };
+ const time_t cur_time = time(0);
+ const time_t epoch = 0;
+ GVariantBuilder *builder = NULL;
+ GVariant *return_parameters = NULL;
+ stc_error_e ret;
+
+ stc_set_keep_alive(TRUE);
+
+ /* Total statistics since epoch */
+ rule.from = epoch;
+ rule.to = cur_time;
+ rule.iftype = STC_IFACE_ALL;
+
+ if (select_rule != NULL) {
+ DEBUG_GDBUS_VARIANT("Selection rule: ", select_rule);
+ GVariantIter *iter = NULL;
+
+ g_variant_get(select_rule, "a{sv}", &iter);
+ if (iter != NULL) {
+ stc_manager_gdbus_dict_foreach(iter,
+ __stc_extract_select_rule,
+ &rule);
+ g_variant_iter_free(iter);
+ }
+ } else {
+ STC_LOGD("No selection rule, using default selection rule."); //LCOV_EXCL_LINE
+ }
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
+
+ ret = table_statistics_per_app(app_id, &rule,
+ __table_statistics_per_app_cb,
+ builder);
+ if (ret < STC_ERROR_NONE) {
+ g_variant_builder_unref(builder); //LCOV_EXCL_LINE
+ STC_STATISTICS_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ g_free(rule.app_id);
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
+ }
+
+ return_parameters = g_variant_new("(iaa{sv})", STC_ERROR_NONE, builder);
+ g_variant_builder_unref(builder);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+
+ g_free(rule.app_id);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
+gboolean handle_statistics_reset(StcStatistics *object,
+ GDBusMethodInvocation *invocation,
+ GVariant *reset_rule,
+ void *user_data)
+{
+ __STC_LOG_FUNC_ENTER__;
+ table_statistics_reset_rule rule = {0, };
+ GVariant *return_parameters = NULL;
+ stc_error_e ret;
+
+ stc_set_keep_alive(TRUE);
+
+ if (reset_rule != NULL) {
+ DEBUG_GDBUS_VARIANT("Selection rule: ", reset_rule);
+ GVariantIter *iter = NULL;
+
+ g_variant_get(reset_rule, "a{sv}", &iter);
+ if (iter != NULL) {
+ stc_manager_gdbus_dict_foreach(iter,
+ __stc_extract_reset_rule,
+ &rule);
+ g_variant_iter_free(iter);
+ }
+ } else {
+ STC_LOGD("No selection rule, using default selection rule."); //LCOV_EXCL_LINE
+ }
+
+ ret = table_statistics_reset(&rule);
+ if (ret < STC_ERROR_NONE) {
+ STC_STATISTICS_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ goto handle_error; //LCOV_EXCL_LINE
+ }
+
+ return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
+
+ DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_DBUS_REPLY(invocation, return_parameters);
+
+handle_error:
+ FREE(rule.app_id);
+ FREE(rule.subscriber_id);
+ FREE(rule.interval);
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stc-manager-util.h"
+
+typedef struct {
+ int state;
+ char *key;
+} log_info_s;
+
+log_info_s g_log_info[] = {
+ {-1, INFO_DEBUG_LOG},
+ {-1, INFO_STAT_LOG},
+ {-1, INFO_RSTN_LOG},
+ {-1, INFO_FW_LOG},
+ {-1, INFO_PCAP_LOG},
+};
+
+static void __sync_file_to_disk(const char *path)
+{
+ FILE *fp = NULL;
+ fp = fopen(path, "a+");
+ if (fp) {
+ fflush(fp);
+ fsync(fp->_fileno);
+ fclose(fp);
+ STC_LOGD("Sync the file to disk");
+ }
+}
+
+static GKeyFile *__load_key_file(const char *path)
+{
+ GKeyFile *keyfile = NULL;
+ GError *error = NULL;
+
+ STC_LOGD("Loading [%s]", path);
+
+ keyfile = g_key_file_new();
+
+ if (!g_key_file_load_from_file(keyfile, path, 0, &error)) {
+ STC_LOGD("Unable to load [%s] : %s", path, error->message); //LCOV_EXCL_LINE
+ g_clear_error(&error); //LCOV_EXCL_LINE
+ g_key_file_free(keyfile); //LCOV_EXCL_LINE
+ keyfile = NULL; //LCOV_EXCL_LINE
+ }
+
+ return keyfile;
+}
+
+static int __save_key_file(GKeyFile *keyfile, char *path)
+{
+ gchar *data = NULL;
+ gsize length = 0;
+ GError *error = NULL;
+ int ret = 0;
+
+ data = g_key_file_to_data(keyfile, &length, NULL);
+
+ if (!g_file_set_contents(path, data, length, &error)) {
+ STC_LOGD("Failed to save information : %s", error->message); //LCOV_EXCL_LINE
+ g_error_free(error); //LCOV_EXCL_LINE
+ ret = -EIO; //LCOV_EXCL_LINE
+ }
+
+ __sync_file_to_disk(path);
+
+ g_free(data);
+ return ret;
+}
+
+//LCOV_EXCL_START
+gboolean stc_util_get_config_bool(char *key)
+{
+ char path[MAX_PATH_LENGTH];
+ GKeyFile *keyfile;
+ gboolean value;
+
+ snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
+
+ keyfile = __load_key_file(path);
+ if (!keyfile)
+ keyfile = g_key_file_new();
+
+ value = g_key_file_get_boolean(keyfile, path, key, NULL);
+ g_key_file_free(keyfile);
+
+ return value;
+}
+
+gchar * stc_util_get_config_str(char *key)
+{
+ char path[MAX_PATH_LENGTH];
+ GKeyFile *keyfile;
+ gchar *value;
+
+ snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
+
+ keyfile = __load_key_file(path);
+ if (!keyfile)
+ keyfile = g_key_file_new();
+
+ value = g_key_file_get_string(keyfile, path, key, NULL);
+ g_key_file_free(keyfile);
+
+ return value;
+}
+//LCOV_EXCL_STOP
+
+int stc_util_get_config_int(char *key)
+{
+ char path[MAX_PATH_LENGTH];
+ GKeyFile *keyfile;
+ gint value;
+
+ snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
+
+ keyfile = __load_key_file(path);
+ if (!keyfile)
+ keyfile = g_key_file_new(); //LCOV_EXCL_LINE
+
+
+ value = g_key_file_get_integer(keyfile, path, key, NULL);
+ g_key_file_free(keyfile);
+
+ return value;
+}
+
+//LCOV_EXCL_START
+API void stc_util_update_log_state(void)
+{
+ int i;
+
+ for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i)
+ g_log_info[i].state = stc_util_get_config_int(g_log_info[i].key);
+
+ STC_LOGD("log info [%d:%d:%d:%d:%d]",
+ g_log_info[DEBUG_LOG_INFO].state, g_log_info[STAT_LOG_INFO].state,
+ g_log_info[RSTN_LOG_INFO].state, g_log_info[FW_LOG_INFO].state,
+ g_log_info[PCAP_LOG_INFO].state);
+}
+
+API void stc_util_set_log_state(log_info_e info, int state)
+{
+ g_log_info[info].state = state;
+}
+//LCOV_EXCL_STOP
+
+API int stc_util_get_log_state(log_info_e info)
+{
+ if (g_log_info[info].state == -1)
+ g_log_info[info].state = stc_util_get_config_int(g_log_info[info].key);
+
+ return g_log_info[info].state;
+}
+
+void stc_util_initialize_config(void)
+{
+ char path[MAX_PATH_LENGTH];
+ GKeyFile *keyfile;
+ int i;
+
+ snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
+
+ keyfile = __load_key_file(path);
+ if (!keyfile) {
+ keyfile = g_key_file_new(); //LCOV_EXCL_LINE
+ for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i)
+ g_key_file_set_integer(keyfile, path, g_log_info[i].key, 0);
+ }
+
+ __save_key_file(keyfile, path);
+ g_key_file_free(keyfile);
+}
--- /dev/null
+CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
+
+SET(NET_CLS_RELEASE "net-cls-release")
+ADD_EXECUTABLE(${NET_CLS_RELEASE} ${CMAKE_CURRENT_SOURCE_DIR}/${NET_CLS_RELEASE}.c)
+INSTALL(TARGETS ${NET_CLS_RELEASE} RUNTIME DESTINATION ${BIN_DIR})
--- /dev/null
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+
+#define MAX_PATH_LENGTH 512
+#define DEFAULT_CGROUP "/sys/fs/cgroup"
+#define CGROUP_NETWORK DEFAULT_CGROUP "/net_cls"
+#define STC_CGROUP_NETWORK CGROUP_NETWORK "/stc"
+#define PATH_TO_NET_CGROUP_DIR STC_CGROUP_NETWORK
+
+int main(int argc, char *argv[])
+{
+ char buf[MAX_PATH_LENGTH];
+ if (argc < 2)
+ return 1;
+
+ /* kernel already adds symbol '/' before cgroup name */
+ snprintf(buf, sizeof(buf), "%s/%s", PATH_TO_NET_CGROUP_DIR, argv[1]);
+ return rmdir(buf);
+}
--- /dev/null
+<manifest>
+ <request>
+ <domain name="_"/>
+ </request>
+</manifest>
Group: Network & Connectivity/Other
License: Apache-2.0
Source0: %{name}-%{version}.tar.gz
+Source1001: %{name}.manifest
%define enable_database YES
%define enable_statistics YES
%prep
%setup -q
-chmod 644 %{SOURCE0}
+cp %{SOURCE1001} ./%{name}.manifest
%build
#Exceptions file
mkdir -p %{buildroot}/%{_localstatedir}/lib/stc
-cp data/exceptions %{buildroot}/%{_localstatedir}/lib/stc/exceptions
+cp res/exceptions %{buildroot}/%{_localstatedir}/lib/stc/exceptions
#Systemd service file
mkdir -p %{buildroot}%{_unitdir}
-cp resources/systemd/stc-manager.service %{buildroot}%{_unitdir}/stc-manager.service
+cp res/systemd/stc-manager.service %{buildroot}%{_unitdir}/stc-manager.service
mkdir -p %{buildroot}%{_unitdir}/multi-user.target.wants/
ln -s ../stc-manager.service %{buildroot}%{_unitdir}/multi-user.target.wants/stc-manager.service
#DBus DAC (stc-manager.manifest enables DBus SMACK)
mkdir -p %{buildroot}%{_sysconfdir}/dbus-1/system.d
-cp resources/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/stc-manager.conf
+cp res/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/stc-manager.conf
mkdir -p %{buildroot}%{_datadir}/dbus-1/system-services/
-cp resources/dbus/net.stc-manager.service %{buildroot}%{_datadir}/dbus-1/system-services/net.stc.service
+cp res/dbus/net.stc-manager.service %{buildroot}%{_datadir}/dbus-1/system-services/net.stc.service
#OS Upgrade
mkdir -p %{buildroot}%{upgrade_script_path}
-cp -f scripts/%{upgrade_script_filename} %{buildroot}%{upgrade_script_path}
+cp -f res/%{upgrade_script_filename} %{buildroot}%{upgrade_script_path}
%files
%manifest %{name}.manifest
-%license LICENSE
+%license LICENSE.APLv2
%defattr(-,root,root,-)
%attr(500,root,root) %{_bindir}/*
-SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/src)
+SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/manager)
SET(HELPER_SOURCE_DIR ${SOURCE_DIR}/helper)
SET(DATABASE_SOURCE_DIR ${SOURCE_DIR}/database)
INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/dbus-interface)
INCLUDE_DIRECTORIES(${SOURCE_DIR})
INCLUDE_DIRECTORIES(${HELPER_SOURCE_DIR})
-INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR})
-INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}/include)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include/db)
ADD_SUBDIRECTORY(appstatus)
ADD_SUBDIRECTORY(exception)
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
-INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include)
-
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden")
SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
SET(CMAKE_C_FLAGS_RELEASE "-O2")
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_APPSTATUS_H__
-#define __STC_PLUGIN_APPSTATUS_H__
-
-#include <glib.h>
-#include "stc-error.h"
-#include "stc-manager.h"
-
-typedef stc_error_e (*stc_plugin_app_state_changed_cb)(stc_cmd_type_e cmd,
- pid_t pid,
- const gchar *app_id,
- const gchar *pkg_id,
- stc_app_type_e app_type);
-
-typedef struct {
- /* popup */
- int (*send_message_to_net_popup) (const char *, const char *,
- const char *, const char *, const char *);
- /* app status */
- int (*register_state_changed_cb) (stc_s *stc,
- stc_plugin_app_state_changed_cb cb, void *data);
- int (*deregister_state_changed_cb) (stc_s *stc);
-} stc_plugin_appstatus_s;
-
-int stc_plugin_popup_send_message(const char *content,
- const char *type, const char *app_id, const char *iftype, const char *limit);
-
-int stc_plugin_appstatus_register_changed_cb(stc_s *stc,
- stc_plugin_app_state_changed_cb cb, void *data);
-int stc_plugin_appstatus_deregister_changed_cb(stc_s *stc);
-
-#endif /* __STC_PLUGIN_APPSTATUS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_APPSTATUS_H__
+#define __STC_PLUGIN_APPSTATUS_H__
+
+#include <glib.h>
+#include "stc-error.h"
+#include "stc-manager.h"
+
+typedef stc_error_e (*stc_plugin_app_state_changed_cb)(stc_cmd_type_e cmd,
+ pid_t pid,
+ const gchar *app_id,
+ const gchar *pkg_id,
+ stc_app_type_e app_type);
+
+typedef struct {
+ /* popup */
+ int (*send_message_to_net_popup) (const char *, const char *,
+ const char *, const char *, const char *);
+ /* app status */
+ int (*register_state_changed_cb) (stc_s *stc,
+ stc_plugin_app_state_changed_cb cb, void *data);
+ int (*deregister_state_changed_cb) (stc_s *stc);
+} stc_plugin_appstatus_s;
+
+int stc_plugin_popup_send_message(const char *content,
+ const char *type, const char *app_id, const char *iftype, const char *limit);
+
+int stc_plugin_appstatus_register_changed_cb(stc_s *stc,
+ stc_plugin_app_state_changed_cb cb, void *data);
+int stc_plugin_appstatus_deregister_changed_cb(stc_s *stc);
+
+#endif /* __STC_PLUGIN_APPSTATUS_H__ */
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
-INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include)
-
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden")
SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
SET(CMAKE_C_FLAGS_RELEASE "-O2")
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_EXCEPTION_H__
-#define __STC_PLUGIN_EXCEPTION_H__
-
-#include <glib.h>
-#include "stc-error.h"
-#include "stc-manager.h"
-
-typedef struct {
- int (*initialize_plugin) (void);
- int (*deinitialize_plugin) (void);
-
- int (*fill_exception_list) (void);
- int (*update_exception_list) (void);
- int (*check_exception_by_cmdline) (char *cmdline);
-} stc_plugin_exception_s;
-
-int stc_plugin_exception_initialize(void);
-int stc_plugin_exception_deinitialize(void);
-int stc_plugin_exception_fill_list(void);
-int stc_plugin_exception_update_list(void);
-int stc_plugin_exception_check_by_cmdline(char *cmdline);
-
-#endif /* __STC_PLUGIN_EXCEPTION_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_EXCEPTION_H__
+#define __STC_PLUGIN_EXCEPTION_H__
+
+#include <glib.h>
+#include "stc-error.h"
+#include "stc-manager.h"
+
+typedef struct {
+ int (*initialize_plugin) (void);
+ int (*deinitialize_plugin) (void);
+
+ int (*fill_exception_list) (void);
+ int (*update_exception_list) (void);
+ int (*check_exception_by_cmdline) (char *cmdline);
+} stc_plugin_exception_s;
+
+int stc_plugin_exception_initialize(void);
+int stc_plugin_exception_deinitialize(void);
+int stc_plugin_exception_fill_list(void);
+int stc_plugin_exception_update_list(void);
+int stc_plugin_exception_check_by_cmdline(char *cmdline);
+
+#endif /* __STC_PLUGIN_EXCEPTION_H__ */
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
-INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include)
-
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden")
SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
SET(CMAKE_C_FLAGS_RELEASE "-O2")
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_FIREWALL_H__
-#define __STC_PLUGIN_FIREWALL_H__
-
-#include <glib.h>
-#include <stdbool.h>
-#include <unistd.h>
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <signal.h>
-#include <errno.h>
-
-#include "stc-error.h"
-#include "stc-manager.h"
-#include "stc-manager-gdbus.h"
-
-typedef struct {
- stc_fw_chain_target_e target;
- long long int priority;
- GSList *rules;
-} stc_fw_data_s;
-
-typedef struct {
- int (*initialize_plugin) (void);
- int (*deinitialize_plugin) (void);
-
- int (*lock_firewall) (void);
- int (*unlock_firewall) (void);
- int (*get_lock_firewall) (int *state);
- int (*update_firewall) (void);
-
- int (*add_chain) (char *chain);
- int (*remove_chain) (char *chain);
- int (*flush_chain) (char *chain);
- int (*get_all_chain) (GVariantBuilder *builder);
- int (*set_chain) (char *chain, uint target);
- int (*unset_chain) (char *chain);
-
- int (*add_rule) (GVariant *params);
- int (*remove_rule) (GVariant *params);
- int (*update_rule) (GVariant *params);
- int (*get_all_rule) (GVariantBuilder *builder);
-} stc_plugin_firewall_s;
-
-#endif /* __STC_PLUGIN_FIREWALL_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_FIREWALL_H__
+#define __STC_PLUGIN_FIREWALL_H__
+
+#include <glib.h>
+#include <stdbool.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <signal.h>
+#include <errno.h>
+
+#include "stc-error.h"
+#include "stc-manager.h"
+#include "stc-manager-gdbus.h"
+
+typedef struct {
+ stc_fw_chain_target_e target;
+ long long int priority;
+ GSList *rules;
+} stc_fw_data_s;
+
+typedef struct {
+ int (*initialize_plugin) (void);
+ int (*deinitialize_plugin) (void);
+
+ int (*lock_firewall) (void);
+ int (*unlock_firewall) (void);
+ int (*get_lock_firewall) (int *state);
+ int (*update_firewall) (void);
+
+ int (*add_chain) (char *chain);
+ int (*remove_chain) (char *chain);
+ int (*flush_chain) (char *chain);
+ int (*get_all_chain) (GVariantBuilder *builder);
+ int (*set_chain) (char *chain, uint target);
+ int (*unset_chain) (char *chain);
+
+ int (*add_rule) (GVariant *params);
+ int (*remove_rule) (GVariant *params);
+ int (*update_rule) (GVariant *params);
+ int (*get_all_rule) (GVariantBuilder *builder);
+} stc_plugin_firewall_s;
+
+#endif /* __STC_PLUGIN_FIREWALL_H__ */
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
-INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/src/configure/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/tether/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/appstatus/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/firewall/include)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/tether)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/appstatus)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/firewall)
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden")
SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MONITOR_APP_H__
-#define __STC_PLUGIN_MONITOR_APP_H__
-
-#include <glib.h>
-
-#include "stc-error.h"
-#include "stc-manager.h"
-#include "stc-plugin-monitor-context.h"
-#include "stc-plugin-monitor-connection.h"
-
-#define MAC_ADDRESS_LEN 18
-#define SUBSCRIBERID_NONE "none_subid"
-
-typedef struct {
- uint32_t classid; /**< classid for a package */
- gchar *pkg_id; /**< package id */
- gchar *app_id; /**< application id */
- stc_app_type_e type; /**< type of application */
- stc_app_state_e state;
- stc_data_counter_s data_usage;
- stc_data_counter_s counter;
- GHashTable *processes; /**< applications instances */
- char mac[MAC_ADDRESS_LEN+1]; /**< application mac address */
-} stc_app_value_s;
-
-
-stc_error_e stc_plugin_monitor_app_add(uint32_t classid,
- const char *app_id,
- const char *pkg_id,
- const stc_app_value_s value);
-stc_error_e stc_plugin_monitor_app_remove(uint32_t classid,
- const char *app_id);
-gboolean stc_plugin_monitor_app_lookup(uint32_t classid);
-
-
-void stc_monitor_app_update_counter(stc_app_value_s *value,
- classid_bytes_context_s *context);
-void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context);
-gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data);
-void stc_monitor_app_add_by_iface(const char *app_id);
-void stc_monitor_app_add_monitor(gpointer key,
- gpointer value, gpointer data);
-void stc_monitor_app_add_by_connection(stc_connection_s *conn);
-void stc_monitor_app_add_accept(gpointer key,
- gpointer value, gpointer data);
-void stc_monitor_app_remove_monitor(gpointer key,
- gpointer value, gpointer data);
-void stc_monitor_app_remove_by_connection(stc_connection_s *conn);
-void stc_monitor_app_remove_accept(gpointer key,
- gpointer value, gpointer data);
-GHashTable *stc_monitor_apps_init(void);
-
-#endif /* __STC_PLUGIN_MONITOR_APP_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MONITOR_CONNECTION_H__
-#define __STC_PLUGIN_MONITOR_CONNECTION_H__
-
-#include <glib.h>
-#include "stc-error.h"
-#include "stc-manager.h"
-#include "stc-manager-util.h"
-
-#define IMSI_LENGTH 16
-#define SHA256_DIGEST_LENGTH 32
-
-#define TETHERING_USB_IF "usb0"
-#define TETHERING_WIFI_IF "wlan0"
-#define TETHERING_BT_IF "bnep0"
-#define TETHERING_P2P_IF "p2p0"
-
-/**
- * @brief Tethering interface info
- */
-typedef struct {
- gchar *ifname;
- stc_iface_type_e type;
-} tether_iface_s;
-
-/**
- * @brief connection information will be fetched from connman
- */
-typedef struct {
- /* to identify each connection uniquely */
- gchar *path;
-
- /* profile info */
- stc_iface_type_e type;
- gchar *ifname;
-
- /* cellular profile only else it is always false */
- gboolean roaming;
-
- /* only present when default profile is cellular */
- char subscriber_id[SHA256_DIGEST_LENGTH * 2 + 1];
-
- /* hardware network protocol type */
- stc_hw_net_protocol_type_e hw_net_protocol_type;
-
- /* tethering status */
- gboolean tether_state;
-
- /* tethering interface */
- tether_iface_s tether_iface;
-} stc_connection_s;
-
-
-stc_error_e stc_plugin_monitor_connection_init(stc_s *stc);
-stc_error_e stc_plugin_monitor_connection_deinit(stc_s *stc);
-
-
-GSList *stc_get_connection_list(void);
-
-#endif /* __STC_PLUGIN_MONITOR_CONNECTION_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MONITOR_CONTEXT_H__
-#define __STC_PLUGIN_MONITOR_CONTEXT_H__
-
-#include "stc-manager.h"
-
-typedef struct {
- time_t now;
- time_t month_start_ts;
- time_t week_start_ts;
- time_t day_start_ts;
- int is_updated;
-} reset_time_limits_context_s;
-
-typedef struct {
- struct nfacct_rule *counter;
- long long int bytes;
- gboolean data_limit_exceeded;
-} classid_bytes_context_s;
-
-/**
- * @brief structure to store system info
- */
-typedef struct {
- int contr_sock; /**< socket used for getting kernel counters */
- guint contr_timer_id; /**< timer id for periodically getting kernel counters */
- guint contr_gsource_id;
- stc_data_counter_s du_curr; /**< current data usage */
- GHashTable *rstns; /**< restriction rules */
- gboolean rstns_updated;
- GHashTable *apps; /**< monitored applications */
- gboolean apps_updated;
- gboolean background_state;
- time_t last_month_ts;
- time_t last_week_ts;
- time_t last_day_ts;
- int month_start_date;
-} stc_system_s;
-
-#endif /* __STC_PLUGIN_MONITOR_CONTEXT_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MONITOR_IPT_H__
-#define __STC_PLUGIN_MONITOR_IPT_H__
-
-#include "helper-nfacct-rule.h"
-
-stc_error_e stc_monitor_ipt_add_in(struct nfacct_rule *counter);
-stc_error_e stc_monitor_ipt_add_out(struct nfacct_rule *counter);
-stc_error_e stc_monitor_ipt_del_in(struct nfacct_rule *counter);
-stc_error_e stc_monitor_ipt_del_out(struct nfacct_rule *counter);
-
-stc_error_e stc_monitor_ip6t_add_in(struct nfacct_rule *counter);
-stc_error_e stc_monitor_ip6t_add_out(struct nfacct_rule *counter);
-stc_error_e stc_monitor_ip6t_del_in(struct nfacct_rule *counter);
-stc_error_e stc_monitor_ip6t_del_out(struct nfacct_rule *counter);
-
-stc_error_e stc_monitor_ipt_add_list(GSList *counter_list, nfacct_rule_iptype iptype);
-stc_error_e stc_monitor_ipt_del_list(GSList *counter_list, nfacct_rule_iptype iptype);
-
-stc_error_e stc_monitor_tether_add_in(struct nfacct_rule *counter,
- const gchar *ipaddr);
-stc_error_e stc_monitor_tether_add_out(struct nfacct_rule *counter,
- const gchar *ipaddr);
-stc_error_e stc_monitor_tether_del_in(struct nfacct_rule *counter,
- const gchar *ipaddr);
-stc_error_e stc_monitor_tether_del_out(struct nfacct_rule *counter,
- const gchar *ipaddr);
-
-#endif /* __STC_PLUGIN_MONITOR_IPT_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MONITOR_PROC_H__
-#define __STC_PLUGIN_MONITOR_PROC_H__
-
-#include <glib.h>
-
-#include "stc-error.h"
-#include "stc-manager.h"
-
-typedef struct {
- pid_t pid;
- stc_app_state_e ground;
-} stc_proc_value_s;
-
-typedef struct {
- pid_t pid;
- stc_app_value_s *app_value;
- gboolean entry_removed;
-} remove_pid_context_s;
-
-stc_error_e stc_plugin_monitor_proc_update_ground(uint32_t classid,
- const char *app_id,
- const stc_proc_value_s value);
-
-stc_error_e stc_plugin_monitor_proc_add(uint32_t classid,
- const char *app_id,
- const stc_proc_value_s value);
-
-stc_error_e stc_plugin_monitor_proc_remove(uint32_t classid, pid_t pid);
-
-stc_error_e stc_plugin_monitor_proc_move(uint32_t from, uint32_t to);
-
-#endif /* __STC_PLUGIN_MONITOR_PROC_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MONITOR_RSTN_H__
-#define __STC_PLUGIN_MONITOR_RSTN_H__
-
-#include <glib.h>
-
-#include "stc-error.h"
-#include "stc-manager.h"
-#include "stc-plugin-monitor-context.h"
-#include "stc-plugin-monitor-connection.h"
-#include "stc-restriction.h"
-#include "table-restrictions.h"
-
-#define GRANULARITY 10
-
-#define MAX_INT_LENGTH 128
-#define MAX_KEY_LENGTH 128
-
-typedef enum {
- STC_RSTN_LIMIT_TYPE_DATA_WARN,
- STC_RSTN_LIMIT_TYPE_DATA,
- STC_RSTN_LIMIT_TYPE_MONTHLY,
- STC_RSTN_LIMIT_TYPE_WEEKLY,
- STC_RSTN_LIMIT_TYPE_DAILY,
- STC_RSTN_LIMIT_TYPE_MAX
-} stc_rstn_limit_type_e;
-
-typedef enum {
- STC_RSTN_STATE_INIT = -1,
- STC_RSTN_STATE_UNSET,
- STC_RSTN_STATE_SET,
-} stc_rstn_noti_state_e;
-
-typedef struct {
- uint32_t classid;
- char *app_id;
- stc_iface_type_e iftype;
- char *ifname;
- char *subscriber_id;
- stc_roaming_type_e roaming;
- char *mac;
-
- long long int restriction_id;
- stc_rstn_state_e rstn_state;
- stc_rstn_type_e rstn_type;
-
- long long int counter[STC_RSTN_LIMIT_TYPE_MAX];
- long long int limit[STC_RSTN_LIMIT_TYPE_MAX];
- int32_t limit_exceeded;
- int32_t limit_notified;
-
- int month_start_date;
- time_t month_start_ts;
-} stc_rstn_data_s;
-
-typedef struct {
- GSList *rules;
-} stc_rstn_value_s;
-
-typedef struct {
- time_t month_start_ts;
- time_t week_start_ts;
- time_t day_start_ts;
- long long int monthly_stat;
- long long int weekly_stat;
- long long int daily_stat;
-} stc_rstn_cumulative_data_s;
-
-
-stc_error_e stc_plugin_monitor_rstn_add(const table_restrictions_info *info);
-stc_error_e stc_plugin_monitor_rstn_remove(const table_restrictions_info *info);
-
-
-void stc_monitor_rstn_reset_time_counters_if_required(void);
-void stc_monitor_rstn_update_counter(gpointer data,
- gpointer user_data);
-void stc_monitor_rstn_update_iface_counter(classid_bytes_context_s *context);
-void stc_monitor_rstn_action_when_limit_exceeded(stc_rstn_limit_type_e limit_type,
- stc_rstn_data_s *rstn_data,
- classid_bytes_context_s *context);
-gboolean stc_monitor_rstn_flush_contr_to_db(gpointer user_data);
-void stc_monitor_rstn_add_for_app(uint32_t classid);
-void stc_monitor_rstn_add_by_connection(stc_connection_s *conn);
-void stc_monitor_rstn_remove_for_app(uint32_t classid);
-void stc_monitor_rstn_remove_by_connection(stc_connection_s *conn);
-void stc_monitor_rstns_load(void);
-GHashTable *stc_monitor_rstns_init(void);
-
-#endif /* __STC_PLUGIN_MONITOR_RSTN_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MANAGER_TIME_H__
-#define __STC_PLUGIN_MANAGER_TIME_H__
-
-time_t stc_time_get_day_start(time_t now);
-time_t stc_time_get_week_start(time_t now);
-time_t stc_time_get_month_start(time_t now, int month_start_date);
-
-#endif /* __STC_PLUGIN_MANAGER_TIME_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_MONITOR_H__
-#define __STC_PLUGIN_MONITOR_H__
-
-#include <glib.h>
-#include "stc-error.h"
-#include "stc-manager.h"
-#include "stc-manager-util.h"
-#include "stc-plugin-monitor-context.h"
-#include "stc-plugin-monitor-app.h"
-#include "stc-plugin-monitor-proc.h"
-#include "stc-plugin-monitor-rstn.h"
-#include "helper-nl.h"
-
-/* 1 seconds */
-#define CONTR_TIMER_INTERVAL 1
-
-#ifndef VCONFKEY_STC_BACKGROUND_STATE
-#define VCONFKEY_STC_BACKGROUND_STATE "db/stc/background_state"
-#endif
-
-#ifndef VCONFKEY_SETAPPL_DATA_RESTRICTION_INT
-#define VCONFKEY_SETAPPL_DATA_RESTRICTION_INT "db/setting/data_restriction"
-#endif
-
-typedef void (*stc_manager_stop_cb)(void);
-
-typedef struct {
- int (*initialize_plugin) (stc_manager_stop_cb stop_cb);
- int (*deinitialize_plugin) (void);
-
- int (*add_application) (uint32_t classid,
- const char *app_id,
- const char *pkg_id,
- const stc_app_value_s value);
- int (*remove_application) (uint32_t classid,
- const char *app_id);
-
- int (*add_restriction) (const table_restrictions_info *info);
- int (*remove_restriction) (const table_restrictions_info *info);
- int (*lookup_application) (uint32_t classid);
-
- int (*init_connection) (stc_s *stc);
- int (*deinit_connection) (stc_s *stc);
-
- int (*add_process) (uint32_t classid,
- const char *app_id,
- const stc_proc_value_s value);
- int (*remove_process) (uint32_t classid, pid_t pid);
- int (*move_process) (uint32_t from, uint32_t to);
- int (*update_process_ground) (uint32_t classid,
- const char *app_id,
- const stc_proc_value_s value);
-
- int (*check_excn_by_cmdline) (char *cmdline);
-} stc_plugin_monitor_s;
-
-stc_error_e stc_plugin_monitor_initialize(stc_manager_stop_cb stop_cb);
-stc_error_e stc_plugin_monitor_deinitialize(void);
-
-GHashTable *stc_monitor_get_system_apps(void);
-GHashTable *stc_monitor_get_system_rstns(void);
-int stc_monitor_get_contr_sock(void);
-time_t stc_monitor_get_last_month_ts(void);
-void stc_monitor_set_last_month_ts(time_t time);
-time_t stc_monitor_get_last_week_ts(void);
-void stc_monitor_set_last_week_ts(time_t time);
-time_t stc_monitor_get_last_day_ts(void);
-void stc_monitor_set_last_day_ts(time_t time);
-void stc_monitor_set_rstns_updated(gboolean value);
-gboolean stc_monitor_get_rstns_updated(void);
-void stc_monitor_set_apps_updated(gboolean value);
-gboolean stc_monitor_get_apps_updated(void);
-void stc_monitor_set_background_state(gboolean value);
-gboolean stc_monitor_get_background_state(void);
-void stc_monitor_update_by_connection(void *data);
-void stc_monitor_add_by_connection(void *data);
-void stc_monitor_remove_by_connection(void *data);
-
-#endif /* __STC_PLUGIN_MONITOR_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MONITOR_APP_H__
+#define __STC_PLUGIN_MONITOR_APP_H__
+
+#include <glib.h>
+
+#include "stc-error.h"
+#include "stc-manager.h"
+#include "stc-plugin-monitor-context.h"
+#include "stc-plugin-monitor-connection.h"
+
+#define MAC_ADDRESS_LEN 18
+#define SUBSCRIBERID_NONE "none_subid"
+
+typedef struct {
+ uint32_t classid; /**< classid for a package */
+ gchar *pkg_id; /**< package id */
+ gchar *app_id; /**< application id */
+ stc_app_type_e type; /**< type of application */
+ stc_app_state_e state;
+ stc_data_counter_s data_usage;
+ stc_data_counter_s counter;
+ GHashTable *processes; /**< applications instances */
+ char mac[MAC_ADDRESS_LEN+1]; /**< application mac address */
+} stc_app_value_s;
+
+
+stc_error_e stc_plugin_monitor_app_add(uint32_t classid,
+ const char *app_id,
+ const char *pkg_id,
+ const stc_app_value_s value);
+stc_error_e stc_plugin_monitor_app_remove(uint32_t classid,
+ const char *app_id);
+gboolean stc_plugin_monitor_app_lookup(uint32_t classid);
+
+
+void stc_monitor_app_update_counter(stc_app_value_s *value,
+ classid_bytes_context_s *context);
+void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context);
+gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data);
+void stc_monitor_app_add_by_iface(const char *app_id);
+void stc_monitor_app_add_monitor(gpointer key,
+ gpointer value, gpointer data);
+void stc_monitor_app_add_by_connection(stc_connection_s *conn);
+void stc_monitor_app_add_accept(gpointer key,
+ gpointer value, gpointer data);
+void stc_monitor_app_remove_monitor(gpointer key,
+ gpointer value, gpointer data);
+void stc_monitor_app_remove_by_connection(stc_connection_s *conn);
+void stc_monitor_app_remove_accept(gpointer key,
+ gpointer value, gpointer data);
+GHashTable *stc_monitor_apps_init(void);
+
+#endif /* __STC_PLUGIN_MONITOR_APP_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MONITOR_CONNECTION_H__
+#define __STC_PLUGIN_MONITOR_CONNECTION_H__
+
+#include <glib.h>
+#include "stc-error.h"
+#include "stc-manager.h"
+#include "stc-manager-util.h"
+
+#define IMSI_LENGTH 16
+#define SHA256_DIGEST_LENGTH 32
+
+#define TETHERING_USB_IF "usb0"
+#define TETHERING_WIFI_IF "wlan0"
+#define TETHERING_BT_IF "bnep0"
+#define TETHERING_P2P_IF "p2p0"
+
+/**
+ * @brief Tethering interface info
+ */
+typedef struct {
+ gchar *ifname;
+ stc_iface_type_e type;
+} tether_iface_s;
+
+/**
+ * @brief connection information will be fetched from connman
+ */
+typedef struct {
+ /* to identify each connection uniquely */
+ gchar *path;
+
+ /* profile info */
+ stc_iface_type_e type;
+ gchar *ifname;
+
+ /* cellular profile only else it is always false */
+ gboolean roaming;
+
+ /* only present when default profile is cellular */
+ char subscriber_id[SHA256_DIGEST_LENGTH * 2 + 1];
+
+ /* hardware network protocol type */
+ stc_hw_net_protocol_type_e hw_net_protocol_type;
+
+ /* tethering status */
+ gboolean tether_state;
+
+ /* tethering interface */
+ tether_iface_s tether_iface;
+} stc_connection_s;
+
+
+stc_error_e stc_plugin_monitor_connection_init(stc_s *stc);
+stc_error_e stc_plugin_monitor_connection_deinit(stc_s *stc);
+
+
+GSList *stc_get_connection_list(void);
+
+#endif /* __STC_PLUGIN_MONITOR_CONNECTION_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MONITOR_CONTEXT_H__
+#define __STC_PLUGIN_MONITOR_CONTEXT_H__
+
+#include "stc-manager.h"
+
+typedef struct {
+ time_t now;
+ time_t month_start_ts;
+ time_t week_start_ts;
+ time_t day_start_ts;
+ int is_updated;
+} reset_time_limits_context_s;
+
+typedef struct {
+ struct nfacct_rule *counter;
+ long long int bytes;
+ gboolean data_limit_exceeded;
+} classid_bytes_context_s;
+
+/**
+ * @brief structure to store system info
+ */
+typedef struct {
+ int contr_sock; /**< socket used for getting kernel counters */
+ guint contr_timer_id; /**< timer id for periodically getting kernel counters */
+ guint contr_gsource_id;
+ stc_data_counter_s du_curr; /**< current data usage */
+ GHashTable *rstns; /**< restriction rules */
+ gboolean rstns_updated;
+ GHashTable *apps; /**< monitored applications */
+ gboolean apps_updated;
+ gboolean background_state;
+ time_t last_month_ts;
+ time_t last_week_ts;
+ time_t last_day_ts;
+ int month_start_date;
+} stc_system_s;
+
+#endif /* __STC_PLUGIN_MONITOR_CONTEXT_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MONITOR_IPT_H__
+#define __STC_PLUGIN_MONITOR_IPT_H__
+
+#include "helper-nfacct-rule.h"
+
+stc_error_e stc_monitor_ipt_add_in(struct nfacct_rule *counter);
+stc_error_e stc_monitor_ipt_add_out(struct nfacct_rule *counter);
+stc_error_e stc_monitor_ipt_del_in(struct nfacct_rule *counter);
+stc_error_e stc_monitor_ipt_del_out(struct nfacct_rule *counter);
+
+stc_error_e stc_monitor_ip6t_add_in(struct nfacct_rule *counter);
+stc_error_e stc_monitor_ip6t_add_out(struct nfacct_rule *counter);
+stc_error_e stc_monitor_ip6t_del_in(struct nfacct_rule *counter);
+stc_error_e stc_monitor_ip6t_del_out(struct nfacct_rule *counter);
+
+stc_error_e stc_monitor_ipt_add_list(GSList *counter_list, nfacct_rule_iptype iptype);
+stc_error_e stc_monitor_ipt_del_list(GSList *counter_list, nfacct_rule_iptype iptype);
+
+stc_error_e stc_monitor_tether_add_in(struct nfacct_rule *counter,
+ const gchar *ipaddr);
+stc_error_e stc_monitor_tether_add_out(struct nfacct_rule *counter,
+ const gchar *ipaddr);
+stc_error_e stc_monitor_tether_del_in(struct nfacct_rule *counter,
+ const gchar *ipaddr);
+stc_error_e stc_monitor_tether_del_out(struct nfacct_rule *counter,
+ const gchar *ipaddr);
+
+#endif /* __STC_PLUGIN_MONITOR_IPT_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MONITOR_PROC_H__
+#define __STC_PLUGIN_MONITOR_PROC_H__
+
+#include <glib.h>
+
+#include "stc-error.h"
+#include "stc-manager.h"
+
+typedef struct {
+ pid_t pid;
+ stc_app_state_e ground;
+} stc_proc_value_s;
+
+typedef struct {
+ pid_t pid;
+ stc_app_value_s *app_value;
+ gboolean entry_removed;
+} remove_pid_context_s;
+
+stc_error_e stc_plugin_monitor_proc_update_ground(uint32_t classid,
+ const char *app_id,
+ const stc_proc_value_s value);
+
+stc_error_e stc_plugin_monitor_proc_add(uint32_t classid,
+ const char *app_id,
+ const stc_proc_value_s value);
+
+stc_error_e stc_plugin_monitor_proc_remove(uint32_t classid, pid_t pid);
+
+stc_error_e stc_plugin_monitor_proc_move(uint32_t from, uint32_t to);
+
+#endif /* __STC_PLUGIN_MONITOR_PROC_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MONITOR_RSTN_H__
+#define __STC_PLUGIN_MONITOR_RSTN_H__
+
+#include <glib.h>
+
+#include "stc-error.h"
+#include "stc-manager.h"
+#include "stc-plugin-monitor-context.h"
+#include "stc-plugin-monitor-connection.h"
+#include "stc-restriction.h"
+#include "table-restrictions.h"
+
+#define GRANULARITY 10
+
+#define MAX_INT_LENGTH 128
+#define MAX_KEY_LENGTH 128
+
+typedef enum {
+ STC_RSTN_LIMIT_TYPE_DATA_WARN,
+ STC_RSTN_LIMIT_TYPE_DATA,
+ STC_RSTN_LIMIT_TYPE_MONTHLY,
+ STC_RSTN_LIMIT_TYPE_WEEKLY,
+ STC_RSTN_LIMIT_TYPE_DAILY,
+ STC_RSTN_LIMIT_TYPE_MAX
+} stc_rstn_limit_type_e;
+
+typedef enum {
+ STC_RSTN_STATE_INIT = -1,
+ STC_RSTN_STATE_UNSET,
+ STC_RSTN_STATE_SET,
+} stc_rstn_noti_state_e;
+
+typedef struct {
+ uint32_t classid;
+ char *app_id;
+ stc_iface_type_e iftype;
+ char *ifname;
+ char *subscriber_id;
+ stc_roaming_type_e roaming;
+ char *mac;
+
+ long long int restriction_id;
+ stc_rstn_state_e rstn_state;
+ stc_rstn_type_e rstn_type;
+
+ long long int counter[STC_RSTN_LIMIT_TYPE_MAX];
+ long long int limit[STC_RSTN_LIMIT_TYPE_MAX];
+ int32_t limit_exceeded;
+ int32_t limit_notified;
+
+ int month_start_date;
+ time_t month_start_ts;
+} stc_rstn_data_s;
+
+typedef struct {
+ GSList *rules;
+} stc_rstn_value_s;
+
+typedef struct {
+ time_t month_start_ts;
+ time_t week_start_ts;
+ time_t day_start_ts;
+ long long int monthly_stat;
+ long long int weekly_stat;
+ long long int daily_stat;
+} stc_rstn_cumulative_data_s;
+
+
+stc_error_e stc_plugin_monitor_rstn_add(const table_restrictions_info *info);
+stc_error_e stc_plugin_monitor_rstn_remove(const table_restrictions_info *info);
+
+
+void stc_monitor_rstn_reset_time_counters_if_required(void);
+void stc_monitor_rstn_update_counter(gpointer data,
+ gpointer user_data);
+void stc_monitor_rstn_update_iface_counter(classid_bytes_context_s *context);
+void stc_monitor_rstn_action_when_limit_exceeded(stc_rstn_limit_type_e limit_type,
+ stc_rstn_data_s *rstn_data,
+ classid_bytes_context_s *context);
+gboolean stc_monitor_rstn_flush_contr_to_db(gpointer user_data);
+void stc_monitor_rstn_add_for_app(uint32_t classid);
+void stc_monitor_rstn_add_by_connection(stc_connection_s *conn);
+void stc_monitor_rstn_remove_for_app(uint32_t classid);
+void stc_monitor_rstn_remove_by_connection(stc_connection_s *conn);
+void stc_monitor_rstns_load(void);
+GHashTable *stc_monitor_rstns_init(void);
+
+#endif /* __STC_PLUGIN_MONITOR_RSTN_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MANAGER_TIME_H__
+#define __STC_PLUGIN_MANAGER_TIME_H__
+
+time_t stc_time_get_day_start(time_t now);
+time_t stc_time_get_week_start(time_t now);
+time_t stc_time_get_month_start(time_t now, int month_start_date);
+
+#endif /* __STC_PLUGIN_MANAGER_TIME_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_MONITOR_H__
+#define __STC_PLUGIN_MONITOR_H__
+
+#include <glib.h>
+#include "stc-error.h"
+#include "stc-manager.h"
+#include "stc-manager-util.h"
+#include "stc-plugin-monitor-context.h"
+#include "stc-plugin-monitor-app.h"
+#include "stc-plugin-monitor-proc.h"
+#include "stc-plugin-monitor-rstn.h"
+#include "helper-nl.h"
+
+/* 1 seconds */
+#define CONTR_TIMER_INTERVAL 1
+
+#ifndef VCONFKEY_STC_BACKGROUND_STATE
+#define VCONFKEY_STC_BACKGROUND_STATE "db/stc/background_state"
+#endif
+
+#ifndef VCONFKEY_SETAPPL_DATA_RESTRICTION_INT
+#define VCONFKEY_SETAPPL_DATA_RESTRICTION_INT "db/setting/data_restriction"
+#endif
+
+typedef void (*stc_manager_stop_cb)(void);
+
+typedef struct {
+ int (*initialize_plugin) (stc_manager_stop_cb stop_cb);
+ int (*deinitialize_plugin) (void);
+
+ int (*add_application) (uint32_t classid,
+ const char *app_id,
+ const char *pkg_id,
+ const stc_app_value_s value);
+ int (*remove_application) (uint32_t classid,
+ const char *app_id);
+
+ int (*add_restriction) (const table_restrictions_info *info);
+ int (*remove_restriction) (const table_restrictions_info *info);
+ int (*lookup_application) (uint32_t classid);
+
+ int (*init_connection) (stc_s *stc);
+ int (*deinit_connection) (stc_s *stc);
+
+ int (*add_process) (uint32_t classid,
+ const char *app_id,
+ const stc_proc_value_s value);
+ int (*remove_process) (uint32_t classid, pid_t pid);
+ int (*move_process) (uint32_t from, uint32_t to);
+ int (*update_process_ground) (uint32_t classid,
+ const char *app_id,
+ const stc_proc_value_s value);
+
+ int (*check_excn_by_cmdline) (char *cmdline);
+} stc_plugin_monitor_s;
+
+stc_error_e stc_plugin_monitor_initialize(stc_manager_stop_cb stop_cb);
+stc_error_e stc_plugin_monitor_deinitialize(void);
+
+GHashTable *stc_monitor_get_system_apps(void);
+GHashTable *stc_monitor_get_system_rstns(void);
+int stc_monitor_get_contr_sock(void);
+time_t stc_monitor_get_last_month_ts(void);
+void stc_monitor_set_last_month_ts(time_t time);
+time_t stc_monitor_get_last_week_ts(void);
+void stc_monitor_set_last_week_ts(time_t time);
+time_t stc_monitor_get_last_day_ts(void);
+void stc_monitor_set_last_day_ts(time_t time);
+void stc_monitor_set_rstns_updated(gboolean value);
+gboolean stc_monitor_get_rstns_updated(void);
+void stc_monitor_set_apps_updated(gboolean value);
+gboolean stc_monitor_get_apps_updated(void);
+void stc_monitor_set_background_state(gboolean value);
+gboolean stc_monitor_get_background_state(void);
+void stc_monitor_update_by_connection(void *data);
+void stc_monitor_add_by_connection(void *data);
+void stc_monitor_remove_by_connection(void *data);
+
+#endif /* __STC_PLUGIN_MONITOR_H__ */
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
-INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include)
-
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden")
SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
SET(CMAKE_C_FLAGS_RELEASE "-O2")
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_PCAP_INTERNAL_H__
-#define __STC_PLUGIN_PCAP_INTERNAL_H__
-
-#include <glib.h>
-#include <stdbool.h>
-#include <unistd.h>
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <signal.h>
-#include <errno.h>
-#include <pcap.h>
-#include <pcap/nflog.h>
-#include <arpa/inet.h>
-#include <net/ethernet.h>
-#include <net/if_arp.h>
-#include <netinet/ether.h>
-#include <netinet/ip.h>
-#include <netinet/ip6.h>
-#include <netinet/ip_icmp.h>
-#include <netinet/tcp.h>
-#include <netinet/udp.h>
-
-#include "stc-error.h"
-#include "stc-manager.h"
-
-#define BUFF_SIZE_IP 16
-#define BUFF_SIZE_IP6 46
-#define BUFF_SIZE_HOST 32
-#define BUFF_SIZE_ID 64
-#define BUFF_SIZE_TIME 64
-#define BUFF_SIZE_NAME 256
-
-#define PORT_FTP_DATA 20
-#define PORT_FTP_CTL 21
-#define PORT_SMTP 25
-#define PORT_DNS 53
-#define PORT_BOOTP_S 67
-#define PORT_BOOTP_C 68
-#define PORT_HTTP 80
-#define PORT_NTP 123
-#define PORT_HTTPS 443
-#define PORT_SMTP_MSG 587
-#define PORT_HTTP_ALT 8080
-
-#define ARP_REQUEST 1
-#define ARP_REPLY 2
-#define ARP_RREQUEST 3
-#define ARP_RREPLY 4
-
-#define BOOTP_REQUEST 1
-#define BOOTP_REPLY 2
-
-#define BOOTP_CHADDR_LEN 16
-#define BOOTP_SNAME_LEN 64
-#define BOOTP_FILE_LEN 128
-#define BOOTP_MOPTION_LEN 60
-
-#define BOOTP_MAGIC_DHCP 0x63825363
-
-#define DHCP_TAG_SUBNET_MASK 1
-#define DHCP_TAG_ROUTER 3
-#define DHCP_TAG_DNS 6
-#define DHCP_TAG_HOST_NAME 12
-#define DHCP_TAG_REQUESTED_IP 50
-#define DHCP_TAG_IP_LEASE_TIME 51
-#define DHCP_TAG_MSG_TYPE 53
-#define DHCP_TAG_SERVER_ID 54
-#define DHCP_TAG_MSG_SIZE 57
-#define DHCP_TAG_CLIENT_ID 61
-#define DHCP_TAG_END 255
-
-#define DHCP_MSG_TYPE_DISCOVER 1
-#define DHCP_MSG_TYPE_OFFER 2
-#define DHCP_MSG_TYPE_REQUEST 3
-#define DHCP_MSG_TYPE_DECLINE 4
-#define DHCP_MSG_TYPE_ACK 5
-#define DHCP_MSG_TYPE_NAK 6
-#define DHCP_MSG_TYPE_RELEASE 7
-#define DHCP_MSG_TYPE_INFORM 8
-
-#define DHCP_CLIENT_ID_ETHERNET 1
-#define DHCP_CLIENT_ID_IEEE802 2
-#define DHCP_CLIENT_ID_ARCNET 7
-#define DHCP_CLIENT_ID_LOCALTALK 11
-#define DHCP_CLIENT_ID_LOCALNET 12
-#define DHCP_CLIENT_ID_SMDS 14
-#define DHCP_CLIENT_ID_FRAMERELAY 15
-#define DHCP_CLIENT_ID_ATM1 16
-#define DHCP_CLIENT_ID_HDLC 17
-#define DHCP_CLIENT_ID_FIBRECHANNEL 18
-#define DHCP_CLIENT_ID_ATM2 19
-#define DHCP_CLIENT_ID_SERIALLINE 20
-
-#define NTP_STRATUM_UNSPECIFIED 0
-#define NTP_STRATUM_PRIM_REF 1
-#define NTP_STRATUM_INFO_QUERY 62
-#define NTP_STRATUM_INFO_REPLY 63
-
-#define NTP_JAN_1970 2208988800U /* 1970 - 1900 in seconds */
-
-#define DNS_QTYPE_A 1
-#define DNS_QTYPE_CNAME 5
-#define DNS_QTYPE_AAAA 28
-
-#define DNS_QCLASS_IN 1
-#define DNS_QCLASS_CHAOS 3
-#define DNS_QCLASS_HS 4
-#define DNS_QCLASS_ANY 255
-
-#define ETHERTYPE_EAPOL 0x888e
-
-#define HR_SINGLE "----------------------------------------" \
- "-------------------------"
-#define HR_DOUBLE "========================================" \
- "========================="
-
-typedef struct {
- char *ifname;
- char *nfname;
- int nflog_group;
- GThread *thread;
- pcap_t *handle;
- int encap_type;
-} stc_pcap_data_s;
-
-typedef struct {
- uint16_t id;
- uint16_t flags;
- uint16_t questions;
- uint16_t answerRR;
- uint16_t authorityRR;
- uint16_t additionalRR;
-} dns_t;
-
-typedef struct {
- uint16_t type;
- uint16_t class;
-} dns_query_t;
-
-typedef struct {
- uint16_t type;
- uint16_t class;
- uint16_t ttl;
- uint16_t rdlen;
- char rdata[];
-} dns_recode_t;
-
-typedef struct {
- uint8_t op; /* packet opcode type */
- uint8_t htype; /* hardware addr type */
- uint8_t hlen; /* hardware addr length */
- uint8_t hops; /* gateway hops */
- uint32_t xid; /* transaction ID */
- uint16_t secs; /* seconds since boot began */
- uint16_t flags; /* flags */
- struct in_addr ciaddr; /* client IP address */
- struct in_addr yiaddr; /* 'your' IP address */
- struct in_addr siaddr; /* server IP address */
- struct in_addr giaddr; /* gateway(relay agent) IP address */
- uint8_t chaddr[BOOTP_CHADDR_LEN]; /* client hardware address */
- uint8_t sname[BOOTP_SNAME_LEN]; /* server host name */
- uint8_t file[BOOTP_FILE_LEN]; /* boot file name */
- uint32_t magic; /* must be 0x63825363 (network order) */
- uint8_t moption[BOOTP_MOPTION_LEN];
-} bootp_t;
-
-typedef struct {
- uint16_t second;
- uint16_t fraction;
-} ntp_short_t;
-
-typedef struct {
- uint32_t second;
- uint32_t fraction;
-} ntp_long_t;
-
-typedef struct {
- uint8_t flags; /* Mode, version and leap indicator */
- uint8_t stratum; /* Stratum details */
- uint8_t poll; /* Maximum interval in log2 seconds */
- uint8_t precision; /* Clock precision in log2 seconds */
- ntp_short_t rootdelay; /* Root delay */
- ntp_short_t rootdisp; /* Root dispersion */
- uint32_t refid; /* Reference ID */
- ntp_long_t reftime; /* Reference timestamp */
- ntp_long_t orgtime; /* Origin timestamp */
- ntp_long_t rectime; /* Receive timestamp */
- ntp_long_t xmttime; /* Transmit timestamp */
-} ntp_t;
-
-typedef struct {
- uint32_t ts[4];
-} nflog_timestamp_s;
-
-typedef struct ether_header eth_t;
-typedef struct ip ip_t;
-typedef struct ip6_hdr ip6_t;
-typedef struct arphdr arp_t;
-typedef struct icmphdr icmp_t;
-typedef struct tcphdr tcp_t;
-typedef struct udphdr udp_t;
-
-#define SIZE_ETHER_HEADER sizeof(eth_t)
-#define SIZE_IP_HEADER sizeof(ip_t)
-#define SIZE_IP6_HEADER sizeof(ip6_t)
-#define SIZE_ARP_HEADER sizeof(arp_t)
-#define SIZE_ICMP_HEADER sizeof(icmp_t)
-#define SIZE_TCP_HEADER sizeof(tcp_t)
-#define SIZE_UDP_HEADER sizeof(udp_t)
-#define SIZE_DNS_HEADER sizeof(dns_t)
-
-#define SIZE_NFLOG_HDR sizeof(nflog_hdr_t)
-#define SIZE_NFLOG_TLV sizeof(nflog_tlv_t)
-
-#define IS_SRC_OR_DST_PORT(p) (source == (p) || dest == (p))
-
-#endif /* __STC_PLUGIN_PCAP_INTERNAL_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_PCAP_H__
-#define __STC_PLUGIN_PCAP_H__
-
-#include <glib.h>
-
-typedef struct {
- int (*initialize_plugin) (void);
- int (*deinitialize_plugin) (void);
- int (*lookup_dev) (void);
- int (*lookup_net) (void);
- int (*find_all_devs) (GVariantBuilder *builder);
- int (*register_loop) (const char *ifname, int group);
- int (*unregister_loop) (const char *ifname, int group);
- int (*get_all_loop) (GVariantBuilder *builder);
-} stc_plugin_pcap_s;
-
-#endif /* __STC_PLUGIN_PCAP_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_PCAP_INTERNAL_H__
+#define __STC_PLUGIN_PCAP_INTERNAL_H__
+
+#include <glib.h>
+#include <stdbool.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <signal.h>
+#include <errno.h>
+#include <pcap.h>
+#include <pcap/nflog.h>
+#include <arpa/inet.h>
+#include <net/ethernet.h>
+#include <net/if_arp.h>
+#include <netinet/ether.h>
+#include <netinet/ip.h>
+#include <netinet/ip6.h>
+#include <netinet/ip_icmp.h>
+#include <netinet/tcp.h>
+#include <netinet/udp.h>
+
+#include "stc-error.h"
+#include "stc-manager.h"
+
+#define BUFF_SIZE_IP 16
+#define BUFF_SIZE_IP6 46
+#define BUFF_SIZE_HOST 32
+#define BUFF_SIZE_ID 64
+#define BUFF_SIZE_TIME 64
+#define BUFF_SIZE_NAME 256
+
+#define PORT_FTP_DATA 20
+#define PORT_FTP_CTL 21
+#define PORT_SMTP 25
+#define PORT_DNS 53
+#define PORT_BOOTP_S 67
+#define PORT_BOOTP_C 68
+#define PORT_HTTP 80
+#define PORT_NTP 123
+#define PORT_HTTPS 443
+#define PORT_SMTP_MSG 587
+#define PORT_HTTP_ALT 8080
+
+#define ARP_REQUEST 1
+#define ARP_REPLY 2
+#define ARP_RREQUEST 3
+#define ARP_RREPLY 4
+
+#define BOOTP_REQUEST 1
+#define BOOTP_REPLY 2
+
+#define BOOTP_CHADDR_LEN 16
+#define BOOTP_SNAME_LEN 64
+#define BOOTP_FILE_LEN 128
+#define BOOTP_MOPTION_LEN 60
+
+#define BOOTP_MAGIC_DHCP 0x63825363
+
+#define DHCP_TAG_SUBNET_MASK 1
+#define DHCP_TAG_ROUTER 3
+#define DHCP_TAG_DNS 6
+#define DHCP_TAG_HOST_NAME 12
+#define DHCP_TAG_REQUESTED_IP 50
+#define DHCP_TAG_IP_LEASE_TIME 51
+#define DHCP_TAG_MSG_TYPE 53
+#define DHCP_TAG_SERVER_ID 54
+#define DHCP_TAG_MSG_SIZE 57
+#define DHCP_TAG_CLIENT_ID 61
+#define DHCP_TAG_END 255
+
+#define DHCP_MSG_TYPE_DISCOVER 1
+#define DHCP_MSG_TYPE_OFFER 2
+#define DHCP_MSG_TYPE_REQUEST 3
+#define DHCP_MSG_TYPE_DECLINE 4
+#define DHCP_MSG_TYPE_ACK 5
+#define DHCP_MSG_TYPE_NAK 6
+#define DHCP_MSG_TYPE_RELEASE 7
+#define DHCP_MSG_TYPE_INFORM 8
+
+#define DHCP_CLIENT_ID_ETHERNET 1
+#define DHCP_CLIENT_ID_IEEE802 2
+#define DHCP_CLIENT_ID_ARCNET 7
+#define DHCP_CLIENT_ID_LOCALTALK 11
+#define DHCP_CLIENT_ID_LOCALNET 12
+#define DHCP_CLIENT_ID_SMDS 14
+#define DHCP_CLIENT_ID_FRAMERELAY 15
+#define DHCP_CLIENT_ID_ATM1 16
+#define DHCP_CLIENT_ID_HDLC 17
+#define DHCP_CLIENT_ID_FIBRECHANNEL 18
+#define DHCP_CLIENT_ID_ATM2 19
+#define DHCP_CLIENT_ID_SERIALLINE 20
+
+#define NTP_STRATUM_UNSPECIFIED 0
+#define NTP_STRATUM_PRIM_REF 1
+#define NTP_STRATUM_INFO_QUERY 62
+#define NTP_STRATUM_INFO_REPLY 63
+
+#define NTP_JAN_1970 2208988800U /* 1970 - 1900 in seconds */
+
+#define DNS_QTYPE_A 1
+#define DNS_QTYPE_CNAME 5
+#define DNS_QTYPE_AAAA 28
+
+#define DNS_QCLASS_IN 1
+#define DNS_QCLASS_CHAOS 3
+#define DNS_QCLASS_HS 4
+#define DNS_QCLASS_ANY 255
+
+#define ETHERTYPE_EAPOL 0x888e
+
+#define HR_SINGLE "----------------------------------------" \
+ "-------------------------"
+#define HR_DOUBLE "========================================" \
+ "========================="
+
+typedef struct {
+ char *ifname;
+ char *nfname;
+ int nflog_group;
+ GThread *thread;
+ pcap_t *handle;
+ int encap_type;
+} stc_pcap_data_s;
+
+typedef struct {
+ uint16_t id;
+ uint16_t flags;
+ uint16_t questions;
+ uint16_t answerRR;
+ uint16_t authorityRR;
+ uint16_t additionalRR;
+} dns_t;
+
+typedef struct {
+ uint16_t type;
+ uint16_t class;
+} dns_query_t;
+
+typedef struct {
+ uint16_t type;
+ uint16_t class;
+ uint16_t ttl;
+ uint16_t rdlen;
+ char rdata[];
+} dns_recode_t;
+
+typedef struct {
+ uint8_t op; /* packet opcode type */
+ uint8_t htype; /* hardware addr type */
+ uint8_t hlen; /* hardware addr length */
+ uint8_t hops; /* gateway hops */
+ uint32_t xid; /* transaction ID */
+ uint16_t secs; /* seconds since boot began */
+ uint16_t flags; /* flags */
+ struct in_addr ciaddr; /* client IP address */
+ struct in_addr yiaddr; /* 'your' IP address */
+ struct in_addr siaddr; /* server IP address */
+ struct in_addr giaddr; /* gateway(relay agent) IP address */
+ uint8_t chaddr[BOOTP_CHADDR_LEN]; /* client hardware address */
+ uint8_t sname[BOOTP_SNAME_LEN]; /* server host name */
+ uint8_t file[BOOTP_FILE_LEN]; /* boot file name */
+ uint32_t magic; /* must be 0x63825363 (network order) */
+ uint8_t moption[BOOTP_MOPTION_LEN];
+} bootp_t;
+
+typedef struct {
+ uint16_t second;
+ uint16_t fraction;
+} ntp_short_t;
+
+typedef struct {
+ uint32_t second;
+ uint32_t fraction;
+} ntp_long_t;
+
+typedef struct {
+ uint8_t flags; /* Mode, version and leap indicator */
+ uint8_t stratum; /* Stratum details */
+ uint8_t poll; /* Maximum interval in log2 seconds */
+ uint8_t precision; /* Clock precision in log2 seconds */
+ ntp_short_t rootdelay; /* Root delay */
+ ntp_short_t rootdisp; /* Root dispersion */
+ uint32_t refid; /* Reference ID */
+ ntp_long_t reftime; /* Reference timestamp */
+ ntp_long_t orgtime; /* Origin timestamp */
+ ntp_long_t rectime; /* Receive timestamp */
+ ntp_long_t xmttime; /* Transmit timestamp */
+} ntp_t;
+
+typedef struct {
+ uint32_t ts[4];
+} nflog_timestamp_s;
+
+typedef struct ether_header eth_t;
+typedef struct ip ip_t;
+typedef struct ip6_hdr ip6_t;
+typedef struct arphdr arp_t;
+typedef struct icmphdr icmp_t;
+typedef struct tcphdr tcp_t;
+typedef struct udphdr udp_t;
+
+#define SIZE_ETHER_HEADER sizeof(eth_t)
+#define SIZE_IP_HEADER sizeof(ip_t)
+#define SIZE_IP6_HEADER sizeof(ip6_t)
+#define SIZE_ARP_HEADER sizeof(arp_t)
+#define SIZE_ICMP_HEADER sizeof(icmp_t)
+#define SIZE_TCP_HEADER sizeof(tcp_t)
+#define SIZE_UDP_HEADER sizeof(udp_t)
+#define SIZE_DNS_HEADER sizeof(dns_t)
+
+#define SIZE_NFLOG_HDR sizeof(nflog_hdr_t)
+#define SIZE_NFLOG_TLV sizeof(nflog_tlv_t)
+
+#define IS_SRC_OR_DST_PORT(p) (source == (p) || dest == (p))
+
+#endif /* __STC_PLUGIN_PCAP_INTERNAL_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_PCAP_H__
+#define __STC_PLUGIN_PCAP_H__
+
+#include <glib.h>
+
+typedef struct {
+ int (*initialize_plugin) (void);
+ int (*deinitialize_plugin) (void);
+ int (*lookup_dev) (void);
+ int (*lookup_net) (void);
+ int (*find_all_devs) (GVariantBuilder *builder);
+ int (*register_loop) (const char *ifname, int group);
+ int (*unregister_loop) (const char *ifname, int group);
+ int (*get_all_loop) (GVariantBuilder *builder);
+} stc_plugin_pcap_s;
+
+#endif /* __STC_PLUGIN_PCAP_H__ */
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
-INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception)
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden")
SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_PROCFS_H__
-#define __STC_PLUGIN_PROCFS_H__
-
-#include <glib.h>
-#include "stc-error.h"
-#include "stc-manager.h"
-
-typedef struct {
- int (*initialize_plugin) (void);
- int (*deinitialize_plugin) (void);
- int (*procfs_load) (void);
- int (*procfs_status_changed) (stc_cmd_type_e cmd, pid_t pid,
- const gchar *app_id, const gchar *pkg_id, stc_app_type_e app_type);
-} stc_plugin_procfs_s;
-
-int stc_plugin_procfs_initialize(void);
-int stc_plugin_procfs_deinitialize(void);
-
-int stc_plugin_procfs_load(void);
-stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd,
- pid_t pid,
- const gchar *app_id,
- const gchar *pkg_id,
- stc_app_type_e app_type);
-
-#endif /* __STC_PLUGIN_PROCFS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_PROCFS_H__
+#define __STC_PLUGIN_PROCFS_H__
+
+#include <glib.h>
+#include "stc-error.h"
+#include "stc-manager.h"
+
+typedef struct {
+ int (*initialize_plugin) (void);
+ int (*deinitialize_plugin) (void);
+ int (*procfs_load) (void);
+ int (*procfs_status_changed) (stc_cmd_type_e cmd, pid_t pid,
+ const gchar *app_id, const gchar *pkg_id, stc_app_type_e app_type);
+} stc_plugin_procfs_s;
+
+int stc_plugin_procfs_initialize(void);
+int stc_plugin_procfs_deinitialize(void);
+
+int stc_plugin_procfs_load(void);
+stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd,
+ pid_t pid,
+ const gchar *app_id,
+ const gchar *pkg_id,
+ stc_app_type_e app_type);
+
+#endif /* __STC_PLUGIN_PROCFS_H__ */
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
-INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor/include)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor)
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden")
SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_PLUGIN_TETHER_H__
-#define __STC_PLUGIN_TETHER_H__
-
-#include <glib.h>
-#include <arpa/inet.h>
-#include "stc-error.h"
-#include "stc-manager.h"
-
-#define TETHERING_SERVICE_INTERFACE "org.tizen.tethering"
-#define SIGNAL_NAME_DHCP_STATUS "dhcp_status"
-#define STATION_MAC_STR_LEN 18
-#define STATION_STR_HOSTNAME_LEN 33
-
-typedef struct {
- gchar *station_id; /* Station unique ID (mac_hostname)*/
- int classid; /* cgroup net_cls Classid of station */
- gchar name[STATION_STR_HOSTNAME_LEN+1]; /* Station hostname */
- gchar ip[INET_ADDRSTRLEN+1]; /* Station IP address */
- gchar mac[STATION_MAC_STR_LEN+1]; /* Station MAC address */
-} tether_sta_info_s;
-
-typedef struct {
- int (*init) (void);
- void (*deinit) (void);
- int (*get_station_ip) (const char *mac, char *ip);
- int (*get_station_by_classid) (const int classid, char *mac);
- int (*set_station_classid) (const char *mac, int classid);
-} stc_plugin_tether_s;
-
-int tether_init(void);
-void tether_deinit(void);
-stc_error_e tether_plugin_get_station_ip(const char *mac, char *ip);
-stc_error_e tether_plugin_get_station_by_classid(const int classid, char *mac);
-stc_error_e tether_plugin_set_station_classid(const char *mac, int classid);
-#endif /* __STC_PLUGIN_TETHER_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __STC_PLUGIN_TETHER_H__
+#define __STC_PLUGIN_TETHER_H__
+
+#include <glib.h>
+#include <arpa/inet.h>
+#include "stc-error.h"
+#include "stc-manager.h"
+
+#define TETHERING_SERVICE_INTERFACE "org.tizen.tethering"
+#define SIGNAL_NAME_DHCP_STATUS "dhcp_status"
+#define STATION_MAC_STR_LEN 18
+#define STATION_STR_HOSTNAME_LEN 33
+
+typedef struct {
+ gchar *station_id; /* Station unique ID (mac_hostname)*/
+ int classid; /* cgroup net_cls Classid of station */
+ gchar name[STATION_STR_HOSTNAME_LEN+1]; /* Station hostname */
+ gchar ip[INET_ADDRSTRLEN+1]; /* Station IP address */
+ gchar mac[STATION_MAC_STR_LEN+1]; /* Station MAC address */
+} tether_sta_info_s;
+
+typedef struct {
+ int (*init) (void);
+ void (*deinit) (void);
+ int (*get_station_ip) (const char *mac, char *ip);
+ int (*get_station_by_classid) (const int classid, char *mac);
+ int (*set_station_classid) (const char *mac, int classid);
+} stc_plugin_tether_s;
+
+int tether_init(void);
+void tether_deinit(void);
+stc_error_e tether_plugin_get_station_ip(const char *mac, char *ip);
+stc_error_e tether_plugin_get_station_by_classid(const int classid, char *mac);
+stc_error_e tether_plugin_set_station_classid(const char *mac, int classid);
+#endif /* __STC_PLUGIN_TETHER_H__ */
--- /dev/null
+#!/bin/sh
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+#----------------------------------------------------------------#
+# stc-manager patch script for upgrade (4.0 -> the latest tizen) #
+#----------------------------------------------------------------#
+
+sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "ALTER TABLE restrictions RENAME COLUMN rst_state TO rstn_type;"
+
+sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE TABLE IF NOT EXISTS fw_lock (
+ name TEXT PRIMARY KEY,
+ state INT
+);"
+
+sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE TABLE IF NOT EXISTS fw_chains (
+ chain TEXT PRIMARY KEY,
+ target INT,
+ priority INT
+);"
+
+sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE TABLE IF NOT EXISTS fw_rules (
+ key BIGINT PRIMARY KEY,
+ chain TEXT NOT NULL,
+ direction INT,
+ s_ip_type INT,
+ d_ip_type INT,
+ s_port_type INT,
+ d_port_type INT,
+ protocol INT,
+ family INT,
+ s_ip1 TEXT NOT NULL,
+ s_ip2 TEXT NOT NULL,
+ d_ip1 TEXT NOT NULL,
+ d_ip2 TEXT NOT NULL,
+ s_port1 INT,
+ s_port2 INT,
+ d_port1 INT,
+ d_port2 INT,
+ ifname TEXT NOT NULL,
+ target INT,
+ log_level INT,
+ log_prefix TEXT NOT NULL,
+ nflog_group INT,
+ nflog_prefix TEXT NOT NULL,
+ nflog_range INT,
+ nflog_threshold INT,
+ identifier TEXT NOT NULL
+);"
+
+sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE INDEX IF NOT EXISTS rules_index ON fw_rules (chain, target);"
--- /dev/null
+[D-BUS Service]
+Name=net.stc
+Exec=/bin/false
+SystemdService=stc-manager.service
--- /dev/null
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+ <policy user="root">
+ <allow own="net.stc"/>
+ <allow send_destination="net.stc"/>
+ </policy>
+ <policy user="network_fw">
+ <allow own="net.stc"/>
+ <allow send_destination="net.stc"/>
+ </policy>
+ <policy context="default">
+ <deny own="net.stc"/>
+ <deny send_destination="net.stc"/>
+ <allow send_destination="net.stc" send_type="signal"/>
+ <check send_destination="net.stc" send_interface="net.stc" privilege="http://tizen.org/privilege/network.get" />
+ <check send_destination="net.stc" send_interface="net.stc.restriction" privilege="http://tizen.org/privilege/network.get" />
+ <check send_destination="net.stc" send_interface="net.stc.statistics" privilege="http://tizen.org/privilege/network.get" />
+ </policy>
+</busconfig>
--- /dev/null
+bash:inst
+cd:inst
+cp:inst
+mv:inst
+rm:inst
+mkdir:inst
+rmdir:inst
+cat:inst
+more:inst
+touch:inst
+find:inst
+ls:inst
+sed:inst
+rpm:inst
+sh:inst
+sleep:inst
+grep:inst
+pgrep:inst
+killall:inst
+systemctl:inst
+xargs:inst
+modprobe:inst
+pkgcmd:inst
+mount:inst
+chmod:inst
+awk:inst
+ps:inst
+wlan.sh:script
+wpa_supp.sh:script
+stc-manager:sys
+stc-iptables:sys
+dlogutil:sys
+wifi-loader:sys
+wrt-loader:sys
+dotnet-launcher:sys
+iptables:sys
+ip6tables:sys
+net-cls-release:sys
+init:sys
+amd:sys
+launchpad-loader:sys
+launchpad-process-pool:sys
+deviced:sys
+systemd:sys
+systemd-udevd:sys
+systemd-user:sys
+systemd-cgroups-agent:sys
+systemd-journald:sys
+sdbd:sys
+sdbd-user:sys
+pushd:sys
+dbus-daemon:sys
+dlogsend:sys
+sync:sys
+reboot:sys
+dlog-log-critical:sys
--- /dev/null
+CREATE TABLE IF NOT EXISTS fw_lock (
+ name TEXT PRIMARY KEY,
+ state INT
+);
+
+CREATE TABLE IF NOT EXISTS fw_chains (
+ chain TEXT PRIMARY KEY,
+ target INT,
+ priority INT
+);
+
+CREATE TABLE IF NOT EXISTS fw_rules (
+ key BIGINT PRIMARY KEY,
+ chain TEXT NOT NULL,
+ direction INT,
+ s_ip_type INT,
+ d_ip_type INT,
+ s_port_type INT,
+ d_port_type INT,
+ protocol INT,
+ family INT,
+ s_ip1 TEXT NOT NULL,
+ s_ip2 TEXT NOT NULL,
+ d_ip1 TEXT NOT NULL,
+ d_ip2 TEXT NOT NULL,
+ s_port1 INT,
+ s_port2 INT,
+ d_port1 INT,
+ d_port2 INT,
+ ifname TEXT NOT NULL,
+ target INT,
+ log_level INT,
+ log_prefix TEXT NOT NULL,
+ nflog_group INT,
+ nflog_prefix TEXT NOT NULL,
+ nflog_range INT,
+ nflog_threshold INT,
+ identifier TEXT NOT NULL
+);
+
+CREATE INDEX IF NOT EXISTS rules_index ON fw_rules (chain, target);
--- /dev/null
+[Unit]
+Description=Smart Traffic Control Manager
+
+[Service]
+Type=dbus
+BusName=net.stc
+SmackProcessLabel=System
+ExecStart=/usr/bin/stc-manager
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+PRAGMA journal_mode = PERSIST;
+PRAGMA user_version = 1;
+
+CREATE TABLE IF NOT EXISTS statistics (
+ id INTEGER PRIMARY KEY AUTOINCREMENT,
+ binpath TEXT NOT NULL,
+ received BIGINT,
+ sent BIGINT,
+ time_stamp BIGINT,
+ iftype INT,
+ is_roaming INT,
+ hw_net_protocol_type INT,
+ ifname TEXT,
+ subscriber_id TEXT,
+ ground INT
+);
+
+CREATE TABLE IF NOT EXISTS restrictions (
+ restriction_id INTEGER PRIMARY KEY AUTOINCREMENT,
+ binpath TEXT,
+ iftype INT,
+ ifname TEXT,
+ rstn_type INT,
+ roaming INT,
+ subscriber_id TEXT NOT NULL,
+ data_limit BIGINT,
+ data_warn_limit BIGINT,
+ monthly_limit BIGINT,
+ weekly_limit BIGINT,
+ daily_limit BIGINT,
+ month_start_date INT
+);
+
+CREATE INDEX IF NOT EXISTS restrictions_index ON restrictions (binpath, iftype, ifname);
+
+CREATE TABLE IF NOT EXISTS counters (
+ restriction_id INTEGER NOT NULL,
+ data_counter BIGINT,
+ warn_counter BIGINT,
+ monthly_counter BIGINT,
+ weekly_counter BIGINT,
+ daily_counter BIGINT,
+ month_start_date INT,
+ month_start_ts BIGINT,
+ week_start_ts BIGINT,
+ day_start_ts BIGINT,
+ PRIMARY KEY (restriction_id)
+);
+++ /dev/null
-[D-BUS Service]
-Name=net.stc
-Exec=/bin/false
-SystemdService=stc-manager.service
+++ /dev/null
-<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-<busconfig>
- <policy user="root">
- <allow own="net.stc"/>
- <allow send_destination="net.stc"/>
- </policy>
- <policy user="network_fw">
- <allow own="net.stc"/>
- <allow send_destination="net.stc"/>
- </policy>
- <policy context="default">
- <deny own="net.stc"/>
- <deny send_destination="net.stc"/>
- <allow send_destination="net.stc" send_type="signal"/>
- <check send_destination="net.stc" send_interface="net.stc" privilege="http://tizen.org/privilege/network.get" />
- <check send_destination="net.stc" send_interface="net.stc.restriction" privilege="http://tizen.org/privilege/network.get" />
- <check send_destination="net.stc" send_interface="net.stc.statistics" privilege="http://tizen.org/privilege/network.get" />
- </policy>
-</busconfig>
+++ /dev/null
-[Unit]
-Description=Smart Traffic Control Manager
-
-[Service]
-Type=dbus
-BusName=net.stc
-SmackProcessLabel=System
-ExecStart=/usr/bin/stc-manager
-Restart=on-failure
-RestartSec=5
-
-[Install]
-WantedBy=multi-user.target
+++ /dev/null
-#!/bin/sh
-PATH=/bin:/usr/bin:/sbin:/usr/sbin
-
-#----------------------------------------------------------------#
-# stc-manager patch script for upgrade (4.0 -> the latest tizen) #
-#----------------------------------------------------------------#
-
-sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "ALTER TABLE restrictions RENAME COLUMN rst_state TO rstn_type;"
-
-sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE TABLE IF NOT EXISTS fw_lock (
- name TEXT PRIMARY KEY,
- state INT
-);"
-
-sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE TABLE IF NOT EXISTS fw_chains (
- chain TEXT PRIMARY KEY,
- target INT,
- priority INT
-);"
-
-sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE TABLE IF NOT EXISTS fw_rules (
- key BIGINT PRIMARY KEY,
- chain TEXT NOT NULL,
- direction INT,
- s_ip_type INT,
- d_ip_type INT,
- s_port_type INT,
- d_port_type INT,
- protocol INT,
- family INT,
- s_ip1 TEXT NOT NULL,
- s_ip2 TEXT NOT NULL,
- d_ip1 TEXT NOT NULL,
- d_ip2 TEXT NOT NULL,
- s_port1 INT,
- s_port2 INT,
- d_port1 INT,
- d_port2 INT,
- ifname TEXT NOT NULL,
- target INT,
- log_level INT,
- log_prefix TEXT NOT NULL,
- nflog_group INT,
- nflog_prefix TEXT NOT NULL,
- nflog_range INT,
- nflog_threshold INT,
- identifier TEXT NOT NULL
-);"
-
-sqlite3 /opt/usr/dbspace/.stc-manager-datausage.db "CREATE INDEX IF NOT EXISTS rules_index ON fw_rules (chain, target);"
+++ /dev/null
-CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-
-SET(REQUIRES_LIST ${REQUIRES_LIST}
- glib-2.0
- gio-2.0
- gio-unix-2.0
- dlog
- vconf
- capi-system-info
- openssl1.1
- )
-
-IF("${ENABLE_DATABASE}" STREQUAL "YES")
- SET(REQUIRES_LIST ${REQUIRES_LIST} sqlite3)
-ENDIF()
-
-INCLUDE(FindPkgConfig)
-PKG_CHECK_MODULES(stc_pkgs REQUIRED "${REQUIRES_LIST}")
-
-FOREACH(flag ${stc_pkgs_CFLAGS})
- SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
-ENDFOREACH(flag)
-
-SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/src)
-SET(HELPER_SOURCE_DIR ${SOURCE_DIR}/helper)
-SET(DATABASE_SOURCE_DIR ${SOURCE_DIR}/database)
-SET(CONFIGURE_SOURCE_DIR ${SOURCE_DIR}/configure)
-SET(LIMITATION_SOURCE_DIR ${SOURCE_DIR}/limitation)
-SET(PLUGIN_DIR ${CMAKE_SOURCE_DIR}/plugin)
-SET(APPSTATUS_SOURCE_DIR ${PLUGIN_DIR}/appstatus)
-SET(EXCEPTION_SOURCE_DIR ${PLUGIN_DIR}/exception)
-SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs)
-SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap)
-SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether)
-SET(MONITOR_SOURCE_DIR ${PLUGIN_DIR}/monitor)
-SET(FIREWALL_SOURCE_DIR ${PLUGIN_DIR}/firewall)
-
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces)
-
-INCLUDE_DIRECTORIES(${SOURCE_DIR})
-INCLUDE_DIRECTORIES(${HELPER_SOURCE_DIR})
-
-INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR})
-INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}/include)
-
-INCLUDE_DIRECTORIES(${CONFIGURE_SOURCE_DIR})
-INCLUDE_DIRECTORIES(${CONFIGURE_SOURCE_DIR}/include)
-
-INCLUDE_DIRECTORIES(${LIMITATION_SOURCE_DIR})
-INCLUDE_DIRECTORIES(${LIMITATION_SOURCE_DIR}/include)
-
-INCLUDE_DIRECTORIES(${APPSTATUS_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${EXCEPTION_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include)
-INCLUDE_DIRECTORIES(${FIREWALL_SOURCE_DIR}/include)
-
-FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c)
-FILE(GLOB HELPER_SRCS ${HELPER_SOURCE_DIR}/*.c)
-FILE(GLOB CONFIGURE_SRCS ${CONFIGURE_SOURCE_DIR}/*.c)
-FILE(GLOB LIMITATION_SRCS ${LIMITATION_SOURCE_DIR}/*.c)
-
-SET(SRCS ${SRCS} ${SOURCE_SRCS} ${HELPER_SRCS} ${CONFIGURE_SRCS} ${LIMITATION_SRCS})
-
-IF("${ENABLE_DATABASE}" STREQUAL "YES")
- FILE(GLOB DATABASE_SRCS ${DATABASE_SOURCE_DIR}/*.c)
- FILE(GLOB DATABASE_TABLES_SRCS ${DATABASE_SOURCE_DIR}/tables/*.c)
-
- SET(SRCS ${SRCS} ${DATABASE_SRCS} ${DATABASE_TABLES_SRCS})
-
- INSTALL(FILES ${DATA_DIR}/traffic_db.sql DESTINATION /usr/share)
- INSTALL(FILES ${DATA_DIR}/firewall_db.sql DESTINATION /usr/share)
-ENDIF()
-
-IF(BUILD_GTESTS)
-SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fpic -Wall -Werror-implicit-function-declaration")
-SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -fprofile-arcs -ftest-coverage")
-ELSE(BUILD_GTESTS)
-SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fpic -Wall -Werror-implicit-function-declaration -fvisibility=hidden")
-SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
-ENDIF(BUILD_GTESTS)
-
-SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -pie")
-
-ADD_DEFINITIONS("-DUSE_DLOG")
-ADD_DEFINITIONS("-DDATABASE_FULL_PATH=\"${DATABASE_FULL_PATH}\"")
-ADD_DEFINITIONS("-DDATABASE_BACKUP_PATH=\"${DATABASE_BACKUP_PATH}\"")
-IF(BUILD_GTESTS)
- ADD_DEFINITIONS(-DTIZEN_GTESTS)
-ENDIF(BUILD_GTESTS)
-
-SET(SRCS ${SRCS} ${INTERFACES}/generated-code.c)
-SET_SOURCE_FILES_PROPERTIES(${INTERFACES}/generated-code.c PROPERTIES GENERATED TRUE)
-
-ADD_EXECUTABLE(${PROJECT_NAME} ${SRCS})
-TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${stc_pkgs_LDFLAGS} -ldl)
-INSTALL(TARGETS ${PROJECT_NAME} RUNTIME DESTINATION ${BIN_DIR})
-ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE)
-
-ADD_SUBDIRECTORY(utils)
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_CONFIGURE_STUB__
-#define __STC_CONFIGURE_STUB__
-
-/* iface.c */
-inline stc_iface_type_e get_iftype_by_name(char *name)
-{
- return STC_IFACE_UNKNOWN;
-}
-
-/* iface.c */
-inline char *get_iftype_name(stc_error_e iftype)
-{
- return "UNKNOWN";
-}
-
-/* datausage-common.c */
-inline void keep_counter(nfacct_rule_s *counter)
-{
- return;
-}
-
-/* datausage-common.c */
-inline void set_finalize_flag(nfacct_rule_s *counter)
-{
- return;
-}
-
-#endif /* __STC_CONFIGURE_STUB__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_DATAUSAGE_COUNTER_H__
-#define __STC_DATAUSAGE_COUNTER_H__
-
-#include "stc-db.h"
-
-struct counter_arg {
- int sock;
- int ans_len;
- GTree *nf_cntrs;
- int initiate;
- int noti_fd;
- int serialized_counters; /* number of counters which was serialized in
- current request */
- struct net_counter_opts *opts;
- struct application_stat_tree *result;
- time_t last_run_time;
-};
-
-typedef struct counter_arg counter_arg_s;
-
-struct net_counter_opts {
- sig_atomic_t update_period;
- sig_atomic_t flush_period;
- sig_atomic_t state;
- int app_stat[STC_IFACE_LAST_ELEM - 1];
-};
-
-/**
- * @desc Reschedule existing traffic counter function
- * Rescheduling logic is following, we will postpone
- * execution on delay seconds.
- */
-void reschedule_count_timer(const struct counter_arg *carg, const double delay);
-
-struct counter_arg *init_counter_arg(struct net_counter_opts *opts);
-
-void finalize_carg(struct counter_arg *carg);
-
-GTree *create_nfacct_tree(void);
-
-#endif /* __STC_DATAUSAGE_COUNTER_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <errno.h>
-#include <sys/stat.h>
-
-#include "stc-db.h"
-#include "db-internal.h"
-#include "table-statistics.h"
-#include "table-restrictions.h"
-#include "table-counters.h"
-#include "table-firewall.h"
-
-#define SQLITE_BUSY_TIMEOUT 500000
-
-static sqlite3 *database;
-
-//LCOV_EXCL_START
-static int __stc_db_busy(void *user, int attempts)
-{
- __STC_LOG_FUNC_ENTER__;
- STC_LOGE("DB locked by another process, attempts number %d",
- attempts);
-
- usleep(SQLITE_BUSY_TIMEOUT); /* wait for a half second*/
- __STC_LOG_FUNC_EXIT__;
- return 1;
-}
-
-static gboolean __stc_db_restore(const char *src, const char *dst)
-{
- gchar *buf = NULL;
- gsize length = 0;
- GError *error = NULL;
- gboolean result;
-
- result = g_file_get_contents(src, &buf, &length, &error);
- if (result != TRUE) {
- STC_LOGE("Failed to read [%s]", error->message);
- g_error_free(error);
- return result;
- }
-
- result = g_file_set_contents(dst, buf, length, &error);
- if (result != TRUE) {
- STC_LOGE("Failed to write [%s]", error->message);
- g_error_free(error);
- g_free(buf);
- return result;
- }
-
- STC_LOGD("Successfully restored database");
- g_free(buf);
-
- return result;
-}
-
-static gboolean __stc_db_table_init()
-{
- EXEC(STC_ERROR_NONE, table_statistics_prepare(database));
- EXEC(STC_ERROR_NONE, table_restrictions_prepare(database));
- EXEC(STC_ERROR_NONE, table_counters_prepare(database));
- EXEC(STC_ERROR_NONE, table_firewall_prepare(database));
- EXEC(STC_ERROR_NONE, stc_init_db_guard());
-
- return true;
-}
-
-static int __stc_db_open(void)
-{
- int ret = 0;
-
- ret = sqlite3_open(DATABASE_FULL_PATH, &database);
- if (ret != SQLITE_OK) {
- STC_LOGD("Failed to open database [%s]", sqlite3_errmsg(database));
- return STC_ERROR_DB_FAILED;
- }
-
- STC_LOGD("Successfully opened database");
- return ret;
-}
-
-static int __stc_db_exec(char *sql, void *cb)
-{
- int ret;
- char *error = NULL;
-
- if (database == NULL)
- return STC_ERROR_DB_FAILED;
-
- ret = sqlite3_exec(database, sql, cb, 0, &error);
- if (ret != SQLITE_OK) {
- STC_LOGE("Failed to execute sql [%d:%s]", ret, error);
- sqlite3_free(error);
- sqlite3_close(database);
- database = NULL;
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_DB_FAILED;
- }
-
- return STC_ERROR_NONE;
-}
-
-static int __stc_db_integrity_cb(void *err, int count, char **data, char **columns)
-{
- STC_LOGD("%s [%s]", columns[0], data[0] ? data[0] : "null");
-
- if (!g_strcmp0(columns[0], "integrity_check") && !g_strcmp0(data[0], "ok"))
- return SQLITE_OK;
-
- return SQLITE_ERROR;
-}
-
-static int __stc_db_check_integrity(void)
-{
- int ret;
- char *sql = NULL;
-
- sql = sqlite3_mprintf("PRAGMA integrity_check");
- ret = __stc_db_exec(sql, __stc_db_integrity_cb);
- if (ret == STC_ERROR_NONE)
- STC_LOGD("Successfully checked integrity");
-
- sqlite3_free(sql);
-
- return ret;
-}
-
-static int __stc_db_set_locking_mode(void)
-{
- int ret;
- char *sql = NULL;
-
- sql = sqlite3_mprintf("PRAGMA locking_mode = NORMAL");
- ret = __stc_db_exec(sql, NULL);
- if (ret == STC_ERROR_NONE)
- STC_LOGD("Successfully set locking mode");
-
- sqlite3_free(sql);
-
- return ret;
-}
-
-static int __stc_db_stat(void)
-{
- struct stat db_stat = { 0 };
-
- if (stat(DATABASE_FULL_PATH, &db_stat)) {
- STC_LOGD("Db restoration is required [no file]");
- return STC_ERROR_DB_FAILED;
- } else if (db_stat.st_size == 0) {
- STC_LOGD("Db restoration is required [size is zero]");
- return STC_ERROR_DB_FAILED;
- }
-
- return STC_ERROR_NONE;
-}
-
-static int __stc_db_verify(void)
-{
- ret_value_msg_if(__stc_db_check_integrity() != STC_ERROR_NONE,
- STC_ERROR_DB_FAILED, "Failed to check integrity");
-
- ret_value_msg_if(__stc_db_set_locking_mode() != STC_ERROR_NONE,
- STC_ERROR_DB_FAILED, "Failed to set locking mode");
-
- return STC_ERROR_NONE;
-}
-
-//LCOV_EXCL_STOP
-stc_error_e stc_db_initialize_once()
-{
- __STC_LOG_FUNC_ENTER__;
- int retry_count = MAX_DB_RETRY_COUNT;
-
- if (database != NULL) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
- }
-
- if (__stc_db_stat() != STC_ERROR_NONE) {
- if (!__stc_db_restore(DATABASE_BACKUP_PATH, DATABASE_FULL_PATH)) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_DB_FAILED;
- }
- }
-
- do {
- if (__stc_db_open() == SQLITE_OK) {
- if (__stc_db_verify() == STC_ERROR_NONE) {
- STC_LOGD("Successfully verified database");
- break;
- } else {
- __stc_db_restore(DATABASE_BACKUP_PATH, DATABASE_FULL_PATH);
- }
- }
- usleep(MAX_USLEEP_TIMEOUT);
- STC_LOGD("Retry opening database [%d]", MAX_DB_RETRY_COUNT - retry_count + 1);
- } while (retry_count--);
-
- if (retry_count == 0) {
- STC_LOGE("Failed to initialize database");
- sqlite3_close(database);
- database = NULL;
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_DB_FAILED;
- }
-
- /* Set how many times we'll repeat our attempts for sqlite_step */
- if (sqlite3_busy_handler(database, __stc_db_busy, NULL) != SQLITE_OK)
- STC_LOGE("Couldn't set busy handler!");
-
- STC_LOGD("Successfully initialize database");
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-//LCOV_EXCL_START
-sqlite3 *stc_db_get_database(void)
-{
- if (database == NULL)
- stc_db_initialize_once();
-
- return database;
-}
-//LCOV_EXCL_STOP
-
-stc_error_e stc_db_initialize(void)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret;
- int retry_count = MAX_DB_RETRY_COUNT;
- database = NULL;
-
- do {
- stc_db_initialize_once();
- ret = __stc_db_table_init();
- if (ret) {
- STC_LOGD("Successfully initialize database");
- break;
- } else {
- __stc_db_restore(DATABASE_BACKUP_PATH, DATABASE_FULL_PATH);
- sqlite3_close(database);
- database = NULL;
- }
- STC_LOGD("Retry init database [%d]", MAX_DB_RETRY_COUNT - retry_count + 1);
- } while (retry_count--);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-gboolean stc_db_deinitialize(void)
-{
- __STC_LOG_FUNC_ENTER__;
- if (database == NULL) {
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- table_statistics_finalize();
- table_restrictions_finalize();
- table_counters_finalize();
- table_firewall_finalize();
- sqlite3_close(database);
-
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <errno.h>
-#include <sys/stat.h>
-
-#include "stc-db.h"
-#include "table-statistics.h"
-
-#define VCONF_KEY_DB_ENTRIES_COUNT "db/stc-manager/datausage_timer"
-#define ENTRY_SIZE 128
-
-/* one hour */
-#define ERASE_TIMER_INTERVAL 3600
-/* 40 days */
-#define ERASE_INTERVAL 3600 * 24 * 40
-/* 50 Mb */
-#define DB_SIZE_THRESHOLD 1048576 * 50
-
-static guint erase_timer = 0;
-static int db_entries = 0;
-
-//LCOV_EXCL_START
-static void __change_db_entries_num_num(int num)
-{
- __STC_LOG_FUNC_ENTER__;
-
- db_entries += num;
- if (vconf_set_int(VCONF_KEY_DB_ENTRIES_COUNT, db_entries))
- STC_LOGE("Failed to set new db entries number");
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-static void __check_erase_db_oversize(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- struct stat db_stat = {0};
- int del_entry = 0;
-
- if (stat(DATABASE_FULL_PATH, &db_stat)) {
- STC_LOGE("Failed to get statistics for %s errno %d",
- DATABASE_FULL_PATH, errno);
- __STC_LOG_FUNC_EXIT__;
- return;
- }
-
- if (db_stat.st_size < DB_SIZE_THRESHOLD) {
- STC_LOGD("Db truncation isn't required!");
- __STC_LOG_FUNC_EXIT__;
- return;
- }
-
- /* get approximate number of entries for removing */
- del_entry = (db_stat.st_size - DB_SIZE_THRESHOLD) / ENTRY_SIZE;
- if (STC_ERROR_NONE !=
- table_statistics_reset_first_n_entries(del_entry)) {
- STC_LOGE("Failed to remove first %d entries", del_entry);
- __STC_LOG_FUNC_EXIT__;
- return;
- }
-
- __change_db_entries_num_num(-del_entry);
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-static void __erase_old_entries(void)
-{
- __STC_LOG_FUNC_ENTER__;
- char buffer[80] = {0, };
- table_statistics_reset_rule rule = {
- .iftype = STC_IFACE_LAST_ELEM,
- };
- stc_db_tm_interval_s interval;
- time_t until = time(0);
- struct tm result = {0, };
-
- until -= ERASE_INTERVAL;
-
- interval.from = 0;
- interval.to = until;
- rule.interval = &interval;
-
- strftime(buffer, 80, "%x - %I:%M%p", localtime_r(&until, &result));
- STC_LOGD("Reset statistics till %s", buffer);
-
- if (table_statistics_reset(&rule) != STC_ERROR_NONE)
- STC_LOGE("Failed to reset statistics");
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-static gboolean __erase_func_cb(void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
-
- __check_erase_db_oversize();
- __erase_old_entries();
-
- /* we need to continue the timer */
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-//LCOV_EXCL_STOP
-
-stc_error_e stc_init_db_guard(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- erase_timer = g_timeout_add_seconds(ERASE_TIMER_INTERVAL,
- __erase_func_cb, NULL);
- if (erase_timer == 0) {
- STC_LOGE("Failed to create timer"); //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-void stc_deinit_db_guard(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (erase_timer > 0) {
- g_source_remove(erase_timer);
- erase_timer = 0;
- }
-
- __STC_LOG_FUNC_EXIT__;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/*
- * This file declares methods and variables which will be used by
- * stc-db module internally.
- *
- * @file db-internal.h
- */
-
-#ifndef __STC_DB_INTERNAL_H__
-#define __STC_DB_INTERNAL_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
-/*****************************************************************************
- * Macros and Typedefs
- *****************************************************************************/
-
-#define DB_ACTION(command) do { \
- if ((command) != SQLITE_OK) { \
- error_code = STC_ERROR_DB_FAILED; \
- goto handle_error; \
- } \
-} while (0)
-
-/*****************************************************************************
- * Enumerations and Structures
- *****************************************************************************/
-
-void stc_db_finalize_statistics(void);
-
-stc_error_e stc_db_initialize_once(void);
-sqlite3 *stc_db_get_database(void);
-
-#ifdef __cplusplus
-}
-#endif /* __cplusplus */
-
-#endif /* _STC_DB_INTERNAL_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_DB_H__
-#define __STC_DB_H__
-
-#include "stc-manager.h"
-
-#define MAX_DB_RETRY_COUNT 5
-#define MAX_USLEEP_TIMEOUT 500000
-#define SQLITE_BUSY_TIMEOUT 500000
-#define MAX_IFACE_LENGTH 32
-
-/**
- * @brief Commulative structure for holding stc storage information
- */
-typedef struct {
- stc_data_counter_s cnt;
-// stc_db_net_restrictions rst;
-} stc_db_common_info;
-
-typedef struct {
- time_t from;
- time_t to;
-} stc_db_tm_interval_s;
-
-/*
- * General structure containing information for storing
- * app_id - package name as unique application identifier
- * snd_count - sent bytes
- * rcv_count - received bytes
- * pid - process identifier
- * ifindex - network interface index, iftype holds in key @see stc_iface_type
- * is_roaming - is traffic consumed at roaming, @see stc_roaming_type
- */
-typedef struct {
- char *app_id;
- long long int rcv_count;
- long long int snd_count;
-
-#ifndef CONFIG_DATAUSAGE_NFACCT
- pid_t pid;
- int ifindex;
-#endif
- stc_roaming_type_e is_roaming;
-
- /* foreground/background state is here,
- * not in classid_iftype_key, it means
- * we'll not able to handle simultaneously
- * counter per one application for background and
- * foreground within one counting cycle,
- * so every time application goes to background/foreground
- * we'll request its counter update */
- stc_app_state_e ground;
-} stc_db_app_stats;
-
-typedef struct {
- uint32_t classid;
- int iftype;
- /* pointer to telephony's subscriber_id */
- char *subscriber_id;
- char ifname[MAX_IFACE_LENGTH];
-} stc_db_classid_iftype_key;
-
-/**
- * @desc This function init db oversize erase timer.
- */
-stc_error_e stc_init_db_guard(void);
-
-/**
- * @desc This function deinit db oversize erase timer.
- */
-void stc_deinit_db_guard(void);
-
-/**
- * @desc This function initializes storage module.
- */
-gboolean stc_db_initialize(void);
-
-/**
- * @desc This function deinitializes storage module.
- */
-gboolean stc_db_deinitialize(void);
-
-#endif /* _STC_DB_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __TABLE_COUNTERS_H__
-#define __TABLE_COUNTERS_H__
-
-typedef struct {
- long long int restriction_id;
- long long int data_counter;
- long long int warn_counter;
- long long int monthly_counter;
- long long int weekly_counter;
- long long int daily_counter;
- int32_t month_start_date;
- long long int month_start_ts;
- long long int week_start_ts;
- long long int day_start_ts;
-} table_counters_info;
-
-typedef stc_cb_ret_e(*table_counters_info_cb)(const table_counters_info *info,
- void *user_data);
-
-stc_error_e table_counters_get(long long int restriction_id,
- table_counters_info *info);
-
-stc_error_e table_counters_update_counters(const table_counters_info *info);
-
-stc_error_e table_counters_get_timestamps(long long int restriction_id,
- table_counters_info *info);
-
-stc_error_e table_counters_update_timestamps(const table_counters_info *info);
-
-stc_error_e table_counters_delete(long long int restriction_id);
-
-stc_error_e table_counters_prepare(sqlite3 *db);
-
-void table_counters_finalize(void);
-
-#endif /*__TABLE_COUNTERS_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __TABLE_FIREWALL_H__
-#define __TABLE_FIREWALL_H__
-
-#include <arpa/inet.h>
-#include "helper-firewall.h"
-
-typedef stc_cb_ret_e
-(*firewall_chain_cb)(const firewall_chain_s *info, void *user_data);
-
-typedef stc_cb_ret_e
-(*firewall_rule_cb)(const firewall_rule_s *info, void *user_data);
-
-stc_error_e table_firewall_insert_lock(char *name, int state);
-stc_error_e table_firewall_update_lock(char *name, int state);
-stc_error_e table_firewall_get_lock(char *name, int *state);
-
-stc_error_e table_firewall_insert_chain(firewall_chain_s *info);
-stc_error_e table_firewall_delete_chain(firewall_chain_s *info);
-stc_error_e table_firewall_flush_chain(firewall_chain_s *info);
-stc_error_e table_firewall_update_chain(firewall_chain_s *info);
-stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb,
- void *user_data);
-
-stc_error_e table_firewall_insert_rule(firewall_rule_s *info);
-stc_error_e table_firewall_delete_rule(firewall_rule_s *info);
-stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key);
-stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb,
- void *user_data);
-
-stc_error_e table_firewall_prepare(sqlite3 *db);
-void table_firewall_finalize(void);
-
-#endif /*__TABLE_FIREWALL_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __TABLE_RESTRICTIONS_H__
-#define __TABLE_RESTRICTIONS_H__
-
-typedef struct {
- char *app_id;
- char *ifname;
- char *subscriber_id;
- char *mac;
- stc_iface_type_e iftype;
- stc_rstn_type_e rstn_type;
- stc_roaming_type_e roaming;
- long long int data_limit;
- long long int data_warn_limit;
- long long int monthly_limit;
- long long int weekly_limit;
- long long int daily_limit;
- int month_start_date;
- long long int restriction_id;
-} table_restrictions_info;
-
-typedef stc_cb_ret_e
-(*table_restrictions_info_cb)(const table_restrictions_info *info,
- void *user_data);
-
-stc_error_e table_restrictions_foreach(table_restrictions_info_cb info_cb,
- void *user_data);
-
-stc_error_e table_restrictions_per_app(const gchar *app_id,
- table_restrictions_info_cb info_cb,
- void *user_data);
-
-
-stc_error_e table_restrictions_get_restriction_type_subscriber_id(const char *app_id,
- stc_iface_type_e iftype,
- const char *subscriber_id,
- stc_rstn_type_e *type);
-
-stc_error_e table_restrictions_get_restriction_type(const char *app_id,
- stc_iface_type_e iftype,
- stc_rstn_type_e *type);
-
-stc_error_e table_restrictions_update(table_restrictions_info *info);
-
-stc_error_e table_restrictions_delete(const char *app_id,
- const stc_iface_type_e iftype,
- const char *ifname,
- const char *subscriber_id,
- const stc_roaming_type_e roaming);
-
-stc_error_e table_restrictions_prepare(sqlite3 *db);
-
-void table_restrictions_finalize(void);
-
-#endif /*__TABLE_RESTRICTIONS_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __TABLE_STATISTICS_H__
-#define __TABLE_STATISTICS_H__
-
-typedef struct {
- char *app_id;
- char *ifname;
- char *subscriber_id;
- stc_iface_type_e iftype;
- stc_db_tm_interval_s *interval;
- stc_data_counter_s cnt;
- stc_roaming_type_e roaming;
- stc_hw_net_protocol_type_e hw_net_protocol_type;
- stc_app_state_e ground;
-} table_statistics_info;
-
-typedef struct {
- char *app_id;
- char *subscriber_id;
- stc_iface_type_e iftype;
- stc_db_tm_interval_s *interval;
-} table_statistics_reset_rule;
-
-typedef struct {
- char *app_id;
- time_t from;
- time_t to;
- stc_iface_type_e iftype;
- int granularity;
-} table_statistics_select_rule;
-
-typedef stc_cb_ret_e
-(*table_statistics_info_cb)(const table_statistics_info *info, void *user_data);
-
-stc_error_e table_statistics_reset_first_n_entries(int num);
-
-stc_error_e table_statistics_reset(const table_statistics_reset_rule *rule);
-
-stc_error_e table_statistics_foreach_app(const table_statistics_select_rule *rule,
- table_statistics_info_cb info_cb,
- void *user_data);
-
-stc_error_e table_statistics_per_app(const char *app_id,
- const table_statistics_select_rule *rule,
- table_statistics_info_cb info_cb,
- void *user_data);
-
-stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key,
- stc_db_app_stats *stat,
- time_t last_touch_time);
-
-stc_error_e table_statistics_prepare(sqlite3 *db);
-
-void table_statistics_finalize(void);
-
-#endif /*__TABLE_STATISTICS_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/*
- * This file implements counters entity handler methods.
- *
- * @file table-counter.c
- */
-
-#include "stc-db.h"
-#include "db-internal.h"
-#include "table-counters.h"
-
-#define DELETE_COUNTER "DELETE FROM counters WHERE restriction_id=?"
-
-#define SELECT_RESTRICTION_ID "SELECT restriction_id FROM counters " \
- " WHERE restriction_id = ?"
-
-#define SELECT_COUNTER "SELECT data_counter, warn_counter, monthly_counter, weekly_counter, daily_counter " \
- " FROM counters WHERE restriction_id = ?"
-
-#define UPDATE_COUNTER "UPDATE counters " \
- " SET data_counter = ?, warn_counter = ?, monthly_counter = ?, weekly_counter = ?, daily_counter = ? " \
- " WHERE restriction_id = ?"
-
-#define INSERT_COUNTER "INSERT INTO counters " \
- " (restriction_id, data_counter, warn_counter, monthly_counter, weekly_counter, daily_counter) " \
- " VALUES (?, ?, ?, ?, ?, ?)"
-
-#define SELECT_TIMESTAMP "SELECT month_start_date, month_start_ts, week_start_ts, day_start_ts " \
- " FROM counters WHERE restriction_id = ?"
-
-#define UPDATE_TIMESTAMP "UPDATE counters " \
- " SET month_start_date = ?, month_start_ts = ?, week_start_ts = ?, day_start_ts = ? " \
- " WHERE restriction_id = ?"
-
-#define INSERT_TIMESTAMP "INSERT INTO counters " \
- " (restriction_id, month_start_date, month_start_ts, week_start_ts, day_start_ts) " \
- " VALUES (?, ?, ?, ?, ?)"
-
-static void __finalize_delete(void);
-
-#define PREPARE_DELETE(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_delete(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_select(void);
-
-#define PREPARE_SELECT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_select(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_update(void);
-
-#define PREPARE_UPDATE(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_update(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_insert(void);
-
-#define PREPARE_INSERT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_insert(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
- } while (0)
-
-
-
-#define FINALIZE(stm) do { \
- if (stm) { \
- sqlite3_finalize(stm); \
- stm = NULL; \
- } \
-} while (0)
-
-static sqlite3_stmt *delete_counter;
-static sqlite3_stmt *select_restriction_id;
-static sqlite3_stmt *select_counter;
-static sqlite3_stmt *update_counter;
-static sqlite3_stmt *insert_counter;
-static sqlite3_stmt *select_timestamp;
-static sqlite3_stmt *update_timestamp;
-static sqlite3_stmt *insert_timestamp;
-
-static int __prepare_delete(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_DELETE(delete_counter, DELETE_COUNTER);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_delete(void)
-{
- FINALIZE(delete_counter);
-}
-
-static int __prepare_select(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_SELECT(select_counter, SELECT_COUNTER);
- PREPARE_SELECT(select_timestamp, SELECT_TIMESTAMP);
- PREPARE_SELECT(select_restriction_id, SELECT_RESTRICTION_ID);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_select(void)
-{
- FINALIZE(select_counter);
- FINALIZE(select_timestamp);
- FINALIZE(select_restriction_id);
-}
-
-static int __prepare_update(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_UPDATE(update_counter, UPDATE_COUNTER);
- PREPARE_UPDATE(update_timestamp, UPDATE_TIMESTAMP);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_update(void)
-{
- FINALIZE(update_counter);
- FINALIZE(update_timestamp);
-}
-
-static int __prepare_insert(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_INSERT(insert_counter, INSERT_COUNTER);
- PREPARE_INSERT(insert_timestamp, INSERT_TIMESTAMP);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_insert(void)
-{
- FINALIZE(insert_counter);
- FINALIZE(insert_timestamp);
-}
-
-static bool __table_counters_is_entry_present(long long int restriction_id)
-{
- bool ret = FALSE;
- int rc;
- long long int l_restriction_id = -1;
- sqlite3_stmt *stmt = select_restriction_id;
-
- if (sqlite3_bind_int(stmt, 1, restriction_id) != SQLITE_OK) {
- ret = FALSE;
- goto handle_error;
- }
-
- rc = sqlite3_step(stmt);
-
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- l_restriction_id = sqlite3_column_int64(stmt, 0);
- STC_LOGD("restriction id [%llu]", l_restriction_id);
- ret = TRUE;
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to get restriction id : %s",
- sqlite3_errmsg(stc_db_get_database()));
- }
-
-handle_error:
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- ret = FALSE;
-
- return ret;
-}
-
-API stc_error_e table_counters_get(long long int restriction_id,
- table_counters_info *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_counter;
- int rc;
-
- if (info == NULL)
- goto handle_error;
-
- info->restriction_id = restriction_id;
-
- DB_ACTION(sqlite3_bind_int64(stmt, 1, restriction_id));
-
- do {
- rc = sqlite3_step(stmt);
-
- //LCOV_EXCL_START
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- info->data_counter = sqlite3_column_int64(stmt, 0);
- info->warn_counter = sqlite3_column_int64(stmt, 1);
- info->monthly_counter = sqlite3_column_int64(stmt, 2);
- info->weekly_counter = sqlite3_column_int64(stmt, 3);
- info->daily_counter = sqlite3_column_int64(stmt, 4);
-
- STC_LOGD("rstn_id[%llu] data[%lld] warn[%lld] "
- "monthly[%lld] weekly[%lld] daily[%lld]",
- restriction_id, info->data_counter,
- info->warn_counter, info->monthly_counter,
- info->weekly_counter, info->daily_counter);
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to enumerate counters: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
-
- error_code = STC_ERROR_DB_FAILED;
- __STC_LOG_FUNC_EXIT__;
- }
- //LCOV_EXCL_STOP
- } while (rc == SQLITE_ROW);
-
-handle_error:
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-//LCOV_EXCL_START
-API stc_error_e table_counters_update_counters(const table_counters_info *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = update_counter;
-
- if (!info->data_counter) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- if (__table_counters_is_entry_present(info->restriction_id) == FALSE)
- stmt = insert_counter;
-
- DB_ACTION(sqlite3_bind_int64(stmt, 1, info->restriction_id));
- DB_ACTION(sqlite3_bind_int64(stmt, 2, info->data_counter));
- DB_ACTION(sqlite3_bind_int64(stmt, 3, info->warn_counter));
- DB_ACTION(sqlite3_bind_int64(stmt, 4, info->monthly_counter));
- DB_ACTION(sqlite3_bind_int64(stmt, 5, info->weekly_counter));
- DB_ACTION(sqlite3_bind_int64(stmt, 6, info->daily_counter));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to update counter: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- __STC_LOG_FUNC_EXIT__;
- goto handle_error;
- }
-
- STC_LOGD("Counter updated for restriction_id [%llu]",
- info->restriction_id);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-//LCOV_EXCL_STOP
-
-API stc_error_e table_counters_get_timestamps(long long int restriction_id,
- table_counters_info *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_timestamp;
- int rc;
-
- if (info == NULL) {
- __STC_LOG_FUNC_EXIT__;
- goto handle_error;
- }
-
- info->restriction_id = restriction_id;
-
- DB_ACTION(sqlite3_bind_int64(stmt, 1, restriction_id));
-
- do {
- rc = sqlite3_step(stmt);
-
- //LCOV_EXCL_START
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- info->month_start_date = sqlite3_column_int(stmt, 0);
- info->month_start_ts = sqlite3_column_int64(stmt, 1);
- info->week_start_ts = sqlite3_column_int64(stmt, 2);
- info->day_start_ts = sqlite3_column_int64(stmt, 3);
-
- STC_LOGD("rstn_id [%llu] month_start_date [%d], "
- "month_start_ts [%lld], week_start_ts [%lld], "
- "day_start_ts [%lld]", restriction_id,
- info->month_start_date, info->month_start_ts,
- info->week_start_ts, info->day_start_ts);
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to enumerate counters: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
-
- error_code = STC_ERROR_DB_FAILED;
- __STC_LOG_FUNC_EXIT__;
- }
- //LCOV_EXCL_STOP
- } while (rc == SQLITE_ROW);
-
-handle_error:
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-//LCOV_EXCL_START
-API stc_error_e table_counters_update_timestamps(const table_counters_info *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = update_timestamp;
-
- if (__table_counters_is_entry_present(info->restriction_id) == FALSE)
- stmt = insert_timestamp;
-
- DB_ACTION(sqlite3_bind_int64(stmt, 1, info->restriction_id));
- DB_ACTION(sqlite3_bind_int(stmt, 2, info->month_start_date));
- DB_ACTION(sqlite3_bind_int64(stmt, 3, info->month_start_ts));
- DB_ACTION(sqlite3_bind_int64(stmt, 4, info->week_start_ts));
- DB_ACTION(sqlite3_bind_int64(stmt, 5, info->day_start_ts));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to update timestamps: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- __STC_LOG_FUNC_EXIT__;
- goto handle_error;
- }
-
- STC_LOGD("Timestamps updated for restriction_id [%llu]",
- info->restriction_id);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-//LCOV_EXCL_STOP
-
-
-API stc_error_e table_counters_delete(long long int restriction_id)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = delete_counter;
-
- DB_ACTION(sqlite3_bind_int64(stmt, 1, restriction_id));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to delete counter: %s\n", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- STC_LOGD("Counter deleted for restriction_id [%llu]", restriction_id);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-stc_error_e table_counters_prepare(sqlite3 *db)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e error_code = STC_ERROR_NONE;
-
- if (db == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- DB_ACTION(__prepare_delete(db));
- DB_ACTION(__prepare_select(db));
- DB_ACTION(__prepare_update(db));
- DB_ACTION(__prepare_insert(db));
-
-handle_error:
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-void table_counters_finalize(void)
-{
- __STC_LOG_FUNC_ENTER__;
- __finalize_delete();
- __finalize_select();
- __finalize_update();
- __finalize_insert();
- __STC_LOG_FUNC_EXIT__;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * This file implements restrictions entity handler methods.
- *
- * @file table-restrictions.c
- */
-
-#include "stc-db.h"
-#include "db-internal.h"
-#include "table-firewall.h"
-
-#define BUF_SIZE_FOR_IP 64
-
-/* DELETE statements */
-#define DELETE_FIREWALL_CHAIN "DELETE FROM fw_chains " \
- "WHERE chain = ?"
-
-#define DELETE_FIREWALL_RULE "DELETE FROM fw_rules " \
- "WHERE key = ?"
-
-#define DELETE_FIREWALL_RULE_PER_CHAIN "DELETE FROM fw_rules " \
- "WHERE chain = ?"
-
-/* SELECT statements */
-#define SELECT_FIREWALL_LOCK "SELECT state FROM fw_lock " \
- "WHERE name = ?"
-
-#define SELECT_FIREWALL_CHAIN "SELECT chain, " \
- "target, priority FROM fw_chains"
-
-#define SELECT_FIREWALL_RULE "SELECT key, " \
- "chain, direction, s_ip_type, d_ip_type, s_port_type, " \
- "d_port_type, protocol, family, s_ip1, s_ip2, d_ip1, d_ip2, " \
- "s_port1, s_port2, d_port1, d_port2, ifname, target, " \
- "log_level, log_prefix, " \
- "nflog_group, nflog_prefix, nflog_range, nflog_threshold, " \
- "identifier " \
- "FROM fw_rules"
-
-#define SELECT_FIREWALL_RULE_PER_CHAIN "SELECT key, " \
- "chain, direction, s_ip_type, d_ip_type, s_port_type, " \
- "d_port_type, protocol, family, s_ip1, s_ip2, d_ip1, d_ip2, " \
- "s_port1, s_port2, d_port1, d_port2, ifname, target, " \
- "log_level, log_prefix, " \
- "nflog_group, nflog_prefix, nflog_range, nflog_threshold, " \
- "identifier " \
- "FROM fw_rules INDEXED BY rules_index " \
- "WHERE chain = ?"
-
-/* UPDATE statement */
-#define UPDATE_FIREWALL_LOCK "UPDATE fw_lock " \
- "SET state = ? WHERE name = ?"
-
-#define UPDATE_FIREWALL_CHAIN "UPDATE fw_chains " \
- "SET target = ?, priority = ? " \
- "WHERE chain = ?"
-
-#define UPDATE_FIREWALL_RULE "UPDATE fw_rules " \
- "SET chain = ?, direction = ?, s_ip_type = ?, d_ip_type = ?, " \
- "s_port_type = ?, d_port_type = ?, protocol = ?, family = ?, " \
- "s_ip1 = ?, s_ip2 = ?, d_ip1 = ?, d_ip2 = ?, s_port1 = ?, " \
- "s_port2 = ?, d_port1 = ?, d_port2 = ?, ifname = ?, target = ?, " \
- "log_level = ?, log_prefix = ?, " \
- "nflog_group = ?, nflog_prefix = ?, nflog_range = ?, nflog_threshold = ?, " \
- "identifier = ?, key = ? " \
- "WHERE key = ?"
-
-/* INSERT statement */
-#define INSERT_FIREWALL_LOCK "INSERT INTO fw_lock " \
- "(name, state) VALUES (?, ?)"
-
-#define INSERT_FIREWALL_CHAIN "INSERT INTO fw_chains " \
- "(chain, target, priority) " \
- "VALUES (?, ?, ?)"
-
-#define INSERT_FIREWALL_RULE "INSERT INTO fw_rules " \
- "(key, chain, direction, s_ip_type, d_ip_type, s_port_type, " \
- "d_port_type, protocol, family, s_ip1, s_ip2, d_ip1, d_ip2, " \
- "s_port1, s_port2, d_port1, d_port2, ifname, target, " \
- "log_level, log_prefix, " \
- "nflog_group, nflog_prefix, nflog_range, nflog_threshold, " \
- "identifier) " \
- "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, " \
- "?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
-
-static void __finalize_delete(void);
-
-#define PREPARE_DELETE(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_delete(); \
- STC_LOGE("Failed to prepare \"%s\" query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_select(void);
-
-#define PREPARE_SELECT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_select(); \
- STC_LOGE("Failed to prepare \"%s\" query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_update(void);
-
-#define PREPARE_UPDATE(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_update(); \
- STC_LOGE("Failed to prepare \"%s\" query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_insert(void);
-
-#define PREPARE_INSERT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_insert(); \
- STC_LOGE("Failed to prepare \"%s\" query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-#define FINALIZE(stm) do { \
- if (stm) { \
- sqlite3_finalize(stm); \
- stm = NULL; \
- } \
-} while (0)
-
-/* DELETE statements */
-static sqlite3_stmt *delete_fw_chain;
-static sqlite3_stmt *delete_fw_rule;
-static sqlite3_stmt *delete_fw_rule_per_chain;
-
-/* SELECT statements */
-static sqlite3_stmt *select_fw_lock;
-static sqlite3_stmt *select_fw_chain;
-static sqlite3_stmt *select_fw_rule;
-static sqlite3_stmt *select_fw_rule_per_chain;
-
-/* UPDATE statements */
-static sqlite3_stmt *update_fw_lock;
-static sqlite3_stmt *update_fw_chain;
-static sqlite3_stmt *update_fw_rule;
-
-/* INSERT statements */
-static sqlite3_stmt *insert_fw_lock;
-static sqlite3_stmt *insert_fw_chain;
-static sqlite3_stmt *insert_fw_rule;
-
-static int __prepare_delete(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_DELETE(delete_fw_chain, DELETE_FIREWALL_CHAIN);
- PREPARE_DELETE(delete_fw_rule, DELETE_FIREWALL_RULE);
- PREPARE_DELETE(delete_fw_rule_per_chain, DELETE_FIREWALL_RULE_PER_CHAIN);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_delete(void)
-{
- FINALIZE(delete_fw_chain);
- FINALIZE(delete_fw_rule);
- FINALIZE(delete_fw_rule_per_chain);
-}
-
-static int __prepare_select(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_SELECT(select_fw_lock, SELECT_FIREWALL_LOCK);
- PREPARE_SELECT(select_fw_chain, SELECT_FIREWALL_CHAIN);
- PREPARE_SELECT(select_fw_rule, SELECT_FIREWALL_RULE);
- PREPARE_SELECT(select_fw_rule_per_chain, SELECT_FIREWALL_RULE_PER_CHAIN);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_select(void)
-{
- FINALIZE(select_fw_lock);
- FINALIZE(select_fw_chain);
- FINALIZE(select_fw_rule);
- FINALIZE(select_fw_rule_per_chain);
-}
-
-static int __prepare_update(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_UPDATE(update_fw_lock, UPDATE_FIREWALL_LOCK);
- PREPARE_UPDATE(update_fw_chain, UPDATE_FIREWALL_CHAIN);
- PREPARE_UPDATE(update_fw_rule, UPDATE_FIREWALL_RULE);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_update(void)
-{
- FINALIZE(update_fw_lock);
- FINALIZE(update_fw_chain);
- FINALIZE(update_fw_rule);
-}
-
-static int __prepare_insert(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_INSERT(insert_fw_lock, INSERT_FIREWALL_LOCK);
- PREPARE_INSERT(insert_fw_chain, INSERT_FIREWALL_CHAIN);
- PREPARE_INSERT(insert_fw_rule, INSERT_FIREWALL_RULE);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_insert(void)
-{
- FINALIZE(insert_fw_lock);
- FINALIZE(insert_fw_chain);
- FINALIZE(insert_fw_rule);
-}
-
-API stc_error_e table_firewall_insert_lock(char *name, int state)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = insert_fw_lock;
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, name ? name : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 2, state));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to insert firewall lock state: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
-
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall lock state inserted [%d]", state);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_update_lock(char *name, int state)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = update_fw_lock;
-
- DB_ACTION(sqlite3_bind_int(stmt, 1, state));
- DB_ACTION(sqlite3_bind_text(stmt, 2, name ? name : "",
- -1, SQLITE_TRANSIENT));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to update firewall lock state: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
-
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall lock state updated [%d]", state);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_get_lock(char *name, int *state)
-{
- int rc;
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_fw_lock;
-
- if (!name)
- return STC_ERROR_DB_FAILED;
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, name,
- -1, SQLITE_TRANSIENT));
-
- rc = sqlite3_step(stmt);
-
- switch (rc) {
- case SQLITE_DONE:
- STC_LOGD("There is no lock state [%s]", name);
- error_code = STC_ERROR_NO_DATA;
- goto handle_error;
- case SQLITE_ROW:
- *state = sqlite3_column_int(stmt, 0);
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to get firewall lock state: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
-
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall lock state [%d]", *state);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_insert_chain(firewall_chain_s *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = insert_fw_chain;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 2, info->target));
- DB_ACTION(sqlite3_bind_int(stmt, 3, info->priority));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to insert firewall chain: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall chain inserted [%s]", info->chain);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_delete_chain(firewall_chain_s *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = delete_fw_chain;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
- -1, SQLITE_TRANSIENT));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to delete firewall chain %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall chain deleted [%s]", info->chain);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_flush_chain(firewall_chain_s *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = delete_fw_rule_per_chain;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
- -1, SQLITE_TRANSIENT));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to flush firewall chain %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall chain flushed [%s]", info->chain);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_update_chain(firewall_chain_s *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = update_fw_chain;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_int(stmt, 1, info->target));
- DB_ACTION(sqlite3_bind_int(stmt, 2, info->priority));
- DB_ACTION(sqlite3_bind_text(stmt, 3, info->chain ? info->chain : "",
- -1, SQLITE_TRANSIENT));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to update firewall chain: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall chain updated [%s]", info->chain);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb,
- void *user_data)
-{
- firewall_chain_s info;
- int rc;
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_fw_chain;
-
- do {
- rc = sqlite3_step(stmt);
-
- memset(&info, 0, sizeof(info));
-
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- info.chain = (char *)sqlite3_column_text(stmt, 0);
- info.target = sqlite3_column_int(stmt, 1);
- info.priority = sqlite3_column_int(stmt, 2);
-
- if (info_cb(&info, user_data) == STC_CANCEL)
- rc = SQLITE_DONE;
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to enumerate firewall chains: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
-
- error_code = STC_ERROR_DB_FAILED;
- }
- } while (rc == SQLITE_ROW);
-
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_insert_rule(firewall_rule_s *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- char buf[BUF_SIZE_FOR_IP];
- sqlite3_stmt *stmt = insert_fw_rule;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_int64(stmt, 1, info->key));
- DB_ACTION(sqlite3_bind_text(stmt, 2, info->chain ? info->chain : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 3, info->direction));
- DB_ACTION(sqlite3_bind_int(stmt, 4, info->s_ip_type));
- DB_ACTION(sqlite3_bind_int(stmt, 5, info->d_ip_type));
- DB_ACTION(sqlite3_bind_int(stmt, 6, info->s_port_type));
- DB_ACTION(sqlite3_bind_int(stmt, 7, info->d_port_type));
- DB_ACTION(sqlite3_bind_int(stmt, 8, info->protocol));
- DB_ACTION(sqlite3_bind_int(stmt, 9, info->family));
- if (info->family == STC_FW_FAMILY_V4) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->s_ip1.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->s_ip2.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->d_ip1.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->d_ip2.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 13, buf, -1, SQLITE_TRANSIENT));
- } else if (info->family == STC_FW_FAMILY_V6) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->s_ip1.Ipv6.s6_addr32[0], info->s_ip1.Ipv6.s6_addr32[1],
- info->s_ip1.Ipv6.s6_addr32[2], info->s_ip1.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->s_ip2.Ipv6.s6_addr32[0], info->s_ip2.Ipv6.s6_addr32[1],
- info->s_ip2.Ipv6.s6_addr32[2], info->s_ip2.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->d_ip1.Ipv6.s6_addr32[0], info->d_ip1.Ipv6.s6_addr32[1],
- info->d_ip1.Ipv6.s6_addr32[2], info->d_ip1.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->d_ip2.Ipv6.s6_addr32[0], info->d_ip2.Ipv6.s6_addr32[1],
- info->d_ip2.Ipv6.s6_addr32[2], info->d_ip2.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 13, buf, -1, SQLITE_TRANSIENT));
- } else {
- DB_ACTION(sqlite3_bind_text(stmt, 10, "", -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 11, "", -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 12, "", -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 13, "", -1, SQLITE_TRANSIENT));
- }
- DB_ACTION(sqlite3_bind_int(stmt, 14, info->s_port1));
- DB_ACTION(sqlite3_bind_int(stmt, 15, info->s_port2));
- DB_ACTION(sqlite3_bind_int(stmt, 16, info->d_port1));
- DB_ACTION(sqlite3_bind_int(stmt, 17, info->d_port2));
- DB_ACTION(sqlite3_bind_text(stmt, 18, info->ifname ? info->ifname : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 19, info->target));
- DB_ACTION(sqlite3_bind_int(stmt, 20, info->log_level));
- DB_ACTION(sqlite3_bind_text(stmt, 21, info->log_prefix ? info->log_prefix : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 22, info->nflog_group));
- DB_ACTION(sqlite3_bind_text(stmt, 23, info->nflog_prefix ? info->nflog_prefix : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 24, info->nflog_range));
- DB_ACTION(sqlite3_bind_int(stmt, 25, info->nflog_threshold));
- DB_ACTION(sqlite3_bind_text(stmt, 26, info->identifier ? info->identifier : "",
- -1, SQLITE_TRANSIENT));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to insert firewall rule: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall rule inserted [%s]", info->chain);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_delete_rule(firewall_rule_s *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = delete_fw_rule;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_int64(stmt, 1, info->key));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to delete firewall rule %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall rule deleted [%s]", info->chain);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- char buf[BUF_SIZE_FOR_IP];
- sqlite3_stmt *stmt = update_fw_rule;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, info->chain ? info->chain : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 2, info->direction));
- DB_ACTION(sqlite3_bind_int(stmt, 3, info->s_ip_type));
- DB_ACTION(sqlite3_bind_int(stmt, 4, info->d_ip_type));
- DB_ACTION(sqlite3_bind_int(stmt, 5, info->s_port_type));
- DB_ACTION(sqlite3_bind_int(stmt, 6, info->d_port_type));
- DB_ACTION(sqlite3_bind_int(stmt, 7, info->protocol));
- DB_ACTION(sqlite3_bind_int(stmt, 8, info->family));
- if (info->family == STC_FW_FAMILY_V4) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->s_ip1.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 9, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->s_ip2.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->d_ip1.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x", info->d_ip2.Ipv4.s_addr);
- DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
- } else if (info->family == STC_FW_FAMILY_V6) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->s_ip1.Ipv6.s6_addr32[0], info->s_ip1.Ipv6.s6_addr32[1],
- info->s_ip1.Ipv6.s6_addr32[2], info->s_ip1.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 9, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->s_ip2.Ipv6.s6_addr32[0], info->s_ip2.Ipv6.s6_addr32[1],
- info->s_ip2.Ipv6.s6_addr32[2], info->s_ip2.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 10, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->d_ip1.Ipv6.s6_addr32[0], info->d_ip1.Ipv6.s6_addr32[1],
- info->d_ip1.Ipv6.s6_addr32[2], info->d_ip1.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 11, buf, -1, SQLITE_TRANSIENT));
-
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- info->d_ip2.Ipv6.s6_addr32[0], info->d_ip2.Ipv6.s6_addr32[1],
- info->d_ip2.Ipv6.s6_addr32[2], info->d_ip2.Ipv6.s6_addr32[3]);
- DB_ACTION(sqlite3_bind_text(stmt, 12, buf, -1, SQLITE_TRANSIENT));
- } else {
- DB_ACTION(sqlite3_bind_text(stmt, 9, "", -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 10, "", -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 11, "", -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 12, "", -1, SQLITE_TRANSIENT));
- }
- DB_ACTION(sqlite3_bind_int(stmt, 13, info->s_port1));
- DB_ACTION(sqlite3_bind_int(stmt, 14, info->s_port2));
- DB_ACTION(sqlite3_bind_int(stmt, 15, info->d_port1));
- DB_ACTION(sqlite3_bind_int(stmt, 16, info->d_port2));
- DB_ACTION(sqlite3_bind_text(stmt, 17, info->ifname ? info->ifname : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 18, info->target));
- DB_ACTION(sqlite3_bind_int(stmt, 19, info->log_level));
- DB_ACTION(sqlite3_bind_text(stmt, 20, info->log_prefix ? info->log_prefix : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 21, info->nflog_group));
- DB_ACTION(sqlite3_bind_text(stmt, 22, info->nflog_prefix ? info->nflog_prefix : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 23, info->nflog_range));
- DB_ACTION(sqlite3_bind_int(stmt, 24, info->nflog_threshold));
- DB_ACTION(sqlite3_bind_text(stmt, 25, info->identifier ? info->identifier : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int64(stmt, 26, info->key));
- DB_ACTION(sqlite3_bind_int64(stmt, 27, key));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to update firewall rule %s\n",
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED;
- goto handle_error;
- }
-
- STC_LOGD("Firewall rule updated [%s]", info->chain);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-API stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb,
- void *user_data)
-{
- firewall_rule_s info;
- int rc;
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_fw_rule;
-
- do {
- rc = sqlite3_step(stmt);
-
- memset(&info, 0, sizeof(info));
-
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- info.key = sqlite3_column_int64(stmt, 0);
- info.chain = (char *)sqlite3_column_text(stmt, 1);
- info.direction = sqlite3_column_int(stmt, 2);
- info.s_ip_type = sqlite3_column_int(stmt, 3);
- info.d_ip_type = sqlite3_column_int(stmt, 4);
- info.s_port_type = sqlite3_column_int(stmt, 5);
- info.d_port_type = sqlite3_column_int(stmt, 6);
- info.protocol = sqlite3_column_int(stmt, 7);
- info.family = sqlite3_column_int(stmt, 8);
- if (info.family == STC_FW_FAMILY_V4) {
- sscanf((char *)sqlite3_column_text(stmt, 9), "%08x",
- &(info.s_ip1.Ipv4.s_addr));
- sscanf((char *)sqlite3_column_text(stmt, 10), "%08x",
- &(info.s_ip2.Ipv4.s_addr));
- sscanf((char *)sqlite3_column_text(stmt, 11), "%08x",
- &(info.d_ip1.Ipv4.s_addr));
- sscanf((char *)sqlite3_column_text(stmt, 12), "%08x",
- &(info.d_ip2.Ipv4.s_addr));
- } else if (info.family == STC_FW_FAMILY_V6) {
- sscanf((char *)sqlite3_column_text(stmt, 9), "%08x:%08x:%08x:%08x",
- &(info.s_ip1.Ipv6.s6_addr32[0]), &(info.s_ip1.Ipv6.s6_addr32[1]),
- &(info.s_ip1.Ipv6.s6_addr32[2]), &(info.s_ip1.Ipv6.s6_addr32[3]));
- sscanf((char *)sqlite3_column_text(stmt, 10), "%08x:%08x:%08x:%08x",
- &(info.s_ip2.Ipv6.s6_addr32[0]), &(info.s_ip2.Ipv6.s6_addr32[1]),
- &(info.s_ip2.Ipv6.s6_addr32[2]), &(info.s_ip2.Ipv6.s6_addr32[3]));
- sscanf((char *)sqlite3_column_text(stmt, 11), "%08x:%08x:%08x:%08x",
- &(info.d_ip1.Ipv6.s6_addr32[0]), &(info.d_ip1.Ipv6.s6_addr32[1]),
- &(info.d_ip1.Ipv6.s6_addr32[2]), &(info.d_ip1.Ipv6.s6_addr32[3]));
- sscanf((char *)sqlite3_column_text(stmt, 12), "%08x:%08x:%08x:%08x",
- &(info.d_ip2.Ipv6.s6_addr32[0]), &(info.d_ip2.Ipv6.s6_addr32[1]),
- &(info.d_ip2.Ipv6.s6_addr32[2]), &(info.d_ip2.Ipv6.s6_addr32[3]));
- }
- info.s_port1 = sqlite3_column_int(stmt, 13);
- info.s_port2 = sqlite3_column_int(stmt, 14);
- info.d_port1 = sqlite3_column_int(stmt, 15);
- info.d_port2 = sqlite3_column_int(stmt, 16);
- info.ifname = (char *)sqlite3_column_text(stmt, 17);
- info.target = sqlite3_column_int(stmt, 18);
- info.log_level = sqlite3_column_int(stmt, 19);
- info.log_prefix = (char *)sqlite3_column_text(stmt, 20);
- info.nflog_group = sqlite3_column_int(stmt, 21);
- info.nflog_prefix = (char *)sqlite3_column_text(stmt, 22);
- info.nflog_range = sqlite3_column_int(stmt, 23);
- info.nflog_threshold = sqlite3_column_int(stmt, 24);
- info.identifier = (char *)sqlite3_column_text(stmt, 25);
-
- if (info_cb(&info, user_data) == STC_CANCEL)
- rc = SQLITE_DONE;
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to enumerate firewall rules: %s\n",
- sqlite3_errmsg(stc_db_get_database()));
-
- error_code = STC_ERROR_DB_FAILED;
- }
- } while (rc == SQLITE_ROW);
-
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-stc_error_e table_firewall_prepare(sqlite3 *db)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e error_code = STC_ERROR_NONE;
-
- if (db == NULL) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_FAIL;
- }
-
- DB_ACTION(__prepare_delete(db));
- DB_ACTION(__prepare_select(db));
- DB_ACTION(__prepare_update(db));
- DB_ACTION(__prepare_insert(db));
-
-handle_error:
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-void table_firewall_finalize(void)
-{
- __STC_LOG_FUNC_ENTER__;
- __finalize_delete();
- __finalize_select();
- __finalize_update();
- __finalize_insert();
- __STC_LOG_FUNC_EXIT__;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * This file implements restrictions entity handler methods.
- *
- * @file table-restrictions.c
- */
-
-#include "stc-db.h"
-#include "db-internal.h"
-#include "table-restrictions.h"
-
-/* DELETE statements */
-#define DELETE_RESTRICTIONS "DELETE FROM restrictions " \
- " WHERE binpath = ? AND iftype = ? AND ifname = ? " \
- " AND subscriber_id = ? AND roaming = ?"
-
-/* SELECT statements */
-#define SELECT_RESTRICTIONS "SELECT binpath, data_limit, " \
- " iftype, rstn_type, roaming, ifname, subscriber_id, " \
- " data_warn_limit, monthly_limit, weekly_limit, daily_limit, month_start_date, " \
- " restriction_id FROM restrictions"
-
-#define SELECT_RESTRICTIONS_PER_APP "SELECT binpath, data_limit, " \
- " iftype, rstn_type, roaming, ifname, subscriber_id, " \
- " data_warn_limit, monthly_limit, weekly_limit, daily_limit, month_start_date, " \
- " restriction_id " \
- " FROM restrictions INDEXED BY restrictions_index " \
- " WHERE binpath = ?"
-
-#define SELECT_RESTRICTION_TYPE "SELECT rstn_type " \
- " FROM restrictions INDEXED BY restrictions_index " \
- " WHERE binpath = ? AND iftype = ?"
-
-#define SELECT_RESTRICTION_TYPE_SUBSCRIBER_ID "SELECT rstn_type " \
- " FROM restrictions INDEXED BY restrictions_index " \
- " WHERE binpath = ? AND iftype = ? AND subscriber_id = ?"
-
-#define SELECT_RESTRICTION_ID "SELECT restriction_id FROM restrictions " \
- " WHERE binpath = ? AND iftype = ? AND subscriber_id = ? AND " \
- " roaming = ? AND ifname = ?"
-
-/* UPDATE statement */
-#define UPDATE_NET_RESTRICTIONS "UPDATE restrictions " \
- " SET binpath = ?, data_limit = ?, iftype = ?, rstn_type = ?, " \
- " roaming = ?, ifname = ?, subscriber_id = ?, data_warn_limit = ?, " \
- " monthly_limit = ?, weekly_limit = ?, daily_limit = ? " \
- " WHERE restriction_id = ?"
-
-/* INSERT statement */
-#define INSERT_NET_RESTRICTIONS "INSERT INTO restrictions " \
- " (binpath, data_limit, iftype, rstn_type, " \
- " roaming, ifname, subscriber_id, data_warn_limit, " \
- " monthly_limit, weekly_limit, daily_limit, month_start_date) " \
- " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
-
-static void __finalize_delete(void);
-
-#define PREPARE_DELETE(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_delete(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_select(void);
-
-#define PREPARE_SELECT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_select(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_update(void);
-
-#define PREPARE_UPDATE(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_update(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_insert(void);
-
-#define PREPARE_INSERT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_insert(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-#define FINALIZE(stm) do { \
- if (stm) { \
- sqlite3_finalize(stm); \
- stm = NULL; \
- } \
-} while (0)
-
-/* DELETE statements */
-static sqlite3_stmt *delete_restrictions;
-
-/* SELECT statements */
-static sqlite3_stmt *select_restriction;
-static sqlite3_stmt *select_restriction_per_app;
-static sqlite3_stmt *select_restriction_type;
-static sqlite3_stmt *select_restriction_type_subscriber_id;
-static sqlite3_stmt *select_restriction_id;
-
-/* REPLACE statements */
-static sqlite3_stmt *update_net_restrictions;
-
-/* INSERT statements */
-static sqlite3_stmt *insert_net_restrictions;
-
-static int __prepare_delete(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_DELETE(delete_restrictions, DELETE_RESTRICTIONS);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_delete(void)
-{
- FINALIZE(delete_restrictions);
-}
-
-static int __prepare_select(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_SELECT(select_restriction, SELECT_RESTRICTIONS);
- PREPARE_SELECT(select_restriction_per_app, SELECT_RESTRICTIONS_PER_APP);
- PREPARE_SELECT(select_restriction_type, SELECT_RESTRICTION_TYPE);
- PREPARE_SELECT(select_restriction_type_subscriber_id, SELECT_RESTRICTION_TYPE_SUBSCRIBER_ID);
- PREPARE_SELECT(select_restriction_id, SELECT_RESTRICTION_ID);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_select(void)
-{
- FINALIZE(select_restriction);
- FINALIZE(select_restriction_per_app);
- FINALIZE(select_restriction_type);
- FINALIZE(select_restriction_type_subscriber_id);
- FINALIZE(select_restriction_id);
-}
-
-static int __prepare_replace(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_UPDATE(update_net_restrictions, UPDATE_NET_RESTRICTIONS);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_update(void)
-{
- FINALIZE(update_net_restrictions);
-}
-
-static int __prepare_insert(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_UPDATE(insert_net_restrictions, INSERT_NET_RESTRICTIONS);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_insert(void)
-{
- FINALIZE(insert_net_restrictions);
-}
-
-stc_error_e table_restrictions_per_app(const gchar* app_id,
- const table_restrictions_info_cb restriction_cb,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- table_restrictions_info data;
- int rc;
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_restriction_per_app;
-
- if (!app_id) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, app_id, -1,
- SQLITE_TRANSIENT));
- data.app_id = (char *)app_id;
-
- do {
- rc = sqlite3_step(stmt);
-
- memset(&data, 0, sizeof(data));
-
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- data.app_id = (char *)sqlite3_column_text(stmt, 0);
- data.data_limit = sqlite3_column_int64(stmt, 1);
- data.iftype = (stc_iface_type_e)sqlite3_column_int(stmt, 2);
- data.rstn_type =
- (stc_rstn_type_e)sqlite3_column_int(stmt, 3);
- data.roaming = sqlite3_column_int(stmt, 4);
- data.ifname = (char *)sqlite3_column_text(stmt, 5);
- data.subscriber_id = (char *)sqlite3_column_text(stmt, 6);
- data.data_warn_limit = sqlite3_column_int64(stmt, 7);
- data.monthly_limit = sqlite3_column_int64(stmt, 8);
- data.weekly_limit = sqlite3_column_int64(stmt, 9);
- data.daily_limit = sqlite3_column_int64(stmt, 10);
- data.restriction_id = sqlite3_column_int64(stmt, 11);
-
- if (restriction_cb(&data, user_data) == STC_CANCEL)
- rc = SQLITE_DONE; //LCOV_EXCL_LINE
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to enumerate restrictions: %s\n", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
-
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
- } while (rc == SQLITE_ROW);
-
-handle_error:
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-API stc_error_e table_restrictions_foreach(const table_restrictions_info_cb restriction_cb,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- table_restrictions_info data;
- int rc;
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_restriction;
-
- do {
- rc = sqlite3_step(stmt);
-
- memset(&data, 0, sizeof(data));
-
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- data.app_id = (char *)sqlite3_column_text(stmt, 0);
- data.data_limit = sqlite3_column_int64(stmt, 1);
- data.iftype = (stc_iface_type_e)sqlite3_column_int(stmt, 2);
- data.rstn_type =
- (stc_rstn_type_e)sqlite3_column_int(stmt, 3);
- data.roaming = sqlite3_column_int(stmt, 4);
- data.ifname = (char *)sqlite3_column_text(stmt, 5);
- data.subscriber_id = (char *)sqlite3_column_text(stmt, 6);
- data.data_warn_limit = sqlite3_column_int64(stmt, 7);
- data.monthly_limit = sqlite3_column_int64(stmt, 8);
- data.weekly_limit = sqlite3_column_int64(stmt, 9);
- data.daily_limit = sqlite3_column_int64(stmt, 10);
- data.month_start_date = sqlite3_column_int(stmt, 11);
- data.restriction_id = sqlite3_column_int64(stmt, 12);
-
- if (restriction_cb(&data, user_data) == STC_CANCEL)
- rc = SQLITE_DONE; //LCOV_EXCL_LINE
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to enumerate restrictions: %s\n", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
-
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
- } while (rc == SQLITE_ROW);
-
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-stc_error_e table_restrictions_get_restriction_type_subscriber_id(const char *app_id,
- stc_iface_type_e iftype,
- const char *subscriber_id,
- stc_rstn_type_e *type)
-{
- __STC_LOG_FUNC_ENTER__;
- int error_code = STC_ERROR_NONE;
- int ret;
- bool state_subscriber_id = 0;
-
- if (type == NULL) {
- STC_LOGE("Please provide valid argument!"); //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- *type = STC_RSTN_TYPE_UNKNOWN;
- ret = sqlite3_reset(select_restriction_type_subscriber_id);
- if (ret != SQLITE_OK) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
-
- ret = sqlite3_reset(select_restriction_type);
- if (ret != SQLITE_OK) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
-
- if (subscriber_id == NULL) {
- state_subscriber_id = 0;
- DB_ACTION(sqlite3_bind_text(select_restriction_type, 1,
- app_id ? app_id : "", -1,
- SQLITE_STATIC));
- DB_ACTION(sqlite3_bind_int(select_restriction_type, 2,
- iftype));
- ret = sqlite3_step(select_restriction_type);
- } else {
- state_subscriber_id = 1;
- DB_ACTION(sqlite3_bind_text(select_restriction_type_subscriber_id, 1,
- app_id ? app_id : "", -1,
- SQLITE_STATIC));
- DB_ACTION(sqlite3_bind_int(select_restriction_type_subscriber_id, 2,
- iftype));
- DB_ACTION(sqlite3_bind_text(select_restriction_type_subscriber_id, 3,
- subscriber_id, -1, SQLITE_STATIC));
- ret = sqlite3_step(select_restriction_type_subscriber_id);
- }
-
- switch (ret) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- if (state_subscriber_id)
- *type = (stc_rstn_type_e)sqlite3_column_int(select_restriction_type_subscriber_id, 0);
- else
- *type = (stc_rstn_type_e)sqlite3_column_int(select_restriction_type, 0);
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Can't perform sql query: %s\n", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
-
-handle_error:
- ret = sqlite3_reset(select_restriction_type);
- if (ret != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- ret = sqlite3_reset(select_restriction_type_subscriber_id);
- if (ret != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-stc_error_e table_restrictions_get_restriction_type(const char *app_id,
- stc_iface_type_e iftype,
- stc_rstn_type_e *type)
-{
- __STC_LOG_FUNC_ENTER__;
- __STC_LOG_FUNC_EXIT__;
- return table_restrictions_get_restriction_type_subscriber_id(app_id, iftype,
- NULL, type);
-}
-
-stc_error_e table_restrictions_delete(const char *app_id,
- const stc_iface_type_e iftype,
- const char *ifname,
- const char *subscriber_id,
- const stc_roaming_type_e roaming)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = delete_restrictions;
-
- STC_LOGD("app_id[%s] iftype[%d] ifname[%s] subscriber_id[%s] roaming[%d]",
- app_id, iftype, ifname, subscriber_id, roaming);
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, app_id ? app_id : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 2, iftype));
- DB_ACTION(sqlite3_bind_text(stmt, 3, ifname ? ifname : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 4, subscriber_id ? subscriber_id : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 5, roaming));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to remove restrictions by network interface %s\n", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- STC_LOGD("Restriction deleted for app_id [%s]", app_id);
-
-handle_error:
-
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-stc_error_e __get_restriction_id(table_restrictions_info *info)
-{
- __STC_LOG_FUNC_ENTER__;
- int rc;
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = select_restriction_id;
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, info->app_id ? info->app_id : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 2, info->iftype));
- DB_ACTION(sqlite3_bind_text(stmt, 3, info->subscriber_id ? info->subscriber_id : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int(stmt, 4, info->roaming));
- DB_ACTION(sqlite3_bind_text(stmt, 5, info->ifname ? info->ifname : "",
- -1, SQLITE_TRANSIENT));
-
- rc = sqlite3_step(stmt);
-
- switch (rc) {
- case SQLITE_DONE:
- break;
- case SQLITE_ROW:
- info->restriction_id = sqlite3_column_int64(stmt, 0);
- STC_LOGD("restriction id [%llu]", info->restriction_id);
- break;
- case SQLITE_ERROR:
- default:
- STC_LOGE("Failed to get restriction id: %s\n", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
-
-handle_error:
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-stc_error_e table_restrictions_update(table_restrictions_info *info)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = insert_net_restrictions;
-
- if (!info) {
- error_code = STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- if (__get_restriction_id(info) != STC_ERROR_NONE) {
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- if (info->restriction_id)
- stmt = update_net_restrictions;
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, info->app_id ? info->app_id : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int64(stmt, 2, info->data_limit));
- DB_ACTION(sqlite3_bind_int(stmt, 3, info->iftype));
- DB_ACTION(sqlite3_bind_int(stmt, 4, info->rstn_type));
- DB_ACTION(sqlite3_bind_int(stmt, 5, info->roaming));
- DB_ACTION(sqlite3_bind_text(stmt, 6, info->ifname ? info->ifname : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_text(stmt, 7, info->subscriber_id ? info->subscriber_id : "",
- -1, SQLITE_TRANSIENT));
- DB_ACTION(sqlite3_bind_int64(stmt, 8, info->data_warn_limit));
- DB_ACTION(sqlite3_bind_int64(stmt, 9, info->monthly_limit));
- DB_ACTION(sqlite3_bind_int64(stmt, 10, info->weekly_limit));
- DB_ACTION(sqlite3_bind_int64(stmt, 11, info->daily_limit));
-
- if (info->restriction_id)
- DB_ACTION(sqlite3_bind_int64(stmt, 12, info->restriction_id));
- else
- DB_ACTION(sqlite3_bind_int64(stmt, 12, info->month_start_date));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to set network restriction: %s\n", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- if (info->restriction_id) {
- STC_LOGD("Restriction updated app_id [%s]", info->app_id);
- } else {
- STC_LOGD("Restriction inserted app_id [%s]", info->app_id);
- if (__get_restriction_id(info) != STC_ERROR_NONE)
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-stc_error_e table_restrictions_prepare(sqlite3 *db)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e error_code = STC_ERROR_NONE;
-
- if (db == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- DB_ACTION(__prepare_delete(db));
- DB_ACTION(__prepare_select(db));
- DB_ACTION(__prepare_replace(db));
- DB_ACTION(__prepare_insert(db));
-
-handle_error:
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-void table_restrictions_finalize(void)
-{
- __STC_LOG_FUNC_ENTER__;
- __finalize_delete();
- __finalize_select();
- __finalize_update();
- __finalize_insert();
- __STC_LOG_FUNC_EXIT__;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * This file implements statistics entity handler methods.
- *
- * @file table-statistics.c
- */
-
-#include "stc-db.h"
-#include "table-statistics.h"
-#include "db-internal.h"
-
-/* DELETE statements */
-#define DELETE_ALL "delete from statistics where time_stamp between ? and ?"
-
-#define DELETE_APP "delete from statistics where binpath=? and " \
- "time_stamp between ? and ? "
-
-#define DELETE_IFACE "delete from statistics where iftype=? and " \
- "time_stamp between ? and ?"
-
-#define DELETE_APP_IFACE "delete from statistics where binpath=? and " \
- "iftype=? and time_stamp between ? and ?"
-
-#define DELETE_FIRST_BY_NUMBER "delete from statistics where time_stamp in " \
- "(select time_stamp from statistics desc limit ?)"
-
-/* SELECT statements */
-#define SELECT_FOR_PERIOD "select binpath, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, " \
- "sum(sent) as sent, subscriber_id, ground, iftype, ifname from statistics " \
- "where time_stamp between ? and ? " \
- "group by binpath, is_roaming, subscriber_id order by received desc"
-
-#define SELECT_FOR_PERIOD_IFACE "select binpath, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, " \
- "sum(sent) as sent, subscriber_id, ground, iftype, ifname from statistics " \
- "where time_stamp between ? and ? " \
- "and iftype=? group by binpath, is_roaming, subscriber_id order by received desc"
-
-#define SELECT_CHUNKS "select binpath, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, " \
- "sum(sent) as sent, subscriber_id, ground, iftype, ifname, " \
- "time_stamp - time_stamp % ? as timestamp " \
- "from statistics where time_stamp between ? and ? " \
- "group by binpath, timestamp, subscriber_id order by timestamp"
-
-#define SELECT_CHUNKS_IFACE "select binpath, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, " \
- "sum(sent) as sent, subscriber_id, ground, iftype, ifname, " \
- "time_stamp - time_stamp % ? as timestamp " \
- "from statistics where time_stamp between ? and ? and iftype=?" \
- "group by binpath, timestamp, subscriber_id order by timestamp"
-
-#define SELECT_APP_DETAILS "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground from statistics " \
- "where time_stamp between ? and ? and binpath=? " \
- "group by binpath, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
- "is_roaming " \
- "order by time_stamp, binpath, iftype, ifname, subscriber_id, " \
- "hw_net_protocol_type, is_roaming"
-
-#define SELECT_APP_DETAILS_IFACE "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground from statistics " \
- "where time_stamp between ? and ? and binpath=? and iftype=?" \
- "group by hw_net_protocol_type, is_roaming, iftype, ifname, subscriber_id " \
- "order by time_stamp, hw_net_protocol_type, is_roaming, iftype, " \
- "ifname, subscriber_id"
-
-#define SELECT_CHUNKS_APP "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
- "from statistics " \
- "group by iftype, ifname, timestamp, hw_net_protocol_type, is_roaming " \
- "order by timestamp, iftype, ifname, hw_net_protocol_type, is_roaming"
-
-#define SELECT_CHUNKS_APP_IFACE "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
- "from statistics where time_stamp between ? and ? and binpath = ? " \
- "and iftype = ? " \
- "group by timestamp, hw_net_protocol_type, is_roaming, " \
- "iftype, ifname, subscriber_id " \
- "order by timestamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
- "is_roaming"
-
-#define SELECT_TOTAL "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground from statistics " \
- "where (time_stamp between ? and ?) " \
- "and binpath NOT LIKE 'TOTAL_%' " \
- "group by iftype, ifname, subscriber_id, hw_net_protocol_type, is_roaming " \
- "order by time_stamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
- "is_roaming"
-
-#define SELECT_TOTAL_IFACE "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground from statistics " \
- "where (time_stamp between ? and ?) and iftype=? " \
- "and binpath NOT LIKE 'TOTAL_%' " \
- "group by hw_net_protocol_type, is_roaming, " \
- "iftype, ifname, subscriber_id " \
- "order by time_stamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
- "is_roaming"
-
-#define SELECT_CHUNKS_TOTAL "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
- "from statistics where time_stamp between ? and ? " \
- "and binpath NOT LIKE 'TOTAL_%' " \
- "group by timestamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
- "is_roaming " \
- "order by timestamp, iftype, ifname, subscriber_id, hw_net_protocol_type, " \
- "is_roaming"
-
-#define SELECT_CHUNKS_TOTAL_IFACE "select iftype, hw_net_protocol_type, " \
- "is_roaming, sum(received) as received, sum(sent) as sent, " \
- "ifname, subscriber_id, ground, time_stamp - time_stamp % ? as timestamp " \
- "from statistics where time_stamp between ? and ? " \
- "and iftype = ? " \
- "and binpath NOT LIKE 'TOTAL_%' " \
- "group by timestamp, hw_net_protocol_type, is_roaming, iftype, ifname, subscriber_id " \
- "order by timestamp, hw_net_protocol_type, is_roaming, iftype, " \
- "ifname, subscriber_id"
-
-/* INSERT statement */
-#define INSERT_VALUES "insert into statistics " \
- "(binpath, received, sent, time_stamp, " \
- "iftype, is_roaming, hw_net_protocol_type, " \
- "ifname, subscriber_id, ground) " \
- "values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
-
-static void __finalize_delete(void);
-
-#define PREPARE_DELETE(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_delete(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_select(void);
-
-#define PREPARE_SELECT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_select(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-static void __finalize_insert(void);
-
-#define PREPARE_INSERT(stm, query) do { \
- rc = sqlite3_prepare_v2(db, query, -1, &stm, NULL); \
- if (rc != SQLITE_OK) { \
- stm = NULL; \
- __finalize_insert(); \
- STC_LOGE("Failed to prepare \"%s\"query" \
- , query); \
- return rc; \
- } \
-} while (0)
-
-#define FINALIZE(stm) do { \
- if (stm) { \
- sqlite3_finalize(stm); \
- stm = NULL; \
- } \
-} while (0)
-
-/* DELETE statements */
-/* the following array is strictly ordered
- * to find required statement the following code will be used:
- * (app ? 1 : 0) | (iftype ? 2 : 0)
- */
-static sqlite3_stmt *delete_query[5];
-
-/* SELECT statements */
-static sqlite3_stmt *select_for_period;
-static sqlite3_stmt *select_for_period_iface;
-static sqlite3_stmt *select_chunks;
-static sqlite3_stmt *select_chunks_iface;
-static sqlite3_stmt *select_app_details;
-static sqlite3_stmt *select_app_details_iface;
-static sqlite3_stmt *select_chunks_app;
-static sqlite3_stmt *select_chunks_app_iface;
-static sqlite3_stmt *select_total;
-static sqlite3_stmt *select_total_iface;
-static sqlite3_stmt *select_chunks_total;
-static sqlite3_stmt *select_chunks_total_iface;
-
-/* INSERT statements */
-static sqlite3_stmt *update_statistics_query;
-
-static int __prepare_delete(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_DELETE(delete_query[0], DELETE_ALL);
- PREPARE_DELETE(delete_query[1], DELETE_APP);
- PREPARE_DELETE(delete_query[2], DELETE_IFACE);
- PREPARE_DELETE(delete_query[3], DELETE_APP_IFACE);
- PREPARE_DELETE(delete_query[4], DELETE_FIRST_BY_NUMBER);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_delete(void)
-{
- unsigned int i;
- for (i = 0; i < sizeof(delete_query) / sizeof(*delete_query); i++)
- FINALIZE(delete_query[i]);
-}
-
-static int __prepare_select(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_SELECT(select_for_period, SELECT_FOR_PERIOD);
- PREPARE_SELECT(select_for_period_iface, SELECT_FOR_PERIOD_IFACE);
- PREPARE_SELECT(select_chunks, SELECT_CHUNKS);
- PREPARE_SELECT(select_chunks_iface, SELECT_CHUNKS_IFACE);
- PREPARE_SELECT(select_app_details, SELECT_APP_DETAILS);
- PREPARE_SELECT(select_app_details_iface, SELECT_APP_DETAILS_IFACE);
- PREPARE_SELECT(select_chunks_app, SELECT_CHUNKS_APP);
- PREPARE_SELECT(select_chunks_app_iface, SELECT_CHUNKS_APP_IFACE);
- PREPARE_SELECT(select_total, SELECT_TOTAL);
- PREPARE_SELECT(select_total_iface, SELECT_TOTAL_IFACE);
- PREPARE_SELECT(select_chunks_total, SELECT_CHUNKS_TOTAL);
- PREPARE_SELECT(select_chunks_total_iface, SELECT_CHUNKS_TOTAL_IFACE);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_select(void)
-{
- FINALIZE(select_for_period);
- FINALIZE(select_for_period_iface);
- FINALIZE(select_chunks);
- FINALIZE(select_chunks_iface);
- FINALIZE(select_app_details);
- FINALIZE(select_app_details_iface);
- FINALIZE(select_chunks_app);
- FINALIZE(select_chunks_app_iface);
- FINALIZE(select_total);
- FINALIZE(select_total_iface);
- FINALIZE(select_chunks_total);
- FINALIZE(select_chunks_total_iface);
-}
-
-static int __prepare_insert(sqlite3 *db)
-{
- int rc;
- static int initialized;
-
- if (initialized)
- return SQLITE_OK;
-
- PREPARE_INSERT(update_statistics_query, INSERT_VALUES);
-
- initialized = 1;
- return rc;
-}
-
-static void __finalize_insert(void)
-{
- FINALIZE(update_statistics_query);
-}
-
-static int __is_iftype_defined(const stc_iface_type_e iftype)
-{
- return iftype < STC_IFACE_LAST_ELEM &&
- iftype > STC_IFACE_UNKNOWN &&
- iftype != STC_IFACE_ALL;
-}
-
-/* the following array is strictly ordered
- * to find required statement the following code will be used:
- * (iface ? 1 : 0) | (total ? 2 : 0) | (chunks ? 4 : 0)
- */
-static sqlite3_stmt **details_stms[] = {
- &select_app_details,
- &select_app_details_iface,
- &select_total,
- &select_total_iface,
- &select_chunks_app,
- &select_chunks_app_iface,
- &select_chunks_total,
- &select_chunks_total_iface
-};
-
-static sqlite3_stmt *__select_statement(const char *app_id,
- const table_statistics_select_rule *rule)
-{
- const int stm_index = __is_iftype_defined(rule->iftype) |
- ((strlen(app_id) > 0) ? 0 : 2) | (rule->granularity ? 4 : 0);
- STC_LOGD("stm index %d", stm_index);
- return *details_stms[stm_index];
-}
-
-//LCOV_EXCL_START
-stc_error_e table_statistics_reset_first_n_entries(int num)
-{
- __STC_LOG_FUNC_ENTER__;
- stc_error_e error_code = STC_ERROR_NONE;
-
- if (!num) {
- STC_LOGE("Invalid number of entries");
- return STC_ERROR_INVALID_PARAMETER;
- }
-
- DB_ACTION(sqlite3_bind_int(delete_query[4], 1, num));
-
- if (sqlite3_step(delete_query[4]) != SQLITE_DONE) {
- STC_LOGE("Failed to drop collected statistics.");
- error_code = STC_ERROR_DB_FAILED;
- __STC_LOG_FUNC_EXIT__;
- }
-handle_error:
- if (sqlite3_reset(delete_query[4]) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-//LCOV_EXCL_STOP
-
-stc_error_e table_statistics_reset(const table_statistics_reset_rule *rule)
-{
- __STC_LOG_FUNC_ENTER__;
- sqlite3_stmt *stmt;
- stc_error_e error_code = STC_ERROR_NONE;
- int pos = 1; /* running through positions where to
- bind parameters in the query */
-
- if (!rule || !rule->interval) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- /* pick a statement depending on parameters.
- See comment for delete_query */
- stmt = delete_query[(rule->app_id ? 1 : 0) |
- (rule->iftype != STC_IFACE_UNKNOWN &&
- rule->iftype != STC_IFACE_LAST_ELEM ? 2 : 0)];
-
- if (rule->app_id)
- DB_ACTION(sqlite3_bind_text(stmt, pos++, rule->app_id, -1,
- SQLITE_TRANSIENT));
-
- if (rule->iftype != STC_IFACE_LAST_ELEM &&
- rule->iftype != STC_IFACE_UNKNOWN)
- DB_ACTION(sqlite3_bind_int(stmt, pos++, rule->iftype));
-
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->interval->from));
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->interval->to));
-
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to drop collected statistics."); //LCOV_EXCL_LINE
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- STC_LOGD("Entry deleted successfully.");
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-stc_error_e table_statistics_foreach_app(const table_statistics_select_rule *rule,
- table_statistics_info_cb info_cb,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- table_statistics_info data;
- sqlite3_stmt *stmt;
- stc_error_e error_code = STC_ERROR_NONE;
- int rc;
- int pos = 1;/* running through positions where to
- bind parameters in the query */
- stc_db_tm_interval_s interval;
-
- if (!rule || !info_cb) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- memset(&data, 0, sizeof(data));
-
- if (rule->app_id) {
- int ret = table_statistics_per_app(rule->app_id, rule, info_cb, user_data);
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- /* pick a statement depending on parameters */
- if (rule->granularity) {
- stmt = __is_iftype_defined(rule->iftype) ?
- select_chunks_iface : select_chunks;
-
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->granularity));
- data.interval = &interval;
- } else {
- stmt = __is_iftype_defined(rule->iftype)
- ? select_for_period_iface : select_for_period;
- }
-
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->from));
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->to));
-
- if (__is_iftype_defined(rule->iftype)) {
- data.iftype = rule->iftype;
- DB_ACTION(sqlite3_bind_int(stmt, pos++, rule->iftype));
- }
-
- do {
- rc = sqlite3_step(stmt);
- switch (rc) {
- case SQLITE_ROW:
- data.app_id = (char *)sqlite3_column_text(stmt, 0);
- data.hw_net_protocol_type = sqlite3_column_int(stmt, 1);
- data.roaming = sqlite3_column_int(stmt, 2);
- data.cnt.in_bytes = sqlite3_column_int64(stmt, 3);
- data.cnt.out_bytes = sqlite3_column_int64(stmt, 4);
- data.subscriber_id = (char *)sqlite3_column_text(stmt, 5);
- data.ground = sqlite3_column_int(stmt, 6);
- data.iftype = sqlite3_column_int(stmt, 7);
- data.ifname = (char *)sqlite3_column_text(stmt, 8);
-
- if (rule->granularity) {
- interval.from = sqlite3_column_int64(stmt, 9);
- interval.to = interval.from + rule->granularity;
- }
-
- if (info_cb(&data, user_data) == STC_CANCEL)
- rc = SQLITE_DONE; //LCOV_EXCL_LINE
- break;
- case SQLITE_DONE:
- break;
- case SQLITE_ERROR:
- default:
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- break; //LCOV_EXCL_LINE
- }
- } while (rc == SQLITE_ROW);
-
-handle_error:
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-API stc_error_e table_statistics_per_app(const char *app_id,
- const table_statistics_select_rule *rule,
- table_statistics_info_cb info_cb,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- table_statistics_info data;
- sqlite3_stmt *stmt;
- stc_error_e error_code = STC_ERROR_NONE;
- int rc;
- int pos = 1; /* running through positions
- where to bind parameters in the query */
- stc_db_tm_interval_s interval;
-
- memset(&data, 0, sizeof(data));
-
- if (!rule || !info_cb) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- /* pick a statement depending on parameters.
- See comment for details_stms */
- stmt = __select_statement(app_id, rule);
-
- if (rule->granularity) {
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->granularity));
- data.interval = &interval;
- }
-
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->from));
- DB_ACTION(sqlite3_bind_int64(stmt, pos++, rule->to));
-
- if (strlen(app_id) > 0) {
- DB_ACTION(sqlite3_bind_text(stmt, pos++, app_id, -1,
- SQLITE_TRANSIENT));
- data.app_id = (char *)app_id;
- }
-
- if (__is_iftype_defined(rule->iftype))
- DB_ACTION(sqlite3_bind_int(stmt, pos++, rule->iftype));
-
- do {
- rc = sqlite3_step(stmt);
- switch (rc) {
- case SQLITE_ROW:
- data.iftype = sqlite3_column_int(stmt, 0);
- data.hw_net_protocol_type = sqlite3_column_int(stmt, 1);
- data.roaming = sqlite3_column_int(stmt, 2);
- data.cnt.in_bytes = sqlite3_column_int64(stmt, 3);
- data.cnt.out_bytes = sqlite3_column_int64(stmt, 4);
- data.ifname = (char *)sqlite3_column_text(stmt, 5);
- data.subscriber_id = (char *)sqlite3_column_text(stmt, 6);
- data.ground = sqlite3_column_int(stmt, 7);
-
- if (rule->granularity) {
- interval.from = sqlite3_column_int64(stmt, 8);
- interval.to = interval.from + rule->granularity;
- }
-
- if (info_cb(&data, user_data) == STC_CANCEL)
- rc = SQLITE_DONE; //LCOV_EXCL_LINE
- break;
- case SQLITE_DONE:
- break;
- case SQLITE_ERROR:
- default:
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- break; //LCOV_EXCL_LINE
- }
- } while (rc == SQLITE_ROW);
-
-handle_error:
- rc = sqlite3_reset(stmt);
- if (rc != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-API stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key,
- stc_db_app_stats *stat,
- time_t last_touch_time)
-{
- stc_error_e error_code = STC_ERROR_NONE;
- sqlite3_stmt *stmt = update_statistics_query;
- stc_hw_net_protocol_type_e hw_net_protocol_type = STC_PROTOCOL_UNKNOWN;
- long long int rcv;
- long long int snd;
-
- if (!stat->rcv_count && !stat->snd_count) {
- error_code = STC_ERROR_INVALID_PARAMETER;
- goto handle_error;
- }
-
- DB_ACTION(sqlite3_bind_text(stmt, 1, stat->app_id, -1,
- SQLITE_STATIC));
- DB_ACTION(sqlite3_bind_int(stmt, 2, stat->rcv_count));
- DB_ACTION(sqlite3_bind_int(stmt, 3, stat->snd_count));
- DB_ACTION(sqlite3_bind_int64(stmt, 4, (sqlite3_int64)last_touch_time));
- DB_ACTION(sqlite3_bind_int(stmt, 5, (int)(stat_key->iftype)));
- DB_ACTION(sqlite3_bind_int(stmt, 6, (int)(stat->is_roaming)));
- DB_ACTION(sqlite3_bind_int(stmt, 7, (int)hw_net_protocol_type));
- DB_ACTION(sqlite3_bind_text(stmt, 8, stat_key->ifname ? stat_key->ifname : "",
- -1, SQLITE_STATIC));
- DB_ACTION(sqlite3_bind_text(stmt, 9,
- stat_key->subscriber_id ? stat_key->subscriber_id : "" ,
- -1, SQLITE_STATIC));
- DB_ACTION(sqlite3_bind_int(stmt, 10, (int)stat->ground));
-
- /*we want to reuse tree*/
- rcv = stat->rcv_count;
- snd = stat->snd_count;
- stat->rcv_count = 0;
- stat->snd_count = 0;
- if (sqlite3_step(stmt) != SQLITE_DONE) {
- STC_LOGE("Failed to record appstat. %s", //LCOV_EXCL_LINE
- sqlite3_errmsg(stc_db_get_database()));
- error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- if (STC_STAT_LOG)
- STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m] "
- "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd);
-
-handle_error:
- if (sqlite3_reset(stmt) != SQLITE_OK)
- error_code = STC_ERROR_DB_FAILED;
-
- return error_code;
-}
-
-/**
- * This function will be somewhere consumer and will not be placed in this file.
- */
-#if 0
-stc_error_e table_statistics_store_result(app_stat_tree *stats)
-{
- time_t current_time;
-
- pthread_rwlock_rdlock(&stats->guard);
- WALK_TREE(stats->tree, print_appstat);
- pthread_rwlock_unlock(&stats->guard);
-
- time(¤t_time);
- stats->last_touch_time = current_time;
-
- /* it's reader only, we don't modify tree, don't reduce it,
- * due we want to reuse it in next iteration */
- pthread_rwlock_rdlock(&stats->guard);
- g_tree_foreach((GTree *) stats->tree, __store_application_stat,
- &stats->last_touch_time);
-
- pthread_rwlock_unlock(&stats->guard);
- flush_quota_table();
- change_db_entries_num_num(g_tree_nnodes((GTree *)stats->tree));
-
- return STC_ERROR_NONE;
-}
-#endif
-
-stc_error_e table_statistics_prepare(sqlite3 *db)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e error_code = STC_ERROR_NONE;
-
- if (db == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE
- }
-
- DB_ACTION(__prepare_delete(db));
- DB_ACTION(__prepare_select(db));
- DB_ACTION(__prepare_insert(db));
-
-handle_error:
-
- __STC_LOG_FUNC_EXIT__;
- return error_code;
-}
-
-void table_statistics_finalize(void)
-{
- __STC_LOG_FUNC_ENTER__;
- __finalize_delete();
- __finalize_select();
- __finalize_insert();
- __STC_LOG_FUNC_EXIT__;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "helper-cgroup.h"
-
-#define RELEASE_AGENT "release_agent"
-#define NOTIFY_ON_RELEASE "notify_on_release"
-
-#define CGROUP_FILE_NAME "cgroup.procs"
-#define CLASSID_FILE_NAME "net_cls.classid"
-
-#define MAX_PATH_LENGTH 512
-
-static bool cgroup_is_exists(const char *cgroup_full_path)
-{
- struct stat stat_buf;
- return stat(cgroup_full_path, &stat_buf) == 0;
-}
-
-static int cgroup_create(const char *cgroup_full_path)
-{
- if (mkdir(cgroup_full_path,
- S_IRUSR | S_IWUSR | S_IRGRP) < 0)
- return -errno; //LCOV_EXCL_LINE
-
- return 0;
-}
-
-/*
- * @desc place pid to cgroup.procs file
- * @return 0 in case of success, errno value in case of failure
- */
-stc_error_e cgroup_write_pid_fullpath(const char *cgroup_full_path,
- const int pid)
-{
- int ret;
-
- if (pid <= 0) {
- STC_LOGE("try to write empty pid to %s", cgroup_full_path); //LCOV_EXCL_LINE
- return STC_ERROR_NO_DATA; //LCOV_EXCL_LINE
- }
-
- ret = cgroup_write_node_uint32(cgroup_full_path, CGROUP_FILE_NAME,
- (uint32_t)pid);
-
- ret_value_msg_if(ret < 0, STC_ERROR_FAIL,
- "Failed place all pid to cgroup %s", cgroup_full_path);
- return STC_ERROR_NONE;
-}
-
-stc_error_e cgroup_write_pid(const char *cgroup_subsystem,
- const char *cgroup_name, const int pid)
-{
- char buf[MAX_PATH_LENGTH];
- snprintf(buf, sizeof(buf), "%s/%s", cgroup_subsystem, cgroup_name);
- return cgroup_write_pid_fullpath(buf, pid);
-}
-
-//LCOV_EXCL_START
-stc_error_e cgroup_write_pidtree(const char *cgroup_subsystem,
- const char *cgroup_name, const int pid)
-{
- char buf[MAX_PATH_LENGTH];
-
- /*/proc/%d/task/%d/children */
- char child_buf[21 + MAX_DEC_SIZE(int) + MAX_DEC_SIZE(int) + 1];
- char pidbuf[MAX_DEC_SIZE(int)];
- stc_error_e ret;
-
- FILE *f;
-
- snprintf(buf, sizeof(buf), "%s/%s", cgroup_subsystem, cgroup_name);
- /* place parent */
- ret = cgroup_write_pid_fullpath(buf, pid);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "Failed to put parent process %d into %s cgroup",
- pid, cgroup_name);
-
- snprintf(child_buf, sizeof(child_buf), PROC_TASK_CHILDREN,
- pid, pid);
- f = fopen(child_buf, "r");
- ret_value_msg_if(!f, STC_ERROR_FAIL, "Failed to get child pids!");
- while (fgets(pidbuf, sizeof(pidbuf), f) != NULL) {
- int child_pid = atoi(pidbuf);
- if (child_pid < 0) {
- STC_LOGE("Invalid child pid!");
- fclose(f);
- return STC_ERROR_FAIL;
- }
- stc_error_e ret = cgroup_write_pid_fullpath(buf, child_pid);
- if (ret != STC_ERROR_NONE) {
- STC_LOGE("Failed to put parent process %d into %s cgroup",
- pid, cgroup_name);
- fclose(f);
- return ret;
- }
- }
- fclose(f);
- return STC_ERROR_NONE;
-}
-//LCOV_EXCL_STOP
-
-int cgroup_write_node_uint32(const char *cgroup_name,
- const char *file_name, uint32_t value)
-{
- char buf[MAX_PATH_LENGTH];
- snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name);
-
- if (STC_STAT_LOG)
- STC_LOGD("cgroup_buf %s, value %d\n", buf, value); //LCOV_EXCL_LINE
-
- return fwrite_uint(buf, value);
-}
-
-int cgroup_write_node_str(const char *cgroup_name,
- const char *file_name, const char *string)
-{
- char buf[MAX_PATH_LENGTH];
- snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name);
-
- if (STC_STAT_LOG)
- STC_LOGD("cgroup_buf %s, string %s\n", buf, string); //LCOV_EXCL_LINE
-
- return fwrite_str(buf, string);
-}
-
-int cgroup_read_node_uint32(const char *cgroup_name,
- const char *file_name, uint32_t *value)
-{
- char buf[MAX_PATH_LENGTH];
- int ret;
- snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name);
- ret = fread_uint(buf, value);
-
- if (STC_STAT_LOG)
- STC_LOGD("cgroup_buf %s, value %d\n", buf, *value); //LCOV_EXCL_LINE
-
- return ret;
-}
-
-int cgroup_make_subdir(const char *parentdir, const char *cgroup_name,
- bool *already)
-{
- char buf[MAX_PATH_LENGTH];
- bool cgroup_exists;
- int ret = 0;
-
- if (parentdir)
- ret = snprintf(buf, sizeof(buf), "%s/%s",
- parentdir, cgroup_name);
- else
- ret = snprintf(buf, sizeof(buf), "%s",
- cgroup_name);
-
- ret_value_msg_if(ret > sizeof(buf), STC_ERROR_FAIL,
- "Not enought buffer size for %s%s",
- parentdir, cgroup_name);
-
- cgroup_exists = cgroup_is_exists(buf);
- if (!cgroup_exists) {
- bool cgroup_remount = false;
-
- if (parentdir && !strncmp(parentdir, DEFAULT_CGROUP,
- sizeof(DEFAULT_CGROUP))) {
- ret = mount("tmpfs", DEFAULT_CGROUP, "tmpfs", //LCOV_EXCL_LINE
- MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME,
- "mode=755");
- if (ret < 0) {
- STC_LOGE("Fail to RW mount cgroup directory. Can't make %s cgroup", cgroup_name); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
- cgroup_remount = true;
- }
-
- ret = cgroup_create(buf);
- ret_value_msg_if(ret < 0, STC_ERROR_FAIL,
- "Fail to create cgroup %s : err %d",
- cgroup_name, errno);
-
- if (cgroup_remount) {
- ret = mount("tmpfs", DEFAULT_CGROUP, "tmpfs", //LCOV_EXCL_LINE
- MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME|MS_RDONLY,
- "mode=755");
- if (ret < 0)
- STC_LOGD("Fail to RO mount"); //LCOV_EXCL_LINE
- }
- }
-
- if (already)
- *already = cgroup_exists;
-
- return STC_ERROR_NONE;
-}
-
-int cgroup_set_release_agent(const char *cgroup_subsys,
- const char *release_agent)
-{
- _cleanup_free_ char *buf = NULL;
- int r;
-
- r = asprintf(&buf, "%s/%s", DEFAULT_CGROUP, cgroup_subsys);
- if (r < 0)
- return -ENOMEM;
-
- r = cgroup_write_node_str(buf, RELEASE_AGENT, release_agent);
- if (r < 0)
- return r;
-
- return cgroup_write_node_str(buf, NOTIFY_ON_RELEASE, "1");
-}
-
-API void cgroup_init(void)
-{
- /* create stc cgroup directory */
- cgroup_make_subdir(CGROUP_NETWORK, STC_CGROUP_NAME, NULL);
-
- /* create background cgroup directory */
- cgroup_make_subdir(STC_CGROUP_NETWORK, STC_BACKGROUND_CGROUP_NAME,
- NULL);
-
- /* create foreground cgroup directory */
- cgroup_make_subdir(STC_CGROUP_NETWORK, STC_FOREGROUND_CGROUP_NAME,
- NULL);
-
- /* create tethering cgroup directory */
- cgroup_make_subdir(STC_CGROUP_NETWORK, STC_TETHERING_CGROUP_NAME,
- NULL);
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/*
- * Cgroup creation interface
- */
-#ifndef __STC_HELPER_CGROUP_H__
-#define __STC_HELPER_CGROUP_H__
-
-#include <errno.h>
-#include <sys/stat.h>
-#include <sys/mount.h>
-#include <stdlib.h>
-
-#include "stc-manager.h"
-#include "helper-file.h"
-
-#define DEFAULT_CGROUP "/sys/fs/cgroup"
-#define CGROUP_NETWORK DEFAULT_CGROUP "/net_cls"
-#define STC_CGROUP_NETWORK CGROUP_NETWORK "/stc"
-#define BACKGROUND_CGROUP_NETWORK STC_CGROUP_NETWORK "/BACKGROUND"
-#define FOREGROUND_CGROUP_NETWORK STC_CGROUP_NETWORK "/FOREGROUND"
-#define TETHERING_CGROUP_NETWORK STC_CGROUP_NETWORK "/TETHERING"
-#define PROC_TASK_CHILDREN "/proc/%d/task/%d/children"
-#define STC_CGROUP_NAME "stc"
-#define STC_BACKGROUND_CGROUP_NAME "BACKGROUND"
-#define STC_FOREGROUND_CGROUP_NAME "FOREGROUND"
-#define STC_TETHERING_CGROUP_NAME "TETHERING"
-
-/**
- * @desc Get one unsigned int32 value from cgroup
- * @param cgroup_name - cgroup path
- * @param file_name - cgroup content to write
- * @param value - out parameter, value to fill
- * @return negative value if error
- */
-int cgroup_read_node_uint32(const char *cgroup_name, const char *file_name,
- uint32_t *value);
-
-/**
- * @desc Put unsigned int32 value to cgroup,
- * @param cgroup_name - cgroup path
- * @param file_name - cgroup content to write
- * @param value - unsigned int32 data to write
- * @return negative value if error
- */
-int cgroup_write_node_uint32(const char *cgroup_name, const char *file_name,
- uint32_t value);
-
-/**
- * @desc Put value to cgroup,
- * @param cgroup_name - cgroup path
- * @param file_name - cgroup content to write
- * @param string -string to write
- * @return negative value if error
- */
-int cgroup_write_node_str(const char *cgroup_name, const char *file_name,
- const char *string);
-
-/**
- * @desc make cgroup,
- * @param parentdir - parent cgroup path
- * @param cgroup_name - cgroup subdirectory to write
- * @param already - true if subdir already exists, NULL pointer is possible
- * as formal argument, in this case it will not be filled
- * @return negative value if error
- */
-int cgroup_make_subdir(const char *parentdir, const char *cgroup_name,
- bool *already);
-
-/**
- * @desc write pid into cgroup_subsystem/cgroup_name file,
- * @param cgroup_subsystem path to /sys/fs/cgroup/subsystem
- * @param cgroup_name - name in /sys/fs/cgroup/subsystem/
- * @return negative value if error
- */
-stc_error_e cgroup_write_pid(const char *cgroup_subsystem,
- const char *cgroup_name, const int pid);
-
-stc_error_e cgroup_write_pid_fullpath(const char *cgroup_full_path,
- const int pid);
-
-/**
- * @desc doing the same as @see cgroup_write_pid,
- * but also put into cgroup first level child processes
- */
-stc_error_e cgroup_write_pidtree(const char *cgroup_subsystem,
- const char *cgroup_name, const int pid);
-
-/**
- * @desc this function sets release agent path into cgroup subsystem
- * and enables this mechanism
- * @param cgroup_sussys - cgroup subsystem name, it's relative path to cgroup,
- * relativelly default cgroup path (DEFAULT_CGROUP)
- * @param release_agent full path to release agent executable
- * @return negative value if error
- */
-int cgroup_set_release_agent(const char *cgroup_subsys,
- const char *release_agent);
-
-/**
- * @desc get PIDs of processes in a certain cgroup, an allocated array must be provided
- * @return 0 if pids were read and array filled
- */
-int cgroup_get_pids(const char *name, GArray **pids);
-
-/**
- * @desc initializes cgroups.
- */
-void cgroup_init(void);
-
-#endif /*__STC_HELPER_CGROUP_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "helper-file.h"
-
-#define BUF_MAX (BUFSIZ)
-#define BUF_INC_SIZE (512 << 10)
-
-int fwrite_str(const char *path, const char *str)
-{
- _cleanup_fclose_ FILE *f = NULL;
- int ret;
-
- assert(path);
- assert(str);
-
- f = fopen(path, "w");
- ret_value_if(!f, -errno);
-
- ret = fputs(str, f);
- ret_value_if(ret == EOF, errno ? -errno : -EIO);
-
- return STC_ERROR_NONE;
-}
-
-int fwrite_uint(const char *path, const uint32_t number)
-{
- _cleanup_free_ char *digit_buf = NULL;
- int ret;
-
- ret = asprintf(&digit_buf, "%d", number);
- ret_value_if(ret < 0, -ENOMEM);
-
- return fwrite_str(path, digit_buf);
-}
-
-int fread_uint(const char *path, uint32_t *number)
-{
- _cleanup_fclose_ FILE *f = NULL;
- int ret;
-
- f = fopen(path, "r");
- ret_value_if(!f, -errno);
-
- ret = fscanf(f, "%u", number);
- ret_value_if(ret == EOF, -errno);
-
- return STC_ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_HELPER_FILE_H__
-#define __STC_HELPER_FILE_H__
-
-#include <assert.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdlib.h>
-#include <sys/stat.h>
-
-#include "stc-manager.h"
-
-/**
- * @desc write string to the file
- * @param path - path to the file, str - string is written to the file
- * @return negative value if error
- */
-int fwrite_str(const char *path, const char *str);
-
-int fwrite_uint(const char *path, const uint32_t number);
-
-int fwrite_ulong(const char *path, const unsigned long number);
-
-int fread_str(const char *path, char **str);
-
-int fread_uint(const char *path, uint32_t *number);
-
-int fread_ulong(const char *path, unsigned long *number);
-
-int fwrite_array(const char *path, const void *array,
- const size_t size_of_elem,
- const size_t numb_of_elem);
-
-#endif /*__STC_HELPER_FILE_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-manager-gdbus.h"
-#include "helper-firewall.h"
-
-#define STC_FIREWALL_DBUS_SERVICE "net.stc.iptables"
-#define STC_FIREWALL_DBUS_RULE_INTERFACE STC_FIREWALL_DBUS_SERVICE ".rule"
-#define STC_FIREWALL_DBUS_CHAIN_INTERFACE STC_FIREWALL_DBUS_SERVICE ".chain"
-#define STC_FIREWALL_DBUS_RULE_PATH "/net/stc/iptables/rule"
-#define STC_FIREWALL_DBUS_CHAIN_PATH "/net/stc/iptables/chain"
-
-#define STC_FIREWALL_DBUS_METHOD_ADD_CHAIN "IptAddChain"
-#define STC_FIREWALL_DBUS_METHOD_REMOVE_CHAIN "IptRemoveChain"
-#define STC_FIREWALL_DBUS_METHOD_FLUSH_CHAIN "IptFlushChain"
-#define STC_FIREWALL6_DBUS_METHOD_ADD_CHAIN "Ip6tAddChain"
-#define STC_FIREWALL6_DBUS_METHOD_REMOVE_CHAIN "Ip6tRemoveChain"
-#define STC_FIREWALL6_DBUS_METHOD_FLUSH_CHAIN "Ip6tFlushChain"
-
-#define STC_FIREWALL_DBUS_METHOD_ADD_RULE "IptAddRule"
-#define STC_FIREWALL_DBUS_METHOD_INSERT_RULE "IptInsertRule"
-#define STC_FIREWALL_DBUS_METHOD_REMOVE_RULE "IptRemoveRule"
-#define STC_FIREWALL6_DBUS_METHOD_ADD_RULE "Ip6tAddRule"
-#define STC_FIREWALL6_DBUS_METHOD_INSERT_RULE "Ip6tInsertRule"
-#define STC_FIREWALL6_DBUS_METHOD_REMOVE_RULE "Ip6tRemoveRule"
-
-#define BUF_SIZE_FOR_IP 64
-
-static void __fw_add_rule_info_to_builder(GVariantBuilder *builder,
- firewall_rule_s *rule)
-{
- if (builder == NULL || rule == NULL)
- return;
-
- g_variant_builder_add(builder, "{sv}", RULE_CHAIN,
- g_variant_new_string(rule->chain));
-
- if (rule->direction != STC_FW_DIRECTION_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_DIRECTION,
- g_variant_new_uint16(rule->direction));
-
- if (rule->ifname && rule->ifname[0] != '\0')
- g_variant_builder_add(builder, "{sv}", RULE_IFNAME,
- g_variant_new_string(rule->ifname));
- }
-
- switch (rule->family) {
- case STC_FW_FAMILY_V4:
- if (rule->s_ip_type != STC_FW_IP_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_SIPTYPE,
- g_variant_new_uint16(rule->s_ip_type));
-
- if (rule->s_ip1.Ipv4.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_SIP1,
- g_variant_new_uint32(rule->s_ip1.Ipv4.s_addr));
-
- if (rule->s_ip2.Ipv4.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_SIP2,
- g_variant_new_uint32(rule->s_ip2.Ipv4.s_addr));
- }
-
- if (rule->d_ip_type != STC_FW_IP_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_DIPTYPE,
- g_variant_new_uint16(rule->d_ip_type));
-
- if (rule->d_ip1.Ipv4.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_DIP1,
- g_variant_new_uint32(rule->d_ip1.Ipv4.s_addr));
-
- if (rule->d_ip2.Ipv4.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_DIP2,
- g_variant_new_uint32(rule->d_ip2.Ipv4.s_addr));
- }
-
- break;
- case STC_FW_FAMILY_V6:
- {
- char buf[BUF_SIZE_FOR_IP];
-
- if (rule->s_ip_type != STC_FW_IP_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_SIPTYPE,
- g_variant_new_uint16(rule->s_ip_type));
-
- if (rule->s_ip1.Ipv6.s6_addr32[0] || rule->s_ip1.Ipv6.s6_addr32[1] ||
- rule->s_ip1.Ipv6.s6_addr32[2] || rule->s_ip1.Ipv6.s6_addr32[3]) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1],
- rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3]);
- g_variant_builder_add(builder, "{sv}", RULE_SIP1,
- g_variant_new_string(buf));
- }
-
- if (rule->s_ip2.Ipv6.s6_addr32[0] || rule->s_ip2.Ipv6.s6_addr32[1] ||
- rule->s_ip2.Ipv6.s6_addr32[2] || rule->s_ip2.Ipv6.s6_addr32[3]) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- rule->s_ip2.Ipv6.s6_addr32[0], rule->s_ip2.Ipv6.s6_addr32[1],
- rule->s_ip2.Ipv6.s6_addr32[2], rule->s_ip2.Ipv6.s6_addr32[3]);
- g_variant_builder_add(builder, "{sv}", RULE_SIP2,
- g_variant_new_string(buf));
- }
- }
-
- if (rule->d_ip_type != STC_FW_IP_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_DIPTYPE,
- g_variant_new_uint16(rule->d_ip_type));
-
- if (rule->d_ip1.Ipv6.s6_addr32[0] || rule->d_ip1.Ipv6.s6_addr32[1] ||
- rule->d_ip1.Ipv6.s6_addr32[2] || rule->d_ip1.Ipv6.s6_addr32[3]) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1],
- rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]);
- g_variant_builder_add(builder, "{sv}", RULE_DIP1,
- g_variant_new_string(buf));
- }
-
- if (rule->d_ip2.Ipv6.s6_addr32[0] || rule->d_ip2.Ipv6.s6_addr32[1] ||
- rule->d_ip2.Ipv6.s6_addr32[2] || rule->d_ip2.Ipv6.s6_addr32[3]) {
- memset(buf, 0, sizeof(buf));
- snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
- rule->d_ip2.Ipv6.s6_addr32[0], rule->d_ip2.Ipv6.s6_addr32[1],
- rule->d_ip2.Ipv6.s6_addr32[2], rule->d_ip2.Ipv6.s6_addr32[3]);
- g_variant_builder_add(builder, "{sv}", RULE_DIP2,
- g_variant_new_string(buf));
- }
- }
-
- }
- break;
- default:
- break;
- }
-
- if (rule->protocol != STC_FW_PROTOCOL_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_PROTOCOL,
- g_variant_new_uint16(rule->protocol));
-
- if (rule->s_port_type != STC_FW_PORT_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_SPORTTYPE,
- g_variant_new_uint16(rule->s_port_type));
-
- if (rule->s_port1)
- g_variant_builder_add(builder, "{sv}", RULE_SPORT1,
- g_variant_new_uint32(rule->s_port1));
-
- if (rule->s_port2)
- g_variant_builder_add(builder, "{sv}", RULE_SPORT2,
- g_variant_new_uint32(rule->s_port2));
- }
-
- if (rule->d_port_type != STC_FW_PORT_NONE) {
- g_variant_builder_add(builder, "{sv}", RULE_DPORTTYPE,
- g_variant_new_uint16(rule->d_port_type));
-
- if (rule->d_port1)
- g_variant_builder_add(builder, "{sv}", RULE_DPORT1,
- g_variant_new_uint32(rule->d_port1));
-
- if (rule->d_port2)
- g_variant_builder_add(builder, "{sv}", RULE_DPORT2,
- g_variant_new_uint32(rule->d_port2));
- }
- }
-
- if (rule->target_str && rule->target_str[0] != '\0')
- g_variant_builder_add(builder, "{sv}", RULE_TARGET,
- g_variant_new_string(rule->target_str));
-
- if (rule->target != STC_FW_RULE_TARGET_NONE)
- g_variant_builder_add(builder, "{sv}", RULE_TARGETTYPE,
- g_variant_new_uint16(rule->target));
-
- switch (rule->target) {
- case STC_FW_RULE_TARGET_LOG:
- g_variant_builder_add(builder, "{sv}", RULE_LOG_LEVEL,
- g_variant_new_uint16(rule->log_level));
-
- if (rule->log_prefix && rule->log_prefix[0] != '\0')
- g_variant_builder_add(builder, "{sv}", RULE_LOG_PREFIX,
- g_variant_new_string(rule->log_prefix));
- break;
- case STC_FW_RULE_TARGET_NFLOG:
- g_variant_builder_add(builder, "{sv}", RULE_NFLOG_GROUP,
- g_variant_new_uint16(rule->nflog_group));
-
- if (rule->nflog_prefix && rule->nflog_prefix[0] != '\0')
- g_variant_builder_add(builder, "{sv}", RULE_NFLOG_PREFIX,
- g_variant_new_string(rule->nflog_prefix));
-
- g_variant_builder_add(builder, "{sv}", RULE_NFLOG_RANGE,
- g_variant_new_uint16(rule->nflog_range));
-
- g_variant_builder_add(builder, "{sv}", RULE_NFLOG_THRESHOLD,
- g_variant_new_uint16(rule->nflog_threshold));
- break;
- default:
- break;
- }
-}
-
-static int __fw_add_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_CHAIN_PATH,
- STC_FIREWALL_DBUS_CHAIN_INTERFACE,
- STC_FIREWALL_DBUS_METHOD_ADD_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully added firewall chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw6_add_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_CHAIN_PATH,
- STC_FIREWALL_DBUS_CHAIN_INTERFACE,
- STC_FIREWALL6_DBUS_METHOD_ADD_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully added firewall6 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw_remove_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_CHAIN_PATH,
- STC_FIREWALL_DBUS_CHAIN_INTERFACE,
- STC_FIREWALL_DBUS_METHOD_REMOVE_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully removed firewall chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw6_remove_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_CHAIN_PATH,
- STC_FIREWALL_DBUS_CHAIN_INTERFACE,
- STC_FIREWALL6_DBUS_METHOD_REMOVE_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully removed firewall6 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw_flush_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_CHAIN_PATH,
- STC_FIREWALL_DBUS_CHAIN_INTERFACE,
- STC_FIREWALL_DBUS_METHOD_FLUSH_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully flushed firewall chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw6_flush_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_CHAIN_PATH,
- STC_FIREWALL_DBUS_CHAIN_INTERFACE,
- STC_FIREWALL6_DBUS_METHOD_FLUSH_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully flushed firewall6 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw_set_chain(firewall_chain_s *chain)
-{
- stc_error_e ret = STC_ERROR_NONE;
- firewall_rule_s rule;
- memset(&rule, 0, sizeof(firewall_rule_s));
-
- switch (chain->target) {
- case STC_FW_CHAIN_TARGET_INPUT:
- rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_IN);
- break;
- case STC_FW_CHAIN_TARGET_OUTPUT:
- rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_OUT);
- break;
- default:
- return STC_ERROR_INVALID_PARAMETER;
- }
-
- rule.target_str = g_strdup(chain->chain);
- ret = firewall_rule_insert(&rule);
-
- g_free(rule.chain);
- g_free(rule.target_str);
-
- return ret;
-}
-
-static int __fw_unset_chain(firewall_chain_s *chain)
-{
- stc_error_e ret = STC_ERROR_NONE;
- firewall_rule_s rule;
- memset(&rule, 0, sizeof(firewall_rule_s));
-
- switch (chain->target) {
- case STC_FW_CHAIN_TARGET_INPUT:
- rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_IN);
- break;
- case STC_FW_CHAIN_TARGET_OUTPUT:
- rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_OUT);
- break;
- default:
- return STC_ERROR_INVALID_PARAMETER;
- }
-
- rule.target_str = g_strdup(chain->chain);
- ret = firewall_rule_remove(&rule);
-
- g_free(rule.chain);
- g_free(rule.target_str);
-
- return ret;
-}
-
-static int __fw_append_rule(GDBusConnection *connection,
- firewall_rule_s *rule)
-{
- int result = 0;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __fw_add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_RULE_PATH,
- STC_FIREWALL_DBUS_RULE_INTERFACE,
- STC_FIREWALL_DBUS_METHOD_ADD_RULE,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully added firewall rule [%d:%s]",
- result, rule->chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw_insert_rule(GDBusConnection *connection,
- firewall_rule_s *rule)
-{
- int result = 0;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __fw_add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_RULE_PATH,
- STC_FIREWALL_DBUS_RULE_INTERFACE,
- STC_FIREWALL_DBUS_METHOD_INSERT_RULE,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully inserted firewall rule [%d:%s]",
- result, rule->chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw6_append_rule(GDBusConnection *connection,
- firewall_rule_s *rule)
-{
- int result = 0;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __fw_add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_RULE_PATH,
- STC_FIREWALL_DBUS_RULE_INTERFACE,
- STC_FIREWALL6_DBUS_METHOD_ADD_RULE,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully added firewall6 rule [%d:%s]",
- result, rule->chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw6_insert_rule(GDBusConnection *connection,
- firewall_rule_s *rule)
-{
- int result = 0;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __fw_add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_RULE_PATH,
- STC_FIREWALL_DBUS_RULE_INTERFACE,
- STC_FIREWALL6_DBUS_METHOD_INSERT_RULE,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully inserted firewall6 rule [%d:%s]",
- result, rule->chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw_remove_rule(GDBusConnection *connection,
- firewall_rule_s *rule)
-{
- int result = 0;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __fw_add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_RULE_PATH,
- STC_FIREWALL_DBUS_RULE_INTERFACE,
- STC_FIREWALL_DBUS_METHOD_REMOVE_RULE,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully removed firewall rule [%d:%s]",
- result, rule->chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __fw6_remove_rule(GDBusConnection *connection,
- firewall_rule_s *rule)
-{
- int result = 0;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __fw_add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_FIREWALL_DBUS_SERVICE,
- STC_FIREWALL_DBUS_RULE_PATH,
- STC_FIREWALL_DBUS_RULE_INTERFACE,
- STC_FIREWALL6_DBUS_METHOD_REMOVE_RULE,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method");
- return STC_ERROR_FAIL;
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully removed firewall6 rule [%d:%s]",
- result, rule->chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-API stc_error_e firewall_chain_add(firewall_chain_s *chain)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- ret = __fw_add_chain(stc->connection, chain->chain);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- ret = __fw6_add_chain(stc->connection, chain->chain);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-API stc_error_e firewall_chain_remove(firewall_chain_s *chain)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- ret = __fw_remove_chain(stc->connection, chain->chain);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- ret = __fw6_remove_chain(stc->connection, chain->chain);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-stc_error_e firewall_chain_flush(firewall_chain_s *chain)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- ret = __fw_flush_chain(stc->connection, chain->chain);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- ret = __fw6_flush_chain(stc->connection, chain->chain);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-API stc_error_e firewall_chain_set(firewall_chain_s *chain)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e ret = STC_ERROR_NONE;
- ret = __fw_set_chain(chain);
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-API stc_error_e firewall_chain_unset(firewall_chain_s *chain)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e ret = STC_ERROR_NONE;
- ret = __fw_unset_chain(chain);
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-API stc_error_e firewall_rule_append(firewall_rule_s *rule)
-{
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- switch (rule->family) {
- case STC_FW_FAMILY_V4:
- ret = __fw_append_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- case STC_FW_FAMILY_V6:
- ret = __fw6_append_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- default:
- ret = __fw_append_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- ret = __fw6_append_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- }
-
- return ret;
-}
-
-stc_error_e firewall_rule_insert(firewall_rule_s *rule)
-{
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- switch (rule->family) {
- case STC_FW_FAMILY_V4:
- ret = __fw_insert_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- case STC_FW_FAMILY_V6:
- ret = __fw6_insert_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- default:
- ret = __fw_insert_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- ret = __fw6_insert_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- }
-
- return ret;
-}
-
-stc_error_e firewall_rule_remove(firewall_rule_s *rule)
-{
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- switch (rule->family) {
- case STC_FW_FAMILY_V4:
- ret = __fw_remove_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- case STC_FW_FAMILY_V6:
- ret = __fw6_remove_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- default:
- ret = __fw_remove_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
-
- ret = __fw6_remove_rule(stc->connection, rule);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- return ret;
- }
- break;
- }
-
- return ret;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_HELPER_FIREWALL_H__
-#define __STC_HELPER_FIREWALL_H__
-
-#include <arpa/inet.h>
-
-#include "stc-manager.h"
-#include "stc-error.h"
-
-#define FIREWALL_CHAIN_TARGET_IN "INPUT"
-#define FIREWALL_CHAIN_TARGET_OUT "OUTPUT"
-
-#define FIREWALL_RULE_TARGET_ACCEPT "ACCEPT"
-#define FIREWALL_RULE_TARGET_DROP "DROP"
-#define FIREWALL_RULE_TARGET_LOG "LOG"
-#define FIREWALL_RULE_TARGET_NFLOG "NFLOG"
-
-#define RULE_CHAIN "chain"
-#define RULE_DIRECTION "direction"
-#define RULE_IFNAME "ifname"
-#define RULE_PROTOCOL "protocol"
-#define RULE_TARGET "target"
-#define RULE_TARGETTYPE "target_type"
-
-#define RULE_FAMILY "family"
-#define RULE_SIPTYPE "s_ip_type"
-#define RULE_SIP1 "s_ip1"
-#define RULE_SIP2 "s_ip2"
-#define RULE_DIPTYPE "d_ip_type"
-#define RULE_DIP1 "d_ip1"
-#define RULE_DIP2 "d_ip2"
-#define RULE_SPORTTYPE "s_port_type"
-#define RULE_SPORT1 "s_port1"
-#define RULE_SPORT2 "s_port2"
-#define RULE_DPORTTYPE "d_port_type"
-#define RULE_DPORT1 "d_port1"
-#define RULE_DPORT2 "d_port2"
-
-#define RULE_LOG_LEVEL "log_level"
-#define RULE_LOG_PREFIX "log_prefix"
-#define RULE_NFLOG_GROUP "nflog_group"
-#define RULE_NFLOG_PREFIX "nflog_prefix"
-#define RULE_NFLOG_RANGE "nflog_range"
-#define RULE_NFLOG_THRESHOLD "nflog_threshold"
-
-typedef enum {
- FIREWALL_UNKONWN,
- FIREWALL_UNLOCKED,
- FIREWALL_LOCKED
-} firewall_lock_e;
-
-typedef union {
- struct in_addr Ipv4;
- struct in6_addr Ipv6;
-} ip_addr_u;
-
-typedef struct {
- char *chain;
- stc_fw_chain_target_e target;
- guint priority;
-} firewall_chain_s;
-
-typedef struct {
- guint key;
- char *chain;
- stc_fw_direction_e direction;
- stc_fw_ip_type_e s_ip_type;
- stc_fw_ip_type_e d_ip_type;
- stc_fw_port_type_e s_port_type;
- stc_fw_port_type_e d_port_type;
- stc_fw_protocol_type_e protocol;
- stc_fw_family_type_e family;
- ip_addr_u s_ip1;
- ip_addr_u s_ip2;
- ip_addr_u d_ip1;
- ip_addr_u d_ip2;
- guint s_port1;
- guint s_port2;
- guint d_port1;
- guint d_port2;
- char *ifname;
- stc_fw_rule_target_e target;
- char *target_str;
- guchar log_level;
- char *log_prefix;
- guint nflog_group;
- char *nflog_prefix;
- guint nflog_range;
- guint nflog_threshold;
- char *identifier;
-} firewall_rule_s;
-
-stc_error_e firewall_chain_add(firewall_chain_s *chain);
-stc_error_e firewall_chain_remove(firewall_chain_s *chain);
-stc_error_e firewall_chain_flush(firewall_chain_s *chain);
-stc_error_e firewall_chain_set(firewall_chain_s *chain);
-stc_error_e firewall_chain_unset(firewall_chain_s *chain);
-
-stc_error_e firewall_rule_append(firewall_rule_s *rule);
-stc_error_e firewall_rule_insert(firewall_rule_s *rule);
-stc_error_e firewall_rule_remove(firewall_rule_s *rule);
-
-#endif /*__STC_HELPER_FIREWALL_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <glib.h>
-
-#include "helper-inotify.h"
-#include "stc-manager-util.h"
-
-typedef struct {
- GIOChannel *channel;
- uint watch;
- int wd;
-
- inotify_event_cb cb;
-} stc_inotify_s;
-
-static GHashTable *g_inotify_hash;
-
-static void __inotify_destroy(gpointer user_data)
-{
- int fd;
- stc_inotify_s *inotify = user_data;
-
- if (!inotify->channel)
- return;
-
- if (inotify->watch > 0)
- g_source_remove(inotify->watch);
-
- if (inotify->wd >= 0) {
- fd = g_io_channel_unix_get_fd(inotify->channel);
- inotify_rm_watch(fd, inotify->wd);
- }
-
- g_io_channel_unref(inotify->channel);
-}
-
-static gboolean __inotify_data(GIOChannel *channel,
- GIOCondition cond, gpointer user_data)
-{
- stc_inotify_s *inotify = user_data;
- char buf[256];
- char *next_event = buf;
- gsize bytes_read;
- GIOStatus status;
-
- if (cond & (G_IO_NVAL | G_IO_ERR | G_IO_HUP)) {
- inotify->watch = 0;
- return false;
- }
-
- status = g_io_channel_read_chars(channel, buf,
- sizeof(buf), &bytes_read, NULL);
- if (status != G_IO_STATUS_NORMAL) {
- if (status == G_IO_STATUS_AGAIN)
- return true;
- else {
- STC_LOGE("Failed to read from inotify channel");
- inotify->watch = 0;
- return false;
- }
- }
-
- while (bytes_read > 0) {
- struct inotify_event *event =
- (struct inotify_event *)next_event;
- gchar *ident = NULL;
- gsize len = 0;
-
- len = sizeof(*event) + event->len;
- if (bytes_read < len)
- break;
-
- if (event->len)
- ident = next_event + sizeof(*event);
-
- next_event += len;
- bytes_read -= len;
-
- (inotify->cb)(event, ident);
- }
-
- return true;
-}
-
-int inotify_register(const char *path, inotify_event_cb cb)
-{
- int fd;
- stc_inotify_s *inotify;
-
- if (!cb)
- return -EINVAL;
-
- inotify = g_hash_table_lookup(g_inotify_hash, path);
- if (inotify) {
- inotify->cb = cb;
- return 0;
- }
-
- inotify = g_try_new0(stc_inotify_s, 1);
- if (!inotify)
- return -ENOMEM;
-
- fd = inotify_init();
- if (fd < 0) {
- FREE(inotify);
- return -EIO;
- }
-
- inotify->wd = inotify_add_watch(fd, path, IN_MODIFY);
- if (inotify->wd < 0) {
- STC_LOGE("Failed to create watch [%s]", path);
- FREE(inotify);
- close(fd);
- return -EIO;
- }
-
- inotify->channel = g_io_channel_unix_new(fd);
- if (!inotify->channel) {
- STC_LOGE("Failed to create channel");
- inotify_rm_watch(fd, inotify->wd);
- FREE(inotify);
- close(fd);
- return -EIO;
- }
-
- g_io_channel_set_close_on_unref(inotify->channel, TRUE);
- g_io_channel_set_encoding(inotify->channel, NULL, NULL);
- g_io_channel_set_buffered(inotify->channel, FALSE);
-
- inotify->watch = g_io_add_watch(inotify->channel,
- G_IO_IN | G_IO_HUP | G_IO_NVAL | G_IO_ERR,
- __inotify_data, inotify);
-
- inotify->cb = cb;
-
- g_hash_table_insert(g_inotify_hash, g_strdup(path), inotify);
- return 0;
-}
-
-void inotify_deregister(const char *path)
-{
- stc_inotify_s *inotify;
-
- inotify = g_hash_table_lookup(g_inotify_hash, path);
- if (!inotify)
- return;
-
- g_hash_table_remove(g_inotify_hash, path);
-}
-
-int inotify_initialize(void)
-{
- g_inotify_hash = g_hash_table_new_full(g_str_hash, g_str_equal,
- g_free, __inotify_destroy);
-
- return 0;
-}
-
-void inotify_deinitialize(void)
-{
- g_hash_table_destroy(g_inotify_hash);
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_HELPER_INOTIFY_H__
-#define __STC_HELPER_INOTIFY_H__
-
-#include <sys/inotify.h>
-
-struct inotify_event;
-typedef void (* inotify_event_cb) (struct inotify_event *event, const char *ident);
-
-int inotify_register(const char *path, inotify_event_cb cb);
-void inotify_deregister(const char *path);
-
-int inotify_initialize(void);
-void inotify_deinitialize(void);
-
-#endif /*__STC_HELPER_INOTIFY_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-manager-gdbus.h"
-#include "helper-iptables.h"
-
-#define STC_IPTABLES_DBUS_SERVICE "net.stc.iptables"
-#define STC_IPTABLES_DBUS_RULE_INTERFACE STC_IPTABLES_DBUS_SERVICE ".rule"
-#define STC_IPTABLES_DBUS_CHAIN_INTERFACE STC_IPTABLES_DBUS_SERVICE ".chain"
-#define STC_IPTABLES_DBUS_RULE_PATH "/net/stc/iptables/rule"
-#define STC_IPTABLES_DBUS_CHAIN_PATH "/net/stc/iptables/chain"
-#define STC_IPTABLES_DBUS_METHOD_IPT_ADD_CHAIN "IptAddChain"
-#define STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_CHAIN "IptRemoveChain"
-#define STC_IPTABLES_DBUS_METHOD_IPT_FLUSH_CHAIN "IptFlushChain"
-#define STC_IPTABLES_DBUS_METHOD_IP6T_ADD_CHAIN "Ip6tAddChain"
-#define STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_CHAIN "Ip6tRemoveChain"
-#define STC_IPTABLES_DBUS_METHOD_IP6T_FLUSH_CHAIN "Ip6tFlushChain"
-#define STC_IPTABLES_DBUS_METHOD_IPT_ADD_RULE "IptAddRule"
-#define STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_RULE "IptRemoveRule"
-#define STC_IPTABLES_DBUS_METHOD_IP6T_ADD_RULE "Ip6tAddRule"
-#define STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_RULE "Ip6tRemoveRule"
-#define STC_IPTABLES_DBUS_METHOD_IPT_ADD_LIST "IptAddList"
-#define STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_LIST "IptRemoveList"
-#define STC_IPTABLES_DBUS_METHOD_IP6T_ADD_LIST "Ip6tAddList"
-#define STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_LIST "Ip6tRemoveList"
-
-#define RULE_CHAIN "chain"
-#define RULE_DIRECTION "direction"
-#define RULE_IFNAME "ifname"
-#define RULE_CGROUP "cgroup"
-#define RULE_NFACCT "nfacct"
-#define RULE_TARGET "target"
-#define RULE_SIPTYPE "s_ip_type"
-#define RULE_SIP1 "s_ip1"
-#define RULE_SIP2 "s_ip2"
-#define RULE_DIPTYPE "d_ip_type"
-#define RULE_DIP1 "d_ip1"
-#define RULE_DIP2 "d_ip2"
-
-static void __add_rule_info_to_builder(GVariantBuilder *builder,
- iptables_rule_s *rule)
-{
- if (builder == NULL || rule == NULL)
- return; //LCOV_EXCL_LINE
-
- g_variant_builder_add(builder, "{sv}", RULE_CHAIN,
- g_variant_new_string(rule->chain));
-
- g_variant_builder_add(builder, "{sv}", RULE_DIRECTION,
- g_variant_new_uint16(rule->direction));
-
- if (rule->ifname)
- g_variant_builder_add(builder, "{sv}", RULE_IFNAME,
- g_variant_new_string(rule->ifname));
-
- if (rule->classid > 0)
- g_variant_builder_add(builder, "{sv}", RULE_CGROUP,
- g_variant_new_uint32(rule->classid));
-
- if (rule->nfacct_name)
- g_variant_builder_add(builder, "{sv}", RULE_NFACCT,
- g_variant_new_string(rule->nfacct_name));
-
- if (rule->target)
- g_variant_builder_add(builder, "{sv}", RULE_TARGET,
- g_variant_new_string(rule->target));
-
- g_variant_builder_add(builder, "{sv}", RULE_SIPTYPE,
- g_variant_new_uint16(rule->s_iprange_type));
-
- g_variant_builder_add(builder, "{sv}", RULE_DIPTYPE,
- g_variant_new_uint16(rule->d_iprange_type));
-
- if (rule->s_ip1.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_SIP1,
- g_variant_new_uint32(rule->s_ip1.s_addr));
-
- if (rule->s_ip2.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_SIP2,
- g_variant_new_uint32(rule->s_ip2.s_addr));
-
- if (rule->d_ip1.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_DIP1,
- g_variant_new_uint32(rule->d_ip1.s_addr));
-
- if (rule->d_ip2.s_addr)
- g_variant_builder_add(builder, "{sv}", RULE_DIP2,
- g_variant_new_uint32(rule->d_ip2.s_addr));
-}
-
-static void __add_rule_reply(
- GObject *source_object, GAsyncResult *res, gpointer user_data)
-{
- GDBusConnection *conn = NULL;
- GVariant *dbus_data = NULL;
- GError *dbus_error = NULL;
- int result = 0;
- char *nfacct_name = user_data;
-
- conn = G_DBUS_CONNECTION(source_object);
- dbus_data = g_dbus_connection_call_finish(conn, res, &dbus_error);
- if (dbus_error != NULL) {
- STC_LOGE("Dbus reply error [%s]", dbus_error->message);
- g_error_free(dbus_error);
- } else {
- g_variant_get(dbus_data, "(i)", &result);
- STC_LOGI("Added rule [%d:%s]", result, nfacct_name);
- }
-
- g_free(nfacct_name);
-}
-
-static void __remove_rule_reply(
- GObject *source_object, GAsyncResult *res, gpointer user_data)
-{
- GDBusConnection *conn = NULL;
- GVariant *dbus_data = NULL;
- GError *dbus_error = NULL;
- int result = 0;
- char *nfacct_name = user_data;
-
- conn = G_DBUS_CONNECTION(source_object);
- dbus_data = g_dbus_connection_call_finish(conn, res, &dbus_error);
- if (dbus_error != NULL) {
- STC_LOGE("Dbus reply error [%s]", dbus_error->message);
- g_error_free(dbus_error);
- } else {
- g_variant_get(dbus_data, "(i)", &result);
- STC_LOGI("Removed rule [%d:%s]", result, nfacct_name);
- }
-
- g_free(nfacct_name);
-}
-
-static void __add_list_info_to_builder(GVariantBuilder *builder,
- GSList *iptables_list)
-{
- GSList *list;
- GVariantBuilder sub_builder;
-
- for (list = iptables_list; list; list = list->next) {
- iptables_rule_s *rule = list->data;
-
- g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
-
- g_variant_builder_add(&sub_builder, "{sv}", RULE_CHAIN,
- g_variant_new_string(rule->chain));
-
- g_variant_builder_add(&sub_builder, "{sv}", RULE_DIRECTION,
- g_variant_new_uint16(rule->direction));
-
- if (rule->ifname)
- g_variant_builder_add(&sub_builder, "{sv}", RULE_IFNAME,
- g_variant_new_string(rule->ifname));
-
- if (rule->classid > 0)
- g_variant_builder_add(&sub_builder, "{sv}", RULE_CGROUP,
- g_variant_new_uint32(rule->classid));
-
- if (rule->nfacct_name)
- g_variant_builder_add(&sub_builder, "{sv}", RULE_NFACCT,
- g_variant_new_string(rule->nfacct_name));
-
- if (rule->target)
- g_variant_builder_add(&sub_builder, "{sv}", RULE_TARGET,
- g_variant_new_string(rule->target));
-
- g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder));
- }
-}
-
-static int __iptables_rule_add(GDBusConnection *connection,
- iptables_rule_s *rule)
-{
- int result = STC_ERROR_NONE;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- char *nfacct_name = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- nfacct_name = g_strdup_printf("4:%s", rule->nfacct_name);
-
- result = stc_manager_gdbus_call_async(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_RULE_PATH,
- STC_IPTABLES_DBUS_RULE_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IPT_ADD_RULE,
- params,
- __add_rule_reply,
- nfacct_name);
-
- if (result != STC_ERROR_NONE) {
- STC_LOGE("Failed to invoke dbus method async");
- g_free(nfacct_name);
- }
-
- return result;
-}
-
-static int __iptables_rule_remove(GDBusConnection *connection,
- iptables_rule_s *rule)
-{
- int result = STC_ERROR_NONE;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- char *nfacct_name = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- nfacct_name = g_strdup_printf("4:%s", rule->nfacct_name);
-
- result = stc_manager_gdbus_call_async(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_RULE_PATH,
- STC_IPTABLES_DBUS_RULE_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_RULE,
- params,
- __remove_rule_reply,
- nfacct_name);
-
- if (result != STC_ERROR_NONE) {
- STC_LOGE("Failed to invoke dbus method async");
- g_free(nfacct_name);
- }
-
- return result;
-}
-
-static int __ip6tables_rule_add(GDBusConnection *connection,
- iptables_rule_s *rule)
-{
- int result = STC_ERROR_NONE;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- char *nfacct_name = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- nfacct_name = g_strdup_printf("6:%s", rule->nfacct_name);
-
- result = stc_manager_gdbus_call_async(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_RULE_PATH,
- STC_IPTABLES_DBUS_RULE_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IP6T_ADD_RULE,
- params,
- __add_rule_reply,
- nfacct_name);
-
- if (result != STC_ERROR_NONE) {
- STC_LOGE("Failed to invoke dbus method async");
- g_free(nfacct_name);
- }
-
- return result;
-}
-
-static int __ip6tables_rule_remove(GDBusConnection *connection,
- iptables_rule_s *rule)
-{
- int result = STC_ERROR_NONE;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- char *nfacct_name = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
- __add_rule_info_to_builder(builder, rule);
- params = g_variant_new("(a{sv})", builder);
- g_variant_builder_unref(builder);
-
- nfacct_name = g_strdup_printf("6:%s", rule->nfacct_name);
-
- result = stc_manager_gdbus_call_async(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_RULE_PATH,
- STC_IPTABLES_DBUS_RULE_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_RULE,
- params,
- __remove_rule_reply,
- nfacct_name);
-
- if (result != STC_ERROR_NONE) {
- STC_LOGE("Failed to invoke dbus method async");
- g_free(nfacct_name);
- }
-
- return result;
-}
-
-static int __iptables_list_add(GDBusConnection *connection,
- GSList *iptables_list, iptables_ip_type_e iptype)
-{
- stc_error_e result = STC_ERROR_NONE;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
- const char *method = (iptype == IP_TYPE_IPV4) ?
- STC_IPTABLES_DBUS_METHOD_IPT_ADD_LIST :
- STC_IPTABLES_DBUS_METHOD_IP6T_ADD_LIST;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
- __add_list_info_to_builder(builder, iptables_list);
- params = g_variant_new("(aa{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_RULE_PATH,
- STC_IPTABLES_DBUS_RULE_INTERFACE,
- method,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
-
- STC_LOGD("%s to add list [%s:%d]",
- result == STC_ERROR_NONE ? "Successed" : "Failed",
- iptype == IP_TYPE_IPV4 ? "IPv4" : "IPv6", result);
-
- g_variant_unref(message);
- return result;
-}
-
-static int __iptables_list_remove(GDBusConnection *connection,
- GSList *iptables_list, iptables_ip_type_e iptype)
-{
- int result = 0;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- GVariant *message = NULL;
- const char *method = (iptype == IP_TYPE_IPV4) ?
- STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_LIST :
- STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_LIST;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
- __add_list_info_to_builder(builder, iptables_list);
- params = g_variant_new("(aa{sv})", builder);
- g_variant_builder_unref(builder);
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_RULE_PATH,
- STC_IPTABLES_DBUS_RULE_INTERFACE,
- method,
- params);
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
-
- STC_LOGD("%s to add list [%s:%d]",
- result == STC_ERROR_NONE ? "Successed" : "Failed",
- iptype == IP_TYPE_IPV4 ? "IPv4" : "IPv6", result);
-
- g_variant_unref(message);
- return STC_ERROR_NONE;
-}
-
-static int __iptables_add_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_CHAIN_PATH,
- STC_IPTABLES_DBUS_CHAIN_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IPT_ADD_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully added ipv4 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __ip6tables_add_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_CHAIN_PATH,
- STC_IPTABLES_DBUS_CHAIN_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IP6T_ADD_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully added ipv6 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __iptables_remove_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_CHAIN_PATH,
- STC_IPTABLES_DBUS_CHAIN_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IPT_REMOVE_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully removed ipv4 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __ip6tables_remove_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_CHAIN_PATH,
- STC_IPTABLES_DBUS_CHAIN_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IP6T_REMOVE_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully removed ipv6 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __iptables_flush_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_CHAIN_PATH,
- STC_IPTABLES_DBUS_CHAIN_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IPT_FLUSH_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully flushed ipv4 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __ip6tables_flush_chain(GDBusConnection *connection,
- const char *chain)
-{
- int result = 0;
- GVariant *message = NULL;
-
- message = stc_manager_gdbus_call_sync(connection,
- STC_IPTABLES_DBUS_SERVICE,
- STC_IPTABLES_DBUS_CHAIN_PATH,
- STC_IPTABLES_DBUS_CHAIN_INTERFACE,
- STC_IPTABLES_DBUS_METHOD_IP6T_FLUSH_CHAIN,
- g_variant_new("(s)", chain));
-
- if (message == NULL) {
- STC_LOGE("Failed to invoke dbus method"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- g_variant_get(message, "(i)", &result);
- STC_LOGD("Successfully flushed ipv6 chain [%d:%s]", result, chain);
- g_variant_unref(message);
-
- return STC_ERROR_NONE;
-}
-
-static int __iptables_add_chain_jump_rule(const char *chain,
- const char *target)
-{
- stc_error_e ret = STC_ERROR_NONE;
- iptables_rule_s iptables_rule;
- memset(&iptables_rule, 0, sizeof(iptables_rule_s));
-
- iptables_rule.target = g_strdup(target);
- iptables_rule.chain = g_strdup(chain);
-
- ret = iptables_add(&iptables_rule, IP_TYPE_IPV4_IPV6);
-
- g_free(iptables_rule.target);
- g_free(iptables_rule.chain);
-
- return ret;
-}
-
-static stc_error_e _iptables_add_in_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_add_chain(stc->connection, STC_IN_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_IN_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_IN_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_IN_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _iptables_add_out_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_add_chain(stc->connection, STC_OUT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_OUT_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_OUT_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain(stc->connection, STC_OUT_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _ip6tables_add_in_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __ip6tables_add_chain(stc->connection, STC_IN_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_IN_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_IN_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_IN_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _ip6tables_add_out_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __ip6tables_add_chain(stc->connection, STC_OUT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_OUT_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_OUT_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_add_chain(stc->connection, STC_OUT_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _iptables_add_in_chain_jump_rule(void)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _iptables_add_out_chain_jump_rule(void)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _iptables_remove_in_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_remove_chain(stc->connection, STC_IN_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_IN_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_IN_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_IN_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _iptables_remove_out_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_remove_chain(stc->connection, STC_OUT_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_OUT_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_OUT_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_remove_chain(stc->connection, STC_OUT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _ip6tables_remove_in_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __ip6tables_remove_chain(stc->connection, STC_IN_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_IN_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_IN_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_IN_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _ip6tables_remove_out_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __ip6tables_remove_chain(stc->connection, STC_OUT_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_OUT_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_OUT_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_remove_chain(stc->connection, STC_OUT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _iptables_flush_in_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_flush_chain(stc->connection, STC_IN_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_IN_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_IN_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_IN_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _iptables_flush_out_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __iptables_flush_chain(stc->connection, STC_OUT_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_OUT_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_OUT_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_OUT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _ip6tables_flush_in_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __ip6tables_flush_chain(stc->connection, STC_IN_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_IN_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_IN_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_IN_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_IN_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_IN_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-static stc_error_e _ip6tables_flush_out_chain(stc_s *stc)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- ret = __ip6tables_flush_chain(stc->connection, STC_OUT_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_OUT_FG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_OUT_ACCEPT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_OUT_BG_DROP_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_OUT_BG_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_OUT_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
-done:
- return ret;
-}
-
-stc_error_e iptables_add(iptables_rule_s *rule, iptables_ip_type_e iptype)
-{
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection)
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
-
- if (iptype == IP_TYPE_IPV4 ||
- iptype == IP_TYPE_IPV4_IPV6) {
- ret = __iptables_rule_add(stc->connection, rule);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
- }
-
- if (iptype == IP_TYPE_IPV6 ||
- iptype == IP_TYPE_IPV4_IPV6)
- ret = __ip6tables_rule_add(stc->connection, rule);
-
-done:
- return ret;
-}
-
-stc_error_e iptables_remove(iptables_rule_s *rule, iptables_ip_type_e iptype)
-{
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection)
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
-
- if (iptype == IP_TYPE_IPV4 ||
- iptype == IP_TYPE_IPV4_IPV6) {
- ret = __iptables_rule_remove(stc->connection, rule);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
- }
-
- if (iptype == IP_TYPE_IPV6 ||
- iptype == IP_TYPE_IPV4_IPV6)
- ret = __ip6tables_rule_remove(stc->connection, rule);
-
-done:
- return ret;
-}
-
-stc_error_e iptables_add_list(GSList *iptables_list, iptables_ip_type_e iptype)
-{
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection)
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
-
- return __iptables_list_add(stc->connection, iptables_list, iptype);
-}
-
-stc_error_e iptables_remove_list(GSList *iptables_list, iptables_ip_type_e iptype)
-{
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection)
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
-
- return __iptables_list_remove(stc->connection, iptables_list, iptype);
-}
-
-API stc_error_e iptables_flush_chains(void)
-{
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection)
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
-
- ret = _iptables_flush_in_chain(stc);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = _iptables_flush_out_chain(stc);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_FRWD_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __iptables_flush_chain(stc->connection, STC_TETHER_CHAIN);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = _ip6tables_flush_in_chain(stc);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = _ip6tables_flush_out_chain(stc);
- if (ret != STC_ERROR_NONE)
- goto done; //LCOV_EXCL_LINE
-
- ret = __ip6tables_flush_chain(stc->connection, STC_FRWD_CHAIN);
-done:
- return ret;
-}
-
-stc_error_e iptables_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- ret = _iptables_add_in_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _iptables_add_out_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __iptables_add_chain(stc->connection, STC_FRWD_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __iptables_add_chain(stc->connection, STC_TETHER_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _ip6tables_add_in_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _ip6tables_add_out_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __ip6tables_add_chain(stc->connection, STC_FRWD_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __ip6tables_add_chain(stc->connection, STC_TETHER_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _iptables_add_in_chain_jump_rule();
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _iptables_add_out_chain_jump_rule();
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __iptables_add_chain_jump_rule("FORWARD", STC_FRWD_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __iptables_add_chain_jump_rule("FORWARD", STC_TETHER_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__;
- goto done;
- }
-
-done:
- __STC_LOG_FUNC_ENTER__;
- return ret;
-}
-
-stc_error_e iptables_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_error_e ret = STC_ERROR_NONE;
- stc_s *stc = stc_get_manager();
-
- if (!stc || !stc->connection) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- ret = _iptables_remove_in_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _iptables_remove_out_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __iptables_remove_chain(stc->connection, STC_TETHER_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __iptables_remove_chain(stc->connection, STC_FRWD_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _ip6tables_remove_in_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = _ip6tables_remove_out_chain(stc);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
- ret = __ip6tables_remove_chain(stc->connection, STC_FRWD_CHAIN);
- if (ret != STC_ERROR_NONE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- goto done; //LCOV_EXCL_LINE
- }
-
-done:
- __STC_LOG_FUNC_ENTER__;
- return ret;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_HELPER_IPTABLES_H__
-#define __STC_HELPER_IPTABLES_H__
-
-#include <arpa/inet.h>
-#include "stc-manager.h"
-#include "stc-error.h"
-
-#define STC_IN_CHAIN "STC_IN"
-#define STC_OUT_CHAIN "STC_OUT"
-#define STC_FRWD_CHAIN "STC_FRWD"
-#define STC_TETHER_CHAIN "STC_TETHER"
-
-#define STC_IN_DROP_CHAIN "STC_IN_DROP"
-#define STC_IN_FG_CHAIN "STC_IN_FG"
-#define STC_IN_ACCEPT_CHAIN "STC_IN_ACCEPT"
-#define STC_IN_BG_DROP_CHAIN "STC_IN_BG_DROP"
-#define STC_IN_BG_CHAIN "STC_IN_BG"
-
-#define STC_OUT_DROP_CHAIN "STC_OUT_DROP"
-#define STC_OUT_FG_CHAIN "STC_OUT_FG"
-#define STC_OUT_ACCEPT_CHAIN "STC_OUT_ACCEPT"
-#define STC_OUT_BG_DROP_CHAIN "STC_OUT_BG_DROP"
-#define STC_OUT_BG_CHAIN "STC_OUT_BG"
-
-typedef enum {
- IPTABLES_DIRECTION_NONE,
- IPTABLES_DIRECTION_IN,
- IPTABLES_DIRECTION_OUT
-} iptables_rule_direction_e;
-
-typedef enum {
- IP_TYPE_UNKNOWN,
- IP_TYPE_IPV4,
- IP_TYPE_IPV6,
- IP_TYPE_IPV4_IPV6,
- IP_TYPE_LAST_ELEM
-} iptables_ip_type_e;
-
-typedef enum {
- IPTABLES_IP_NONE,
- IPTABLES_IP_SINGLE,
- IPTABLES_IP_MASK,
- IPTABLES_IP_RANGE
-} iptables_iprange_type_e;
-
-typedef struct {
- char *chain;
- char *ifname;
- char *nfacct_name;
- char *target;
- iptables_iprange_type_e s_iprange_type;
- iptables_iprange_type_e d_iprange_type;
- struct in_addr s_ip1;
- struct in_addr s_ip2;
- struct in_addr d_ip1;
- struct in_addr d_ip2;
- iptables_rule_direction_e direction;
- uint32_t classid;
-} iptables_rule_s;
-
-stc_error_e iptables_add(iptables_rule_s *rule, iptables_ip_type_e iptype);
-stc_error_e iptables_remove(iptables_rule_s *rule, iptables_ip_type_e iptype);
-stc_error_e iptables_add_list(GSList *iptables_list, iptables_ip_type_e iptype);
-stc_error_e iptables_remove_list(GSList *iptables_list, iptables_ip_type_e iptype);
-stc_error_e iptables_flush_chains(void);
-stc_error_e iptables_init(void);
-stc_error_e iptables_deinit(void);
-
-#endif /*__STC_HELPER_IPTABLES_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dirent.h>
-#include <glib.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include "helper-cgroup.h"
-#include "counter.h"
-#include "stc-db.h"
-#include "helper-file.h"
-#include "helper-net-cls.h"
-
-#define CUR_CLASSID_PATH "/var/lib/stc/cur_classid"
-#define CLASSID_FILE_NAME "net_cls.classid"
-
-typedef GArray task_classid_array;
-
-static uint32_t __produce_classid(check_classid_used_cb check_classid_cb)
-{
- uint32_t classid = STC_RESERVED_CLASSID_MAX;
- int ret = fread_uint(CUR_CLASSID_PATH, &classid);
- if (ret < 0)
- STC_LOGI("Can not read current classid"); //LCOV_EXCL_LINE
-
- classid += 1;
-
- if (check_classid_cb) {
- int classid_test_count = 0;
- for (classid_test_count = 0; classid_test_count < INT32_MAX;
- ++classid) {
- if (!check_classid_cb(classid))
- break;
- }
- }
-
- ret = fwrite_uint(CUR_CLASSID_PATH, ++classid);
- if (ret < 0)
- STC_LOGE("Can not write classid"); //LCOV_EXCL_LINE
-
- return classid;
-}
-
-static int __place_classid_to_cgroup(const char *cgroup, const char *subdir,
- uint32_t *classid,
- check_classid_used_cb cb)
-{
- char buf[MAX_PATH_LENGTH];
- uint32_t result_classid = (classid && *classid) ? *classid :
- __produce_classid(cb);
-
- /* set classid as out argument */
- if (classid && !*classid)
- *classid = result_classid;
-
- snprintf(buf, sizeof(buf), "%s/%s", cgroup, subdir);
- return cgroup_write_node_uint32(buf, CLASSID_FILE_NAME, result_classid);
-}
-
-static stc_error_e __get_classid_from_cgroup(const char *cgroup,
- const char *subdir, uint32_t *classid)
-{
- char buf[MAX_PATH_LENGTH];
- snprintf(buf, sizeof(buf), "%s/%s", cgroup, subdir);
-
- int ret = cgroup_read_node_uint32(buf, CLASSID_FILE_NAME, classid);
- if (ret < 0) {
- *classid = STC_UNKNOWN_CLASSID;
- return STC_ERROR_NO_DATA;
- }
-
- return STC_ERROR_NONE;
-}
-
-API stc_error_e init_current_classid(void)
-{
- int ret = 0;
- struct stat stat_buf;
-
- if (stat(STC_CGROUP_NETWORK, &stat_buf) != 0) {
- uint32_t classid = STC_RESERVED_CLASSID_MAX;
- ret = fwrite_uint(CUR_CLASSID_PATH, classid);
- if (ret < 0) {
- STC_LOGE("Can not init current classid"); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
- }
-
- return STC_ERROR_NONE;
-}
-
-API uint32_t get_classid_by_app_id(const char *app_id, int create)
-{
- bool exists;
- int ret = STC_ERROR_NONE;
- uint32_t classid = STC_UNKNOWN_CLASSID;
- const char *path_to_net_cgroup_dir = NULL;
-
- if (app_id == NULL)
- return STC_UNKNOWN_CLASSID;
-
- if (!strcmp(app_id, STC_TOTAL_BACKGROUND))
- return STC_BACKGROUND_APP_CLASSID;
-
- if (!strcmp(app_id, STC_TOTAL_DATACALL))
- return STC_TOTAL_DATACALL_CLASSID;
-
- if (!strcmp(app_id, STC_TOTAL_WIFI))
- return STC_TOTAL_WIFI_CLASSID;
-
- if (!strcmp(app_id, STC_TOTAL_BLUETOOTH))
- return STC_TOTAL_BLUETOOTH_CLASSID;
-
- if (!strcmp(app_id, STC_TOTAL_IPV4))
- return STC_TOTAL_IPV4_CLASSID;
-
- if (!strcmp(app_id, STC_TOTAL_IPV6))
- return STC_TOTAL_IPV6_CLASSID;
-
- if (!strcmp(app_id, STC_TOTAL_TETHERING))
- return STC_TETHERING_APP_CLASSID;
-
- if (strstr(app_id, STC_BACKGROUND_APP_SUFFIX))
- path_to_net_cgroup_dir = BACKGROUND_CGROUP_NETWORK;
- else if (strstr(app_id, STC_TETHERING_APP_SUFFIX))
- path_to_net_cgroup_dir = TETHERING_CGROUP_NETWORK;
- else
- path_to_net_cgroup_dir = FOREGROUND_CGROUP_NETWORK;
-
- /* just read */
- if (!create)
- ret = __get_classid_from_cgroup(path_to_net_cgroup_dir, //LCOV_EXCL_LINE
- app_id, &classid);
-
- if (ret != STC_ERROR_NONE)
- return STC_UNKNOWN_CLASSID;
-
- if (classid != STC_UNKNOWN_CLASSID)
- return classid;
-
- ret = cgroup_make_subdir(path_to_net_cgroup_dir, (char *)app_id,
- &exists);
- if (ret)
- goto handle_error;
-
- if (exists)
- ret = __get_classid_from_cgroup(path_to_net_cgroup_dir,
- app_id, &classid);
- else
- ret = __place_classid_to_cgroup(path_to_net_cgroup_dir,
- (char *)app_id, &classid, NULL);
- if (ret)
- goto handle_error; //LCOV_EXCL_LINE
-
- return classid;
-
-handle_error:
- if (STC_DEBUG_LOG)
- STC_LOGE("error_code: [%d]", ret); //LCOV_EXCL_LINE
- return STC_UNKNOWN_CLASSID; //LCOV_EXCL_LINE
-}
-
-API stc_error_e place_pids_to_net_cgroup(const int pid, const char *app_id)
-{
- char child_buf[21 + MAX_DEC_SIZE(int) + MAX_DEC_SIZE(int) + 1];
- const char *path_to_net_cgroup_dir = NULL;
-
- snprintf(child_buf, sizeof(child_buf), PROC_TASK_CHILDREN, pid, pid);
-
- if (app_id == NULL) {
- STC_LOGE("package name must be not empty"); //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- if (strstr(app_id, STC_BACKGROUND_APP_SUFFIX))
- path_to_net_cgroup_dir = BACKGROUND_CGROUP_NETWORK;
- else if (strstr(app_id, STC_TETHERING_APP_SUFFIX))
- path_to_net_cgroup_dir = TETHERING_CGROUP_NETWORK;
- else
- path_to_net_cgroup_dir = FOREGROUND_CGROUP_NETWORK; //LCOV_EXCL_LINE
-
- if (access(child_buf, F_OK))
- return cgroup_write_pid(path_to_net_cgroup_dir, app_id, pid);
-
- return cgroup_write_pidtree(path_to_net_cgroup_dir, app_id, pid); //LCOV_EXCL_LINE
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_HELPER_NET_CLS_H__
-#define __STC_HELPER_NET_CLS_H__
-
-#include <sys/types.h>
-#include <glib.h>
-#include <stdbool.h>
-
-#include "stc-manager.h"
-
-#define PATH_TO_NET_CGROUP_DIR CGROUP_NETWORK
-
-enum {
- ERROR_CANT_CREATE_NL_SOCKET = 1,
- ERROR_UPDATE_PID_LIST = 2,
- ERROR_UPDATE_CLASSIDS_LIST = 3,
-};
-
-typedef GArray int_array;
-
-stc_error_e init_current_classid(void);
-
-/**
- * @desc take classid from net_cls cgroup by appid
- * This function converts appid to pkgname.
- * @param pkg_name - name of the cgroup
- * @param create - in case of true - create cgroup if it's not exists
- * @return classid
- */
-uint32_t get_classid_by_app_id(const char *app_id, int create);
-
-typedef gboolean(*check_classid_used_cb)(guint32 classid);
-
-stc_error_e place_pids_to_net_cgroup(const int pid, const char *pkg_name);
-
-#endif /*__STC_HELPER_NET_CLS_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <errno.h>
-#include <inttypes.h>
-#include <stdbool.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <unistd.h>
-#include <arpa/inet.h>
-
-#include "counter.h"
-#include "helper-nfacct-rule.h"
-#include "helper-iptables.h"
-
-#include "configure_stub.h"
-
-#define IPTABLES "/usr/sbin/iptables"
-#define IP6TABLES "/usr/sbin/ip6tables"
-#define IPTABLES_CHECK "-C"
-#define APPEND "-A"
-#define DELETE "-D"
-#define INSERT "-I"
-
-#define NFACCT_NAME_MOD " -m nfacct --nfacct-name %s"
-#define REJECT_RULE "REJECT"
-#define ACCEPT_RULE "ACCEPT"
-#define OUT_RULE "OUTPUT"
-#define IN_RULE "INPUT"
-#define FORWARD_RULE "FORWARD"
-
-/* TODO idea to use the same rule both for BLOCK (REJECT) and WARNING (ACCEPT) */
-#define RULE_APP_OUT "%s -w %s OUTPUT -o %s -m cgroup --cgroup %u %s %s"
-#define RULE_APP_IN "%s -w %s INPUT -i %s -m cgroup --cgroup %u %s %s"
-
-/* iptables -w [I/A/D] [OUTPUT/FORWARD/INPUT] -o/-i iface -m nfacct --nfacct-name name -j ACCEPT/REJECT */
-
-#define RULE_IFACE_OUT "%s -w %s %s -o %s %s %s"
-#define RULE_IFACE_IN "%s -w %s %s -i %s %s %s"
-
-#define NFNL_SUBSYS_ACCT 7
-#define BUF_SIZE_FOR_ERR 100
-
-static void prepare_netlink_msg(struct genl *req, int type, int flag)
-{
- int seq = time(NULL);
- memset(req, 0, sizeof(struct genl));
- req->n.nlmsg_len = NLMSG_LENGTH(GENL_HDRLEN);
- req->n.nlmsg_type = (NFNL_SUBSYS_ACCT << 8) | type;
- req->n.nlmsg_flags = NLM_F_REQUEST | flag;
- req->n.nlmsg_seq = seq;
-}
-
-static void add_value_attr(struct genl *req, const void *data, int len,
- int type)
-{
- int payload;
- /* get tail */
- struct nlattr *na = (struct nlattr *)((char *)req +
- NLMSG_ALIGN(req->n.nlmsg_len));
-
- na->nla_type = type;
- payload = len + NLA_HDRLEN;
- na->nla_len = payload;
- memcpy(NLA_DATA(na), data, len);
- req->n.nlmsg_len += NLMSG_ALIGN(payload);
-}
-
-/*
- * following 2 function should be used in combination.
- * start_nest_attr returns nlattr structure, which should be completed by
- * end_nest_attr,
- * before these invocations any number of netlink arguments could be inserted
- * */
-static struct nlattr *start_nest_attr(struct genl *req, uint16_t type)
-{
- struct nlattr *start = (struct nlattr *)((char *)req +
- NLMSG_ALIGN(req->n.nlmsg_len));
-
- start->nla_type = NLA_F_NESTED | type;
- req->n.nlmsg_len += NLMSG_ALIGN(sizeof(struct nlattr));
- return start;
-}
-
-static void end_nest_attr(struct genl *req, struct nlattr *start)
-{
- start->nla_len = (__u16)((char *)req +
- NLMSG_ALIGN(req->n.nlmsg_len) - (char *)start);
-}
-
-static void add_string_attr(struct genl *req, const char *str, int type)
-{
- add_value_attr(req, str, strlen(str) + 1, type);
-}
-
-static void add_uint64_attr(struct genl *req, const long long unsigned int v, int type)
-{
- add_value_attr(req, &v, sizeof(v), type);
-}
-
-/* macros or templare, due uint64 and uint32 is the same functions */
-static void add_uint32_attr(struct genl *req, const uint32_t v, int type)
-{
- add_value_attr(req, &v, sizeof(v), type);
-}
-
-static stc_error_e send_nfacct_request(int sock, struct genl *req)
-{
- struct sockaddr_nl nladdr = {.nl_family = AF_NETLINK};
- int ret = sendto(sock, (char *)(&req->n), req->n.nlmsg_len, 0,
- (struct sockaddr *)&nladdr, sizeof(nladdr));
- ret_value_msg_if(ret < 0, STC_ERROR_FAIL,
- "Failed to send nfacct request, error [%d]", ret);
-
- return STC_ERROR_NONE;
-}
-
-static stc_error_e nfacct_send_new(nfacct_rule_s *counter)
-{
- int ret = STC_ERROR_NONE;
- struct genl *req = MALLOC0(struct genl, 1);
- if (req == NULL) {
- STC_LOGE("Failed allocate memory to genl request message"); //LCOV_EXCL_LINE
- return STC_ERROR_OUT_OF_MEMORY; //LCOV_EXCL_LINE
- }
-
- prepare_netlink_msg(req, NFNL_MSG_ACCT_NEW, NLM_F_CREATE | NLM_F_ACK);
- add_string_attr(req, counter->name, NFACCT_NAME);
-
- /* padding */
- add_uint64_attr(req, 0, NFACCT_PKTS);
- add_uint64_attr(req, 0, NFACCT_BYTES);
- //LCOV_EXCL_START
- if (counter->quota) {
- STC_LOGD("quota bytes %lld", counter->quota);
-
- add_uint32_attr(req, htobe32(NFACCT_F_QUOTA_BYTES),
- NFACCT_FLAGS);
- add_uint64_attr(req, htobe64(counter->quota), NFACCT_QUOTA);
- }
- //LCOV_EXCL_STOP
-
- ret = send_nfacct_request(counter->carg->sock, req);
- FREE(req);
- return ret;
-}
-
-stc_error_e nfacct_send_del(nfacct_rule_s *counter)
-{
- int ret = STC_ERROR_NONE;
- struct genl *req = MALLOC0(struct genl, 1);
- if (req == NULL) {
- STC_LOGE("Failed allocate memory to genl request message"); //LCOV_EXCL_LINE
- return STC_ERROR_OUT_OF_MEMORY; //LCOV_EXCL_LINE
- }
-
- prepare_netlink_msg(req, NFNL_MSG_ACCT_DEL, NLM_F_ACK);
- add_string_attr(req, counter->name, NFACCT_NAME);
-
- ret = send_nfacct_request(counter->carg->sock, req);
- FREE(req);
- return ret;
-}
-#define NFACCT_F_QUOTAS (NFACCT_F_QUOTA_BYTES | NFACCT_F_QUOTA_PKTS)
-
-static stc_error_e internal_nfacct_send_get(struct counter_arg *carg,
- enum nfnl_acct_msg_types get_type,
- const char *name,
- int mask, int filter)
-{
- int ret = STC_ERROR_NONE;
- struct nlattr *na;
- int flag = !name ? NLM_F_DUMP : 0;
- struct genl *req = MALLOC0(struct genl, 1);
- if (req == NULL) {
- STC_LOGE("Failed allocate memory to genl request message"); //LCOV_EXCL_LINE
- return STC_ERROR_OUT_OF_MEMORY; //LCOV_EXCL_LINE
- }
-
- prepare_netlink_msg(req, get_type, flag);
- /* due we don't get counter with quota any where else,
- * here we will request just counters by default */
- if (name)
- add_string_attr(req, name, NFACCT_NAME);
-
- na = start_nest_attr(req, NFACCT_FILTER);
- add_uint32_attr(req, htonl(mask), NFACCT_FILTER_ATTR_MASK);
- add_uint32_attr(req, htonl(filter), NFACCT_FILTER_ATTR_VALUE);
- end_nest_attr(req, na);
-
- ret = send_nfacct_request(carg->sock, req);
- FREE(req);
- return ret;
-}
-
-stc_error_e nfacct_send_get_counters(struct counter_arg *carg, const char *name)
-{
- /* get and reset countes value */
- return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET_CTRZERO, name,
- NFACCT_F_QUOTAS, 0);
-}
-
-stc_error_e nfacct_send_get_quotas(struct counter_arg *carg, const char *name)
-{
- /* just get counters */
- return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET, name,
- NFACCT_F_QUOTA_BYTES,
- NFACCT_F_QUOTA_BYTES);
-}
-
-API stc_error_e nfacct_send_get_all(struct counter_arg *carg)
-{
- /* get and reset everything, used when quiting */
- return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET_CTRZERO, NULL,
- 0, 0);
-}
-
-stc_error_e nfacct_send_get(nfacct_rule_s *rule)
-{
- if (rule->intend == NFACCT_BLOCK || rule->intend == NFACCT_WARN)
- return nfacct_send_get_quotas(rule->carg, rule->name);
- else if (rule->intend == NFACCT_COUNTER)
- return nfacct_send_get_counters(rule->carg, rule->name);
-
- return STC_ERROR_INVALID_PARAMETER;
-}
-
-static nfacct_rule_direction convert_to_iotype(int type)
-{
- return (type < NFACCT_COUNTER_LAST_ELEM &&
- type > NFACCT_COUNTER_UNKNOWN) ? type : NFACCT_COUNTER_UNKNOWN;
-}
-
-static stc_iface_type_e convert_to_iftype(int type)
-{
- return (type < STC_IFACE_LAST_ELEM &&
- type > STC_IFACE_UNKNOWN) ? type : STC_IFACE_UNKNOWN;
-}
-
-API bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt)
-{
- char *iftype_part;
- char *classid_part;
- char *io_part;
- char *ifname_part;
- char *save_ptr = NULL;
- char name[NFACCT_NAME_MAX] = {0}; /* parse buffer to avoid cnt_name modification */
-
- strncpy(name, cnt_name, sizeof(name) - 1);
-
- switch (name[0]) {
- case 'c':
- cnt->intend = NFACCT_COUNTER;
- break;
- case 'w':
- cnt->intend = NFACCT_WARN;
- break;
- case 'r':
- cnt->intend = NFACCT_BLOCK;
- break;
- case 'a':
- cnt->intend = NFACCT_ALLOW;
- break;
- case 't':
- cnt->intend = NFACCT_TETH_COUNTER; //LCOV_EXCL_LINE
- break; //LCOV_EXCL_LINE
- default:
- return false;
- }
-
- STRING_SAVE_COPY(cnt->name, cnt_name);
-
-#if 0
- /* ========================================================
- * NOTE:-
- * Below parsing for tethering case is not in use
- * stc-manager needs to ignore this for NFACCT_TETH_COUNTER
- * this is disbaled for future use.
- * =======================================================*/
-
- //LCOV_EXCL_START
- if (cnt->intend == NFACCT_TETH_COUNTER) {
- char ifname_buf[MAX_IFACE_LENGTH];
- int ifname_len;
- stc_iface_type_e iface;
- /* tbnep+:seth_w0; means comes by bt go away by mobile interface,
- * it's outgoing traffic, due all tethering is mobile databased */
- iftype_part = strchr(name, ':');
- ret_value_msg_if(iftype_part == NULL,
- false, "Invalid format of the tethering counter %s", name);
- ifname_len = iftype_part - name - 1;
- strncpy(ifname_buf, name + 1, ifname_len); /* skip first t */
- ifname_buf[ifname_len] = '\0';
- iface = get_iftype_by_name(ifname_buf);
- /* check first part is it datacall */
- if (iface == STC_IFACE_DATACALL) {
- strncpy(cnt->ifname, ifname_buf, MAX_IFACE_LENGTH - 1);
- cnt->iotype = NFACCT_COUNTER_IN;
- } else {
- /* +1, due : symbol and till the end of cnt_name */
- strncpy(ifname_buf, iftype_part + 1, MAX_IFACE_LENGTH - 1);
- iface = get_iftype_by_name(ifname_buf);
- if (iface == STC_IFACE_DATACALL) {
- cnt->iotype = NFACCT_COUNTER_OUT;
- strncpy(cnt->ifname, ifname_buf, MAX_IFACE_LENGTH - 1);
- }
- }
-
- if (cnt->iotype == NFACCT_COUNTER_UNKNOWN) {
- STC_LOGE("can't determine tethering direction %s", name);
- return false;
- }
- cnt->iftype = STC_IFACE_DATACALL;
- cnt->classid = STC_TETHERING_APP_CLASSID;
- return true;
- }
- //LCOV_EXCL_STOP
-#endif
-
- io_part = strtok_r(name, "_", &save_ptr);
- if (io_part != NULL)
- cnt->iotype = convert_to_iotype(atoi(io_part + 1));
- else
- return false;
-
- iftype_part = strtok_r(NULL, "_", &save_ptr);
- if (iftype_part != NULL)
- cnt->iftype = convert_to_iftype(atoi(iftype_part));
- else
- return false;
-
- classid_part = strtok_r(NULL, "_", &save_ptr);
- if (classid_part != NULL)
- cnt->classid = atoi(classid_part);
- else {
- cnt->classid = STC_ALL_APP_CLASSID;
- return cnt->intend == NFACCT_BLOCK ? true : false;
- }
-
- ifname_part = strtok_r(NULL, "\0", &save_ptr);
- if (ifname_part != NULL)
- STRING_SAVE_COPY(cnt->ifname, ifname_part);
- else
- return false;
-
- return true;
-}
-
-static void _process_answer(struct netlink_serialization_params *params)
-{
- struct rtattr *na;
- struct rtattr *attr_list[__NFACCT_MAX] = {0};
- struct counter_arg *carg = params->carg;
- struct genl *ans = params->ans;;
- struct nlmsghdr *nlhdr = &ans->n;
- int len = GENLMSG_PAYLOAD(nlhdr);
- int ans_len = carg->ans_len;
-
- if (len == 0)
- return;
-
- /* parse reply message */
- na = (struct rtattr *)GENLMSG_DATA(ans);
-
- while (NLMSG_OK(nlhdr, ans_len)) {
- fill_attribute_list(attr_list, NFACCT_MAX,
- na, len);
- if (!attr_list[NFACCT_NAME] ||
- !attr_list[NFACCT_BYTES])
- goto next;
- params->eval_attr(attr_list, carg);
-
-next:
- nlhdr = NLMSG_NEXT(nlhdr, ans_len);
- if (ans_len < 0)
- break;
- na = (struct rtattr *)GENLMSG_DATA(nlhdr);
- }
-
- if (params->post_eval_attr)
- params->post_eval_attr(carg);
-}
-
-API netlink_serialization_command *
-netlink_create_command(struct netlink_serialization_params *params)
-{
- static netlink_serialization_command command = {0,};
- command.deserialize_answer = _process_answer;
- command.params = *params;
- return &command;
-}
-
-static char *get_iptables_cmd(const nfacct_rule_action action)
-{
- if (action == NFACCT_ACTION_APPEND)
- return APPEND;
- else if (action == NFACCT_ACTION_DELETE)
- return DELETE;
- else if (action == NFACCT_ACTION_INSERT)
- return INSERT;
-
- return "";
-}
-
-static char *get_iptables_chain(uint32_t classid,
- const nfacct_rule_direction iotype,
- const stc_app_state_e app_state,
- const nfacct_rule_intend intend)
-{
- if (iotype == NFACCT_COUNTER_IN) {
- if (intend == NFACCT_COUNTER ||
- intend == NFACCT_TETH_COUNTER) {
- if (app_state == STC_APP_STATE_FOREGROUND)
- return STC_IN_FG_CHAIN;
- else
- return STC_IN_BG_CHAIN;
- } else if (intend == NFACCT_ALLOW ||
- intend == NFACCT_TETH_ALLOW) {
- return STC_IN_ACCEPT_CHAIN;
- } else {
- if (classid == STC_BACKGROUND_APP_CLASSID)
- return STC_IN_BG_DROP_CHAIN;
- else
- return STC_IN_DROP_CHAIN;
- }
- } else if (iotype == NFACCT_COUNTER_OUT) {
- if (intend == NFACCT_COUNTER ||
- intend == NFACCT_TETH_COUNTER) {
- if (app_state == STC_APP_STATE_FOREGROUND)
- return STC_OUT_FG_CHAIN;
- else
- return STC_OUT_BG_CHAIN;
- } else if (intend == NFACCT_ALLOW ||
- intend == NFACCT_TETH_ALLOW) {
- return STC_OUT_ACCEPT_CHAIN;
- } else {
- if (classid == STC_BACKGROUND_APP_CLASSID)
- return STC_OUT_BG_DROP_CHAIN;
- else
- return STC_OUT_DROP_CHAIN;
- }
- } else if (iotype == NFACCT_COUNTER_FORWARD)
- return STC_FRWD_CHAIN;
-
- return "";
-}
-
-static char *get_iptables_jump(const nfacct_rule_jump jump)
-{
- if (jump == NFACCT_JUMP_ACCEPT)
- return ACCEPT_RULE;
- else if (jump == NFACCT_JUMP_REJECT)
- return REJECT_RULE;
-
- return "";
-}
-
-/*
-static char *choose_iftype_name(nfacct_rule_s *rule)
-{
- return strlen(rule->ifname) != 0 ? rule->ifname :
- get_iftype_name(rule->iftype);
-}
-*/
-
-static stc_error_e exec_iptables_cmd(nfacct_rule_s *rule)
-{
- stc_error_e ret = STC_ERROR_NONE;
- iptables_ip_type_e iptype;
- iptables_rule_s iptables_rule;
- memset(&iptables_rule, 0, sizeof(iptables_rule_s));
-
- iptables_rule.nfacct_name = g_strdup(rule->name);
- iptables_rule.ifname = g_strdup(rule->ifname);
- iptables_rule.target = g_strdup(get_iptables_jump(rule->jump));
-
- /* In case of tehering rules use chain 'STC_TETHER' */
- if (rule->intend == NFACCT_TETH_COUNTER ||
- rule->intend == NFACCT_TETH_ALLOW ||
- rule->intend == NFACCT_TETH_BLOCK)
- iptables_rule.chain = g_strdup(STC_TETHER_CHAIN);
- else
- iptables_rule.chain = g_strdup(get_iptables_chain(rule->classid,
- rule->iotype, rule->app_state, rule->intend));
-
- if (rule->classid < STC_RESERVED_CLASSID_MAX)
- iptables_rule.classid = STC_UNKNOWN_CLASSID;
- else
- iptables_rule.classid = rule->classid;
- iptables_rule.direction = (rule->iotype & NFACCT_COUNTER_IN) ?
- IPTABLES_DIRECTION_IN : IPTABLES_DIRECTION_OUT;
- iptype = (iptables_ip_type_e)rule->iptype;
-
- /* specify the ip range type for source and destination */
- iptables_rule.s_iprange_type = rule->src_iprange_type;
- iptables_rule.d_iprange_type = rule->dst_iprange_type;
-
- /* specify source and destination ip address if any */
- if (rule->src_ip1) {
- if (!inet_aton(rule->src_ip1, &iptables_rule.s_ip1)) {
- ret = STC_ERROR_INVALID_PARAMETER;
- goto free;
- }
- }
-
- if (rule->src_ip2) {
- if (!inet_aton(rule->src_ip2, &iptables_rule.s_ip2)) {
- ret = STC_ERROR_INVALID_PARAMETER;
- goto free;
- }
- }
-
- if (rule->dst_ip1) {
- if (!inet_aton(rule->dst_ip1, &iptables_rule.d_ip1)) {
- ret = STC_ERROR_INVALID_PARAMETER;
- goto free;
- }
- }
-
- if (rule->dst_ip2) {
- if (!inet_aton(rule->dst_ip2, &iptables_rule.d_ip2)) {
- ret = STC_ERROR_INVALID_PARAMETER;
- goto free;
- }
- }
-
- if (rule->action == NFACCT_ACTION_DELETE) {
- /* delete interface rule */
- ret = iptables_remove(&iptables_rule, iptype);
- } else {
- /* add interface rule */
- ret = iptables_add(&iptables_rule, iptype);
- }
-
-free:
- g_free(iptables_rule.nfacct_name);
- g_free(iptables_rule.ifname);
- g_free(iptables_rule.target);
- g_free(iptables_rule.chain);
-
- return ret;
-}
-
-static stc_error_e produce_app_rule(nfacct_rule_s *rule)
-{
- if (rule == NULL)
- return STC_ERROR_INVALID_PARAMETER;
-
- char *set_cmd = get_iptables_cmd(rule->action);
- char *jump_cmd = get_iptables_jump(rule->jump);
- char nfacct_buf[sizeof(NFACCT_NAME_MOD) +
- 3*MAX_DEC_SIZE(int) + 4 + 1];
- stc_error_e ret = STC_ERROR_NONE;
- uint32_t classid = rule->classid;
-
- /* income part */
- if (rule->iotype & NFACCT_COUNTER_IN) {
- rule->quota = rule->rcv_limit;
- rule->iotype = NFACCT_COUNTER_IN;
- generate_counter_name(rule);
-
- /* to support quated counter we need nfacct,
- * don't use it in case of just block without a limit
- * iow, send_limit = 0 and rcv_limit 0 */
- if (rule->action != NFACCT_ACTION_DELETE) {
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
-
- ret = nfacct_send_new(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't set nfacct counter");
- keep_counter(rule);
- }
-
- /* we have a counter, let's key in a rule, drop in case of
- * send_limit/rcv_limit */
- ret = snprintf(nfacct_buf, sizeof(nfacct_buf), NFACCT_NAME_MOD,
- rule->name);
- ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
- STC_ERROR_FAIL, "Not enought buffer");
-
- /* cgroup extention on FORWARD chain are not allowed
- * remove classid info in case of tethering rules */
- if (rule->intend == NFACCT_TETH_COUNTER ||
- rule->intend == NFACCT_TETH_ALLOW ||
- rule->intend == NFACCT_TETH_BLOCK) {
- classid = rule->classid;
- rule->classid = 0;
- }
-
- ret = exec_iptables_cmd(rule);
-
- /* restore the classid info in case of tethering rule */
- if (rule->intend == NFACCT_TETH_COUNTER ||
- rule->intend == NFACCT_TETH_ALLOW ||
- rule->intend == NFACCT_TETH_BLOCK)
- rule->classid = classid;
-
- ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
- "Can't set conditional block for ingress"
- " traffic, for classid %u, cmd %s, j %s",
- rule->classid, set_cmd, jump_cmd);
-
- /* remove in any case */
- if (rule->action == NFACCT_ACTION_DELETE) {
- /* TODO here and everywhere should be not just a del,
- * here should be get counted value and than
- * set new counter with that value, but it's minor issue,
- * due it's not clear when actual counters was stored,
- * and based on which value settings made such decition */
- rule->iptables_rule = nfacct_send_del;
- set_finalize_flag(rule);
- nfacct_send_get(rule);
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
- }
- }
-
- if (rule->iotype & NFACCT_COUNTER_OUT) {
- /* outcome part */
- rule->iotype = NFACCT_COUNTER_OUT;
- rule->quota = rule->send_limit;
- generate_counter_name(rule);
- if (rule->action != NFACCT_ACTION_DELETE) {
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
-
- ret = nfacct_send_new(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't set quota counter");
- keep_counter(rule);
- }
-
- ret = snprintf(nfacct_buf, sizeof(nfacct_buf), NFACCT_NAME_MOD,
- rule->name);
- ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
- STC_ERROR_FAIL, "Not enought buffer");
-
- /* cgroup extention on FORWARD chain are not allowed
- * remove classid info in case of tethering rules */
- if (rule->intend == NFACCT_TETH_COUNTER ||
- rule->intend == NFACCT_TETH_ALLOW ||
- rule->intend == NFACCT_TETH_BLOCK) {
- classid = rule->classid;
- rule->classid = 0;
- }
-
- ret = exec_iptables_cmd(rule);
-
- /* restore the classid info in case of tethering rule */
- if (rule->intend == NFACCT_TETH_COUNTER ||
- rule->intend == NFACCT_TETH_ALLOW ||
- rule->intend == NFACCT_TETH_BLOCK)
- rule->classid = classid;
-
- ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
- "Can't set conditional block for engress"
- " traffic, for classid %u, cmd %s, j %s",
- rule->classid, set_cmd, jump_cmd);
-
- if (rule->action == NFACCT_ACTION_DELETE) {
- rule->iptables_rule = nfacct_send_del;
- /* not effective, it's better to replace
- * set_finalize_flag by set_property,
- * due keep_counter it necessary only for
- * setting iptables_rule */
- set_finalize_flag(rule);
- nfacct_send_get(rule);
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
- }
- }
- return STC_ERROR_NONE;
-}
-
-static stc_error_e produce_iface_rule(nfacct_rule_s *rule)
-{
- if (rule == NULL)
- return STC_ERROR_INVALID_PARAMETER;
-
- char *set_cmd = get_iptables_cmd(rule->action);
- char *jump_cmd = get_iptables_jump(rule->jump);
- char nfacct_buf[sizeof(NFACCT_NAME_MOD) +
- 3*MAX_DEC_SIZE(int) + 4 + 1];
- stc_error_e ret;
-
- if (rule->iotype & NFACCT_COUNTER_IN) {
- /* income part */
- rule->iotype = NFACCT_COUNTER_IN;
- rule->quota = rule->rcv_limit;
- generate_counter_name(rule);
-
- if (rule->action != NFACCT_ACTION_DELETE) {
- /* send delete comman in case of creation,
- * because nfacct doesn't reset value for nfacct quota
- * in case of quota existing */
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
-
- ret = nfacct_send_new(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't set quota counter");
- keep_counter(rule);
- }
-
- ret = snprintf(nfacct_buf, sizeof(nfacct_buf),
- NFACCT_NAME_MOD, rule->name);
- ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
- STC_ERROR_FAIL, "Not enought buffer");
-
- ret = exec_iptables_cmd(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
- "Can't set conditional block for ingress"
- " traffic, for iftype %d, cmd %s, j %s",
- rule->iftype, set_cmd, jump_cmd);
-
- //LCOV_EXCL_START
- /* for tethering */
- if (rule->intend == NFACCT_WARN ||
- rule->intend == NFACCT_BLOCK) {
- /* RULE_IFACE_OUT is not a misprint here */
- nfacct_rule_direction temp_iotype = rule->iotype;
-
- rule->iotype = NFACCT_COUNTER_FORWARD;
- ret = exec_iptables_cmd(rule);
- rule->iotype = temp_iotype;
- ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
- "Can't set forward rule for ingress "
- "traffic, for iftype %d, cmd %s, j %s",
- rule->iftype, set_cmd, jump_cmd);
- }
- /* tethering */
-
- if (rule->action == NFACCT_ACTION_DELETE) {
- rule->iptables_rule = nfacct_send_del;
- set_finalize_flag(rule);
- nfacct_send_get(rule);
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
- }
- //LCOV_EXCL_STOP
- }
-
- if (rule->iotype & NFACCT_COUNTER_OUT) {
- /* outcome part */
- rule->iotype = NFACCT_COUNTER_OUT;
- rule->quota = rule->send_limit;
- generate_counter_name(rule);
-
- if (rule->action != NFACCT_ACTION_DELETE) {
- /* send delete comman in case of creation,
- * because nfacct doesn't reset value for nfacct quota
- * in case of quota existing */
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
-
- ret = nfacct_send_new(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't set quota counter");
- keep_counter(rule);
- }
-
- ret = snprintf(nfacct_buf, sizeof(nfacct_buf),
- NFACCT_NAME_MOD, rule->name);
- ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
- STC_ERROR_FAIL, "Not enough buffer");
-
- ret = exec_iptables_cmd(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
- "Can't set conditional block for "
- "engress traffic, for iftype %d, cmd %s, j %s",
- rule->iftype, set_cmd, jump_cmd);
-
- //LCOV_EXCL_START
- /* for tethering */
- if (rule->intend == NFACCT_WARN ||
- rule->intend == NFACCT_BLOCK) {
- nfacct_rule_direction temp_iotype = rule->iotype;
-
- rule->iotype = NFACCT_COUNTER_OUT;
- ret = exec_iptables_cmd(rule);
- rule->iotype = temp_iotype;
- ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL,
- "Can't set forward rule for engress "
- "traffic, for iftype %d, cmd %s, j %s",
- rule->iftype, set_cmd, jump_cmd);
- }
- /* tethering */
-
- if (rule->action == NFACCT_ACTION_DELETE) {
- rule->iptables_rule = nfacct_send_del;
- set_finalize_flag(rule);
- nfacct_send_get(rule);
- ret = nfacct_send_del(rule);
- ret_value_msg_if(ret != STC_ERROR_NONE, ret,
- "can't del quota counter");
- }
- //LCOV_EXCL_STOP
- }
-
- return STC_ERROR_NONE;
-}
-
-API stc_error_e produce_net_rule(nfacct_rule_s *rule)
-{
- stc_error_e ret = STC_ERROR_NONE;
-
- if (rule == NULL)
- return STC_ERROR_INVALID_PARAMETER;
-
- if (rule->action == NFACCT_ACTION_APPEND &&
- rule->intend == NFACCT_WARN &&
- !rule->send_limit && !rule->rcv_limit)
- return STC_ERROR_NONE;
-
- if (rule->classid != STC_ALL_APP_CLASSID &&
- rule->classid != STC_TETHERING_APP_CLASSID &&
- rule->classid != STC_BACKGROUND_APP_CLASSID &&
- rule->classid != STC_TOTAL_DATACALL_CLASSID &&
- rule->classid != STC_TOTAL_WIFI_CLASSID &&
- rule->classid != STC_TOTAL_BLUETOOTH_CLASSID &&
- rule->classid != STC_TOTAL_IPV4_CLASSID &&
- rule->classid != STC_TOTAL_IPV6_CLASSID)
- ret = produce_app_rule(rule);
- else
- ret = produce_iface_rule(rule);
-
- return ret;
-}
-
-static stc_error_e append_iptables_cmd(GSList **iptables_list, nfacct_rule_s *rule)
-{
- iptables_rule_s *iptables_rule = NULL;
-
- iptables_rule = MALLOC0(iptables_rule_s, 1);
- if (!iptables_rule)
- return STC_ERROR_OUT_OF_MEMORY;
-
- iptables_rule->nfacct_name = g_strdup(rule->name);
- iptables_rule->ifname = g_strdup(rule->ifname);
- iptables_rule->target = g_strdup(get_iptables_jump(rule->jump));
- iptables_rule->chain = g_strdup(get_iptables_chain(rule->classid,
- rule->iotype, rule->app_state, rule->intend));
- if (rule->classid < STC_RESERVED_CLASSID_MAX)
- iptables_rule->classid = STC_UNKNOWN_CLASSID;
- else
- iptables_rule->classid = rule->classid;
- iptables_rule->direction = (rule->iotype & NFACCT_COUNTER_IN) ?
- IPTABLES_DIRECTION_IN : IPTABLES_DIRECTION_OUT;
-
- *iptables_list = g_slist_append(*iptables_list, iptables_rule);
-
- return STC_ERROR_NONE;
-}
-
-static void iptables_list_free(gpointer value)
-{
- iptables_rule_s *iptables_rule = (iptables_rule_s *)value;
-
- g_free(iptables_rule->chain);
- g_free(iptables_rule->nfacct_name);
- g_free(iptables_rule->ifname);
- g_free(iptables_rule->target);
- g_free(iptables_rule);
-}
-
-API stc_error_e produce_net_list(GSList *rule_list,
- nfacct_rule_iptype iptype, nfacct_rule_action action)
-{
- GSList *list = NULL;
- GSList *iptables_list = NULL;
- stc_error_e ret = STC_ERROR_NONE;
-
- for (list = rule_list; list; list = list->next) {
- nfacct_rule_s *rule = list->data;
-
- if (rule->action == NFACCT_ACTION_APPEND &&
- rule->intend == NFACCT_WARN &&
- !rule->send_limit && !rule->rcv_limit)
- continue;
-
- generate_counter_name(rule);
- if (rule->action != NFACCT_ACTION_DELETE) {
- ret = nfacct_send_del(rule);
- if (ret != STC_ERROR_NONE)
- continue;
-
- ret = nfacct_send_new(rule);
- if (ret != STC_ERROR_NONE)
- continue;
- }
-
- append_iptables_cmd(&iptables_list, rule);
- }
-
- if (action == NFACCT_ACTION_INSERT ||
- action == NFACCT_ACTION_APPEND)
- ret = iptables_add_list(iptables_list, iptype);
- else if (action == NFACCT_ACTION_DELETE)
- ret = iptables_remove_list(iptables_list, iptype);
-
- for (list = rule_list; list; list = list->next) {
- nfacct_rule_s *rule = list->data;
-
- if (rule->action == NFACCT_ACTION_DELETE)
- nfacct_send_del(rule);
- }
-
- g_slist_free_full(iptables_list, iptables_list_free);
- return ret;
-}
-
-void generate_counter_name(nfacct_rule_s *counter)
-{
- char warn_symbol = 'c';
- if (!strlen(counter->ifname)) {
- char *iftype_name = get_iftype_name(counter->iftype);
- /* trace counter name, maybe name was already generated */
- ret_msg_if(iftype_name == NULL,
- "Can't get interface name for counter %s, iftype %d)!",
- counter->name, counter->iftype);
- STRING_SAVE_COPY(counter->ifname, iftype_name);
- }
-
- if (counter->intend == NFACCT_WARN ||
- counter->intend == NFACCT_TETH_WARN)
- warn_symbol = 'w';
- else if (counter->intend == NFACCT_BLOCK ||
- counter->intend == NFACCT_TETH_BLOCK)
- warn_symbol = 'r';
- else if (counter->intend == NFACCT_ALLOW ||
- counter->intend == NFACCT_TETH_ALLOW)
- warn_symbol = 'a';
- else if (counter->intend == NFACCT_TETH_COUNTER)
- warn_symbol = 't';
- snprintf(counter->name, NFACCT_NAME_MAX, "%c%d_%d_%d_%s",
- warn_symbol, counter->iotype, counter->iftype,
- counter->classid, counter->ifname);
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_NFACCT_RULE_H__
-#define __STC_NFACCT_RULE_H__
-
-#include "stc-db.h"
-
-#include <stdbool.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include "helper-nl.h"
-
-#define NFACCT_NAME_MAX 64
-
-typedef enum {
- NFACCT_COUNTER_UNKNOWN,
- NFACCT_COUNTER_IN = (1 << 1),
- NFACCT_COUNTER_OUT = (1 << 2),
- NFACCT_COUNTER_FORWARD = (1 << 3),
- NFACCT_COUNTER_LAST_ELEM
-} nfacct_rule_direction;
-
-typedef enum {
- NFACCT_ACTION_UNKNOWN,
- NFACCT_ACTION_APPEND,
- NFACCT_ACTION_DELETE,
- NFACCT_ACTION_INSERT,
- NFACCT_ACTION_LAST_ELEM,
-} nfacct_rule_action;
-
-typedef enum {
- NFACCT_JUMP_UNKNOWN,
- NFACCT_JUMP_ACCEPT,
- NFACCT_JUMP_REJECT,
- NFACCT_JUMP_LAST_ELEM,
-} nfacct_rule_jump;
-
-typedef enum {
- NFACCT_COUNTER,
- NFACCT_WARN,
- NFACCT_BLOCK,
- NFACCT_ALLOW,
- NFACCT_TETH_COUNTER,
- NFACCT_TETH_WARN,
- NFACCT_TETH_BLOCK,
- NFACCT_TETH_ALLOW,
- NFACCT_RULE_LAST_ELEM,
-} nfacct_rule_intend;
-
-typedef enum {
- NFACCT_TYPE_UNKNOWN,
- NFACCT_TYPE_IPV4,
- NFACCT_TYPE_IPV6,
- NFACCT_TYPE_IPV4_IPV6,
- NFACCT_TYPE_LAST_ELEM
-} nfacct_rule_iptype;
-
-typedef enum {
- NFACCT_IPRANGE_TYPE_NONE,
- NFACCT_IPRANGE_TYPE_SINGLE,
- NFACCT_IPRANGE_TYPE_MASK,
- NFACCT_IPRANGE_TYPE_RANGE,
-} nfacct_rule_iprange_type;
-
-enum nfnl_acct_flags {
- NFACCT_F_QUOTA_PKTS = (1 << 0),
- NFACCT_F_QUOTA_BYTES = (1 << 1),
- NFACCT_F_OVERQUOTA = (1 << 2), /* can't be set from userspace */
-};
-
-/**
- * it's better to have
- * base nfacct_rule with following fields:
- * name, ifname, pid, classid, iftype, intend, carg, iptables_rule
- *
- * and inherited nfacct_rule_counter and nfacct_rule_restriction
- * with additional field:
- * quota, quota_id, roaming, rstn_state
- *
- * But ANSI C doesn't support inheritance.
- */
-struct nfacct_rule {
- char name[NFACCT_NAME_MAX];
- char ifname[MAX_IFACE_LENGTH];
-
- pid_t pid;
- uint32_t classid;
- stc_iface_type_e iftype;
- nfacct_rule_action action;
- nfacct_rule_direction iotype;
- nfacct_rule_intend intend;
- nfacct_rule_jump jump; /* in most cases jump is evalutation based on intend, but not always */
- stc_app_state_e app_state;
- stc_rstn_state_e rstn_state;
- nfacct_rule_iptype iptype;
- nfacct_rule_iprange_type src_iprange_type;
- nfacct_rule_iprange_type dst_iprange_type;
- char *src_ip1;
- char *src_ip2;
- char *dst_ip1;
- char *dst_ip2;
-
- struct counter_arg *carg;
- stc_error_e(*iptables_rule)(struct nfacct_rule *counter);
- long long int quota;
- int quota_id;
- stc_roaming_type_e roaming;
-
- long long int send_limit;
- long long int rcv_limit;
-};
-
-typedef struct nfacct_rule nfacct_rule_s;
-
-struct counter_arg;
-
-void generate_counter_name(nfacct_rule_s *counter);
-bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *counter);
-
-stc_error_e nfacct_send_get_all(struct counter_arg *carg);
-stc_error_e produce_net_rule(nfacct_rule_s *rule);
-stc_error_e produce_net_list(GSList *rule_list,
- nfacct_rule_iptype iptype, nfacct_rule_action action);
-
-netlink_serialization_command *
-netlink_create_command(struct netlink_serialization_params *params);
-
-#endif /* __STC_NFACCT_RULE_H__ */
-
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "helper-nl.h"
-
-#include <unistd.h>
-#include <linux/rtnetlink.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-#define NETLINK_SOCK_RETRY_COUNT 3
-
-int __create_netlink(int protocol, uint32_t groups, int retry)
-{
- /**
- * TODO it's one socket, in future make set of sockets
- * unique for protocol and groups
- */
- int sock;
-
- if (retry <= 0)
- return -EINVAL; //LCOV_EXCL_LINE
-
- errno = 0;
- sock = socket(PF_NETLINK, SOCK_RAW, protocol);
- if (sock < 0) {
- STC_LOGE("failed to open socket errno [%d], retry [%d]",
- errno, NETLINK_SOCK_RETRY_COUNT - retry); //LCOV_EXCL_LINE
- return __create_netlink(protocol, groups, --retry); //LCOV_EXCL_LINE
- }
-
- struct sockaddr_nl src_addr = { 0, };
-
- src_addr.nl_family = AF_NETLINK;
- src_addr.nl_groups = groups;
-
- errno = 0;
- if (bind(sock, (struct sockaddr *)&src_addr, sizeof(src_addr)) < 0) {
- STC_LOGE("failed to bind socket errno [%d], retry [%d]",
- errno, NETLINK_SOCK_RETRY_COUNT - retry); //LCOV_EXCL_LINE
- close(sock); //LCOV_EXCL_LINE
- return __create_netlink(protocol, groups, --retry); //LCOV_EXCL_LINE
- }
-
- return sock;
-}
-
-/**
- * create_netlink(): Create netlink socket and returns it.
- * Returns: Created socket on success and -1 on failure.
- */
-API int create_netlink(int protocol, uint32_t groups)
-{
- return __create_netlink(protocol, groups, NETLINK_SOCK_RETRY_COUNT);
-}
-
-void fill_attribute_list(struct rtattr **atb, const int max_len,
- struct rtattr *rt_na, int rt_len)
-{
- int i = 0;
- while (RTA_OK(rt_na, rt_len)) {
- if (rt_na->rta_type <= max_len)
- atb[rt_na->rta_type] = rt_na;
-
- rt_na = RTA_NEXT(rt_na, rt_len);
- ++i;
- if (i >= max_len)
- break;
- }
-}
-
-/* read netlink message from socket
- * return opaque pointer to genl structure
- */
-API int read_netlink(int sock, void *buf, size_t len)
-{
- ssize_t ret;
- struct sockaddr_nl addr;
- struct iovec iov = {
- .iov_base = buf,
- .iov_len = len,
- };
- struct msghdr msg = {
- .msg_name = &addr,
- .msg_namelen = sizeof(struct sockaddr_nl),
- .msg_iov = &iov,
- .msg_iovlen = 1,
- .msg_control = NULL,
- .msg_controllen = 0,
- .msg_flags = 0,
- };
- ret = recvmsg(sock, &msg, 0);
- if (ret == -1)
- return ret; //LCOV_EXCL_LINE
-
- if (msg.msg_flags & MSG_TRUNC) {
- errno = ENOSPC; //LCOV_EXCL_LINE
- return -1; //LCOV_EXCL_LINE
- }
-
- if (msg.msg_namelen != sizeof(struct sockaddr_nl)) {
- errno = EINVAL; //LCOV_EXCL_LINE
- return -1; //LCOV_EXCL_LINE
- }
-
- return ret;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STC_HELPER_NL_H__
-#define __STC_HELPER_NL_H__
-
-//#include "app-stat.h"
-
-#include <stdint.h>
-#include <errno.h>
-#include <sys/socket.h>
-#include <linux/netlink.h>
-#include <linux/genetlink.h>
-#include <linux/rtnetlink.h>
-
-#include "stc-manager.h"
-
-#define NLA_BUF_MAX 65560 /*(65 * 1024) - used in tc_common,
- we'll do the same */
-
-/*TODO: move to common place and rewrite because it's from TC*/
-#define NLMSG_TAIL(nmsg) \
- ((struct rtattr *) (((void *) (nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
-
-/*TODO remove unused code */
-typedef struct {
- struct nlmsghdr n;
- struct tcmsg t;
- char buf[NLA_BUF_MAX];
-} rt_param;
-
-void put_attr(rt_param *arg, int type, const void *data, int data_len);
-
-/*
- * Generic macros for dealing with netlink sockets. Might be duplicated
- * elsewhere. It is recommended that commercial grade applications use
- * libnl or libnetlink and use the interfaces provided by the library
- */
-#define GENLMSG_PAYLOAD(glh) (NLMSG_PAYLOAD(glh, 0) - GENL_HDRLEN)
-#define GENLMSG_DATA(glh) ((void *)(NLMSG_DATA(glh) + GENL_HDRLEN))
-#define NLA_DATA(na) ((void *)((char*)(na) + NLA_HDRLEN))
-
-#define NETLINK_BUF_SIZE 16536
-
-enum nfnl_acct_msg_types {
- NFNL_MSG_ACCT_NEW,
- NFNL_MSG_ACCT_GET,
- NFNL_MSG_ACCT_GET_CTRZERO,
- NFNL_MSG_ACCT_DEL,
- NFNL_MSG_ACCT_MAX
-};
-
-enum nfnl_acct_type {
- NFACCT_UNSPEC,
- NFACCT_NAME,
- NFACCT_PKTS,
- NFACCT_BYTES,
- NFACCT_USE,
- NFACCT_FLAGS,
- NFACCT_QUOTA,
- NFACCT_FILTER,
- __NFACCT_MAX
-};
-
-enum nfnl_attr_filter_type {
- NFACCT_FILTER_ATTR_UNSPEC,
- NFACCT_FILTER_ATTR_MASK,
- NFACCT_FILTER_ATTR_VALUE,
- __NFACCT_FILTER_ATTR_MAX
-};
-
-#define NFACCT_MAX (__NFACCT_MAX - 1)
-
-struct genl {
- struct nlmsghdr n;
- struct genlmsghdr g;
- char buf[NETLINK_BUF_SIZE];
-};
-
-struct netlink_serialization_params {
- int direction;
- struct genl *ans;
- struct counter_arg *carg;
- int (*eval_attr)(struct rtattr *attr_list[__NFACCT_MAX],
- void *user_data);
- int (*post_eval_attr)(void *user_data);
-};
-
-typedef struct {
- void (*deserialize_answer)(struct netlink_serialization_params *params);
- void (*finalize)(struct netlink_serialization_params *params);
- struct netlink_serialization_params params;
-} netlink_serialization_command;
-
-int create_netlink(int protocol, uint32_t groups);
-int read_netlink(int sock, void *buf, size_t len);
-
-void fill_attribute_list(struct rtattr **atb, const int max_len,
- struct rtattr *rt_na, int rt_len);
-
-#endif /* __STC_HELPER_NL_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-/**
- * @file procfs.c
- * @desc wrapper for reading profs information.
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <stdbool.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <dirent.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-
-#include "stc-error.h"
-#include "stc-manager-util.h"
-#include "helper-procfs.h"
-
-#define USRAPPS "/usr/apps/"
-
-API int proc_get_cmdline(pid_t pid, char *cmdline)
-{
- char buf[PROC_BUF_MAX];
- char cmdline_buf[PROC_NAME_MAX];
- char *filename;
- FILE *fp;
- char *token = NULL;
- char *saveptr = NULL;
-
- snprintf(buf, sizeof(buf), "/proc/%d/cmdline", pid);
- fp = fopen(buf, "r");
- if (fp == NULL)
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
-
- if (fgets(cmdline_buf, PROC_NAME_MAX-1, fp) == NULL) {
- fclose(fp); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
- fclose(fp);
-
- if (g_strstr_len(cmdline_buf, strlen(USRAPPS), USRAPPS) != NULL) {
- /* Application */
- filename = cmdline_buf + strlen(USRAPPS);
- token = strtok_r(filename, "/", &saveptr);
- if (token != NULL)
- filename = token;
- } else {
- token = strtok_r(cmdline_buf, " ", &saveptr);
- if (token != NULL)
- filename = strrchr(token, '/');
- else
- filename = strrchr(cmdline_buf, '/');
-
- if (filename == NULL)
- filename = cmdline_buf;
- else
- filename = filename + 1;
- }
-
- strncpy(cmdline, filename, PROC_NAME_MAX - 1);
- cmdline[PROC_NAME_MAX - 1] = '\0';
-
- return STC_ERROR_NONE;
-}
-
-//LCOV_EXCL_START
-pid_t find_pid_from_cmdline(char *cmdline)
-{
- pid_t pid = -1, foundpid = -1;
- int ret = 0;
- DIR *dp;
- struct dirent *dentry;
- char appname[PROC_NAME_MAX];
-
- dp = opendir("/proc");
- if (!dp) {
- STC_LOGE("BACKGRD MANAGE : fail to open /proc");
- return STC_ERROR_FAIL;
- }
-
- while ((dentry = readdir(dp)) != NULL) {
- if (!isdigit(dentry->d_name[0]))
- continue;
-
- pid = atoi(dentry->d_name);
- if (!pid)
- continue;
- ret = proc_get_cmdline(pid, appname);
- if (ret == STC_ERROR_NONE) {
- if (!strncmp(cmdline, appname, strlen(appname)+1)) {
- foundpid = pid;
- break;
- }
- }
- }
- closedir(dp);
- return foundpid;
-}
-
-API void proc_foreach_pid(proc_pid_cb cb, void *user_data)
-{
- pid_t pid = -1;
- int ret = 0;
- DIR *dp;
- struct dirent *dentry;
-
- dp = opendir("/proc");
- if (!dp) {
- STC_LOGE("failed to open /proc");
- return;
- }
-
- while ((dentry = readdir(dp)) != NULL) {
- if (!isdigit(dentry->d_name[0]))
- continue;
-
- pid = atoi(dentry->d_name);
- if (!pid)
- continue;
-
- ret = cb(pid, user_data);
- if (ret == false)
- break;
- }
-
- closedir(dp);
-}
-
-int proc_get_label(pid_t pid, char *label)
-{
- char buf[PROC_BUF_MAX];
- FILE *fp;
-
- snprintf(buf, sizeof(buf), "/proc/%d/attr/current", pid);
- fp = fopen(buf, "r");
- if (fp == NULL)
- return STC_ERROR_FAIL;
-
- if (fgets(label, PROC_NAME_MAX-1, fp) == NULL) {
- fclose(fp);
- return STC_ERROR_FAIL;
- }
- fclose(fp);
- return STC_ERROR_NONE;
-}
-
-int proc_get_exepath(pid_t pid, char *buf, int len)
-{
- char path[PROC_BUF_MAX];
- int ret = 0;
-
- snprintf(path, sizeof(path), "/proc/%d/exe", pid);
- ret = readlink(path, buf, len-1);
- if (ret > 0)
- buf[ret] = '\0';
- else
- buf[0] = '\0';
- return STC_ERROR_NONE;
-}
-
-static int proc_get_data(char *path, char *buf, int len)
-{
- _cleanup_close_ int fd = -1;
- int ret;
-
- fd = open(path, O_RDONLY);
- if (fd < 0)
- return STC_ERROR_FAIL;
-
- ret = read(fd, buf, len-1);
- if (ret < 0) {
- buf[0] = '\0';
- return STC_ERROR_FAIL;
- }
- buf[ret] = '\0';
- return STC_ERROR_NONE;
-}
-
-int proc_get_raw_cmdline(pid_t pid, char *buf, int len)
-{
- char path[PROC_BUF_MAX];
- snprintf(path, sizeof(path), "/proc/%d/cmdline", pid);
- return proc_get_data(path, buf, len);
-}
-//LCOV_EXCL_STOP
-
-API int proc_get_status(pid_t pid, char status[][PROC_BUF_MAX])
-{
- unsigned int i;
- unsigned int index = 0;
- char path[PROC_BUF_MAX];
- char status_buf[PROC_BUF_MAX];
- bool updated[PROC_STATUS_CNT] = {FALSE, };
- FILE *fp;
-
- snprintf(path, sizeof(path), "/proc/%d/status", pid);
- fp = fopen(path, "r");
- if (fp == NULL)
- return STC_ERROR_FAIL;
-
- for (i = 0; i < PROC_STATUS_CNT; ++i) {
- char *token = NULL;
- char *saveptr = NULL;
-
- if (fgets(status_buf, sizeof(status_buf), fp) == NULL) {
- fclose(fp); //LCOV_EXCL_LINE
- return STC_ERROR_FAIL; //LCOV_EXCL_LINE
- }
-
- if (!updated[PROC_STATUS_NAME] && strstr(status_buf,
- PROC_STATUS_NAME_STR))
- index = PROC_STATUS_NAME;
- else if (!updated[PROC_STATUS_STATE] && strstr(status_buf,
- PROC_STATUS_STATE_STR))
- index = PROC_STATUS_STATE;
- else if (!updated[PROC_STATUS_TGID] && strstr(status_buf,
- PROC_STATUS_TGID_STR))
- index = PROC_STATUS_TGID;
- else if (!updated[PROC_STATUS_NGID] && strstr(status_buf,
- PROC_STATUS_NGID_STR))
- index = PROC_STATUS_NGID;
- else if (!updated[PROC_STATUS_PID] && strstr(status_buf,
- PROC_STATUS_PID_STR))
- index = PROC_STATUS_PID;
- else if (!updated[PROC_STATUS_PPID] && strstr(status_buf,
- PROC_STATUS_PPID_STR))
- index = PROC_STATUS_PPID;
- else if (!updated[PROC_STATUS_TRACERPID] && strstr(status_buf,
- PROC_STATUS_TRACERPID_STR))
- index = PROC_STATUS_TRACERPID;
- else
- continue;
-
- token = strtok_r(status_buf, ":", &saveptr);
- if (token != NULL) {
- token = strtok_r(NULL, "\n", &saveptr);
- if (token != NULL) {
- while (isspace((unsigned char)*token))
- token++;
- g_strlcpy(status[index], token,
- sizeof(status[index]));
- updated[index] = TRUE;
- }
- }
- }
- fclose(fp);
-
- return STC_ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef __HELPER_PROCFS_H__
-#define __HELPER_PROCFS_H__
-
-#include <stdio.h>
-
-#define PROC_BUF_MAX 64
-
-typedef bool (*proc_pid_cb)(pid_t pid, void *user_data);
-
-/**
- * @desc get command line from /proc/{pid}/cmdline
- * @return negative value if error
- */
-int proc_get_cmdline(pid_t pid, char *cmdline);
-
-/**
- * @desc find pid with /proc/{pid}/cmdline
- * it returns first entry when many pids have same cmdline
- * @return negative value if error
- */
-pid_t find_pid_from_cmdline(char *cmdline);
-
-/**
- * @desc find pid from /proc
- */
-void proc_foreach_pid(proc_pid_cb cb, void *user_data);
-
-/**
- * @desc get smack subject label from /proc/{pid}/attr/current
- * this label can indicate package name about child processes
- * @return negative value if error or pid doesn't exist
- */
-int proc_get_label(pid_t pid, char *label);
-
-/**
- * @desc get command line from /proc/{pid}/cmdline without any truncation
- * @return negative value if error
- */
-int proc_get_raw_cmdline(pid_t pid, char *buf, int len);
-
-/**
- * @desc get symblolic link about /proc/{pid}/exe
- * @return negative value if error
- */
-int proc_get_exepath(pid_t pid, char *buf, int len);
-
-/**
- * @desc get status from /proc/{pid}/status
- * @return negative value if error
- */
-int proc_get_status(pid_t pid, char status[][PROC_BUF_MAX]);
-
-#endif /*__HELPER_PROCFS_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-db.h"
-#include "table-firewall.h"
-#include "helper-firewall.h"
-#include "stc-firewall.h"
-#include "stc-manager-gdbus.h"
-#include "stc-manager-plugin-firewall.h"
-
-#define FIREWALL_DBUS_ERROR_NAME "net.stc.firewall.Error.Failed"
-
-#define STC_FIREWALL_DBUS_REPLY_ERROR(invocation, err_num) \
- g_dbus_method_invocation_return_dbus_error((invocation), \
- FIREWALL_DBUS_ERROR_NAME, \
- stc_err_strs[-(err_num)])
-
-static const gchar *stc_err_strs[] = {
- "ERROR_NONE",
- "FAIL",
- "DB_FAILED",
- "OUT_OF_MEMORY",
- "INVALID_PARAMETER",
- "NO_DATA",
- "ALREADY_DATA",
- "UNINITIALIZED",
- "PERMISSION_DENIED",
- "NOTIMPL"
-};
-
-gboolean handle_firewall_lock(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_set_keep_alive(TRUE);
-
- stc_plugin_firewall_lock();
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_unlock(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_set_keep_alive(TRUE);
-
- stc_plugin_firewall_unlock();
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_get_lock(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariant *return_parameters = NULL;
- int state = 0;
-
- stc_set_keep_alive(TRUE);
-
- stc_plugin_firewall_get_lock(&state);
-
- return_parameters = g_variant_new("(i)", state);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_add_chain(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- gchar *chain,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- if (chain == NULL) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
- STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- ret = stc_plugin_firewall_add_chain(chain);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_remove_chain(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- gchar *chain,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- if (chain == NULL) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
- STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- ret = stc_plugin_firewall_remove_chain(chain);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_flush_chain(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- gchar *chain,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- if (chain == NULL) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
- STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- ret = stc_plugin_firewall_flush_chain(chain);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_get_all_chain(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
-
- stc_set_keep_alive(TRUE);
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
-
- stc_plugin_firewall_get_all_chain(builder);
-
- return_parameters = g_variant_new("(aa{sv})", builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_set_chain(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- gchar *chain,
- unsigned int target,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- if (chain == NULL ||
- target >= STC_FW_CHAIN_TARGET_MAX) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
- STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- ret = stc_plugin_firewall_set_chain(chain, target);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_unset_chain(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- gchar *chain,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- if (chain == NULL) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
- STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- ret = stc_plugin_firewall_unset_chain(chain);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_add_rule(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- ret = stc_plugin_firewall_add_rule(parameters);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_remove_rule(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- ret = stc_plugin_firewall_remove_rule(parameters);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_update_rule(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- ret = stc_plugin_firewall_update_rule(parameters);
- if (ret != STC_ERROR_NONE) {
- STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_firewall_get_all_rule(StcFirewall *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
-
- stc_set_keep_alive(TRUE);
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
-
- stc_plugin_firewall_get_all_rule(builder);
-
- return_parameters = g_variant_new("(aa{sv})", builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-manager-gdbus.h"
-#include "stc-manager.h"
-#include "stc-statistics.h"
-#include "stc-restriction.h"
-#include "stc-firewall.h"
-#include "stc-pcap.h"
-#include "stc-manager-util.h"
-#include "stc-manager-plugin-appstatus.h"
-#include "stc-manager-plugin-procfs.h"
-#include "stc-manager-plugin-monitor.h"
-#include "stc-manager-plugin-firewall.h"
-#include "helper-iptables.h"
-
-#define MANAGER_DBUS_ERROR_NAME "net.stc.manager.Error.Failed"
-
-#define STC_MANAGER_DBUS_REPLY_ERROR(invocation, err_num) \
- g_dbus_method_invocation_return_dbus_error((invocation), \
- MANAGER_DBUS_ERROR_NAME, \
- stc_err_strs[-(err_num)])
-
-static const gchar *stc_err_strs[] = {
- "ERROR_NONE",
- "FAIL",
- "DB_FAILED",
- "OUT_OF_MEMORY",
- "INVALID_PARAMETER",
- "NO_DATA",
- "ALREADY_DATA",
- "UNINITIALIZED",
- "PERMISSION_DENIED",
- "NOTIMPL"
-};
-
-static gboolean __stc_manager_gdbus_statistics_init(stc_s *stc)
-{
- __STC_LOG_FUNC_ENTER__;
- gboolean ret = TRUE;
- gchar *s = NULL;
-
- StcObjectSkeleton *object = NULL;
- StcStatistics *statistics = NULL;
- s = g_strdup_printf(STC_DBUS_SERVICE_STATISTICS_PATH);
-
- /* Add interface to default object path */
- object = stc_object_skeleton_new(s);
- g_free(s);
-
- /* Make the newly created object export the interface
- * net.stc.statistics (note
- * that @object takes its own reference to @statistics).
- */
-
- statistics = stc_statistics_skeleton_new();
- stc_object_skeleton_set_statistics(object, statistics);
- g_object_unref(statistics);
-
- /* Register for method callbacks as signal callbacks */
-
- g_signal_connect(statistics, "handle-init",
- G_CALLBACK(handle_statistics_init),
- stc);
-
- g_signal_connect(statistics, "handle-get",
- G_CALLBACK(handle_statistics_get),
- stc);
-
- g_signal_connect(statistics, "handle-get-all",
- G_CALLBACK(handle_statistics_get_all),
- stc);
-
- g_signal_connect(statistics, "handle-reset",
- G_CALLBACK(handle_statistics_reset),
- stc);
-
- /* Export the object (@manager takes its own reference to @object) */
- g_dbus_object_manager_server_export(stc->obj_mgr,
- G_DBUS_OBJECT_SKELETON(object));
- g_object_unref(object);
-
- stc->statistics_obj = (gpointer)statistics;
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-static gboolean __stc_manager_gdbus_restriction_init(stc_s *stc)
-{
- __STC_LOG_FUNC_ENTER__;
- gboolean ret = TRUE;
- gchar *s = NULL;
-
- StcObjectSkeleton *object = NULL;
- StcRestriction *restriction = NULL;
- s = g_strdup_printf(STC_DBUS_SERVICE_RESTRICTION_PATH);
-
- /* Add interface to default object path */
- object = stc_object_skeleton_new(s);
- g_free(s);
-
- /* Make the newly created object export the interface
- * net.stc.restriction (note
- * that @object takes its own reference to @restriction).
- */
-
- restriction = stc_restriction_skeleton_new();
- stc_object_skeleton_set_restriction(object, restriction);
- g_object_unref(restriction);
-
- /* Register for method callbacks as signal callbacks */
-
- g_signal_connect(restriction, "handle-set",
- G_CALLBACK(handle_restriction_set), stc);
-
- g_signal_connect(restriction, "handle-get",
- G_CALLBACK(handle_restriction_get), stc);
-
- g_signal_connect(restriction, "handle-get-all",
- G_CALLBACK(handle_restriction_get_all), stc);
-
- g_signal_connect(restriction, "handle-get-type",
- G_CALLBACK(handle_restriction_get_type),
- stc);
-
- g_signal_connect(restriction, "handle-unset",
- G_CALLBACK(handle_restriction_unset), stc);
-
- g_signal_connect(restriction, "handle-set-list",
- G_CALLBACK(handle_restriction_set_list), stc);
-
- g_signal_connect(restriction, "handle-unset-list",
- G_CALLBACK(handle_restriction_unset_list), stc);
-
- /* Export the object (@manager takes its own reference to @object) */
- g_dbus_object_manager_server_export(stc->obj_mgr,
- G_DBUS_OBJECT_SKELETON(object));
- g_object_unref(object);
-
- stc->restriction_obj = (gpointer)restriction;
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-static gboolean __stc_manager_gdbus_firewall_init(stc_s *stc)
-{
- __STC_LOG_FUNC_ENTER__;
- gboolean ret = TRUE;
- gchar *s = NULL;
-
- StcObjectSkeleton *object = NULL;
- StcFirewall *firewall = NULL;
- s = g_strdup_printf(STC_DBUS_SERVICE_FIREWALL_PATH);
-
- /* Add interface to default object path */
- object = stc_object_skeleton_new(s);
- g_free(s);
-
- firewall = stc_firewall_skeleton_new();
- stc_object_skeleton_set_firewall(object, firewall);
- g_object_unref(firewall);
-
- /* Register for method callbacks as signal callbacks */
-
- g_signal_connect(firewall, "handle-lock",
- G_CALLBACK(handle_firewall_lock),
- stc);
-
- g_signal_connect(firewall, "handle-unlock",
- G_CALLBACK(handle_firewall_unlock),
- stc);
-
- g_signal_connect(firewall, "handle-get-lock",
- G_CALLBACK(handle_firewall_get_lock),
- stc);
-
- g_signal_connect(firewall, "handle-add-chain",
- G_CALLBACK(handle_firewall_add_chain),
- stc);
-
- g_signal_connect(firewall, "handle-remove-chain",
- G_CALLBACK(handle_firewall_remove_chain),
- stc);
-
- g_signal_connect(firewall, "handle-flush-chain",
- G_CALLBACK(handle_firewall_flush_chain),
- stc);
-
- g_signal_connect(firewall, "handle-get-all-chain",
- G_CALLBACK(handle_firewall_get_all_chain),
- stc);
-
- g_signal_connect(firewall, "handle-set-chain",
- G_CALLBACK(handle_firewall_set_chain),
- stc);
-
- g_signal_connect(firewall, "handle-unset-chain",
- G_CALLBACK(handle_firewall_unset_chain),
- stc);
-
- g_signal_connect(firewall, "handle-add-rule",
- G_CALLBACK(handle_firewall_add_rule),
- stc);
-
- g_signal_connect(firewall, "handle-remove-rule",
- G_CALLBACK(handle_firewall_remove_rule),
- stc);
-
- g_signal_connect(firewall, "handle-update-rule",
- G_CALLBACK(handle_firewall_update_rule),
- stc);
-
- g_signal_connect(firewall, "handle-get-all-rule",
- G_CALLBACK(handle_firewall_get_all_rule),
- stc);
-
- /* Export the object (@manager takes its own reference to @object) */
- g_dbus_object_manager_server_export(stc->obj_mgr,
- G_DBUS_OBJECT_SKELETON(object));
- g_object_unref(object);
-
- stc->firewall_obj = (gpointer)firewall;
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-static gboolean __stc_manager_gdbus_pcap_init(stc_s *stc)
-{
- __STC_LOG_FUNC_ENTER__;
- gboolean ret = TRUE;
- gchar *s = NULL;
-
- StcObjectSkeleton *object = NULL;
- StcPcap *pcap = NULL;
- s = g_strdup_printf(STC_DBUS_SERVICE_PCAP_PATH);
-
- /* Add interface to default object path */
- object = stc_object_skeleton_new(s);
- g_free(s);
-
- pcap = stc_pcap_skeleton_new();
- stc_object_skeleton_set_pcap(object, pcap);
- g_object_unref(pcap);
-
- /* Register for method callbacks as signal callbacks */
-
- g_signal_connect(pcap, "handle-start",
- G_CALLBACK(handle_pcap_start),
- stc);
-
- g_signal_connect(pcap, "handle-stop",
- G_CALLBACK(handle_pcap_stop),
- stc);
-
- g_signal_connect(pcap, "handle-get-all",
- G_CALLBACK(handle_pcap_get_all),
- stc);
-
- g_signal_connect(pcap, "handle-find-all-devs",
- G_CALLBACK(handle_pcap_find_all_devs),
- stc);
-
- /* Export the object (@manager takes its own reference to @object) */
- g_dbus_object_manager_server_export(stc->obj_mgr,
- G_DBUS_OBJECT_SKELETON(object));
- g_object_unref(object);
-
- stc->pcap_obj = (gpointer)pcap;
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-static gboolean __stc_manager_gdbus_manager_init(stc_s *stc)
-{
- __STC_LOG_FUNC_ENTER__;
- gboolean ret = TRUE;
- gchar *s = NULL;
-
- StcObjectSkeleton *object = NULL;
- StcManager *manager = NULL;
- s = g_strdup_printf(STC_DBUS_SERVICE_MANAGER_PATH);
-
- object = stc_object_skeleton_new(s);
- g_free(s);
-
- manager = stc_manager_skeleton_new();
- stc_object_skeleton_set_manager(object, manager);
- g_object_unref(manager);
-
- g_signal_connect(manager, "handle-stop",
- G_CALLBACK(handle_manager_stop), stc);
-
- g_signal_connect(manager, "handle-commit-iptables",
- G_CALLBACK(handle_manager_commit_iptables), stc);
-
- g_signal_connect(manager, "handle-commit-ip6tables",
- G_CALLBACK(handle_manager_commit_ip6tables), stc);
-
- g_dbus_object_manager_server_export(stc->obj_mgr,
- G_DBUS_OBJECT_SKELETON(object));
- g_object_unref(object);
-
- stc->manager_obj = (gpointer)manager;
-
- __STC_LOG_FUNC_EXIT__;
- return ret;
-}
-
-
-static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection,
- const gchar *name,
- gpointer user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- stc_s* stc = (stc_s*)user_data;
-
- stc->obj_mgr = g_dbus_object_manager_server_new("/net/stc");
-
- STC_LOGD("path : %s", name);
-
- stc->connection = connection;
-
- if (__stc_manager_gdbus_statistics_init(stc) == FALSE) {
- STC_LOGE("Can not signal connect to statistics"); //LCOV_EXCL_LINE
- /* Deinitialize and quit manager */
- }
-
- if (__stc_manager_gdbus_restriction_init(stc) == FALSE) {
- STC_LOGE("Cannot signal connect to restriction"); //LCOV_EXCL_LINE
- /* Deinitialize and quit manager */
- }
-
- if (__stc_manager_gdbus_firewall_init(stc) == FALSE) {
- STC_LOGE("Cannot signal connect to firewall"); //LCOV_EXCL_LINE
- /* Deinitialize and quit manager */
- }
-
- if (__stc_manager_gdbus_pcap_init(stc) == FALSE) {
- STC_LOGE("Cannot signal connect to pcap"); //LCOV_EXCL_LINE
- /* Deinitialize and quit manager */
- }
-
- if (__stc_manager_gdbus_manager_init(stc) == FALSE) {
- STC_LOGE("Cannot signal connect to manager"); //LCOV_EXCL_LINE
- /* Deinitialize and quit manager */
- }
-
- g_dbus_object_manager_server_set_connection(stc->obj_mgr,
- stc->connection);
-
- iptables_init();
- stc_plugin_firewall_update();
- stc_plugin_monitor_init_connection(stc);
-
- stc_plugin_appstatus_register_state_changed_cb(stc,
- stc_plugin_procfs_app_status_changed, NULL);
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-static void __stc_manager_gdbus_on_name_acquired(GDBusConnection *connection,
- const gchar *name,
- gpointer user_data)
-{
- STC_LOGD("name : %s", name);
-}
-
-//LCOV_EXCL_START
-static void __stc_manager_gdbus_on_name_lost(GDBusConnection *connection,
- const gchar *name,
- gpointer user_data)
-{
- STC_LOGD("name : %s", name);
-}
-//LCOV_EXCL_STOP
-
-void stc_manager_gdbus_init(gpointer stc_data)
-{
- __STC_LOG_FUNC_ENTER__;
- stc_s *stc = (stc_s *)stc_data;
-
- stc->gdbus_owner_id = g_bus_own_name(G_BUS_TYPE_SYSTEM,
- STC_DBUS_SERVICE,
- G_BUS_NAME_OWNER_FLAGS_NONE,
- __stc_manager_gdbus_on_bus_acquired,
- __stc_manager_gdbus_on_name_acquired,
- __stc_manager_gdbus_on_name_lost,
- stc,
- NULL);
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-void stc_manager_gdbus_deinit(gpointer stc_data)
-{
- __STC_LOG_FUNC_ENTER__;
- stc_s *stc = (stc_s *)stc_data;
-
- stc_plugin_appstatus_deregister_state_changed_cb(stc);
- stc_plugin_monitor_deinit_connection(stc);
-
- g_bus_unown_name(stc->gdbus_owner_id);
-
- stc->statistics_obj = NULL;
- stc->restriction_obj = NULL;
- stc->firewall_obj = NULL;
- stc->pcap_obj = NULL;
- stc->manager_obj = NULL;
- __STC_LOG_FUNC_EXIT__;
-}
-
-API GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection,
- const char *dest, const char *path,
- const char *interface_name,
- const char *method, GVariant *params)
-{
- GError *error = NULL;
- GVariant *reply = NULL;
-
- if (connection == NULL) {
- STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
- return reply; //LCOV_EXCL_LINE
- }
-
- reply = g_dbus_connection_call_sync(connection,
- dest,
- path,
- interface_name,
- method,
- params,
- NULL,
- G_DBUS_CALL_FLAGS_NONE,
- (5 * 1000), /* 5 seconds timeout */
- NULL,
- &error);
-
- if (reply == NULL) {
- if (error != NULL) {
- STC_LOGE("g_dbus_connection_call_sync() failed" //LCOV_EXCL_LINE
- " error [%d: %s]", error->code, error->message);
- g_error_free(error); //LCOV_EXCL_LINE
- } else {
- STC_LOGE("g_dbus_connection_call_sync() failed"); //LCOV_EXCL_LINE
- }
-
- return NULL;
- }
-
- return reply;
-}
-
-API int stc_manager_gdbus_call_async(GDBusConnection *connection,
- const char *dest, const char *path,
- const char *interface_name,
- const char *method, GVariant *params,
- GAsyncReadyCallback notify_func,
- void *user_data)
-{
- if (connection == NULL) {
- STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
- return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
- }
-
- g_dbus_connection_call(connection,
- dest,
- path,
- interface_name,
- method,
- params,
- NULL,
- G_DBUS_CALL_FLAGS_NONE,
- (5 * 1000), /* 5 seconds timeout */
- NULL,
- (GAsyncReadyCallback)notify_func,
- (gpointer)user_data);
-
- return STC_ERROR_NONE;
-}
-
-API guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection,
- const gchar *sender,
- const gchar *interface_name,
- const gchar *member,
- const gchar *object_path,
- const gchar *arg0,
- GDBusSignalFlags flags,
- GDBusSignalCallback callback,
- gpointer user_data,
- GDestroyNotify user_data_free_func)
-{
- if (connection == NULL) {
- STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
- return 0; //LCOV_EXCL_LINE
- }
-
- return g_dbus_connection_signal_subscribe(connection,
- sender,
- interface_name,
- member,
- object_path,
- NULL,
- G_DBUS_SIGNAL_FLAGS_NONE,
- callback,
- user_data,
- user_data_free_func);
-}
-
-API void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection,
- guint subscription_id)
-{
- if (connection == NULL) {
- STC_LOGE("Failed to get GDBusconnection"); //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- g_dbus_connection_signal_unsubscribe(connection, subscription_id);
-}
-
-API void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
-
- gchar *key = NULL;
- GVariant *value = NULL;
-
- if (!cb) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- while (g_variant_iter_loop(iter, "{sv}", &key, &value)) {
- /* DEBUG_GDBUS_KEY_VALUE(key, value); */
- if (key)
- cb(key, value, user_data);
- }
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-API gboolean stc_manager_dbus_emit_signal(GDBusConnection *connection,
- const gchar *object_path,
- const gchar *interface_name,
- const gchar *signal_name,
- GVariant *parameters)
-{
- gboolean rv = FALSE;
- GError *error = NULL;
-
- if (connection == NULL) {
- STC_LOGE("GDBusconnection is NULL"); //LCOV_EXCL_LINE
- return 0;
- }
-
- DEBUG_GDBUS_VARIANT("Signal params: ", parameters);
-
- rv = g_dbus_connection_emit_signal(connection,
- NULL,
- object_path,
- interface_name,
- signal_name,
- parameters,
- &error);
- if (rv != TRUE) {
- STC_LOGE("Failed to emit signal [%s] interface [%s] Error [%s]", //LCOV_EXCL_LINE
- signal_name, interface_name, error->message);
- g_error_free(error); //LCOV_EXCL_LINE
- } else {
- STC_LOGD("[%s] signal sent on [%s] interface", signal_name,
- interface_name);
- }
-
- return rv;
-}
-
-gboolean handle_manager_stop(StcManager *object,
- GDBusMethodInvocation *invocation)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariant *return_parameters = NULL;
-
- stc_set_keep_alive(TRUE);
-
- STC_LOGI("stc manager stop");
-
- return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
-
- stc_stop_manager();
-
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_manager_commit_iptables(StcManager *object,
- GDBusMethodInvocation *invocation,
- const gchar *option,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariant *return_parameters = NULL;
- int ret = STC_ERROR_NONE;
- int err_num = 0;
- char *err_str = NULL;
- char cmd[STC_CMD_SIZE] = { 0, };
-
- stc_set_keep_alive(TRUE);
-
- if (option == NULL) {
- STC_MANAGER_DBUS_REPLY_ERROR(invocation,
- STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_LOGD("[%s]", option);
- g_snprintf(cmd, STC_CMD_SIZE, "%s %s", STC_IPTABLES, option);
-
- ret = stc_commit_iptables(cmd, &err_num, &err_str);
-
- return_parameters = g_variant_new("(iis)", ret, err_num, err_str);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
-
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_manager_commit_ip6tables(StcManager *object,
- GDBusMethodInvocation *invocation,
- const gchar *option,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariant *return_parameters = NULL;
- int ret = STC_ERROR_NONE;
- int err_num = 0;
- char *err_str = NULL;
- char cmd[STC_CMD_SIZE] = { 0, };
-
- stc_set_keep_alive(TRUE);
-
- if (option == NULL) {
- STC_MANAGER_DBUS_REPLY_ERROR(invocation,
- STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
- }
-
- STC_LOGD("[%s]", option);
- g_snprintf(cmd, STC_CMD_SIZE, "%s %s", STC_IP6TABLES, option);
-
- ret = stc_commit_iptables(cmd, &err_num, &err_str);
-
- return_parameters = g_variant_new("(iis)", ret, err_num, err_str);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
-
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dlfcn.h>
-
-#include "stc-manager.h"
-#include "stc-manager-plugin-appstatus.h"
-
-static gboolean stc_plugin_enabled = FALSE;
-static void *handle_plugin;
-static stc_plugin_appstatus_s *stc_plugin;
-
-//LCOV_EXCL_START
-int stc_plugin_appstatus_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- handle_plugin = dlopen(STC_PLUGIN_APPSTATUS_FILEPATH, RTLD_NOW);
- if (!handle_plugin) {
- STC_LOGE("Can't load %s: %s", STC_PLUGIN_APPSTATUS_FILEPATH, dlerror());
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin = dlsym(handle_plugin, "stc_plugin_appstatus");
- if (!stc_plugin) {
- STC_LOGE("Can't load symbol: %s", dlerror());
- dlclose(handle_plugin);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin_enabled = TRUE;
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-int stc_plugin_appstatus_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_plugin_enabled) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin_enabled = FALSE;
- dlclose(handle_plugin);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_appstatus_send_message(const char *content,
- const char *type, const char *app_id, const char *iftype, const char *limit)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->send_message_to_net_popup(content,
- type, app_id, iftype, limit);
-}
-
-int stc_plugin_appstatus_register_state_changed_cb(stc_s *stc,
- stc_plugin_app_state_changed_cb cb, void *data)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->register_state_changed_cb(stc, cb, data);
-}
-
-int stc_plugin_appstatus_deregister_state_changed_cb(stc_s *stc)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->deregister_state_changed_cb(stc);
-}
-//LCOV_EXCL_STOP
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dlfcn.h>
-
-#include "stc-manager.h"
-#include "stc-manager-plugin-exception.h"
-
-static gboolean stc_plugin_enabled = FALSE;
-static void *handle_plugin;
-static stc_plugin_exception_s *stc_plugin;
-
-//LCOV_EXCL_START
-API int stc_plugin_exception_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- handle_plugin = dlopen(STC_PLUGIN_EXCEPTION_FILEPATH, RTLD_NOW);
- if (!handle_plugin) {
- STC_LOGE("Can't load %s: %s", STC_PLUGIN_EXCEPTION_FILEPATH, dlerror());
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin = dlsym(handle_plugin, "stc_plugin_exception");
- if (!stc_plugin) {
- STC_LOGE("Can't load symbol: %s", dlerror());
- dlclose(handle_plugin);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->initialize_plugin();
- stc_plugin_enabled = TRUE;
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_exception_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_plugin_enabled) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->deinitialize_plugin();
- stc_plugin_enabled = FALSE;
- dlclose(handle_plugin);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_fill_exception_list(void)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->fill_exception_list();
-}
-
-API int stc_plugin_update_exception_list(void)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->update_exception_list();
-}
-
-API int stc_plugin_check_exception_by_cmdline(char *cmdline)
-{
- if (!stc_plugin_enabled)
- return STC_ERROR_UNINITIALIZED;
-
- if (!stc_plugin)
- return STC_ERROR_UNINITIALIZED;
-
- return stc_plugin->check_exception_by_cmdline(cmdline);
-}
-//LCOV_EXCL_STOP
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dlfcn.h>
-
-#include "stc-manager.h"
-#include "stc-manager-plugin-firewall.h"
-
-static gboolean stc_plugin_enabled = FALSE;
-static void *handle_plugin;
-static stc_plugin_firewall_s *stc_plugin;
-
-//LCOV_EXCL_START
-int stc_plugin_firewall_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- handle_plugin = dlopen(STC_PLUGIN_FIREWALL_FILEPATH, RTLD_NOW);
- if (!handle_plugin) {
- STC_LOGE("Can't load %s: %s", STC_PLUGIN_FIREWALL_FILEPATH, dlerror());
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin = dlsym(handle_plugin, "stc_plugin_firewall");
- if (!stc_plugin) {
- STC_LOGE("Can't load symbol: %s", dlerror());
- dlclose(handle_plugin);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->initialize_plugin();
- stc_plugin_enabled = TRUE;
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-int stc_plugin_firewall_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_plugin_enabled)
- return STC_ERROR_UNINITIALIZED;
-
- stc_plugin->deinitialize_plugin();
- stc_plugin_enabled = FALSE;
- dlclose(handle_plugin);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-int stc_plugin_firewall_lock(void)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->lock_firewall();
-}
-
-int stc_plugin_firewall_unlock(void)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->unlock_firewall();
-}
-
-
-int stc_plugin_firewall_get_lock(int *state)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->get_lock_firewall(state);
-}
-
-API int stc_plugin_firewall_update(void)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->update_firewall();
-}
-
-int stc_plugin_firewall_add_chain(char *chain)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->add_chain(chain);
-}
-
-int stc_plugin_firewall_remove_chain(char *chain)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->remove_chain(chain);
-}
-
-int stc_plugin_firewall_flush_chain(char *chain)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->flush_chain(chain);
-}
-
-int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->get_all_chain(builder);
-}
-
-int stc_plugin_firewall_set_chain(char *chain, uint target)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->set_chain(chain, target);
-}
-
-int stc_plugin_firewall_unset_chain(char *chain)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->unset_chain(chain);
-}
-
-int stc_plugin_firewall_add_rule(GVariant *params)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->add_rule(params);
-}
-
-int stc_plugin_firewall_remove_rule(GVariant *params)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->remove_rule(params);
-}
-
-int stc_plugin_firewall_update_rule(GVariant *params)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->update_rule(params);
-}
-
-int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->get_all_rule(builder);
-}
-//LCOV_EXCL_STOP
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dlfcn.h>
-
-#include "stc-manager.h"
-#include "stc-manager-plugin-monitor.h"
-
-static gboolean stc_plugin_enabled = FALSE;
-static void *handle_plugin;
-static stc_plugin_monitor_s *stc_plugin;
-
-//LCOV_EXCL_START
-API int stc_plugin_monitor_init(stc_manager_stop_cb stop_cb)
-{
- __STC_LOG_FUNC_ENTER__;
-
- handle_plugin = dlopen(STC_PLUGIN_MONITOR_FILEPATH, RTLD_NOW);
- if (!handle_plugin) {
- STC_LOGE("Can't load %s: %s", STC_PLUGIN_MONITOR_FILEPATH, dlerror());
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin = dlsym(handle_plugin, "stc_plugin_monitor");
- if (!stc_plugin) {
- STC_LOGE("Can't load symbol: %s", dlerror());
- dlclose(handle_plugin);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->initialize_plugin(stop_cb);
- stc_plugin_enabled = TRUE;
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_monitor_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_plugin_enabled)
- return STC_ERROR_UNINITIALIZED;
-
- stc_plugin->deinitialize_plugin();
- stc_plugin_enabled = FALSE;
- dlclose(handle_plugin);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_monitor_add_app(uint32_t classid,
- const char *app_id,
- const char *pkg_id,
- const stc_app_value_s value)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->add_application(classid, app_id, pkg_id, value);
-}
-
-API int stc_plugin_monitor_remove_app(uint32_t classid,
- const char *app_id)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->remove_application(classid, app_id);
-}
-
-API int stc_plugin_monitor_lookup_app(uint32_t classid)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->lookup_application(classid);
-}
-
-API int stc_plugin_monitor_add_rstn(table_restrictions_info *info)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->add_restriction(info);
-}
-
-API int stc_plugin_monitor_remove_rstn(table_restrictions_info *info)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->remove_restriction(info);
-}
-
-API int stc_plugin_monitor_init_connection(stc_s *stc)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->init_connection(stc);
-}
-
-API int stc_plugin_monitor_deinit_connection(stc_s *stc)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->deinit_connection(stc);
-}
-
-API int stc_plugin_monitor_add_proc(uint32_t classid,
- const char *app_id, const stc_proc_value_s value)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->add_process(classid, app_id, value);
-}
-
-API int stc_plugin_monitor_remove_proc(uint32_t classid, pid_t pid)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->remove_process(classid, pid);
-}
-
-API int stc_plugin_monitor_move_proc(uint32_t from, uint32_t to)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->move_process(from, to);
-}
-
-API int stc_plugin_monitor_update_proc_ground(uint32_t classid,
- const char *app_id, const stc_proc_value_s value)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->update_process_ground(classid, app_id, value);
-}
-//LCOV_EXCL_STOP
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dlfcn.h>
-
-#include "stc-manager.h"
-#include "stc-manager-plugin-pcap.h"
-
-static gboolean stc_plugin_enabled = FALSE;
-static void *handle_plugin;
-static stc_plugin_pcap_s *stc_plugin;
-
-//LCOV_EXCL_START
-int stc_plugin_pcap_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- handle_plugin = dlopen(STC_PLUGIN_PCAP_FILEPATH, RTLD_NOW);
- if (!handle_plugin) {
- STC_LOGE("Can't load %s: %s", STC_PLUGIN_PCAP_FILEPATH, dlerror());
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin = dlsym(handle_plugin, "stc_plugin_pcap");
- if (!stc_plugin) {
- STC_LOGE("Can't load symbol: %s", dlerror());
- dlclose(handle_plugin);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->initialize_plugin();
- stc_plugin_enabled = TRUE;
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-int stc_plugin_pcap_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_plugin_enabled) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->deinitialize_plugin();
- stc_plugin_enabled = FALSE;
- dlclose(handle_plugin);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-int stc_plugin_pcap_lookup_dev(void)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->lookup_dev();
-}
-
-int stc_plugin_pcap_lookup_net(void)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->lookup_net();
-}
-
-int stc_plugin_pcap_find_all_devs(GVariantBuilder *builder)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->find_all_devs(builder);
-}
-
-int stc_plugin_pcap_register_loop(const char *ifname,
- int nflog_group)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->register_loop(ifname, nflog_group);
-}
-
-int stc_plugin_pcap_unregister_loop(const char *ifname,
- int nflog_group)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->unregister_loop(ifname, nflog_group);
-}
-
-int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder)
-{
- if (!stc_plugin_enabled) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't enabled");
- return STC_ERROR_UNINITIALIZED;
- }
-
- if (!stc_plugin) {
- if (STC_DEBUG_LOG)
- STC_LOGE("Plugin wasn't loaded");
- return STC_ERROR_UNINITIALIZED;
- }
-
- return stc_plugin->get_all_loop(builder);
-}
-//LCOV_EXCL_STOP
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dlfcn.h>
-
-#include "stc-manager.h"
-#include "stc-manager-plugin-procfs.h"
-
-static gboolean stc_plugin_enabled = FALSE;
-static void *handle_plugin;
-static stc_plugin_procfs_s *stc_plugin;
-
-//LCOV_EXCL_START
-int stc_plugin_procfs_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- handle_plugin = dlopen(STC_PLUGIN_PROCFS_FILEPATH, RTLD_NOW);
- if (!handle_plugin) {
- STC_LOGE("Can't load %s: %s", STC_PLUGIN_PROCFS_FILEPATH, dlerror());
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin = dlsym(handle_plugin, "stc_plugin_procfs");
- if (!stc_plugin) {
- STC_LOGE("Can't load symbol: %s", dlerror());
- dlclose(handle_plugin);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->initialize_plugin();
- stc_plugin_enabled = TRUE;
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-int stc_plugin_procfs_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_plugin_enabled) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- stc_plugin->deinitialize_plugin();
- stc_plugin_enabled = FALSE;
- dlclose(handle_plugin);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-stc_error_e stc_plugin_procfs_load_pid(void)
-{
- if (!stc_plugin_enabled)
- return STC_ERROR_UNINITIALIZED;
-
- if (!stc_plugin)
- return STC_ERROR_UNINITIALIZED;
-
- return stc_plugin->procfs_load();
-}
-
-stc_error_e stc_plugin_procfs_app_status_changed(stc_cmd_type_e cmd,
- pid_t pid, const gchar *app_id, const gchar *pkg_id, stc_app_type_e app_type)
-{
- if (!stc_plugin_enabled)
- return STC_ERROR_UNINITIALIZED;
-
- if (!stc_plugin)
- return STC_ERROR_UNINITIALIZED;
-
- return stc_plugin->procfs_status_changed(cmd, pid, app_id, pkg_id, app_type);
-}
-//LCOV_EXCL_STOP
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <dlfcn.h>
-
-#include "stc-manager.h"
-#include "stc-manager-plugin-tether.h"
-
-static gboolean stc_tether_plugin_enabled = FALSE;
-static void *tether_plugin_handle;
-static stc_plugin_tether_s *plugin;
-
-int stc_plugin_tether_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- tether_plugin_handle = dlopen(STC_PLUGIN_TETHER_FILEPATH, RTLD_NOW);
- if (!tether_plugin_handle) {
- STC_LOGE("Can't load %s: %s", STC_PLUGIN_TETHER_FILEPATH, dlerror());
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- plugin = dlsym(tether_plugin_handle, "tether_plugin");
- if (!plugin) {
- STC_LOGE("Can't load symbol: %s", dlerror());
- dlclose(tether_plugin_handle);
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- plugin->init();
- stc_tether_plugin_enabled = TRUE;
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-int stc_plugin_tether_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_tether_plugin_enabled) {
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_UNINITIALIZED;
- }
-
- plugin->deinit();
- stc_tether_plugin_enabled = FALSE;
- dlclose(tether_plugin_handle);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr)
-{
- char ip[INET_ADDRSTRLEN+1];
-
- if (!stc_tether_plugin_enabled ||
- mac == NULL || ipaddr == NULL) {
- if (STC_DEBUG_LOG)
- STC_LOGE("invalid args");
- return STC_ERROR_INVALID_PARAMETER;
- }
-
- memset(ip, 0, sizeof(ip));
-
- if (plugin->get_station_ip(mac, ip) != STC_ERROR_NONE)
- return STC_ERROR_FAIL;
-
- *ipaddr = g_strdup(ip);
- STC_LOGI("station ip(%s)", *ipaddr);
-
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_tether_get_station_by_classid(const int classid, char **mac)
-{
- __STC_LOG_FUNC_ENTER__;
- char mac_addr[STATION_MAC_STR_LEN+1];
-
- if (!stc_tether_plugin_enabled || mac == NULL) {
- if (STC_DEBUG_LOG)
- STC_LOGE("invalid args");
- return STC_ERROR_INVALID_PARAMETER;
- }
-
- memset(mac_addr, 0, sizeof(mac_addr));
-
- if (plugin->get_station_by_classid(classid, mac_addr) != STC_ERROR_NONE)
- return STC_ERROR_FAIL;
-
- *mac = g_strdup(mac_addr);
- STC_LOGI("station mac(%s)", *mac);
-
- return STC_ERROR_NONE;
-}
-
-API int stc_plugin_tether_set_station_classid(const char *mac, int classid)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!stc_tether_plugin_enabled || mac == NULL) {
- if (STC_DEBUG_LOG)
- STC_LOGE("invalid args");
- return STC_ERROR_INVALID_PARAMETER;
- }
-
- if (plugin->set_station_classid(mac, classid) != STC_ERROR_NONE)
- return STC_ERROR_FAIL;
-
- STC_LOGI("classid(%d) for station mac(%s) is set successfully",
- classid, mac);
-
- return STC_ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-manager-util.h"
-
-typedef struct {
- int state;
- char *key;
-} log_info_s;
-
-log_info_s g_log_info[] = {
- {-1, INFO_DEBUG_LOG},
- {-1, INFO_STAT_LOG},
- {-1, INFO_RSTN_LOG},
- {-1, INFO_FW_LOG},
- {-1, INFO_PCAP_LOG},
-};
-
-static void __sync_file_to_disk(const char *path)
-{
- FILE *fp = NULL;
- fp = fopen(path, "a+");
- if (fp) {
- fflush(fp);
- fsync(fp->_fileno);
- fclose(fp);
- STC_LOGD("Sync the file to disk");
- }
-}
-
-static GKeyFile *__load_key_file(const char *path)
-{
- GKeyFile *keyfile = NULL;
- GError *error = NULL;
-
- STC_LOGD("Loading [%s]", path);
-
- keyfile = g_key_file_new();
-
- if (!g_key_file_load_from_file(keyfile, path, 0, &error)) {
- STC_LOGD("Unable to load [%s] : %s", path, error->message); //LCOV_EXCL_LINE
- g_clear_error(&error); //LCOV_EXCL_LINE
- g_key_file_free(keyfile); //LCOV_EXCL_LINE
- keyfile = NULL; //LCOV_EXCL_LINE
- }
-
- return keyfile;
-}
-
-static int __save_key_file(GKeyFile *keyfile, char *path)
-{
- gchar *data = NULL;
- gsize length = 0;
- GError *error = NULL;
- int ret = 0;
-
- data = g_key_file_to_data(keyfile, &length, NULL);
-
- if (!g_file_set_contents(path, data, length, &error)) {
- STC_LOGD("Failed to save information : %s", error->message); //LCOV_EXCL_LINE
- g_error_free(error); //LCOV_EXCL_LINE
- ret = -EIO; //LCOV_EXCL_LINE
- }
-
- __sync_file_to_disk(path);
-
- g_free(data);
- return ret;
-}
-
-//LCOV_EXCL_START
-gboolean stc_util_get_config_bool(char *key)
-{
- char path[MAX_PATH_LENGTH];
- GKeyFile *keyfile;
- gboolean value;
-
- snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
-
- keyfile = __load_key_file(path);
- if (!keyfile)
- keyfile = g_key_file_new();
-
- value = g_key_file_get_boolean(keyfile, path, key, NULL);
- g_key_file_free(keyfile);
-
- return value;
-}
-
-gchar * stc_util_get_config_str(char *key)
-{
- char path[MAX_PATH_LENGTH];
- GKeyFile *keyfile;
- gchar *value;
-
- snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
-
- keyfile = __load_key_file(path);
- if (!keyfile)
- keyfile = g_key_file_new();
-
- value = g_key_file_get_string(keyfile, path, key, NULL);
- g_key_file_free(keyfile);
-
- return value;
-}
-//LCOV_EXCL_STOP
-
-int stc_util_get_config_int(char *key)
-{
- char path[MAX_PATH_LENGTH];
- GKeyFile *keyfile;
- gint value;
-
- snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
-
- keyfile = __load_key_file(path);
- if (!keyfile)
- keyfile = g_key_file_new(); //LCOV_EXCL_LINE
-
-
- value = g_key_file_get_integer(keyfile, path, key, NULL);
- g_key_file_free(keyfile);
-
- return value;
-}
-
-//LCOV_EXCL_START
-API void stc_util_update_log_state(void)
-{
- int i;
-
- for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i)
- g_log_info[i].state = stc_util_get_config_int(g_log_info[i].key);
-
- STC_LOGD("log info [%d:%d:%d:%d:%d]",
- g_log_info[DEBUG_LOG_INFO].state, g_log_info[STAT_LOG_INFO].state,
- g_log_info[RSTN_LOG_INFO].state, g_log_info[FW_LOG_INFO].state,
- g_log_info[PCAP_LOG_INFO].state);
-}
-
-API void stc_util_set_log_state(log_info_e info, int state)
-{
- g_log_info[info].state = state;
-}
-//LCOV_EXCL_STOP
-
-API int stc_util_get_log_state(log_info_e info)
-{
- if (g_log_info[info].state == -1)
- g_log_info[info].state = stc_util_get_config_int(g_log_info[info].key);
-
- return g_log_info[info].state;
-}
-
-void stc_util_initialize_config(void)
-{
- char path[MAX_PATH_LENGTH];
- GKeyFile *keyfile;
- int i;
-
- snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG);
-
- keyfile = __load_key_file(path);
- if (!keyfile) {
- keyfile = g_key_file_new(); //LCOV_EXCL_LINE
- for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i)
- g_key_file_set_integer(keyfile, path, g_log_info[i].key, 0);
- }
-
- __save_key_file(keyfile, path);
- g_key_file_free(keyfile);
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <signal.h>
-#include <errno.h>
-#include <sys/wait.h>
-#include "stc-manager.h"
-#include "stc-manager-gdbus.h"
-#include "stc-db.h"
-#include "counter.h"
-#include "table-restrictions.h"
-#include "helper-cgroup.h"
-#include "helper-nfacct-rule.h"
-#include "helper-iptables.h"
-#include "helper-inotify.h"
-#include "stc-firewall.h"
-#include "stc-manager-plugin-appstatus.h"
-#include "stc-manager-plugin-exception.h"
-#include "stc-manager-plugin-procfs.h"
-#include "stc-manager-plugin-tether.h"
-#include "stc-manager-plugin-pcap.h"
-#include "stc-manager-plugin-monitor.h"
-#include "stc-manager-plugin-firewall.h"
-
-#define BUF_SIZE_FOR_ERR 100
-
-static stc_s *g_stc = NULL;
-static gboolean g_is_fail_exit = FALSE;
-
-static gboolean __validate_ident(const char *ident)
-{
- unsigned int i;
-
- if (!ident)
- return FALSE;
-
- for (i = 0; i < strlen(ident); ++i)
- if (!g_ascii_isprint(ident[i]))
- return FALSE;
-
- return TRUE;
-}
-
-static void __stc_inotify_handler(struct inotify_event *event, const char *ident)
-{
- if (!ident)
- return;
-
- if (!__validate_ident(ident)) {
- STC_LOGE("Invalid ident [%s]", ident);
- return;
- }
-
- if (!g_strcmp0(ident, INFO_CONFIG))
- stc_util_update_log_state();
-}
-
-static void __stc_manager_deinit(void)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!g_stc) {
- STC_LOGE("Memory for manager structure is not allocated");
- return;
- }
-
- stc_deinit_db_guard();
- stc_db_deinitialize();
-
- iptables_flush_chains();
- iptables_deinit();
-
- stc_manager_gdbus_deinit((gpointer)g_stc);
-
- stc_plugin_appstatus_deinit();
- stc_plugin_exception_deinit();
- stc_plugin_procfs_deinit();
- stc_plugin_tether_deinit();
- stc_plugin_pcap_deinit();
- stc_plugin_monitor_deinit();
- stc_plugin_firewall_deinit();
-
- inotify_deregister(INFO_STORAGE_DIR);
- inotify_deinitialize();
-
- STC_LOGI("stc manager deinitialized");
- FREE(g_stc);
- __STC_LOG_FUNC_EXIT__;
-}
-
-void __stc_manager_stop_with_fail(void)
-{
- STC_LOGI("plugin needs stc-manager to exit");
-
- g_is_fail_exit = TRUE;
-
- stc_stop_manager();
-}
-
-static stc_s *__stc_manager_init(void)
-{
- __STC_LOG_FUNC_ENTER__;
- stc_s *stc;
- stc_error_e err = STC_ERROR_NONE;
-
- stc = MALLOC0(stc_s, 1);
- if (!stc) {
- STC_LOGE("Failed to allocate memory for manager structure"); //LCOV_EXCL_LINE
- return NULL; //LCOV_EXCL_LINE
- }
- g_stc = stc;
-
- stc_util_initialize_config();
-
- inotify_initialize();
- inotify_register(INFO_STORAGE_DIR, __stc_inotify_handler);
-
- cgroup_set_release_agent(NET_CLS_SUBSYS, NET_RELEASE_AGENT);
-
- err = stc_db_initialize();
- if (err != STC_ERROR_NONE) {
- STC_LOGD("Failed to initialize stc db"); //LCOV_EXCL_LINE
- return NULL; //LCOV_EXCL_LINE
- }
-
- g_stc->ondemand_mode = TRUE;
-
- stc_plugin_appstatus_init();
- stc_plugin_exception_init();
- stc_plugin_procfs_init();
- stc_plugin_tether_init();
- if (stc_plugin_pcap_init() == STC_ERROR_NONE)
- g_stc->ondemand_mode = FALSE;
- if (stc_plugin_monitor_init(__stc_manager_stop_with_fail) == STC_ERROR_NONE)
- g_stc->ondemand_mode = FALSE;
- stc_plugin_firewall_init();
-
- stc_plugin_procfs_load_pid();
-
- stc_manager_gdbus_init((gpointer)stc);
-
- STC_LOGI("stc manager initialized");
- __STC_LOG_FUNC_EXIT__;
- return stc;
-}
-
-static gboolean __stc_timer_expired(gpointer data)
-{
- if (g_stc->keep_alive) {
- g_stc->keep_alive = FALSE;
- return TRUE;
- }
-
- g_main_loop_quit(g_stc->main_loop);
-
- return FALSE;
-}
-
-API stc_s *stc_get_manager(void)
-{
- return g_stc;
-}
-
-void stc_stop_manager(void)
-{
- if (g_stc && g_stc->main_loop)
- g_main_loop_quit(g_stc->main_loop);
-}
-
-int stc_commit_iptables(char *cmd, int *err_num, char **err_str)
-{
- pid_t pid = 0;
- int status = 0;
- int ret = 0;
- char err_buf[BUF_SIZE_FOR_ERR] = { 0, };
- gchar **args = NULL;
-
- if (cmd == NULL) {
- STC_LOGE("Invalid arguments");
- return STC_ERROR_INVALID_PARAMETER;
- }
-
- args = g_strsplit_set(cmd, " ", -1);
-
- errno = 0;
- pid = fork();
-
- if (pid == 0) {
- errno = 0;
-
- if (!g_strcmp0(args[1], STC_CMD_INSERT)) {
- STC_LOGE("Invalid arguments");
- g_strfreev(args);
- exit(-1);
- }
-
- if (execv(args[0], args) == -1) {
- STC_LOGE("Failed to execute [%s]", *err_str);
- g_strfreev(args);
- exit(-1);
- }
- } else if (pid > 0) {
- if (waitpid(pid, &status, 0) == -1)
- STC_LOGD("wait pid [%u] status [%d] ", pid, status);
-
- if (WIFEXITED(status)) {
- ret = WEXITSTATUS(status);
- STC_LOGD("exited, status [%d]", status);
- } else if (WIFSIGNALED(status)) {
- STC_LOGD("killed by signal [%d]", WTERMSIG(status));
- } else if (WIFSTOPPED(status)) {
- STC_LOGD("stopped by signal [%d]", WSTOPSIG(status));
- } else if (WIFCONTINUED(status)) {
- STC_LOGD("continued");
- }
-
- *err_num = ret;
- *err_str = strerror_r(ret, err_buf, BUF_SIZE_FOR_ERR);
- STC_LOGD("return err_num [%d] err_str [%s]", *err_num, *err_str);
-
- g_strfreev(args);
- if (ret == 0)
- return STC_ERROR_NONE;
- else
- return STC_ERROR_FAIL;
- }
-
- *err_num = errno;
- *err_str = strerror_r(errno, err_buf, BUF_SIZE_FOR_ERR);
- STC_LOGD("Failed to fork [%d:%s]", *err_num, *err_str);
-
- g_strfreev(args);
- return STC_ERROR_FAIL;
-}
-
-void stc_set_keep_alive(gboolean keep_alive)
-{
- g_stc->keep_alive = keep_alive;
-}
-
-gint32 main(gint32 argc, gchar *argv[])
-{
- GMainLoop *main_loop = NULL;
-
- STC_LOGI("Smart Traffic Control Manager");
-
-#ifdef TIZEN_GTESTS
- setenv("GCOV_PREFIX", "/tmp/daemon", 1);
-#endif
-
-/*
- if (daemon(0, 0) != 0)
- STC_LOGE("Can't start daemon"); //LCOV_EXCL_LINE
-*/
-
- /* Initialize required subsystems */
-#if !GLIB_CHECK_VERSION(2, 35, 0)
- g_type_init();
-#endif
-
- g_stc = __stc_manager_init();
- if (!g_stc)
- goto fail;
-
- if (g_is_fail_exit == TRUE)
- goto fail;
-
- /* Crate the GLIB main loop */
- main_loop = g_main_loop_new(NULL, FALSE);
- g_stc->main_loop = main_loop;
-
- if (g_stc->ondemand_mode) {
- g_stc->timer = g_timeout_add_seconds(10, __stc_timer_expired, NULL);
- g_stc->keep_alive = FALSE;
- }
-
- /* Run the main loop */
- g_main_loop_run(main_loop);
-
-fail:
- __stc_manager_deinit();
-
- if (main_loop)
- g_main_loop_unref(main_loop);
-
- if (g_is_fail_exit == TRUE)
- exit(-1);
-
- return 0;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-db.h"
-#include "stc-pcap.h"
-#include "stc-manager-plugin-pcap.h"
-
-#define PCAP_DBUS_ERROR_NAME "net.stc.pcap.Error.Failed"
-
-#define STC_PCAP_DBUS_REPLY_ERROR(invocation, err_num) \
- g_dbus_method_invocation_return_dbus_error((invocation), \
- PCAP_DBUS_ERROR_NAME, \
- stc_err_strs[-(err_num)])
-
-static const gchar *stc_err_strs[] = {
- "ERROR_NONE",
- "FAIL",
- "DB_FAILED",
- "OUT_OF_MEMORY",
- "INVALID_PARAMETER",
- "NO_DATA",
- "ALREADY_DATA",
- "UNINITIALIZED",
- "PERMISSION_DENIED",
- "NOTIMPL"
-};
-
-gboolean __validate_pcap(stc_pcap_s *pcap)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (pcap == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return FALSE; //LCOV_EXCL_LINE
- }
-
- if (pcap->ifname == NULL ||
- pcap->ifname[0] == '\0') {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return FALSE; //LCOV_EXCL_LINE
- }
-
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-static void __stc_extract_pcap(const char *key, GVariant *value,
- void *user_data)
-{
- stc_pcap_s *pcap = (stc_pcap_s *) user_data;
- if (pcap == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- if (!g_strcmp0(key, STC_PCAP_IFNAME)) {
- gsize str_length;
- const gchar *str = g_variant_get_string(value, &str_length);
- pcap->ifname = g_strdup(str);
- STC_LOGD("ifname: [%s]", pcap->ifname);
-
- } else if (!g_strcmp0(key, STC_PCAP_NFLOG_GROUP)) {
- pcap->nflog_group = g_variant_get_uint32(value);
- STC_LOGD("nflog group: [%d]", pcap->nflog_group);
-
- } else {
- STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE
- }
-}
-
-gboolean handle_pcap_start(StcPcap *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantIter *iter = NULL;
- stc_pcap_s pcap;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- memset(&pcap, 0, sizeof(stc_pcap_s));
-
- g_variant_get(parameters, "a{sv}", &iter);
- if (iter != NULL) {
- stc_manager_gdbus_dict_foreach(iter,
- __stc_extract_pcap,
- &pcap);
- g_variant_iter_free(iter);
- }
-
- if (__validate_pcap(&pcap) == FALSE) {
- STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
- STC_ERROR_INVALID_PARAMETER);
- g_free(pcap.ifname);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- ret = stc_plugin_pcap_register_loop(pcap.ifname, pcap.nflog_group);
- if (ret != STC_ERROR_NONE) {
- STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_free(pcap.ifname);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- g_free(pcap.ifname);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_pcap_stop(StcPcap *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantIter *iter = NULL;
- stc_pcap_s pcap;
- int ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- memset(&pcap, 0, sizeof(stc_pcap_s));
-
- g_variant_get(parameters, "a{sv}", &iter);
- if (iter != NULL) {
- stc_manager_gdbus_dict_foreach(iter,
- __stc_extract_pcap,
- &pcap);
- g_variant_iter_free(iter);
- }
-
- if (__validate_pcap(&pcap) == FALSE) {
- STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
- STC_ERROR_INVALID_PARAMETER);
- g_free(pcap.ifname);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- ret = stc_plugin_pcap_unregister_loop(pcap.ifname, pcap.nflog_group);
- if (ret != STC_ERROR_NONE) {
- STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_free(pcap.ifname);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- g_free(pcap.ifname);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_pcap_get_all(StcPcap *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
-
- stc_set_keep_alive(TRUE);
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
-
- stc_plugin_pcap_get_all_loop(builder);
-
- return_parameters = g_variant_new("(aa{sv})", builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_pcap_find_all_devs(StcPcap *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
-
- stc_set_keep_alive(TRUE);
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
-
- stc_plugin_pcap_find_all_devs(builder);
-
- return_parameters = g_variant_new("(aa{sv})", builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-db.h"
-#include "table-restrictions.h"
-#include "stc-restriction.h"
-#include "stc-manager-gdbus.h"
-#include "stc-manager-plugin-monitor.h"
-
-#define RESTRICTION_DBUS_ERROR_NAME "net.stc.restriction.Error.Failed"
-
-#define STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, err_num) \
- g_dbus_method_invocation_return_dbus_error((invocation), \
- RESTRICTION_DBUS_ERROR_NAME, \
- stc_err_strs[-(err_num)])
-
-static const gchar *stc_err_strs[] = {
- "ERROR_NONE",
- "FAIL",
- "DB_FAILED",
- "OUT_OF_MEMORY",
- "INVALID_PARAMETER",
- "NO_DATA",
- "ALREADY_DATA",
- "UNINITIALIZED",
- "PERMISSION_DENIED",
- "NOTIMPL"
-};
-
-void __initialize_rstn_rule(table_restrictions_info *rule)
-{
- rule->app_id = NULL;
-
- rule->iftype = STC_IFACE_ALL;
- rule->ifname = NULL;
-
- rule->subscriber_id = NULL;
- rule->roaming = STC_ROAMING_DISABLE;
-
- rule->rstn_type = STC_RSTN_TYPE_UNKNOWN;
- rule->data_limit = -1;
- rule->data_warn_limit = -1;
-
- rule->month_start_date = 1;
- rule->monthly_limit = -1;
- rule->weekly_limit = -1;
- rule->daily_limit = -1;
-
- rule->mac = NULL;
-}
-
-gboolean __validate_rstn_rule(table_restrictions_info *rule)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (rule == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return FALSE; //LCOV_EXCL_LINE
- }
-
- if (rule->iftype <= STC_IFACE_UNKNOWN ||
- rule->iftype >= STC_IFACE_LAST_ELEM) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return FALSE; //LCOV_EXCL_LINE
- }
-
- if (rule->roaming > STC_ROAMING_DISABLE) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return FALSE; //LCOV_EXCL_LINE
- }
-
- if (rule->subscriber_id == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return FALSE; //LCOV_EXCL_LINE
- }
-
- if (rule->app_id == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return FALSE; //LCOV_EXCL_LINE
- }
-
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-void __stc_restriction_app_info_builder_add(GVariantBuilder *builder,
- const table_restrictions_info *info)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!builder || !info) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- g_variant_builder_add(builder, "{sv}", "app_id",
- g_variant_new_string(info->app_id));
-
- g_variant_builder_add(builder, "{sv}", "ifname",
- g_variant_new_string(info->ifname));
-
- g_variant_builder_add(builder, "{sv}", "iftype",
- g_variant_new_uint16(info->iftype));
-
- g_variant_builder_add(builder, "{sv}", "rstn_type",
- g_variant_new_uint16(info->rstn_type));
-
- g_variant_builder_add(builder, "{sv}", "data_limit",
- g_variant_new_int64(info->data_limit));
-
- g_variant_builder_add(builder, "{sv}", "data_warn_limit",
- g_variant_new_int64(info->data_warn_limit));
-
- g_variant_builder_add(builder, "{sv}", "month_start_date",
- g_variant_new_int32(info->month_start_date));
-
- g_variant_builder_add(builder, "{sv}", "monthly_limit",
- g_variant_new_int64(info->monthly_limit));
-
- g_variant_builder_add(builder, "{sv}", "weekly_limit",
- g_variant_new_int64(info->weekly_limit));
-
- g_variant_builder_add(builder, "{sv}", "daily_limit",
- g_variant_new_int64(info->daily_limit));
-
- g_variant_builder_add(builder, "{sv}", "roaming",
- g_variant_new_uint16(info->roaming));
-
- g_variant_builder_add(builder, "{sv}", "subscriber_id",
- g_variant_new_string(info->subscriber_id));
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-stc_cb_ret_e __table_restrictions_foreach_app_cb(const table_restrictions_info *info,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = (GVariantBuilder *)user_data;
- GVariantBuilder sub_builder;
-
- if (!info || !builder) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_CANCEL; //LCOV_EXCL_LINE
- }
-
- g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
- __stc_restriction_app_info_builder_add(&sub_builder, info);
-
- g_variant_builder_add_value(builder,
- g_variant_builder_end(&sub_builder));
-
- __STC_LOG_FUNC_EXIT__;
- return STC_CONTINUE;
-}
-
-stc_cb_ret_e __table_restrictions_per_app_cb(const table_restrictions_info *info,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = (GVariantBuilder *)user_data;
-
- if (!info || !builder) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_CANCEL; //LCOV_EXCL_LINE
- }
-
- __stc_restriction_app_info_builder_add(builder, info);
-
- __STC_LOG_FUNC_EXIT__;
- return STC_CONTINUE;
-}
-
-static void __stc_extract_restriction_rule(const char *key, GVariant *value,
- void *user_data)
-{
- table_restrictions_info *rule =
- (table_restrictions_info *) user_data;
- if (rule == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- if (!g_strcmp0(key, "app_id")) {
- gsize str_length;
- const gchar *str = g_variant_get_string(value, &str_length);
- rule->app_id = g_strdup(str);
- STC_LOGD("app_id: [%s]", rule->app_id);
-
- } else if (!g_strcmp0(key, "ifname")) {
- gsize str_length;
- const gchar *str = g_variant_get_string(value, &str_length);
- rule->ifname = g_strdup(str);
- STC_LOGD("ifname: [%s]", rule->ifname);
-
- } else if (!g_strcmp0(key, "iftype")) {
- rule->iftype = g_variant_get_uint16(value);
- STC_LOGD("iftype: [%u]", (unsigned int) rule->iftype);
-
- } else if (!g_strcmp0(key, "data_limit")) {
- rule->data_limit = g_variant_get_int64(value);
- STC_LOGD("data_limit: [%lld]", rule->data_limit);
-
- } else if (!g_strcmp0(key, "data_warn_limit")) {
- rule->data_warn_limit = g_variant_get_int64(value);
- STC_LOGD("data_warn_limit: [%lld]", rule->data_warn_limit);
-
- } else if (!g_strcmp0(key, "month_start_date")) {
- rule->month_start_date = g_variant_get_int32(value);
- STC_LOGD("month_start_date: [%d]", rule->month_start_date);
-
- } else if (!g_strcmp0(key, "monthly_limit")) {
- rule->monthly_limit = g_variant_get_int64(value);
- STC_LOGD("monthly_limit: [%lld]", rule->monthly_limit);
-
- } else if (!g_strcmp0(key, "weekly_limit")) {
- rule->weekly_limit = g_variant_get_int64(value);
- STC_LOGD("weekly_limit: [%lld]", rule->weekly_limit);
-
- } else if (!g_strcmp0(key, "daily_limit")) {
- rule->daily_limit = g_variant_get_int64(value);
- STC_LOGD("daily_limit: [%lld]", rule->daily_limit);
-
- } else if (!g_strcmp0(key, "roaming")) {
- rule->roaming = g_variant_get_uint16(value);
- STC_LOGD("roaming: [%u]", rule->roaming);
-
- } else if (!g_strcmp0(key, "subscriber_id")) {
- gsize str_length;
- const gchar *str = g_variant_get_string(value, &str_length);
- rule->subscriber_id = g_strdup(str);
- STC_LOGD("subscriber_id: [%s]", rule->subscriber_id);
-
- } else if (!g_strcmp0(key, "rstn_type")) {
- rule->rstn_type = g_variant_get_uint16(value);
- STC_LOGD("type: [%u]", (unsigned int) rule->rstn_type);
-
- } else if (!g_strcmp0(key, "mac")) {
- gsize str_length;
- const gchar *str = g_variant_get_string(value, &str_length);
- rule->mac = g_strdup(str);
- STC_LOGD("mac: [%s]", rule->mac);
-
- } else {
- STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE
- }
-}
-
-static void __stc_free_restriction_rule_members(table_restrictions_info *rule)
-{
- FREE(rule->app_id);
- FREE(rule->ifname);
- FREE(rule->subscriber_id);
- FREE(rule->mac);
-}
-
-gboolean handle_restriction_set(StcRestriction *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantIter *iter = NULL;
- table_restrictions_info rule;
- stc_error_e ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- memset(&rule, 0, sizeof(table_restrictions_info));
- __initialize_rstn_rule(&rule);
-
- g_variant_get(parameters, "a{sv}", &iter);
- if (iter != NULL) {
- stc_manager_gdbus_dict_foreach(iter,
- __stc_extract_restriction_rule,
- &rule);
- g_variant_iter_free(iter);
- }
-
- if (__validate_rstn_rule(&rule) == FALSE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
- STC_ERROR_INVALID_PARAMETER);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- ret = table_restrictions_update(&rule);
- if (ret != STC_ERROR_NONE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
- STC_ERROR_DB_FAILED);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- stc_plugin_monitor_add_rstn(&rule);
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_restriction_unset(StcRestriction *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantIter *iter = NULL;
- table_restrictions_info rule;
- stc_error_e ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- memset(&rule, 0, sizeof(table_restrictions_info));
- __initialize_rstn_rule(&rule);
-
- g_variant_get(parameters, "a{sv}", &iter);
- if (iter != NULL) {
- stc_manager_gdbus_dict_foreach(iter,
- __stc_extract_restriction_rule,
- &rule);
- g_variant_iter_free(iter);
- }
-
- if (__validate_rstn_rule(&rule) == FALSE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
- STC_ERROR_INVALID_PARAMETER);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- ret = table_restrictions_delete(rule.app_id, rule.iftype, rule.ifname,
- rule.subscriber_id, rule.roaming);
- if (ret != STC_ERROR_NONE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
- STC_ERROR_DB_FAILED);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- stc_plugin_monitor_remove_rstn(&rule);
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_restriction_set_list(StcRestriction *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantIter *iter = NULL;
- GVariantIter *iter_row = NULL;
- stc_error_e ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- g_variant_get(parameters, "aa{sv}", &iter);
- while (g_variant_iter_next(iter, "a{sv}", &iter_row)) {
- table_restrictions_info rule;
-
- memset(&rule, 0, sizeof(table_restrictions_info));
- __initialize_rstn_rule(&rule);
-
- stc_manager_gdbus_dict_foreach(iter_row,
- __stc_extract_restriction_rule, &rule);
-
- if (__validate_rstn_rule(&rule)) {
- ret = table_restrictions_update(&rule);
- if (ret != STC_ERROR_NONE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_variant_iter_free(iter_row);
- g_variant_iter_free(iter);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- ret = stc_plugin_monitor_add_rstn(&rule);
- if (ret != STC_ERROR_NONE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_variant_iter_free(iter_row);
- g_variant_iter_free(iter);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
- }
-
- __stc_free_restriction_rule_members(&rule);
- g_variant_iter_free(iter_row);
- }
- g_variant_iter_free(iter);
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_restriction_unset_list(StcRestriction *object,
- GDBusMethodInvocation *invocation,
- GVariant *parameters,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantIter *iter = NULL;
- GVariantIter *iter_row = NULL;
- stc_error_e ret = STC_ERROR_NONE;
-
- stc_set_keep_alive(TRUE);
-
- g_variant_get(parameters, "aa{sv}", &iter);
- while (g_variant_iter_next(iter, "a{sv}", &iter_row)) {
- table_restrictions_info rule;
-
- memset(&rule, 0, sizeof(table_restrictions_info));
- __initialize_rstn_rule(&rule);
-
- stc_manager_gdbus_dict_foreach(iter_row,
- __stc_extract_restriction_rule, &rule);
-
- if (__validate_rstn_rule(&rule)) {
- ret = table_restrictions_delete(rule.app_id, rule.iftype,
- rule.ifname, rule.subscriber_id, rule.roaming);
- if (ret != STC_ERROR_NONE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_variant_iter_free(iter_row);
- g_variant_iter_free(iter);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- ret = stc_plugin_monitor_remove_rstn(&rule);
- if (ret != STC_ERROR_NONE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_variant_iter_free(iter_row);
- g_variant_iter_free(iter);
- __stc_free_restriction_rule_members(&rule);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
- }
-
- __stc_free_restriction_rule_members(&rule);
- g_variant_iter_free(iter_row);
- }
- g_variant_iter_free(iter);
-
- STC_DBUS_REPLY_ERROR_NONE(invocation);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_restriction_get(StcRestriction *object,
- GDBusMethodInvocation *invocation,
- const gchar *app_id,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
- stc_error_e ret;
-
- stc_set_keep_alive(TRUE);
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
-
- ret = table_restrictions_per_app(app_id,
- __table_restrictions_per_app_cb,
- builder);
- if (ret < STC_ERROR_NONE) {
- g_variant_builder_unref(builder); //LCOV_EXCL_LINE
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE; //LCOV_EXCL_LINE
- }
-
- return_parameters = g_variant_new("(ia{sv})", STC_ERROR_NONE, builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_restriction_get_all(StcRestriction *object,
- GDBusMethodInvocation *invocation,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
- stc_error_e ret;
-
- stc_set_keep_alive(TRUE);
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
-
- ret = table_restrictions_foreach(__table_restrictions_foreach_app_cb,
- builder);
- if (ret < STC_ERROR_NONE) {
- g_variant_builder_unref(builder); //LCOV_EXCL_LINE
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE; //LCOV_EXCL_LINE
- }
-
- return_parameters = g_variant_new("(iaa{sv})", STC_ERROR_NONE, builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_restriction_get_type(StcRestriction *object,
- GDBusMethodInvocation *invocation,
- const gchar *app_id,
- int iftype,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariant *return_parameters = NULL;
- stc_rstn_type_e type = STC_RSTN_TYPE_UNKNOWN;
- stc_error_e ret;
-
- stc_set_keep_alive(TRUE);
-
- ret = table_restrictions_get_restriction_type(app_id, iftype, &type);
- if (ret < STC_ERROR_NONE) {
- STC_RESTRICTION_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE;
- }
-
- return_parameters = g_variant_new("(ii)", STC_ERROR_NONE, type);
- STC_DBUS_REPLY(invocation, return_parameters);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stc-db.h"
-#include "table-statistics.h"
-#include "stc-statistics.h"
-#include "stc-manager-gdbus.h"
-
-#define STATISTICS_DBUS_ERROR_NAME "net.stc.statistics.Error.Failed"
-
-#define STC_STATISTICS_DBUS_REPLY_ERROR(invocation, err_num) \
- g_dbus_method_invocation_return_dbus_error((invocation), \
- STATISTICS_DBUS_ERROR_NAME, \
- stc_err_strs[-(err_num)])
-
-static const gchar *stc_err_strs[] = {
- "ERROR_NONE",
- "FAIL",
- "DB_FAILED",
- "OUT_OF_MEMORY",
- "INVALID_PARAMETER",
- "NO_DATA",
- "ALREADY_DATA",
- "UNINITIALIZED",
- "PERMISSION_DENIED",
- "NOTIMPL"
-};
-
-void __stc_extract_select_rule(const char *key, GVariant *value,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
-
- table_statistics_select_rule *rule =
- (table_statistics_select_rule *) user_data;
- if (rule == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- if (!g_strcmp0(key, "from")) {
- rule->from = g_variant_get_uint64(value);
- STC_LOGD("from: [%lu]", rule->from);
-
- } else if (!g_strcmp0(key, "to")) {
- rule->to = g_variant_get_uint64(value);
- STC_LOGD("to: [%lu]", rule->to);
-
- } else if (!g_strcmp0(key, "iftype")) {
- rule->iftype = g_variant_get_uint16(value);
- STC_LOGD("iftype: [%u]", (unsigned int) rule->iftype);
-
- } else if (!g_strcmp0(key, "app_id")) {
- gsize length = 0;
- rule->app_id = g_variant_dup_string(value, &length);
- STC_LOGD("app_id: [%s]", rule->app_id);
-
- } else if (!g_strcmp0(key, "granularity")) {
- rule->granularity = g_variant_get_int32(value);
- STC_LOGD("granularity: [%d]", rule->granularity);
-
- } else {
- STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE
- }
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-void __stc_extract_reset_rule(const char *key, GVariant *value,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
-
- table_statistics_reset_rule *rule =
- (table_statistics_reset_rule *) user_data;
- if (rule == NULL) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- if (!g_strcmp0(key, "app_id")) {
- gsize len = 0;
- rule->app_id = g_variant_dup_string(value, &len);
- STC_LOGD("app_id: [%s]", rule->app_id);
-
- } else if (!g_strcmp0(key, "subscriber_id")) {
- gsize len = 0;
- rule->subscriber_id = g_variant_dup_string(value, &len);
- STC_LOGD("subscriber_id: [%s]", rule->subscriber_id);
-
- } else if (!g_strcmp0(key, "iftype")) {
- rule->iftype = g_variant_get_uint16(value);
- STC_LOGD("iftype: [%u]", (unsigned int) rule->iftype);
-
- } else if (!g_strcmp0(key, "from")) {
- if (!(rule->interval)) {
- rule->interval = MALLOC0(stc_db_tm_interval_s, 1); //LCOV_EXCL_LINE
- if (!(rule->interval)) { //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
- }
-
- rule->interval->from = g_variant_get_uint64(value);
- STC_LOGD("from: [%lu]", rule->interval->from);
-
- } else if (!g_strcmp0(key, "to")) {
- if (!(rule->interval)) {
- rule->interval = MALLOC0(stc_db_tm_interval_s, 1); //LCOV_EXCL_LINE
- if (!(rule->interval)) { //LCOV_EXCL_LINE
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
- }
-
- rule->interval->to = g_variant_get_uint64(value);
- STC_LOGD("to: [%lu]", rule->interval->to);
-
- } else {
- STC_LOGD("Unknown reset rule"); //LCOV_EXCL_LINE
- }
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-void __stc_statistics_app_info_builder_add(GVariantBuilder *builder,
- const table_statistics_info *info)
-{
- __STC_LOG_FUNC_ENTER__;
-
- if (!builder || !info) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return; //LCOV_EXCL_LINE
- }
-
- if (info->app_id)
- g_variant_builder_add(builder, "{sv}", "app_id",
- g_variant_new_string(info->app_id));
-
- if (info->ifname)
- g_variant_builder_add(builder, "{sv}", "ifname",
- g_variant_new_string(info->ifname));
-
- g_variant_builder_add(builder, "{sv}", "subscriber_id",
- g_variant_new_string(info->subscriber_id));
-
- g_variant_builder_add(builder, "{sv}", "iftype",
- g_variant_new_uint16(info->iftype));
-
- if (info->interval != NULL) {
- g_variant_builder_add(builder, "{sv}", "interval_to",
- g_variant_new_uint64(info->interval->to));
-
- g_variant_builder_add(builder, "{sv}", "interval_from",
- g_variant_new_uint64(info->interval->from));
- }
-
- g_variant_builder_add(builder, "{sv}", "cnt_out_bytes",
- g_variant_new_int64(info->cnt.out_bytes));
-
- g_variant_builder_add(builder, "{sv}", "cnt_in_bytes",
- g_variant_new_int64(info->cnt.in_bytes));
-
- g_variant_builder_add(builder, "{sv}", "roaming",
- g_variant_new_uint16(info->roaming));
-
- g_variant_builder_add(builder, "{sv}", "hw_net_protocol_type",
- g_variant_new_uint16(info->hw_net_protocol_type));
-
- g_variant_builder_add(builder, "{sv}", "ground",
- g_variant_new_uint16(info->ground));
-
- __STC_LOG_FUNC_EXIT__;
-}
-
-stc_cb_ret_e __table_statistics_foreach_app_cb(const table_statistics_info *info,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = (GVariantBuilder *)user_data;
- GVariantBuilder sub_builder;
-
- if (!info || !builder) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_CANCEL; //LCOV_EXCL_LINE
- }
-
- g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
- __stc_statistics_app_info_builder_add(&sub_builder, info);
- g_variant_builder_add_value(builder,
- g_variant_builder_end(&sub_builder));
-
- __STC_LOG_FUNC_EXIT__;
- return STC_CONTINUE;
-}
-
-stc_cb_ret_e __table_statistics_per_app_cb(const table_statistics_info *info,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- GVariantBuilder *builder = (GVariantBuilder *)user_data;
- GVariantBuilder sub_builder;
-
- if (!info || !builder) {
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return STC_CANCEL; //LCOV_EXCL_LINE
- }
-
- g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}"));
- __stc_statistics_app_info_builder_add(&sub_builder, info);
- g_variant_builder_add_value(builder,
- g_variant_builder_end(&sub_builder));
-
- __STC_LOG_FUNC_EXIT__;
- return STC_CONTINUE;
-}
-
-gboolean handle_statistics_get_all(StcStatistics *object,
- GDBusMethodInvocation *invocation,
- GVariant *select_rule,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- table_statistics_select_rule rule = {0, };
- const time_t cur_time = time(0);
- const time_t epoch = 0;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
- stc_error_e ret;
-
- stc_set_keep_alive(TRUE);
-
- /* Total statistics since epoch */
- rule.from = epoch;
- rule.to = cur_time;
- rule.iftype = STC_IFACE_ALL;
-
- if (select_rule != NULL) {
- DEBUG_GDBUS_VARIANT("Selection rule: ", select_rule);
- GVariantIter *iter = NULL;
-
- g_variant_get(select_rule, "a{sv}", &iter);
- if (iter != NULL) {
- stc_manager_gdbus_dict_foreach(iter,
- __stc_extract_select_rule,
- &rule);
- g_variant_iter_free(iter);
- }
- } else {
- STC_LOGD("No selection rule, using default selection rule."); //LCOV_EXCL_LINE
- }
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
-
- ret = table_statistics_foreach_app(&rule,
- __table_statistics_foreach_app_cb,
- builder);
- if (ret < STC_ERROR_NONE) {
- g_variant_builder_unref(builder); //LCOV_EXCL_LINE
- STC_STATISTICS_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_free(rule.app_id);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE; //LCOV_EXCL_LINE
- }
-
- return_parameters = g_variant_new("(iaa{sv})", STC_ERROR_NONE, builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
-
- g_free(rule.app_id);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_statistics_init(StcStatistics *object,
- GDBusMethodInvocation *invocation)
-{
- __STC_LOG_FUNC_ENTER__;
-
- stc_set_keep_alive(TRUE);
-
- STC_LOGI("stc statistics initialized");
- stc_statistics_complete_init(object, invocation);
-
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_statistics_get(StcStatistics *object,
- GDBusMethodInvocation *invocation,
- const gchar *app_id,
- GVariant *select_rule,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- table_statistics_select_rule rule = {0, };
- const time_t cur_time = time(0);
- const time_t epoch = 0;
- GVariantBuilder *builder = NULL;
- GVariant *return_parameters = NULL;
- stc_error_e ret;
-
- stc_set_keep_alive(TRUE);
-
- /* Total statistics since epoch */
- rule.from = epoch;
- rule.to = cur_time;
- rule.iftype = STC_IFACE_ALL;
-
- if (select_rule != NULL) {
- DEBUG_GDBUS_VARIANT("Selection rule: ", select_rule);
- GVariantIter *iter = NULL;
-
- g_variant_get(select_rule, "a{sv}", &iter);
- if (iter != NULL) {
- stc_manager_gdbus_dict_foreach(iter,
- __stc_extract_select_rule,
- &rule);
- g_variant_iter_free(iter);
- }
- } else {
- STC_LOGD("No selection rule, using default selection rule."); //LCOV_EXCL_LINE
- }
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}"));
-
- ret = table_statistics_per_app(app_id, &rule,
- __table_statistics_per_app_cb,
- builder);
- if (ret < STC_ERROR_NONE) {
- g_variant_builder_unref(builder); //LCOV_EXCL_LINE
- STC_STATISTICS_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- g_free(rule.app_id);
- __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
- return TRUE; //LCOV_EXCL_LINE
- }
-
- return_parameters = g_variant_new("(iaa{sv})", STC_ERROR_NONE, builder);
- g_variant_builder_unref(builder);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
-
- g_free(rule.app_id);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
-
-gboolean handle_statistics_reset(StcStatistics *object,
- GDBusMethodInvocation *invocation,
- GVariant *reset_rule,
- void *user_data)
-{
- __STC_LOG_FUNC_ENTER__;
- table_statistics_reset_rule rule = {0, };
- GVariant *return_parameters = NULL;
- stc_error_e ret;
-
- stc_set_keep_alive(TRUE);
-
- if (reset_rule != NULL) {
- DEBUG_GDBUS_VARIANT("Selection rule: ", reset_rule);
- GVariantIter *iter = NULL;
-
- g_variant_get(reset_rule, "a{sv}", &iter);
- if (iter != NULL) {
- stc_manager_gdbus_dict_foreach(iter,
- __stc_extract_reset_rule,
- &rule);
- g_variant_iter_free(iter);
- }
- } else {
- STC_LOGD("No selection rule, using default selection rule."); //LCOV_EXCL_LINE
- }
-
- ret = table_statistics_reset(&rule);
- if (ret < STC_ERROR_NONE) {
- STC_STATISTICS_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
- goto handle_error; //LCOV_EXCL_LINE
- }
-
- return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
-
- DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
- STC_DBUS_REPLY(invocation, return_parameters);
-
-handle_error:
- FREE(rule.app_id);
- FREE(rule.subscriber_id);
- FREE(rule.interval);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
-}
+++ /dev/null
-CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-
-SET(NET_CLS_RELEASE "net-cls-release")
-ADD_EXECUTABLE(${NET_CLS_RELEASE} ${CMAKE_CURRENT_SOURCE_DIR}/${NET_CLS_RELEASE}.c)
-INSTALL(TARGETS ${NET_CLS_RELEASE} RUNTIME DESTINATION ${BIN_DIR})
+++ /dev/null
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-
-#define MAX_PATH_LENGTH 512
-#define DEFAULT_CGROUP "/sys/fs/cgroup"
-#define CGROUP_NETWORK DEFAULT_CGROUP "/net_cls"
-#define STC_CGROUP_NETWORK CGROUP_NETWORK "/stc"
-#define PATH_TO_NET_CGROUP_DIR STC_CGROUP_NETWORK
-
-int main(int argc, char *argv[])
-{
- char buf[MAX_PATH_LENGTH];
- if (argc < 2)
- return 1;
-
- /* kernel already adds symbol '/' before cgroup name */
- snprintf(buf, sizeof(buf), "%s/%s", PATH_TO_NET_CGROUP_DIR, argv[1]);
- return rmdir(buf);
-}
+++ /dev/null
-<manifest>
- <request>
- <domain name="_"/>
- </request>
-</manifest>
-
--- /dev/null
+CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
+PROJECT(gtest-stc-manager C CXX)
+
+SET(GTEST_TEST "gtest-stc-manager")
+ADD_DEFINITIONS("-DUSE_DLOG")
+
+SET(REQUIRES_LIST ${REQUIRES_LIST}
+ glib-2.0
+ gio-2.0
+ gmock
+ dlog
+)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
+INCLUDE(FindPkgConfig)
+PKG_CHECK_MODULES(GTEST_TEST_PKG REQUIRED ${REQUIRES_LIST})
+
+FOREACH(flag ${GTEST_TEST_PKG_CFLAGS})
+ SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
+ENDFOREACH(flag)
+
+SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -Wall -fPIE")
+SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
+SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${EXTRA_CFLAGS}")
+SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -pie")
+
+FILE(GLOB GTEST_TEST_SRCS *.cpp)
+SET(GTEST_TEST_SRCS ${GTEST_TEST_SRCS})
+
+ADD_EXECUTABLE(${GTEST_TEST} ${GTEST_TEST_SRCS})
+TARGET_LINK_LIBRARIES(${GTEST_TEST} ${GTEST_TEST_LDFLAGS} ${GTEST_TEST_PKG_LDFLAGS} -ldl -lgcov)
+
+INSTALL(TARGETS ${GTEST_TEST} RUNTIME DESTINATION ${BIN_DIR})
--- /dev/null
+/*
+ * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+GMainLoop *MainLoop::m_mainLoop = NULL;
+guint MainLoop::m_timerId = 0;
+
+MainLoop::MainLoop(void)
+{
+}
+
+MainLoop::~MainLoop(void)
+{
+ if (m_mainLoop)
+ g_main_loop_quit(m_mainLoop);
+ if (m_timerId)
+ g_source_remove(m_timerId);
+
+ m_mainLoop = NULL;
+ m_timerId = 0;
+}
+
+gboolean MainLoop::timeoutCb(gpointer data)
+{
+ if (m_mainLoop)
+ g_main_loop_quit(m_mainLoop);
+ if (m_timerId)
+ g_source_remove(m_timerId);
+
+ m_mainLoop = NULL;
+ m_timerId = 0;
+
+ return false;
+}
+
+void MainLoop::run(unsigned int timeout)
+{
+ if (m_timerId > 0)
+ return;
+
+ m_mainLoop = g_main_loop_new(NULL, false);
+ m_timerId = g_timeout_add(timeout,
+ (GSourceFunc) &MainLoop::timeoutCb,
+ NULL);
+ g_main_loop_run(m_mainLoop);
+}
+
+void MainLoop::quit(void)
+{
+ timeoutCb(NULL);
+}
--- /dev/null
+/*
+ * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <glib.h>
+class MainLoop {
+private:
+ static GMainLoop *m_mainLoop;
+ static guint m_timerId;
+
+ static gboolean timeoutCb(gpointer data);
+public:
+ MainLoop(void);
+ ~MainLoop(void);
+ void run(unsigned int timeout);
+ void quit(void);
+};
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "firewall.h"
+#include "common.h"
+
+static void AsyncReadyCallback(GObject *source_object,
+ GAsyncResult *res, gpointer user_data)
+{
+ MainLoop *M = (MainLoop *)user_data;
+ GLOGD("Succeeded to response async callback");
+ M->quit();
+}
+
+FRule::FRule()
+{
+ this->chain[0] = '\0';
+ this->direction = 0;
+ this->siptype = 0;
+ this->diptype = 0;
+ this->sporttype = 0;
+ this->dporttype = 0;
+ this->protocol = 0;
+ this->family = 0;
+ this->sip1[0] = '\0';
+ this->dip1[0] = '\0';
+ this->sip2[0] = '\0';
+ this->dip2[0] = '\0';
+ this->dport1 = 0;
+ this->dport2 = 0;
+ this->sport1 = 0;
+ this->sport2 = 0;
+ this->iface[0] = '\0';
+ this->target = 0;
+}
+
+FRule::~FRule()
+{
+}
+
+Firewall::Firewall()
+{
+ Create();
+}
+
+Firewall::~Firewall()
+{
+ Destroy();
+}
+
+error_e Firewall::SetRule(const char *chain, guint16 direction,
+ guint16 siptype, guint16 diptype, guint16 sporttype,
+ guint16 dporttype, guint16 protocol, guint16 family,
+ const char *sip1, const char *dip1, const char *sip2,
+ const char *dip2, guint32 dport1, guint32 dport2,
+ guint32 sport1, guint32 sport2, const char *iface,
+ guint16 target)
+{
+ if (chain == NULL || strlen(chain) == 0)
+ this->m_Rule.chain[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.chain, chain, CHAIN_LEN);
+
+ if (sip1 == NULL || strlen(sip1) == 0)
+ this->m_Rule.sip1[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.sip1, sip1, IP_LEN);
+
+ if (sip2 == NULL || strlen(sip2) == 0)
+ this->m_Rule.sip2[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.sip2, sip2, IP_LEN);
+
+ if (dip1 == NULL || strlen(dip1) == 0)
+ this->m_Rule.dip1[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.dip1, dip1, IP_LEN);
+
+ if (dip2 == NULL || strlen(dip2) == 0)
+ this->m_Rule.dip2[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.dip2, dip2, IP_LEN);
+
+ if (iface == NULL || strlen(iface) == 0)
+ this->m_Rule.iface[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.iface, iface, IFACE_LEN);
+
+
+ this->m_Rule.direction = direction;
+ this->m_Rule.siptype = siptype;
+ this->m_Rule.diptype = diptype;
+ this->m_Rule.sporttype = sporttype;
+ this->m_Rule.dporttype = dporttype;
+ this->m_Rule.protocol = protocol;
+ this->m_Rule.family = family;
+ this->m_Rule.dport1 = dport1;
+ this->m_Rule.dport2 = dport2;
+ this->m_Rule.sport1 = sport1;
+ this->m_Rule.sport2 = sport2;
+ this->m_Rule.target = target;
+
+ return ERROR_NONE;
+}
+
+void Firewall::MakeRuleParams(GVariant **params)
+{
+ GVariantBuilder *builder;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_CHAIN,
+ g_variant_new_string(this->m_Rule.chain));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_DIRECTION,
+ g_variant_new_uint16(this->m_Rule.direction));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_IFNAME,
+ g_variant_new_string(this->m_Rule.iface));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_PROTOCOL,
+ g_variant_new_uint16(this->m_Rule.protocol));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_TARGET,
+ g_variant_new_uint16(this->m_Rule.target));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_FAMILY,
+ g_variant_new_uint16(this->m_Rule.family));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_SIPTYPE,
+ g_variant_new_uint16(this->m_Rule.siptype));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_SIP1,
+ g_variant_new_string(this->m_Rule.sip1));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_SIP2,
+ g_variant_new_string(this->m_Rule.sip2));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_DIPTYPE,
+ g_variant_new_uint16(this->m_Rule.diptype));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_DIP1,
+ g_variant_new_string(this->m_Rule.dip1));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_DIP2,
+ g_variant_new_string(this->m_Rule.dip2));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_SPORTTYPE,
+ g_variant_new_uint16(this->m_Rule.sporttype));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_SPORT1,
+ g_variant_new_uint32(this->m_Rule.sport1));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_SPORT2,
+ g_variant_new_uint32(this->m_Rule.sport2));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_DPORTTYPE,
+ g_variant_new_uint16(this->m_Rule.dporttype));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_DPORT1,
+ g_variant_new_uint32(this->m_Rule.dport1));
+
+ g_variant_builder_add(builder, "{sv}",
+ FIREWALL_RULE_DPORT2,
+ g_variant_new_uint32(this->m_Rule.dport2));
+
+ *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
+ g_variant_builder_unref(builder);
+}
+
+error_e Firewall::GetAllRule(void)
+{
+ MainLoop M;
+ error_e error = ERROR_NONE;
+
+ error = InvokeMethodNonblock(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_GET_ALL,
+ NULL,
+ DBUS_REPLY_TIMEOUT,
+ AsyncReadyCallback,
+ &M);
+
+ if (error != ERROR_NONE) {
+ GLOGD("Failed to invoke dbus method nonblock");
+ return error;
+ }
+
+ GLOGD("Succeeded to get all restriction");
+
+ M.run(GMAINTIMEOUT);
+ return ERROR_NONE;
+}
+
+error_e Firewall::UpdateRule(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_UPDATE,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::RemoveRule(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_REMOVE,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::AddRule(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_ADD,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::SetChain(const char *chain, unsigned int target)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_SET,
+ g_variant_new("(su)", chain, target),
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::UnsetChain(const char *chain)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_UNSET,
+ g_variant_new("(s)", chain),
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::FlushChain(const char *chain)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_FLUSH,
+ g_variant_new("(s)", chain),
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::GetAllChain(void)
+{
+ MainLoop M;
+ error_e error = ERROR_NONE;
+
+ error = InvokeMethodNonblock(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_GET_CHAIN,
+ NULL,
+ DBUS_REPLY_TIMEOUT,
+ AsyncReadyCallback,
+ &M);
+
+ if (error != ERROR_NONE) {
+ GLOGD("Failed to invoke dbus method nonblock");
+ return error;
+ }
+
+ GLOGD("Succeeded to get all restriction");
+
+ M.run(GMAINTIMEOUT);
+ return ERROR_NONE;
+}
+
+error_e Firewall::RemoveChain(const char *chain)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_REMOVE_CHAIN,
+ g_variant_new("(s)", chain),
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::AddChain(const char *chain)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_ADD_CHAIN,
+ g_variant_new("(s)", chain),
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::GetLock(int *state)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_GET_LOCK,
+ NULL,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", state);
+ GLOGD("Succeeded to get lock state[%d]", *state);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::Unlock()
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_UNLOCK,
+ NULL,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to unlock result[%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Firewall::Lock()
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_FIREWALL_PATH,
+ STC_MGR_FIREWALL_INTERFACE,
+ STC_MGR_METHOD_FIREWALL_LOCK,
+ NULL,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to unlock result[%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_FIREWALL_H__
+#define __STC_MGR_FIREWALL_H__
+
+#include <glib.h>
+#include <gio/gio.h>
+
+#include "stcmgr.h"
+#include "gdbus.h"
+
+#define FIREWALL_RULE_CHAIN "chain"
+#define FIREWALL_RULE_DIRECTION "direction"
+#define FIREWALL_RULE_IFNAME "ifname"
+#define FIREWALL_RULE_PROTOCOL "protocol"
+#define FIREWALL_RULE_TARGET "target"
+#define FIREWALL_RULE_TARGETTYPE "target_type"
+
+#define FIREWALL_RULE_FAMILY "family"
+#define FIREWALL_RULE_SIPTYPE "s_ip_type"
+#define FIREWALL_RULE_SIP1 "s_ip1"
+#define FIREWALL_RULE_SIP2 "s_ip2"
+#define FIREWALL_RULE_DIPTYPE "d_ip_type"
+#define FIREWALL_RULE_DIP1 "d_ip1"
+#define FIREWALL_RULE_DIP2 "d_ip2"
+#define FIREWALL_RULE_SPORTTYPE "s_port_type"
+#define FIREWALL_RULE_SPORT1 "s_port1"
+#define FIREWALL_RULE_SPORT2 "s_port2"
+#define FIREWALL_RULE_DPORTTYPE "d_port_type"
+#define FIREWALL_RULE_DPORT1 "d_port1"
+#define FIREWALL_RULE_DPORT2 "d_port2"
+
+#define FIREWALL_RULE_LOG_LEVEL "log_level"
+#define FIREWALL_RULE_LOG_PREFIX "log_prefix"
+#define FIREWALL_RULE_NFLOG_GROUP "nflog_group"
+#define FIREWALL_RULE_NFLOG_PREFIX "nflog_prefix"
+#define FIREWALL_RULE_NFLOG_RANGE "nflog_range"
+#define FIREWALL_RULE_NFLOG_THRESHOLD "nflog_threshold"
+
+#define CHAIN_LEN 256
+#define IFACE_LEN 256
+#define IP_LEN 16
+
+class FRule {
+private:
+public:
+ char chain[CHAIN_LEN];
+ guint16 direction;
+ guint16 siptype;
+ guint16 diptype;
+ guint16 sporttype;
+ guint16 dporttype;
+ guint16 protocol;
+ guint16 family;
+ char sip1[IP_LEN];
+ char dip1[IP_LEN];
+ char sip2[IP_LEN];
+ char dip2[IP_LEN];
+ guint32 dport1;
+ guint32 dport2;
+ guint32 sport1;
+ guint32 sport2;
+ char iface[IFACE_LEN];
+ guint16 target;
+
+ FRule();
+ ~FRule();
+};
+
+class Firewall : public GDbus {
+private:
+ FRule m_Rule;
+public:
+ Firewall();
+ ~Firewall();
+ error_e SetRule(const char *app_id, const char *iface_name,
+ const char *subscriber_id, iface_type_e iface_type,
+ int64_t data_limit, int64_t data_warn_limit,
+ roaming_type_e roaming_type, const char *mac);
+ void MakeRuleParams(GVariant **params);
+ void MakeGetParams(GVariant **params);
+ void MakeStatusParams(GVariant **params);
+ error_e Lock(void);
+ error_e Unlock(void);
+ error_e GetLock(int *state);
+ error_e AddChain(const char * chain);
+ error_e RemoveChain(const char * chain);
+ error_e FlushChain(const char * chain);
+ error_e GetAllChain();
+ error_e SetChain(const char *chain, unsigned int target);
+ error_e UnsetChain(const char *chain);
+ error_e SetRule(const char *chain, guint16 direction,
+ guint16 siptype, guint16 diptype, guint16 sporttype,
+ guint16 dporttype, guint16 protocol, guint16 family,
+ const char *sip1, const char *dip1, const char *sip2,
+ const char *dip2, guint32 dport1, guint32 dport2,
+ guint32 sport1, guint32 sport2, const char *iface,
+ guint16 target);
+ error_e AddRule();
+ error_e RemoveRule();
+ error_e UpdateRule();
+ error_e GetAllRule();
+};
+
+#endif /* __STC_MGR_FIREWALL_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "gdbus.h"
+
+GDbus::GDbus()
+{
+ this->m_pConnection = NULL;
+ this->m_pCancellable = NULL;
+}
+
+GDbus::~GDbus()
+{
+ GDBusConnection *conn = this->m_pConnection;
+ GCancellable *cancel = this->m_pCancellable;
+
+ if (cancel) {
+ g_cancellable_cancel(cancel);
+ g_object_unref(cancel);
+ cancel = NULL;
+ }
+
+ if (conn) {
+ g_object_unref(conn);
+ conn = NULL;
+ }
+}
+
+error_e GDbus::Create(void)
+{
+ GError *err = NULL;
+
+#if !GLIB_CHECK_VERSION(2, 36, 0)
+ g_type_init();
+#endif
+
+ this->m_pConnection = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, &err);
+ if (this->m_pConnection == NULL) {
+ if (err != NULL) {
+ GLOGD("Failed to connect to the D-BUS daemon [%s]", err->message);
+ g_error_free(err);
+ }
+
+ return ERROR_OPERATION_FAILED;
+ }
+
+ this->m_pCancellable = g_cancellable_new();
+
+ return ERROR_NONE;
+}
+
+error_e GDbus::Destroy(void)
+{
+ g_cancellable_cancel(this->m_pCancellable);
+ g_object_unref(this->m_pCancellable);
+ this->m_pCancellable = NULL;
+
+ g_object_unref(this->m_pConnection);
+ this->m_pConnection = NULL;
+
+ return ERROR_NONE;
+}
+
+GDBusConnection *GDbus::GetConnection(void)
+{
+ return this->m_pConnection;
+}
+
+GCancellable *GDbus::GetCancellable(void)
+{
+ return this->m_pCancellable;
+}
+
+error_e GDbus::ConvertErrorStringToEnum(const char *error)
+{
+ if (NULL != strstr(error, "NoReply"))
+ return ERROR_INVALID_OPERATION;
+ else if (NULL != strstr(error, "Failed"))
+ return ERROR_OPERATION_FAILED;
+ else if (NULL != strstr(error, "UnknownMethod"))
+ return ERROR_INVALID_OPERATION;
+ else if (NULL != strstr(error, "InvalidArguments"))
+ return ERROR_INVALID_PARAMETER;
+ else if (NULL != strstr(error, "AccessDenied"))
+ return ERROR_PERMISSION_DENIED;
+ else if (NULL != strstr(error, "PermissionDenied"))
+ return ERROR_PERMISSION_DENIED;
+ else if (NULL != strstr(error, "NotSupported"))
+ return ERROR_NOT_SUPPORTED;
+ else if (NULL != strstr(error, "InProgress"))
+ return ERROR_IN_PROGRESS;
+
+ return ERROR_OPERATION_FAILED;
+}
+
+GVariant *GDbus::InvokeMethod(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, error_e *dbus_error)
+{
+ GError *error = NULL;
+ GVariant *reply = NULL;
+ GDBusConnection *connection = NULL;
+ *dbus_error = ERROR_NONE;
+
+ connection = GetConnection();
+ if (connection == NULL) {
+ GLOGD("GDBusconnection is NULL");
+ *dbus_error = ERROR_NOT_INITIALIZED;
+ return reply;
+ }
+
+ reply = g_dbus_connection_call_sync(connection,
+ dest,
+ path,
+ iface_name,
+ method,
+ params,
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ DBUS_REPLY_TIMEOUT,
+ GetCancellable(),
+ &error);
+
+ if (reply == NULL) {
+ if (error != NULL) {
+ GLOGD("g_dbus_connection_call_sync() failed "
+ "error [%d: %s]", error->code, error->message);
+ *dbus_error = ConvertErrorStringToEnum(error->message);
+ g_error_free(error);
+ } else {
+ GLOGD("g_dbus_connection_call_sync() failed");
+ *dbus_error = ERROR_OPERATION_FAILED;
+ }
+
+ return NULL;
+ }
+
+ return reply;
+}
+
+error_e GDbus::InvokeMethodNonblock(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, int timeout,
+ GAsyncReadyCallback notify_func, void *user_data)
+{
+ GDBusConnection *connection = NULL;
+
+ connection = GetConnection();
+ if (connection == NULL) {
+ GLOGD("GDBusconnection is NULL");
+ return ERROR_NOT_INITIALIZED;
+ }
+
+ g_dbus_connection_call(connection,
+ dest,
+ path,
+ iface_name,
+ method,
+ params,
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ timeout,
+ GetCancellable(),
+ (GAsyncReadyCallback) notify_func,
+ (gpointer)user_data);
+
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_GDBUS_H__
+#define __STC_MGR_GDBUS_H__
+
+#include <glib.h>
+#include <gio/gio.h>
+
+#include "stcmgr.h"
+
+#define GMAINTIMEOUT 10000
+#define DBUS_REPLY_TIMEOUT (120 * 1000)
+
+#define STC_MGR_SERVICE "net.stc"
+#define STC_MGR_STATISTICS_INTERFACE STC_MGR_SERVICE ".statistics"
+#define STC_MGR_RESTRICTION_INTERFACE STC_MGR_SERVICE ".restriction"
+#define STC_MGR_MANAGER_INTERFACE STC_MGR_SERVICE ".manager"
+#define STC_MGR_FIREWALL_INTERFACE STC_MGR_SERVICE ".firewall"
+
+#define STC_MGR_STATISTICS_PATH "/net/stc/statistics"
+#define STC_MGR_RESTRICTION_PATH "/net/stc/restriction"
+#define STC_MGR_MANAGER_PATH "/net/stc/manager"
+#define STC_MGR_FIREWALL_PATH "/net/stc/firewall"
+
+#define STC_MGR_METHOD_STATISTICS_INIT "Init"
+#define STC_MGR_METHOD_STATISTICS_GET_PER_APP_ID "Get"
+#define STC_MGR_METHOD_STATISTICS_GET_ALL "GetAll"
+#define STC_MGR_METHOD_STATISTICS_GET_TOTAL "Get"
+#define STC_MGR_METHOD_STATISTICS_RESET "Reset"
+
+#define STC_MGR_METHOD_RESTRICTION_SET "Set"
+#define STC_MGR_METHOD_RESTRICTION_GET_STATUS "GetState"
+#define STC_MGR_METHOD_RESTRICTION_GET_PER_APP_ID "Get"
+#define STC_MGR_METHOD_RESTRICTION_GET_ALL "GetAll"
+#define STC_MGR_METHOD_RESTRICTION_UNSET "Unset"
+#define STC_MGR_METHOD_RESTRICTION_EXCLUDE "Exclude"
+
+#define STC_MGR_METHOD_MANAGER_STOP "Stop"
+
+#define STC_MGR_METHOD_FIREWALL_GET_ALL "GetAllRule"
+#define STC_MGR_METHOD_FIREWALL_UPDATE "UpdateRule"
+#define STC_MGR_METHOD_FIREWALL_REMOVE "RemoveRule"
+#define STC_MGR_METHOD_FIREWALL_ADD "AddRule"
+#define STC_MGR_METHOD_FIREWALL_SET "SetChain"
+#define STC_MGR_METHOD_FIREWALL_UNSET "UnsetChain"
+#define STC_MGR_METHOD_FIREWALL_FLUSH "FlushChain"
+#define STC_MGR_METHOD_FIREWALL_GET_CHAIN "GetAllChain"
+#define STC_MGR_METHOD_FIREWALL_REMOVE_CHAIN "RemoveChain"
+#define STC_MGR_METHOD_FIREWALL_ADD_CHAIN "AddChain"
+#define STC_MGR_METHOD_FIREWALL_GET_LOCK "GetLock"
+#define STC_MGR_METHOD_FIREWALL_LOCK "Lock"
+#define STC_MGR_METHOD_FIREWALL_UNLOCK "Unlock"
+
+class GDbus {
+private:
+ GDBusConnection *m_pConnection;
+ GCancellable *m_pCancellable;
+public:
+ GDbus();
+ ~GDbus();
+ error_e Create(void);
+ error_e Destroy(void);
+ GDBusConnection *GetConnection(void);
+ GCancellable *GetCancellable(void);
+ error_e ConvertErrorStringToEnum(const char *error);
+ GVariant *InvokeMethod(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, error_e *dbus_error);
+ error_e InvokeMethodNonblock(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, int timeout,
+ GAsyncReadyCallback notify_func, void *user_data);
+};
+
+#endif /* __STC_MGR_GDBUS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "manager.h"
+
+Manager::Manager()
+{
+ Create();
+}
+
+Manager::~Manager()
+{
+ Destroy();
+}
+
+error_e Manager::StopManager(void)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_MANAGER_PATH,
+ STC_MGR_MANAGER_INTERFACE,
+ STC_MGR_METHOD_MANAGER_STOP,
+ NULL,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Successfully stop manager [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_MANAGER_H__
+#define __STC_MGR_MANAGER_H__
+
+#include "stcmgr.h"
+#include "gdbus.h"
+
+class Manager : public GDbus {
+private:
+public:
+ Manager();
+ ~Manager();
+ error_e StopManager(void);
+};
+
+
+#endif /* __STC_MGR_MANAGER_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "restriction.h"
+#include "common.h"
+
+static void AsyncReadyCallback(GObject *source_object,
+ GAsyncResult *res, gpointer user_data)
+{
+ MainLoop *M = (MainLoop *)user_data;
+ GLOGD("Succeeded to response async callback");
+ M->quit();
+}
+
+RRule::RRule()
+{
+ this->m_AppID[0] = '\0';
+ this->m_IfaceName[0] = '\0';
+ this->m_IfaceType = IFACE_ALL;
+ this->m_DataLimit = 0;
+ this->m_DataWarnLimit = 0;
+ this->m_RoamingType = ROAMING_DISABLED;
+ this->m_SubscriberID[0] = '\0';
+}
+
+RRule::~RRule()
+{
+}
+
+Restriction::Restriction()
+{
+ Create();
+}
+
+Restriction::~Restriction()
+{
+ Destroy();
+}
+
+error_e Restriction::SetRule(const char *app_id, const char *iface_name,
+ const char *subscriber_id, iface_type_e iface_type,
+ int64_t data_limit, int64_t data_warn_limit,
+ roaming_type_e roaming_type, const char *mac)
+{
+ if (app_id == NULL || strlen(app_id) == 0)
+ this->m_Rule.m_AppID[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.m_AppID, app_id, APP_ID_LEN);
+
+ if (iface_name == NULL || strlen(iface_name) == 0)
+ this->m_Rule.m_IfaceName[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.m_IfaceName, iface_name, IFNAME_LEN);
+
+ if (subscriber_id == NULL || strlen(subscriber_id) == 0)
+ this->m_Rule.m_SubscriberID[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.m_SubscriberID, subscriber_id, SUBSCRIBER_ID_LEN);
+
+ if (mac == NULL || strlen(mac) == 0)
+ this->m_Rule.m_Mac[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.m_Mac, mac, MAC_LEN);
+
+ switch(iface_type) {
+ case IFACE_UNKNOWN:
+ case IFACE_DATACALL:
+ case IFACE_WIFI:
+ case IFACE_WIRED:
+ case IFACE_BLUETOOTH:
+ case IFACE_ALL:
+ this->m_Rule.m_IfaceType = iface_type;
+ break;
+ default:
+ return ERROR_INVALID_PARAMETER;
+ }
+
+ switch(roaming_type) {
+ case ROAMING_UNKNOWN:
+ case ROAMING_ENABLED:
+ case ROAMING_DISABLED:
+ this->m_Rule.m_RoamingType = roaming_type;
+ break;
+ default:
+ return ERROR_INVALID_PARAMETER;
+ }
+
+ this->m_Rule.m_DataLimit = data_limit;
+ this->m_Rule.m_DataWarnLimit = data_warn_limit;
+
+ return ERROR_NONE;
+}
+
+void Restriction::MakeRuleParams(GVariant **params)
+{
+ GVariantBuilder *builder;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_APP_ID,
+ g_variant_new_string(this->m_Rule.m_AppID));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_IFNAME,
+ g_variant_new_string(this->m_Rule.m_IfaceName));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_IFTYPE,
+ g_variant_new_uint16(this->m_Rule.m_IfaceType));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_ROAMING,
+ g_variant_new_uint16(this->m_Rule.m_RoamingType));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_SUBSCRIBER_ID,
+ g_variant_new_string(this->m_Rule.m_SubscriberID));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_DATA_LIMIT,
+ g_variant_new_int64(this->m_Rule.m_DataLimit));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_DATA_WARN_LIMIT,
+ g_variant_new_int64(this->m_Rule.m_DataWarnLimit));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESTRICTION_RULE_MAC,
+ g_variant_new_string(this->m_Rule.m_Mac));
+
+
+ *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
+ g_variant_builder_unref(builder);
+}
+
+void Restriction::MakeGetParams(GVariant **params)
+{
+ *params = g_variant_new("(s)", this->m_Rule.m_AppID);
+}
+
+void Restriction::MakeStatusParams(GVariant **params)
+{
+ *params = g_variant_new("(si)",
+ this->m_Rule.m_AppID, this->m_Rule.m_IfaceType);
+}
+
+error_e Restriction::SetRstriction(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_RESTRICTION_PATH,
+ STC_MGR_RESTRICTION_INTERFACE,
+ STC_MGR_METHOD_RESTRICTION_SET,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to set restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Restriction::ExcludeRstriction(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_RESTRICTION_PATH,
+ STC_MGR_RESTRICTION_INTERFACE,
+ STC_MGR_METHOD_RESTRICTION_EXCLUDE,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to exclude restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Restriction::UnsetRstriction(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_RESTRICTION_PATH,
+ STC_MGR_RESTRICTION_INTERFACE,
+ STC_MGR_METHOD_RESTRICTION_UNSET,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to unset restriction [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Restriction::GetRstrictionStatus(restriction_status_e *status)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeStatusParams(¶ms);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_RESTRICTION_PATH,
+ STC_MGR_RESTRICTION_INTERFACE,
+ STC_MGR_METHOD_RESTRICTION_GET_STATUS,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(ii)", &result, status);
+ GLOGD("Succeeded to get restriction status [%d:%d]", result, *status);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Restriction::GetRstriction(void)
+{
+ MainLoop M;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+
+ MakeGetParams(¶ms);
+
+ error = InvokeMethodNonblock(STC_MGR_SERVICE,
+ STC_MGR_RESTRICTION_PATH,
+ STC_MGR_RESTRICTION_INTERFACE,
+ STC_MGR_METHOD_RESTRICTION_GET_PER_APP_ID,
+ params,
+ DBUS_REPLY_TIMEOUT,
+ AsyncReadyCallback,
+ &M);
+
+ if (error != ERROR_NONE) {
+ GLOGD("Failed to invoke dbus method nonblock");
+ return error;
+ }
+
+ GLOGD("Succeeded to get restriction per app ID");
+
+ M.run(GMAINTIMEOUT);
+ return ERROR_NONE;
+}
+
+error_e Restriction::GetAllRstriction(void)
+{
+ MainLoop M;
+ error_e error = ERROR_NONE;
+
+ error = InvokeMethodNonblock(STC_MGR_SERVICE,
+ STC_MGR_RESTRICTION_PATH,
+ STC_MGR_RESTRICTION_INTERFACE,
+ STC_MGR_METHOD_RESTRICTION_GET_ALL,
+ NULL,
+ DBUS_REPLY_TIMEOUT,
+ AsyncReadyCallback,
+ &M);
+
+ if (error != ERROR_NONE) {
+ GLOGD("Failed to invoke dbus method nonblock");
+ return error;
+ }
+
+ GLOGD("Succeeded to get all restriction");
+
+ M.run(GMAINTIMEOUT);
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_RESTRICTION_H__
+#define __STC_MGR_RESTRICTION_H__
+
+#include <glib.h>
+#include <gio/gio.h>
+
+#include "stcmgr.h"
+#include "gdbus.h"
+
+#define RESTRICTION_RULE_APP_ID "app_id"
+#define RESTRICTION_RULE_IFNAME "ifname"
+#define RESTRICTION_RULE_IFTYPE "iftype"
+#define RESTRICTION_RULE_ROAMING "roaming"
+#define RESTRICTION_RULE_SUBSCRIBER_ID "subscriber_id"
+#define RESTRICTION_RULE_DATA_LIMIT "data_limit"
+#define RESTRICTION_RULE_DATA_WARN_LIMIT "data_warn_limit"
+#define RESTRICTION_RULE_MAC "mac"
+
+typedef enum {
+ RESTRICTION_UNKNOWN,
+ RESTRICTION_ACTIVATED,
+ RESTRICTION_REMOVED,
+ RESTRICTION_EXCLUDED,
+ RESTRICTION_BACKGROUND,
+ RESTRICTION_LAST_ELEM,
+} restriction_status_e;
+
+class RRule {
+private:
+public:
+ char m_AppID[APP_ID_LEN];
+ char m_IfaceName[IFNAME_LEN];
+ char m_SubscriberID[SUBSCRIBER_ID_LEN];
+ char m_Mac[MAC_LEN];
+ iface_type_e m_IfaceType;
+ int64_t m_DataLimit;
+ int64_t m_DataWarnLimit;
+ roaming_type_e m_RoamingType;
+
+ RRule();
+ ~RRule();
+};
+
+class Restriction : public GDbus {
+private:
+ RRule m_Rule;
+public:
+ Restriction();
+ ~Restriction();
+ error_e SetRule(const char *app_id, const char *iface_name,
+ const char *subscriber_id, iface_type_e iface_type,
+ int64_t data_limit, int64_t data_warn_limit,
+ roaming_type_e roaming_type, const char *mac);
+ void MakeRuleParams(GVariant **params);
+ void MakeGetParams(GVariant **params);
+ void MakeStatusParams(GVariant **params);
+ error_e SetRstriction(void);
+ error_e ExcludeRstriction(void);
+ error_e UnsetRstriction(void);
+ error_e GetRstrictionStatus(restriction_status_e *status);
+ error_e GetRstriction(void);
+ error_e GetAllRstriction(void);
+};
+
+#endif /* __STC_MGR_RESTRICTION_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "statistics.h"
+#include "common.h"
+
+static void AsyncReadyCallback(GObject *source_object,
+ GAsyncResult *res, gpointer user_data)
+{
+ MainLoop *M = (MainLoop *)user_data;
+ GLOGD("Succeeded to response async callback");
+ M->quit();
+}
+
+SRule::SRule()
+{
+ this->m_IfaceType = IFACE_UNKNOWN;
+ this->m_TimePeriod = TIME_PERIOD_UNKNOWN;
+ this->m_Interval.from = 0;
+ this->m_Interval.to = 0;
+}
+
+SRule::~SRule()
+{
+}
+
+Statistics::Statistics()
+{
+ Create();
+}
+
+Statistics::~Statistics()
+{
+ Destroy();
+}
+
+error_e Statistics::SetRule(const char *app_id, const char *subscriber_id,
+ iface_type_e iface_type, time_t from, time_t to, time_period_e time_period)
+{
+ if (app_id == NULL || strlen(app_id) == 0)
+ this->m_Rule.m_AppID[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.m_AppID, app_id, APP_ID_LEN);
+
+ if (subscriber_id == NULL || strlen(subscriber_id) == 0)
+ this->m_Rule.m_SubscriberID[0] = '\0';
+ else
+ g_strlcpy(this->m_Rule.m_SubscriberID, subscriber_id, SUBSCRIBER_ID_LEN);
+
+ switch(iface_type) {
+ case IFACE_UNKNOWN:
+ case IFACE_DATACALL:
+ case IFACE_WIFI:
+ case IFACE_WIRED:
+ case IFACE_BLUETOOTH:
+ case IFACE_ALL:
+ this->m_Rule.m_IfaceType = iface_type;
+ break;
+ default:
+ return ERROR_INVALID_PARAMETER;
+ }
+
+ if (from < 0 || to < 0)
+ return ERROR_INVALID_PARAMETER;
+
+ this->m_Rule.m_Interval.from = from;
+ this->m_Rule.m_Interval.to = to;
+
+ switch(time_period) {
+ case TIME_PERIOD_UNKNOWN:
+ case TIME_PERIOD_HOUR:
+ case TIME_PERIOD_DAY:
+ case TIME_PERIOD_WEEK:
+ case TIME_PERIOD_MONTH:
+ this->m_Rule.m_TimePeriod = time_period;
+ break;
+ default:
+ return ERROR_INVALID_PARAMETER;
+ }
+
+ return ERROR_NONE;
+}
+
+time_t Statistics::MakeTime(int year, int mon, int day, int hour, int min)
+{
+ struct tm curr = { 0, };
+ curr.tm_year = year - 1900;
+ curr.tm_mon = mon - 1;
+ curr.tm_mday = day;
+ curr.tm_hour = hour;
+ curr.tm_min = min;
+ return mktime(&curr);
+}
+
+void Statistics::MakeRuleParams(GVariant **params, int mode)
+{
+ GVariantBuilder *builder;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+
+ g_variant_builder_add(builder, "{sv}",
+ STATISTICS_RULE_INTERVAL_FROM,
+ g_variant_new_uint64(this->m_Rule.m_Interval.from));
+
+ g_variant_builder_add(builder, "{sv}",
+ STATISTICS_RULE_INTERVAL_TO,
+ g_variant_new_uint64(this->m_Rule.m_Interval.to));
+
+ g_variant_builder_add(builder, "{sv}",
+ STATISTICS_RULE_IFTYPE,
+ g_variant_new_uint16(this->m_Rule.m_IfaceType));
+
+ g_variant_builder_add(builder, "{sv}",
+ STATISTICS_RULE_TIME_PERIOD,
+ g_variant_new_int32(this->m_Rule.m_TimePeriod));
+
+ switch (mode) {
+ case 0: /* reset */
+ g_variant_builder_add(builder, "{sv}",
+ STATISTICS_RULE_APP_ID,
+ g_variant_new_string(this->m_Rule.m_AppID));
+
+ g_variant_builder_add(builder, "{sv}",
+ RESET_RULE_SUBSCRIBER_ID,
+ g_variant_new_string(this->m_Rule.m_SubscriberID));
+
+ *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
+ break;
+ case 1: /* get app */
+ *params = g_variant_new("(s@a{sv})", this->m_Rule.m_AppID, g_variant_builder_end(builder));
+ break;
+ case 2: /* get total */
+ *params = g_variant_new("(s@a{sv})", "", g_variant_builder_end(builder));
+ break;
+ case 3: /* get all */
+ default:
+ *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
+ break;
+ }
+
+ g_variant_builder_unref(builder);
+}
+
+error_e Statistics::InitStatistics(void)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_STATISTICS_PATH,
+ STC_MGR_STATISTICS_INTERFACE,
+ STC_MGR_METHOD_STATISTICS_INIT,
+ NULL,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ GLOGD("Succeeded to init statistics");
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Statistics::GetStatistics(void)
+{
+ MainLoop M;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+
+ MakeRuleParams(¶ms, 1);
+
+ error = InvokeMethodNonblock(STC_MGR_SERVICE,
+ STC_MGR_STATISTICS_PATH,
+ STC_MGR_STATISTICS_INTERFACE,
+ STC_MGR_METHOD_STATISTICS_GET_PER_APP_ID,
+ params,
+ DBUS_REPLY_TIMEOUT,
+ AsyncReadyCallback,
+ &M);
+
+ if (error != ERROR_NONE) {
+ GLOGD("Failed to invoke dbus method nonblock");
+ return error;
+ }
+
+ M.run(GMAINTIMEOUT);
+ GLOGD("Succeeded to get statistics per app ID");
+
+ return ERROR_NONE;
+}
+
+error_e Statistics::GetTotalStatistics(void)
+{
+ MainLoop M;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+
+ MakeRuleParams(¶ms, 2);
+
+ error = InvokeMethodNonblock(STC_MGR_SERVICE,
+ STC_MGR_STATISTICS_PATH,
+ STC_MGR_STATISTICS_INTERFACE,
+ STC_MGR_METHOD_STATISTICS_GET_TOTAL,
+ params,
+ DBUS_REPLY_TIMEOUT,
+ AsyncReadyCallback,
+ &M);
+
+ if (error != ERROR_NONE) {
+ GLOGD("Failed to invoke dbus method nonblock");
+ return error;
+ }
+
+ M.run(GMAINTIMEOUT);
+ GLOGD("Succeeded to get total statistics");
+
+ return ERROR_NONE;
+}
+
+error_e Statistics::GetAllStatistics(void)
+{
+ MainLoop M;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+
+ MakeRuleParams(¶ms, 3);
+
+ error = InvokeMethodNonblock(STC_MGR_SERVICE,
+ STC_MGR_STATISTICS_PATH,
+ STC_MGR_STATISTICS_INTERFACE,
+ STC_MGR_METHOD_STATISTICS_GET_ALL,
+ params,
+ DBUS_REPLY_TIMEOUT,
+ AsyncReadyCallback,
+ &M);
+
+ if (error != ERROR_NONE) {
+ GLOGD("Failed to invoke dbus method nonblock");
+ return error;
+ }
+
+ M.run(GMAINTIMEOUT);
+ GLOGD("Succeeded to get all statistics");
+
+ return ERROR_NONE;
+}
+
+error_e Statistics::ResetStatistics(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms, 0);
+
+ message = InvokeMethod(STC_MGR_SERVICE,
+ STC_MGR_STATISTICS_PATH,
+ STC_MGR_STATISTICS_INTERFACE,
+ STC_MGR_METHOD_STATISTICS_RESET,
+ params,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to reset statistics [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_STATISTICS_H__
+#define __STC_MGR_STATISTICS_H__
+
+#include "stcmgr.h"
+#include "gdbus.h"
+
+#define STATISTICS_RULE_APP_ID "app_id"
+#define STATISTICS_RULE_INTERVAL_FROM "from"
+#define STATISTICS_RULE_INTERVAL_TO "to"
+#define STATISTICS_RULE_IFTYPE "iftype"
+#define STATISTICS_RULE_TIME_PERIOD "granularity"
+
+#define RESET_RULE_SUBSCRIBER_ID "subscriber_id"
+
+typedef struct {
+ time_t from;
+ time_t to;
+} time_interval_s;
+
+class SRule {
+private:
+public:
+ char m_AppID[APP_ID_LEN];
+ char m_SubscriberID[SUBSCRIBER_ID_LEN];
+ iface_type_e m_IfaceType;
+ time_period_e m_TimePeriod;
+ time_interval_s m_Interval;
+
+ SRule();
+ ~SRule();
+};
+
+class Statistics : public GDbus {
+private:
+ SRule m_Rule;
+public:
+ Statistics();
+ ~Statistics();
+ error_e SetRule(const char *app_id, const char *subscriber_id,
+ iface_type_e iface_type, time_t from, time_t to, time_period_e time_period);
+ time_t MakeTime(int year, int mon, int day, int hour, int min);
+ void MakeRuleParams(GVariant **params, int mode);
+ error_e InitStatistics(void);
+ error_e GetStatistics(void);
+ error_e GetTotalStatistics(void);
+ error_e GetAllStatistics(void);
+ error_e ResetStatistics(void);
+};
+
+
+#endif /* __STC_MGR_STATISTICS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stcmgr.h"
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_H__
+#define __STC_MGR_H__
+
+#include <glib.h>
+
+#define APP_ID_LEN 128
+#define IFNAME_LEN 16
+#define SUBSCRIBER_ID_LEN 128
+#define MAC_LEN 18
+
+#ifdef USE_DLOG
+#include <dlog.h>
+#undef LOG_TAG
+#define LOG_TAG "STC_GTEST"
+#define GLOGD(format, args...) LOGD(format, ##args)
+#else
+#define GLOGD(format, args...)
+#endif
+
+typedef enum {
+ ERROR_NONE = 0,
+ ERROR_NOT_PERMITTED = -1,
+ ERROR_OUT_OF_MEMORY = -2,
+ ERROR_PERMISSION_DENIED = -3,
+ ERROR_RESOURCE_BUSY = -4,
+ ERROR_INVALID_OPERATION = -5,
+ ERROR_INVALID_PARAMETER = -6,
+ ERROR_NOT_SUPPORTED = -7,
+ ERROR_OPERATION_FAILED = -8,
+ ERROR_NOT_INITIALIZED = -9,
+ ERROR_ALREADY_INITIALIZED = -10,
+ ERROR_IN_PROGRESS = -11,
+} error_e;
+
+typedef enum {
+ IFACE_UNKNOWN,
+ IFACE_DATACALL,
+ IFACE_WIFI,
+ IFACE_WIRED,
+ IFACE_BLUETOOTH,
+ IFACE_ALL,
+} iface_type_e;
+
+typedef enum {
+ ROAMING_UNKNOWN,
+ ROAMING_ENABLED,
+ ROAMING_DISABLED,
+} roaming_type_e;
+
+typedef enum {
+ TIME_PERIOD_UNKNOWN = 0,
+ TIME_PERIOD_HOUR = 3600,
+ TIME_PERIOD_DAY = 86400,
+ TIME_PERIOD_WEEK = 604800,
+ TIME_PERIOD_MONTH = 2419200,
+} time_period_e;
+
+#endif /* __STC_MGR_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <unistd.h>
+
+#include "unittest.h"
+#include "restriction.h"
+#include "statistics.h"
+#include "manager.h"
+#include "stc-manager.h"
+#include "firewall.h"
+
+#define GTEST_MAC "1:c:e:b:00:da"
+
+using ::testing::InitGoogleTest;
+using ::testing::Test;
+using ::testing::TestCase;
+
+typedef enum {
+ FIREWALL_UNKONWN,
+ FIREWALL_UNLOCKED,
+ FIREWALL_LOCKED
+} firewall_lock_e;
+
+TEST(StcManager_Statistics, Init_p)
+{
+ error_e ret = ERROR_NONE;
+ Statistics stat;
+
+ ret = stat.InitStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Statistics, Get_p)
+{
+ error_e ret = ERROR_NONE;
+ Statistics stat;
+ time_t from = 0;
+ time_t to = 0;
+
+ from = stat.MakeTime(2000, 1, 1, 1, 1);
+ time(&to);
+
+ ret = stat.SetRule("TOTAL_DATACALL",
+ NULL,
+ IFACE_DATACALL,
+ from,
+ to,
+ TIME_PERIOD_DAY);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.GetStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.SetRule("TOTAL_WIFI",
+ NULL,
+ IFACE_WIFI,
+ from,
+ to,
+ TIME_PERIOD_UNKNOWN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.GetStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Statistics, GetAll_p)
+{
+ error_e ret = ERROR_NONE;
+ Statistics stat;
+ time_t from = 0;
+ time_t to = 0;
+
+ from = stat.MakeTime(2000, 1, 1, 1, 1);
+ time(&to);
+
+ ret = stat.SetRule(NULL,
+ NULL,
+ IFACE_UNKNOWN,
+ from,
+ to,
+ TIME_PERIOD_UNKNOWN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.GetAllStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Statistics, GetTotal_p)
+{
+ error_e ret = ERROR_NONE;
+ Statistics stat;
+ time_t from = 0;
+ time_t to = 0;
+
+ from = stat.MakeTime(2000, 1, 1, 1, 1);
+ time(&to);
+
+ ret = stat.SetRule(NULL,
+ NULL,
+ IFACE_DATACALL,
+ from,
+ to,
+ TIME_PERIOD_UNKNOWN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.GetTotalStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.SetRule(NULL,
+ NULL,
+ IFACE_WIFI,
+ from,
+ to,
+ TIME_PERIOD_UNKNOWN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.GetTotalStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Restriction, Set_p)
+{
+ error_e ret = ERROR_NONE;
+ Restriction rest;
+
+ ret = rest.SetRule("Test_tel",
+ "seth_w0",
+ "1234567890abcdefg",
+ IFACE_DATACALL,
+ 0,
+ 0,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRule("TOTAL_WIFI",
+ "wlan0",
+ NULL,
+ IFACE_WIFI,
+ 2,
+ 1,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRule("Test_eth",
+ "eth0",
+ NULL,
+ IFACE_WIRED,
+ 100000,
+ 80000,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Restriction, Get_p)
+{
+ error_e ret = ERROR_NONE;
+ Restriction rest;
+
+ ret = rest.SetRule("Test_tel",
+ "seth_w0",
+ "1234567890abcdefg",
+ IFACE_DATACALL,
+ 0,
+ 0,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.GetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRule("TOTAL_WIFI",
+ "wlan0",
+ NULL,
+ IFACE_WIFI,
+ 0,
+ 0,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.GetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRule("TOTAL_IPV4",
+ "seth_w0",
+ NULL,
+ IFACE_DATACALL,
+ 0,
+ 0,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.GetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Restriction, GetAll_p)
+{
+ error_e ret = ERROR_NONE;
+ Restriction rest;
+
+ ret = rest.GetAllRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+
+TEST(StcManager_Restriction, Unset_p)
+{
+ error_e ret = ERROR_NONE;
+ Restriction rest;
+
+ ret = rest.SetRule("Test_tel",
+ "seth_w0",
+ "1234567890abcdefg",
+ IFACE_DATACALL,
+ 0,
+ 0,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.UnsetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRule("TOTAL_WIFI",
+ "wlan0",
+ NULL,
+ IFACE_WIFI,
+ 2,
+ 1,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.UnsetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRule("Test_eth",
+ "eth0",
+ NULL,
+ IFACE_WIRED,
+ 100000,
+ 80000,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.UnsetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRule("TOTAL_DATACALL",
+ "seth_w0",
+ NULL,
+ IFACE_DATACALL,
+ 0,
+ 0,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.UnsetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Statistics, Reset_p)
+{
+ error_e ret = ERROR_NONE;
+ Statistics stat;
+ time_t from = 0;
+ time_t to = 0;
+
+ from = stat.MakeTime(2000, 1, 1, 1, 1);
+ time(&to);
+
+ ret = stat.SetRule("TOTAL_DATACALL",
+ "1234567890abcdefg",
+ IFACE_DATACALL,
+ from,
+ to,
+ TIME_PERIOD_UNKNOWN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.ResetStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.SetRule(NULL,
+ NULL,
+ IFACE_UNKNOWN,
+ from,
+ to,
+ TIME_PERIOD_UNKNOWN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = stat.ResetStatistics();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Restriction, RemoveRulePostWarnLimitCrossed_p)
+{
+ error_e ret = ERROR_NONE;
+ int sys_ret;
+ Restriction rest;
+
+ ret = rest.SetRule("TOTAL_WIFI",
+ "wlan0",
+ NULL,
+ IFACE_WIFI,
+ -1,
+ 1,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ sys_ret = system("toybox ping -c 5 www.tizen.org");
+ EXPECT_EQ(0, sys_ret);
+
+ ret = rest.UnsetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Restriction, RemoveRulePostRestrictionLimitCrossed_p)
+{
+ error_e ret = ERROR_NONE;
+ int sys_ret;
+ Restriction rest;
+
+ ret = rest.SetRule("TOTAL_WIFI",
+ "wlan0",
+ NULL,
+ IFACE_WIFI,
+ 2,
+ -1,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ sys_ret = system("toybox ping -c 5 www.tizen.org");
+ EXPECT_NE(0, sys_ret);
+
+ ret = rest.UnsetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Restriction, RemoveRulePostBothLimitCrossed_p)
+{
+ error_e ret = ERROR_NONE;
+ int sys_ret;
+ Restriction rest;
+
+ ret = rest.SetRule("TOTAL_WIFI",
+ "wlan0",
+ NULL,
+ IFACE_WIFI,
+ 2,
+ 1,
+ ROAMING_UNKNOWN,
+ GTEST_MAC);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rest.SetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ sys_ret = system("toybox ping -c 5 www.tizen.org");
+ EXPECT_NE(0, sys_ret);
+
+ ret = rest.UnsetRstriction();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, Lock_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ int state;
+ f.GetLock(&state);
+ if (state == FIREWALL_LOCKED)
+ f.Unlock();
+
+ ret = f.Lock();
+ EXPECT_EQ(ERROR_NONE, ret);
+ f.Unlock();
+}
+
+TEST(StcManager_Firewall, Unlock_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ int state;
+ f.GetLock(&state);
+ if (state != FIREWALL_LOCKED)
+ f.Lock();
+
+ ret = f.Unlock();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, GetLock_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ int state;
+ f.GetLock(&state);
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, AddChain_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.AddChain("gtest");
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, AddRule_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.SetRule("gtest",
+ STC_FW_DIRECTION_IN,
+ STC_FW_IP_SINGLE,
+ STC_FW_IP_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PROTOCOL_TCP,
+ STC_FW_FAMILY_V4,
+ "1.1.1.1",
+ "1.1.1.1",
+ "2.2.2.2",
+ "2.2.2.2",
+ 9000,
+ 9000,
+ 9000,
+ 9000,
+ "wlan0",
+ STC_FW_RULE_TARGET_ACCEPT);
+
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = f.AddRule();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, AddRule_n)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.SetRule("gtest",
+ STC_FW_DIRECTION_IN,
+ STC_FW_IP_SINGLE,
+ STC_FW_IP_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PROTOCOL_TCP,
+ STC_FW_FAMILY_V4,
+ "1.1.1.1",
+ "1.1.1.1",
+ "2.2.2.2",
+ "2.2.2.2",
+ 9000,
+ 9000,
+ 9000,
+ 9000,
+ "wlan0",
+ STC_FW_RULE_TARGET_MAX);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = f.AddRule();
+ EXPECT_NE(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, UpdateRule_n)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.SetRule("gtest",
+ STC_FW_DIRECTION_IN,
+ STC_FW_IP_SINGLE,
+ STC_FW_IP_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PROTOCOL_TCP,
+ STC_FW_FAMILY_V4,
+ "1.1.1.1",
+ "1.1.1.1",
+ "2.2.2.2",
+ "2.2.2.2",
+ 9000,
+ 9000,
+ 9000,
+ 9000,
+ "wlan0",
+ STC_FW_RULE_TARGET_MAX);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = f.UpdateRule();
+ EXPECT_NE(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, RemoveRule_n)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.SetRule("gtest",
+ STC_FW_DIRECTION_IN,
+ STC_FW_IP_SINGLE,
+ STC_FW_IP_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PORT_SINGLE,
+ STC_FW_PROTOCOL_TCP,
+ STC_FW_FAMILY_V4,
+ "1.1.1.1",
+ "1.1.1.1",
+ "2.2.2.2",
+ "2.2.2.2",
+ 9000,
+ 9000,
+ 9000,
+ 9000,
+ "wlan0",
+ STC_FW_RULE_TARGET_MAX);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = f.RemoveRule();
+ EXPECT_NE(ERROR_NONE, ret);
+}
+
+
+TEST(StcManager_Firewall, SetChain_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.SetChain("gtest", 1);
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, SetChain_n)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.SetChain(NULL, 0);
+ EXPECT_NE(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, UnsetChain_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.UnsetChain("gtest");
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, UnsetChain_n)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.UnsetChain(NULL);
+ EXPECT_NE(ERROR_NONE, ret);
+}
+
+
+TEST(StcManager_Firewall, RemoveChain_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.RemoveChain("gtest");
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, RemoveChain_n)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.RemoveChain("not_a_chain");
+ EXPECT_NE(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, FlushChain_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.AddChain("gtest_chains");
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = f.FlushChain("gtest_chains");
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ f.RemoveChain("gtest_chains");
+}
+
+
+TEST(StcManager_Firewall, FlushChain_n)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.FlushChain(NULL);
+ EXPECT_NE(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, GetAllChain_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.GetAllChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Firewall, GetAllRule_p)
+{
+ error_e ret = ERROR_NONE;
+ Firewall f;
+
+ ret = f.GetAllRule();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcManager_Manager, Stop_p)
+{
+ error_e ret = ERROR_NONE;
+ Manager mgr;
+
+ ret = mgr.StopManager();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+int main(int argc, char **argv)
+{
+ InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_UNITTEST_H__
+#define __STC_MGR_UNITTEST_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <glib.h>
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __STC_MGR_UNITTEST_H__ */
\ No newline at end of file
+++ /dev/null
-CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-PROJECT(gtest-stc-manager C CXX)
-
-SET(GTEST_TEST "gtest-stc-manager")
-ADD_DEFINITIONS("-DUSE_DLOG")
-
-SET(REQUIRES_LIST ${REQUIRES_LIST}
- glib-2.0
- gio-2.0
- gmock
- dlog
-)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
-INCLUDE(FindPkgConfig)
-PKG_CHECK_MODULES(GTEST_TEST_PKG REQUIRED ${REQUIRES_LIST})
-
-FOREACH(flag ${GTEST_TEST_PKG_CFLAGS})
- SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
-ENDFOREACH(flag)
-
-SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -Wall -fPIE")
-SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
-SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${EXTRA_CFLAGS}")
-SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -pie")
-
-FILE(GLOB GTEST_TEST_SRCS *.cpp)
-SET(GTEST_TEST_SRCS ${GTEST_TEST_SRCS})
-
-ADD_EXECUTABLE(${GTEST_TEST} ${GTEST_TEST_SRCS})
-TARGET_LINK_LIBRARIES(${GTEST_TEST} ${GTEST_TEST_LDFLAGS} ${GTEST_TEST_PKG_LDFLAGS} -ldl -lgcov)
-
-INSTALL(TARGETS ${GTEST_TEST} RUNTIME DESTINATION ${BIN_DIR})
+++ /dev/null
-/*
- * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "common.h"
-
-GMainLoop *MainLoop::m_mainLoop = NULL;
-guint MainLoop::m_timerId = 0;
-
-MainLoop::MainLoop(void)
-{
-}
-
-MainLoop::~MainLoop(void)
-{
- if (m_mainLoop)
- g_main_loop_quit(m_mainLoop);
- if (m_timerId)
- g_source_remove(m_timerId);
-
- m_mainLoop = NULL;
- m_timerId = 0;
-}
-
-gboolean MainLoop::timeoutCb(gpointer data)
-{
- if (m_mainLoop)
- g_main_loop_quit(m_mainLoop);
- if (m_timerId)
- g_source_remove(m_timerId);
-
- m_mainLoop = NULL;
- m_timerId = 0;
-
- return false;
-}
-
-void MainLoop::run(unsigned int timeout)
-{
- if (m_timerId > 0)
- return;
-
- m_mainLoop = g_main_loop_new(NULL, false);
- m_timerId = g_timeout_add(timeout,
- (GSourceFunc) &MainLoop::timeoutCb,
- NULL);
- g_main_loop_run(m_mainLoop);
-}
-
-void MainLoop::quit(void)
-{
- timeoutCb(NULL);
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <glib.h>
-class MainLoop {
-private:
- static GMainLoop *m_mainLoop;
- static guint m_timerId;
-
- static gboolean timeoutCb(gpointer data);
-public:
- MainLoop(void);
- ~MainLoop(void);
- void run(unsigned int timeout);
- void quit(void);
-};
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <iostream>
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-
-#include "firewall.h"
-#include "common.h"
-
-static void AsyncReadyCallback(GObject *source_object,
- GAsyncResult *res, gpointer user_data)
-{
- MainLoop *M = (MainLoop *)user_data;
- GLOGD("Succeeded to response async callback");
- M->quit();
-}
-
-FRule::FRule()
-{
- this->chain[0] = '\0';
- this->direction = 0;
- this->siptype = 0;
- this->diptype = 0;
- this->sporttype = 0;
- this->dporttype = 0;
- this->protocol = 0;
- this->family = 0;
- this->sip1[0] = '\0';
- this->dip1[0] = '\0';
- this->sip2[0] = '\0';
- this->dip2[0] = '\0';
- this->dport1 = 0;
- this->dport2 = 0;
- this->sport1 = 0;
- this->sport2 = 0;
- this->iface[0] = '\0';
- this->target = 0;
-}
-
-FRule::~FRule()
-{
-}
-
-Firewall::Firewall()
-{
- Create();
-}
-
-Firewall::~Firewall()
-{
- Destroy();
-}
-
-error_e Firewall::SetRule(const char *chain, guint16 direction,
- guint16 siptype, guint16 diptype, guint16 sporttype,
- guint16 dporttype, guint16 protocol, guint16 family,
- const char *sip1, const char *dip1, const char *sip2,
- const char *dip2, guint32 dport1, guint32 dport2,
- guint32 sport1, guint32 sport2, const char *iface,
- guint16 target)
-{
- if (chain == NULL || strlen(chain) == 0)
- this->m_Rule.chain[0] = '\0';
- else
- g_strlcpy(this->m_Rule.chain, chain, CHAIN_LEN);
-
- if (sip1 == NULL || strlen(sip1) == 0)
- this->m_Rule.sip1[0] = '\0';
- else
- g_strlcpy(this->m_Rule.sip1, sip1, IP_LEN);
-
- if (sip2 == NULL || strlen(sip2) == 0)
- this->m_Rule.sip2[0] = '\0';
- else
- g_strlcpy(this->m_Rule.sip2, sip2, IP_LEN);
-
- if (dip1 == NULL || strlen(dip1) == 0)
- this->m_Rule.dip1[0] = '\0';
- else
- g_strlcpy(this->m_Rule.dip1, dip1, IP_LEN);
-
- if (dip2 == NULL || strlen(dip2) == 0)
- this->m_Rule.dip2[0] = '\0';
- else
- g_strlcpy(this->m_Rule.dip2, dip2, IP_LEN);
-
- if (iface == NULL || strlen(iface) == 0)
- this->m_Rule.iface[0] = '\0';
- else
- g_strlcpy(this->m_Rule.iface, iface, IFACE_LEN);
-
-
- this->m_Rule.direction = direction;
- this->m_Rule.siptype = siptype;
- this->m_Rule.diptype = diptype;
- this->m_Rule.sporttype = sporttype;
- this->m_Rule.dporttype = dporttype;
- this->m_Rule.protocol = protocol;
- this->m_Rule.family = family;
- this->m_Rule.dport1 = dport1;
- this->m_Rule.dport2 = dport2;
- this->m_Rule.sport1 = sport1;
- this->m_Rule.sport2 = sport2;
- this->m_Rule.target = target;
-
- return ERROR_NONE;
-}
-
-void Firewall::MakeRuleParams(GVariant **params)
-{
- GVariantBuilder *builder;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_CHAIN,
- g_variant_new_string(this->m_Rule.chain));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_DIRECTION,
- g_variant_new_uint16(this->m_Rule.direction));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_IFNAME,
- g_variant_new_string(this->m_Rule.iface));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_PROTOCOL,
- g_variant_new_uint16(this->m_Rule.protocol));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_TARGET,
- g_variant_new_uint16(this->m_Rule.target));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_FAMILY,
- g_variant_new_uint16(this->m_Rule.family));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_SIPTYPE,
- g_variant_new_uint16(this->m_Rule.siptype));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_SIP1,
- g_variant_new_string(this->m_Rule.sip1));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_SIP2,
- g_variant_new_string(this->m_Rule.sip2));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_DIPTYPE,
- g_variant_new_uint16(this->m_Rule.diptype));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_DIP1,
- g_variant_new_string(this->m_Rule.dip1));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_DIP2,
- g_variant_new_string(this->m_Rule.dip2));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_SPORTTYPE,
- g_variant_new_uint16(this->m_Rule.sporttype));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_SPORT1,
- g_variant_new_uint32(this->m_Rule.sport1));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_SPORT2,
- g_variant_new_uint32(this->m_Rule.sport2));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_DPORTTYPE,
- g_variant_new_uint16(this->m_Rule.dporttype));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_DPORT1,
- g_variant_new_uint32(this->m_Rule.dport1));
-
- g_variant_builder_add(builder, "{sv}",
- FIREWALL_RULE_DPORT2,
- g_variant_new_uint32(this->m_Rule.dport2));
-
- *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
- g_variant_builder_unref(builder);
-}
-
-error_e Firewall::GetAllRule(void)
-{
- MainLoop M;
- error_e error = ERROR_NONE;
-
- error = InvokeMethodNonblock(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_GET_ALL,
- NULL,
- DBUS_REPLY_TIMEOUT,
- AsyncReadyCallback,
- &M);
-
- if (error != ERROR_NONE) {
- GLOGD("Failed to invoke dbus method nonblock");
- return error;
- }
-
- GLOGD("Succeeded to get all restriction");
-
- M.run(GMAINTIMEOUT);
- return ERROR_NONE;
-}
-
-error_e Firewall::UpdateRule(void)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeRuleParams(¶ms);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_UPDATE,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::RemoveRule(void)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeRuleParams(¶ms);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_REMOVE,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::AddRule(void)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeRuleParams(¶ms);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_ADD,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::SetChain(const char *chain, unsigned int target)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_SET,
- g_variant_new("(su)", chain, target),
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::UnsetChain(const char *chain)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_UNSET,
- g_variant_new("(s)", chain),
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::FlushChain(const char *chain)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_FLUSH,
- g_variant_new("(s)", chain),
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::GetAllChain(void)
-{
- MainLoop M;
- error_e error = ERROR_NONE;
-
- error = InvokeMethodNonblock(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_GET_CHAIN,
- NULL,
- DBUS_REPLY_TIMEOUT,
- AsyncReadyCallback,
- &M);
-
- if (error != ERROR_NONE) {
- GLOGD("Failed to invoke dbus method nonblock");
- return error;
- }
-
- GLOGD("Succeeded to get all restriction");
-
- M.run(GMAINTIMEOUT);
- return ERROR_NONE;
-}
-
-error_e Firewall::RemoveChain(const char *chain)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_REMOVE_CHAIN,
- g_variant_new("(s)", chain),
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::AddChain(const char *chain)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_ADD_CHAIN,
- g_variant_new("(s)", chain),
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::GetLock(int *state)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_GET_LOCK,
- NULL,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", state);
- GLOGD("Succeeded to get lock state[%d]", *state);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::Unlock()
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_UNLOCK,
- NULL,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to unlock result[%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Firewall::Lock()
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_FIREWALL_PATH,
- STC_MGR_FIREWALL_INTERFACE,
- STC_MGR_METHOD_FIREWALL_LOCK,
- NULL,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to unlock result[%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef __STC_MGR_FIREWALL_H__
-#define __STC_MGR_FIREWALL_H__
-
-#include <glib.h>
-#include <gio/gio.h>
-
-#include "stcmgr.h"
-#include "gdbus.h"
-
-#define FIREWALL_RULE_CHAIN "chain"
-#define FIREWALL_RULE_DIRECTION "direction"
-#define FIREWALL_RULE_IFNAME "ifname"
-#define FIREWALL_RULE_PROTOCOL "protocol"
-#define FIREWALL_RULE_TARGET "target"
-#define FIREWALL_RULE_TARGETTYPE "target_type"
-
-#define FIREWALL_RULE_FAMILY "family"
-#define FIREWALL_RULE_SIPTYPE "s_ip_type"
-#define FIREWALL_RULE_SIP1 "s_ip1"
-#define FIREWALL_RULE_SIP2 "s_ip2"
-#define FIREWALL_RULE_DIPTYPE "d_ip_type"
-#define FIREWALL_RULE_DIP1 "d_ip1"
-#define FIREWALL_RULE_DIP2 "d_ip2"
-#define FIREWALL_RULE_SPORTTYPE "s_port_type"
-#define FIREWALL_RULE_SPORT1 "s_port1"
-#define FIREWALL_RULE_SPORT2 "s_port2"
-#define FIREWALL_RULE_DPORTTYPE "d_port_type"
-#define FIREWALL_RULE_DPORT1 "d_port1"
-#define FIREWALL_RULE_DPORT2 "d_port2"
-
-#define FIREWALL_RULE_LOG_LEVEL "log_level"
-#define FIREWALL_RULE_LOG_PREFIX "log_prefix"
-#define FIREWALL_RULE_NFLOG_GROUP "nflog_group"
-#define FIREWALL_RULE_NFLOG_PREFIX "nflog_prefix"
-#define FIREWALL_RULE_NFLOG_RANGE "nflog_range"
-#define FIREWALL_RULE_NFLOG_THRESHOLD "nflog_threshold"
-
-#define CHAIN_LEN 256
-#define IFACE_LEN 256
-#define IP_LEN 16
-
-class FRule {
-private:
-public:
- char chain[CHAIN_LEN];
- guint16 direction;
- guint16 siptype;
- guint16 diptype;
- guint16 sporttype;
- guint16 dporttype;
- guint16 protocol;
- guint16 family;
- char sip1[IP_LEN];
- char dip1[IP_LEN];
- char sip2[IP_LEN];
- char dip2[IP_LEN];
- guint32 dport1;
- guint32 dport2;
- guint32 sport1;
- guint32 sport2;
- char iface[IFACE_LEN];
- guint16 target;
-
- FRule();
- ~FRule();
-};
-
-class Firewall : public GDbus {
-private:
- FRule m_Rule;
-public:
- Firewall();
- ~Firewall();
- error_e SetRule(const char *app_id, const char *iface_name,
- const char *subscriber_id, iface_type_e iface_type,
- int64_t data_limit, int64_t data_warn_limit,
- roaming_type_e roaming_type, const char *mac);
- void MakeRuleParams(GVariant **params);
- void MakeGetParams(GVariant **params);
- void MakeStatusParams(GVariant **params);
- error_e Lock(void);
- error_e Unlock(void);
- error_e GetLock(int *state);
- error_e AddChain(const char * chain);
- error_e RemoveChain(const char * chain);
- error_e FlushChain(const char * chain);
- error_e GetAllChain();
- error_e SetChain(const char *chain, unsigned int target);
- error_e UnsetChain(const char *chain);
- error_e SetRule(const char *chain, guint16 direction,
- guint16 siptype, guint16 diptype, guint16 sporttype,
- guint16 dporttype, guint16 protocol, guint16 family,
- const char *sip1, const char *dip1, const char *sip2,
- const char *dip2, guint32 dport1, guint32 dport2,
- guint32 sport1, guint32 sport2, const char *iface,
- guint16 target);
- error_e AddRule();
- error_e RemoveRule();
- error_e UpdateRule();
- error_e GetAllRule();
-};
-
-#endif /* __STC_MGR_FIREWALL_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <iostream>
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-
-#include "gdbus.h"
-
-GDbus::GDbus()
-{
- this->m_pConnection = NULL;
- this->m_pCancellable = NULL;
-}
-
-GDbus::~GDbus()
-{
- GDBusConnection *conn = this->m_pConnection;
- GCancellable *cancel = this->m_pCancellable;
-
- if (cancel) {
- g_cancellable_cancel(cancel);
- g_object_unref(cancel);
- cancel = NULL;
- }
-
- if (conn) {
- g_object_unref(conn);
- conn = NULL;
- }
-}
-
-error_e GDbus::Create(void)
-{
- GError *err = NULL;
-
-#if !GLIB_CHECK_VERSION(2, 36, 0)
- g_type_init();
-#endif
-
- this->m_pConnection = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, &err);
- if (this->m_pConnection == NULL) {
- if (err != NULL) {
- GLOGD("Failed to connect to the D-BUS daemon [%s]", err->message);
- g_error_free(err);
- }
-
- return ERROR_OPERATION_FAILED;
- }
-
- this->m_pCancellable = g_cancellable_new();
-
- return ERROR_NONE;
-}
-
-error_e GDbus::Destroy(void)
-{
- g_cancellable_cancel(this->m_pCancellable);
- g_object_unref(this->m_pCancellable);
- this->m_pCancellable = NULL;
-
- g_object_unref(this->m_pConnection);
- this->m_pConnection = NULL;
-
- return ERROR_NONE;
-}
-
-GDBusConnection *GDbus::GetConnection(void)
-{
- return this->m_pConnection;
-}
-
-GCancellable *GDbus::GetCancellable(void)
-{
- return this->m_pCancellable;
-}
-
-error_e GDbus::ConvertErrorStringToEnum(const char *error)
-{
- if (NULL != strstr(error, "NoReply"))
- return ERROR_INVALID_OPERATION;
- else if (NULL != strstr(error, "Failed"))
- return ERROR_OPERATION_FAILED;
- else if (NULL != strstr(error, "UnknownMethod"))
- return ERROR_INVALID_OPERATION;
- else if (NULL != strstr(error, "InvalidArguments"))
- return ERROR_INVALID_PARAMETER;
- else if (NULL != strstr(error, "AccessDenied"))
- return ERROR_PERMISSION_DENIED;
- else if (NULL != strstr(error, "PermissionDenied"))
- return ERROR_PERMISSION_DENIED;
- else if (NULL != strstr(error, "NotSupported"))
- return ERROR_NOT_SUPPORTED;
- else if (NULL != strstr(error, "InProgress"))
- return ERROR_IN_PROGRESS;
-
- return ERROR_OPERATION_FAILED;
-}
-
-GVariant *GDbus::InvokeMethod(const char *dest, const char *path,
- const char *iface_name, const char *method, GVariant *params, error_e *dbus_error)
-{
- GError *error = NULL;
- GVariant *reply = NULL;
- GDBusConnection *connection = NULL;
- *dbus_error = ERROR_NONE;
-
- connection = GetConnection();
- if (connection == NULL) {
- GLOGD("GDBusconnection is NULL");
- *dbus_error = ERROR_NOT_INITIALIZED;
- return reply;
- }
-
- reply = g_dbus_connection_call_sync(connection,
- dest,
- path,
- iface_name,
- method,
- params,
- NULL,
- G_DBUS_CALL_FLAGS_NONE,
- DBUS_REPLY_TIMEOUT,
- GetCancellable(),
- &error);
-
- if (reply == NULL) {
- if (error != NULL) {
- GLOGD("g_dbus_connection_call_sync() failed "
- "error [%d: %s]", error->code, error->message);
- *dbus_error = ConvertErrorStringToEnum(error->message);
- g_error_free(error);
- } else {
- GLOGD("g_dbus_connection_call_sync() failed");
- *dbus_error = ERROR_OPERATION_FAILED;
- }
-
- return NULL;
- }
-
- return reply;
-}
-
-error_e GDbus::InvokeMethodNonblock(const char *dest, const char *path,
- const char *iface_name, const char *method, GVariant *params, int timeout,
- GAsyncReadyCallback notify_func, void *user_data)
-{
- GDBusConnection *connection = NULL;
-
- connection = GetConnection();
- if (connection == NULL) {
- GLOGD("GDBusconnection is NULL");
- return ERROR_NOT_INITIALIZED;
- }
-
- g_dbus_connection_call(connection,
- dest,
- path,
- iface_name,
- method,
- params,
- NULL,
- G_DBUS_CALL_FLAGS_NONE,
- timeout,
- GetCancellable(),
- (GAsyncReadyCallback) notify_func,
- (gpointer)user_data);
-
- return ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef __STC_MGR_GDBUS_H__
-#define __STC_MGR_GDBUS_H__
-
-#include <glib.h>
-#include <gio/gio.h>
-
-#include "stcmgr.h"
-
-#define GMAINTIMEOUT 10000
-#define DBUS_REPLY_TIMEOUT (120 * 1000)
-
-#define STC_MGR_SERVICE "net.stc"
-#define STC_MGR_STATISTICS_INTERFACE STC_MGR_SERVICE ".statistics"
-#define STC_MGR_RESTRICTION_INTERFACE STC_MGR_SERVICE ".restriction"
-#define STC_MGR_MANAGER_INTERFACE STC_MGR_SERVICE ".manager"
-#define STC_MGR_FIREWALL_INTERFACE STC_MGR_SERVICE ".firewall"
-
-#define STC_MGR_STATISTICS_PATH "/net/stc/statistics"
-#define STC_MGR_RESTRICTION_PATH "/net/stc/restriction"
-#define STC_MGR_MANAGER_PATH "/net/stc/manager"
-#define STC_MGR_FIREWALL_PATH "/net/stc/firewall"
-
-#define STC_MGR_METHOD_STATISTICS_INIT "Init"
-#define STC_MGR_METHOD_STATISTICS_GET_PER_APP_ID "Get"
-#define STC_MGR_METHOD_STATISTICS_GET_ALL "GetAll"
-#define STC_MGR_METHOD_STATISTICS_GET_TOTAL "Get"
-#define STC_MGR_METHOD_STATISTICS_RESET "Reset"
-
-#define STC_MGR_METHOD_RESTRICTION_SET "Set"
-#define STC_MGR_METHOD_RESTRICTION_GET_STATUS "GetState"
-#define STC_MGR_METHOD_RESTRICTION_GET_PER_APP_ID "Get"
-#define STC_MGR_METHOD_RESTRICTION_GET_ALL "GetAll"
-#define STC_MGR_METHOD_RESTRICTION_UNSET "Unset"
-#define STC_MGR_METHOD_RESTRICTION_EXCLUDE "Exclude"
-
-#define STC_MGR_METHOD_MANAGER_STOP "Stop"
-
-#define STC_MGR_METHOD_FIREWALL_GET_ALL "GetAllRule"
-#define STC_MGR_METHOD_FIREWALL_UPDATE "UpdateRule"
-#define STC_MGR_METHOD_FIREWALL_REMOVE "RemoveRule"
-#define STC_MGR_METHOD_FIREWALL_ADD "AddRule"
-#define STC_MGR_METHOD_FIREWALL_SET "SetChain"
-#define STC_MGR_METHOD_FIREWALL_UNSET "UnsetChain"
-#define STC_MGR_METHOD_FIREWALL_FLUSH "FlushChain"
-#define STC_MGR_METHOD_FIREWALL_GET_CHAIN "GetAllChain"
-#define STC_MGR_METHOD_FIREWALL_REMOVE_CHAIN "RemoveChain"
-#define STC_MGR_METHOD_FIREWALL_ADD_CHAIN "AddChain"
-#define STC_MGR_METHOD_FIREWALL_GET_LOCK "GetLock"
-#define STC_MGR_METHOD_FIREWALL_LOCK "Lock"
-#define STC_MGR_METHOD_FIREWALL_UNLOCK "Unlock"
-
-class GDbus {
-private:
- GDBusConnection *m_pConnection;
- GCancellable *m_pCancellable;
-public:
- GDbus();
- ~GDbus();
- error_e Create(void);
- error_e Destroy(void);
- GDBusConnection *GetConnection(void);
- GCancellable *GetCancellable(void);
- error_e ConvertErrorStringToEnum(const char *error);
- GVariant *InvokeMethod(const char *dest, const char *path,
- const char *iface_name, const char *method, GVariant *params, error_e *dbus_error);
- error_e InvokeMethodNonblock(const char *dest, const char *path,
- const char *iface_name, const char *method, GVariant *params, int timeout,
- GAsyncReadyCallback notify_func, void *user_data);
-};
-
-#endif /* __STC_MGR_GDBUS_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <iostream>
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-
-#include "manager.h"
-
-Manager::Manager()
-{
- Create();
-}
-
-Manager::~Manager()
-{
- Destroy();
-}
-
-error_e Manager::StopManager(void)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_MANAGER_PATH,
- STC_MGR_MANAGER_INTERFACE,
- STC_MGR_METHOD_MANAGER_STOP,
- NULL,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Successfully stop manager [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef __STC_MGR_MANAGER_H__
-#define __STC_MGR_MANAGER_H__
-
-#include "stcmgr.h"
-#include "gdbus.h"
-
-class Manager : public GDbus {
-private:
-public:
- Manager();
- ~Manager();
- error_e StopManager(void);
-};
-
-
-#endif /* __STC_MGR_MANAGER_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <iostream>
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-
-#include "restriction.h"
-#include "common.h"
-
-static void AsyncReadyCallback(GObject *source_object,
- GAsyncResult *res, gpointer user_data)
-{
- MainLoop *M = (MainLoop *)user_data;
- GLOGD("Succeeded to response async callback");
- M->quit();
-}
-
-RRule::RRule()
-{
- this->m_AppID[0] = '\0';
- this->m_IfaceName[0] = '\0';
- this->m_IfaceType = IFACE_ALL;
- this->m_DataLimit = 0;
- this->m_DataWarnLimit = 0;
- this->m_RoamingType = ROAMING_DISABLED;
- this->m_SubscriberID[0] = '\0';
-}
-
-RRule::~RRule()
-{
-}
-
-Restriction::Restriction()
-{
- Create();
-}
-
-Restriction::~Restriction()
-{
- Destroy();
-}
-
-error_e Restriction::SetRule(const char *app_id, const char *iface_name,
- const char *subscriber_id, iface_type_e iface_type,
- int64_t data_limit, int64_t data_warn_limit,
- roaming_type_e roaming_type, const char *mac)
-{
- if (app_id == NULL || strlen(app_id) == 0)
- this->m_Rule.m_AppID[0] = '\0';
- else
- g_strlcpy(this->m_Rule.m_AppID, app_id, APP_ID_LEN);
-
- if (iface_name == NULL || strlen(iface_name) == 0)
- this->m_Rule.m_IfaceName[0] = '\0';
- else
- g_strlcpy(this->m_Rule.m_IfaceName, iface_name, IFNAME_LEN);
-
- if (subscriber_id == NULL || strlen(subscriber_id) == 0)
- this->m_Rule.m_SubscriberID[0] = '\0';
- else
- g_strlcpy(this->m_Rule.m_SubscriberID, subscriber_id, SUBSCRIBER_ID_LEN);
-
- if (mac == NULL || strlen(mac) == 0)
- this->m_Rule.m_Mac[0] = '\0';
- else
- g_strlcpy(this->m_Rule.m_Mac, mac, MAC_LEN);
-
- switch(iface_type) {
- case IFACE_UNKNOWN:
- case IFACE_DATACALL:
- case IFACE_WIFI:
- case IFACE_WIRED:
- case IFACE_BLUETOOTH:
- case IFACE_ALL:
- this->m_Rule.m_IfaceType = iface_type;
- break;
- default:
- return ERROR_INVALID_PARAMETER;
- }
-
- switch(roaming_type) {
- case ROAMING_UNKNOWN:
- case ROAMING_ENABLED:
- case ROAMING_DISABLED:
- this->m_Rule.m_RoamingType = roaming_type;
- break;
- default:
- return ERROR_INVALID_PARAMETER;
- }
-
- this->m_Rule.m_DataLimit = data_limit;
- this->m_Rule.m_DataWarnLimit = data_warn_limit;
-
- return ERROR_NONE;
-}
-
-void Restriction::MakeRuleParams(GVariant **params)
-{
- GVariantBuilder *builder;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_APP_ID,
- g_variant_new_string(this->m_Rule.m_AppID));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_IFNAME,
- g_variant_new_string(this->m_Rule.m_IfaceName));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_IFTYPE,
- g_variant_new_uint16(this->m_Rule.m_IfaceType));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_ROAMING,
- g_variant_new_uint16(this->m_Rule.m_RoamingType));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_SUBSCRIBER_ID,
- g_variant_new_string(this->m_Rule.m_SubscriberID));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_DATA_LIMIT,
- g_variant_new_int64(this->m_Rule.m_DataLimit));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_DATA_WARN_LIMIT,
- g_variant_new_int64(this->m_Rule.m_DataWarnLimit));
-
- g_variant_builder_add(builder, "{sv}",
- RESTRICTION_RULE_MAC,
- g_variant_new_string(this->m_Rule.m_Mac));
-
-
- *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
- g_variant_builder_unref(builder);
-}
-
-void Restriction::MakeGetParams(GVariant **params)
-{
- *params = g_variant_new("(s)", this->m_Rule.m_AppID);
-}
-
-void Restriction::MakeStatusParams(GVariant **params)
-{
- *params = g_variant_new("(si)",
- this->m_Rule.m_AppID, this->m_Rule.m_IfaceType);
-}
-
-error_e Restriction::SetRstriction(void)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeRuleParams(¶ms);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_RESTRICTION_PATH,
- STC_MGR_RESTRICTION_INTERFACE,
- STC_MGR_METHOD_RESTRICTION_SET,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to set restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Restriction::ExcludeRstriction(void)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeRuleParams(¶ms);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_RESTRICTION_PATH,
- STC_MGR_RESTRICTION_INTERFACE,
- STC_MGR_METHOD_RESTRICTION_EXCLUDE,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to exclude restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Restriction::UnsetRstriction(void)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeRuleParams(¶ms);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_RESTRICTION_PATH,
- STC_MGR_RESTRICTION_INTERFACE,
- STC_MGR_METHOD_RESTRICTION_UNSET,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to unset restriction [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Restriction::GetRstrictionStatus(restriction_status_e *status)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeStatusParams(¶ms);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_RESTRICTION_PATH,
- STC_MGR_RESTRICTION_INTERFACE,
- STC_MGR_METHOD_RESTRICTION_GET_STATUS,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(ii)", &result, status);
- GLOGD("Succeeded to get restriction status [%d:%d]", result, *status);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Restriction::GetRstriction(void)
-{
- MainLoop M;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
-
- MakeGetParams(¶ms);
-
- error = InvokeMethodNonblock(STC_MGR_SERVICE,
- STC_MGR_RESTRICTION_PATH,
- STC_MGR_RESTRICTION_INTERFACE,
- STC_MGR_METHOD_RESTRICTION_GET_PER_APP_ID,
- params,
- DBUS_REPLY_TIMEOUT,
- AsyncReadyCallback,
- &M);
-
- if (error != ERROR_NONE) {
- GLOGD("Failed to invoke dbus method nonblock");
- return error;
- }
-
- GLOGD("Succeeded to get restriction per app ID");
-
- M.run(GMAINTIMEOUT);
- return ERROR_NONE;
-}
-
-error_e Restriction::GetAllRstriction(void)
-{
- MainLoop M;
- error_e error = ERROR_NONE;
-
- error = InvokeMethodNonblock(STC_MGR_SERVICE,
- STC_MGR_RESTRICTION_PATH,
- STC_MGR_RESTRICTION_INTERFACE,
- STC_MGR_METHOD_RESTRICTION_GET_ALL,
- NULL,
- DBUS_REPLY_TIMEOUT,
- AsyncReadyCallback,
- &M);
-
- if (error != ERROR_NONE) {
- GLOGD("Failed to invoke dbus method nonblock");
- return error;
- }
-
- GLOGD("Succeeded to get all restriction");
-
- M.run(GMAINTIMEOUT);
- return ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef __STC_MGR_RESTRICTION_H__
-#define __STC_MGR_RESTRICTION_H__
-
-#include <glib.h>
-#include <gio/gio.h>
-
-#include "stcmgr.h"
-#include "gdbus.h"
-
-#define RESTRICTION_RULE_APP_ID "app_id"
-#define RESTRICTION_RULE_IFNAME "ifname"
-#define RESTRICTION_RULE_IFTYPE "iftype"
-#define RESTRICTION_RULE_ROAMING "roaming"
-#define RESTRICTION_RULE_SUBSCRIBER_ID "subscriber_id"
-#define RESTRICTION_RULE_DATA_LIMIT "data_limit"
-#define RESTRICTION_RULE_DATA_WARN_LIMIT "data_warn_limit"
-#define RESTRICTION_RULE_MAC "mac"
-
-typedef enum {
- RESTRICTION_UNKNOWN,
- RESTRICTION_ACTIVATED,
- RESTRICTION_REMOVED,
- RESTRICTION_EXCLUDED,
- RESTRICTION_BACKGROUND,
- RESTRICTION_LAST_ELEM,
-} restriction_status_e;
-
-class RRule {
-private:
-public:
- char m_AppID[APP_ID_LEN];
- char m_IfaceName[IFNAME_LEN];
- char m_SubscriberID[SUBSCRIBER_ID_LEN];
- char m_Mac[MAC_LEN];
- iface_type_e m_IfaceType;
- int64_t m_DataLimit;
- int64_t m_DataWarnLimit;
- roaming_type_e m_RoamingType;
-
- RRule();
- ~RRule();
-};
-
-class Restriction : public GDbus {
-private:
- RRule m_Rule;
-public:
- Restriction();
- ~Restriction();
- error_e SetRule(const char *app_id, const char *iface_name,
- const char *subscriber_id, iface_type_e iface_type,
- int64_t data_limit, int64_t data_warn_limit,
- roaming_type_e roaming_type, const char *mac);
- void MakeRuleParams(GVariant **params);
- void MakeGetParams(GVariant **params);
- void MakeStatusParams(GVariant **params);
- error_e SetRstriction(void);
- error_e ExcludeRstriction(void);
- error_e UnsetRstriction(void);
- error_e GetRstrictionStatus(restriction_status_e *status);
- error_e GetRstriction(void);
- error_e GetAllRstriction(void);
-};
-
-#endif /* __STC_MGR_RESTRICTION_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <iostream>
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-
-#include "statistics.h"
-#include "common.h"
-
-static void AsyncReadyCallback(GObject *source_object,
- GAsyncResult *res, gpointer user_data)
-{
- MainLoop *M = (MainLoop *)user_data;
- GLOGD("Succeeded to response async callback");
- M->quit();
-}
-
-SRule::SRule()
-{
- this->m_IfaceType = IFACE_UNKNOWN;
- this->m_TimePeriod = TIME_PERIOD_UNKNOWN;
- this->m_Interval.from = 0;
- this->m_Interval.to = 0;
-}
-
-SRule::~SRule()
-{
-}
-
-Statistics::Statistics()
-{
- Create();
-}
-
-Statistics::~Statistics()
-{
- Destroy();
-}
-
-error_e Statistics::SetRule(const char *app_id, const char *subscriber_id,
- iface_type_e iface_type, time_t from, time_t to, time_period_e time_period)
-{
- if (app_id == NULL || strlen(app_id) == 0)
- this->m_Rule.m_AppID[0] = '\0';
- else
- g_strlcpy(this->m_Rule.m_AppID, app_id, APP_ID_LEN);
-
- if (subscriber_id == NULL || strlen(subscriber_id) == 0)
- this->m_Rule.m_SubscriberID[0] = '\0';
- else
- g_strlcpy(this->m_Rule.m_SubscriberID, subscriber_id, SUBSCRIBER_ID_LEN);
-
- switch(iface_type) {
- case IFACE_UNKNOWN:
- case IFACE_DATACALL:
- case IFACE_WIFI:
- case IFACE_WIRED:
- case IFACE_BLUETOOTH:
- case IFACE_ALL:
- this->m_Rule.m_IfaceType = iface_type;
- break;
- default:
- return ERROR_INVALID_PARAMETER;
- }
-
- if (from < 0 || to < 0)
- return ERROR_INVALID_PARAMETER;
-
- this->m_Rule.m_Interval.from = from;
- this->m_Rule.m_Interval.to = to;
-
- switch(time_period) {
- case TIME_PERIOD_UNKNOWN:
- case TIME_PERIOD_HOUR:
- case TIME_PERIOD_DAY:
- case TIME_PERIOD_WEEK:
- case TIME_PERIOD_MONTH:
- this->m_Rule.m_TimePeriod = time_period;
- break;
- default:
- return ERROR_INVALID_PARAMETER;
- }
-
- return ERROR_NONE;
-}
-
-time_t Statistics::MakeTime(int year, int mon, int day, int hour, int min)
-{
- struct tm curr = { 0, };
- curr.tm_year = year - 1900;
- curr.tm_mon = mon - 1;
- curr.tm_mday = day;
- curr.tm_hour = hour;
- curr.tm_min = min;
- return mktime(&curr);
-}
-
-void Statistics::MakeRuleParams(GVariant **params, int mode)
-{
- GVariantBuilder *builder;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
-
- g_variant_builder_add(builder, "{sv}",
- STATISTICS_RULE_INTERVAL_FROM,
- g_variant_new_uint64(this->m_Rule.m_Interval.from));
-
- g_variant_builder_add(builder, "{sv}",
- STATISTICS_RULE_INTERVAL_TO,
- g_variant_new_uint64(this->m_Rule.m_Interval.to));
-
- g_variant_builder_add(builder, "{sv}",
- STATISTICS_RULE_IFTYPE,
- g_variant_new_uint16(this->m_Rule.m_IfaceType));
-
- g_variant_builder_add(builder, "{sv}",
- STATISTICS_RULE_TIME_PERIOD,
- g_variant_new_int32(this->m_Rule.m_TimePeriod));
-
- switch (mode) {
- case 0: /* reset */
- g_variant_builder_add(builder, "{sv}",
- STATISTICS_RULE_APP_ID,
- g_variant_new_string(this->m_Rule.m_AppID));
-
- g_variant_builder_add(builder, "{sv}",
- RESET_RULE_SUBSCRIBER_ID,
- g_variant_new_string(this->m_Rule.m_SubscriberID));
-
- *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
- break;
- case 1: /* get app */
- *params = g_variant_new("(s@a{sv})", this->m_Rule.m_AppID, g_variant_builder_end(builder));
- break;
- case 2: /* get total */
- *params = g_variant_new("(s@a{sv})", "", g_variant_builder_end(builder));
- break;
- case 3: /* get all */
- default:
- *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder));
- break;
- }
-
- g_variant_builder_unref(builder);
-}
-
-error_e Statistics::InitStatistics(void)
-{
- GVariant *message = NULL;
- error_e error = ERROR_NONE;
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_STATISTICS_PATH,
- STC_MGR_STATISTICS_INTERFACE,
- STC_MGR_METHOD_STATISTICS_INIT,
- NULL,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- GLOGD("Succeeded to init statistics");
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
-
-error_e Statistics::GetStatistics(void)
-{
- MainLoop M;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
-
- MakeRuleParams(¶ms, 1);
-
- error = InvokeMethodNonblock(STC_MGR_SERVICE,
- STC_MGR_STATISTICS_PATH,
- STC_MGR_STATISTICS_INTERFACE,
- STC_MGR_METHOD_STATISTICS_GET_PER_APP_ID,
- params,
- DBUS_REPLY_TIMEOUT,
- AsyncReadyCallback,
- &M);
-
- if (error != ERROR_NONE) {
- GLOGD("Failed to invoke dbus method nonblock");
- return error;
- }
-
- M.run(GMAINTIMEOUT);
- GLOGD("Succeeded to get statistics per app ID");
-
- return ERROR_NONE;
-}
-
-error_e Statistics::GetTotalStatistics(void)
-{
- MainLoop M;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
-
- MakeRuleParams(¶ms, 2);
-
- error = InvokeMethodNonblock(STC_MGR_SERVICE,
- STC_MGR_STATISTICS_PATH,
- STC_MGR_STATISTICS_INTERFACE,
- STC_MGR_METHOD_STATISTICS_GET_TOTAL,
- params,
- DBUS_REPLY_TIMEOUT,
- AsyncReadyCallback,
- &M);
-
- if (error != ERROR_NONE) {
- GLOGD("Failed to invoke dbus method nonblock");
- return error;
- }
-
- M.run(GMAINTIMEOUT);
- GLOGD("Succeeded to get total statistics");
-
- return ERROR_NONE;
-}
-
-error_e Statistics::GetAllStatistics(void)
-{
- MainLoop M;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
-
- MakeRuleParams(¶ms, 3);
-
- error = InvokeMethodNonblock(STC_MGR_SERVICE,
- STC_MGR_STATISTICS_PATH,
- STC_MGR_STATISTICS_INTERFACE,
- STC_MGR_METHOD_STATISTICS_GET_ALL,
- params,
- DBUS_REPLY_TIMEOUT,
- AsyncReadyCallback,
- &M);
-
- if (error != ERROR_NONE) {
- GLOGD("Failed to invoke dbus method nonblock");
- return error;
- }
-
- M.run(GMAINTIMEOUT);
- GLOGD("Succeeded to get all statistics");
-
- return ERROR_NONE;
-}
-
-error_e Statistics::ResetStatistics(void)
-{
- GVariant *message = NULL;
- GVariant *params = NULL;
- error_e error = ERROR_NONE;
- int result = 0;
-
- MakeRuleParams(¶ms, 0);
-
- message = InvokeMethod(STC_MGR_SERVICE,
- STC_MGR_STATISTICS_PATH,
- STC_MGR_STATISTICS_INTERFACE,
- STC_MGR_METHOD_STATISTICS_RESET,
- params,
- &error);
-
- if (message == NULL) {
- GLOGD("Failed to invoke dbus method");
- return error;
- }
-
- g_variant_get(message, "(i)", &result);
- GLOGD("Succeeded to reset statistics [%d]", result);
- g_variant_unref(message);
-
- return ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef __STC_MGR_STATISTICS_H__
-#define __STC_MGR_STATISTICS_H__
-
-#include "stcmgr.h"
-#include "gdbus.h"
-
-#define STATISTICS_RULE_APP_ID "app_id"
-#define STATISTICS_RULE_INTERVAL_FROM "from"
-#define STATISTICS_RULE_INTERVAL_TO "to"
-#define STATISTICS_RULE_IFTYPE "iftype"
-#define STATISTICS_RULE_TIME_PERIOD "granularity"
-
-#define RESET_RULE_SUBSCRIBER_ID "subscriber_id"
-
-typedef struct {
- time_t from;
- time_t to;
-} time_interval_s;
-
-class SRule {
-private:
-public:
- char m_AppID[APP_ID_LEN];
- char m_SubscriberID[SUBSCRIBER_ID_LEN];
- iface_type_e m_IfaceType;
- time_period_e m_TimePeriod;
- time_interval_s m_Interval;
-
- SRule();
- ~SRule();
-};
-
-class Statistics : public GDbus {
-private:
- SRule m_Rule;
-public:
- Statistics();
- ~Statistics();
- error_e SetRule(const char *app_id, const char *subscriber_id,
- iface_type_e iface_type, time_t from, time_t to, time_period_e time_period);
- time_t MakeTime(int year, int mon, int day, int hour, int min);
- void MakeRuleParams(GVariant **params, int mode);
- error_e InitStatistics(void);
- error_e GetStatistics(void);
- error_e GetTotalStatistics(void);
- error_e GetAllStatistics(void);
- error_e ResetStatistics(void);
-};
-
-
-#endif /* __STC_MGR_STATISTICS_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "stcmgr.h"
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef __STC_MGR_H__
-#define __STC_MGR_H__
-
-#include <glib.h>
-
-#define APP_ID_LEN 128
-#define IFNAME_LEN 16
-#define SUBSCRIBER_ID_LEN 128
-#define MAC_LEN 18
-
-#ifdef USE_DLOG
-#include <dlog.h>
-#undef LOG_TAG
-#define LOG_TAG "STC_GTEST"
-#define GLOGD(format, args...) LOGD(format, ##args)
-#else
-#define GLOGD(format, args...)
-#endif
-
-typedef enum {
- ERROR_NONE = 0,
- ERROR_NOT_PERMITTED = -1,
- ERROR_OUT_OF_MEMORY = -2,
- ERROR_PERMISSION_DENIED = -3,
- ERROR_RESOURCE_BUSY = -4,
- ERROR_INVALID_OPERATION = -5,
- ERROR_INVALID_PARAMETER = -6,
- ERROR_NOT_SUPPORTED = -7,
- ERROR_OPERATION_FAILED = -8,
- ERROR_NOT_INITIALIZED = -9,
- ERROR_ALREADY_INITIALIZED = -10,
- ERROR_IN_PROGRESS = -11,
-} error_e;
-
-typedef enum {
- IFACE_UNKNOWN,
- IFACE_DATACALL,
- IFACE_WIFI,
- IFACE_WIRED,
- IFACE_BLUETOOTH,
- IFACE_ALL,
-} iface_type_e;
-
-typedef enum {
- ROAMING_UNKNOWN,
- ROAMING_ENABLED,
- ROAMING_DISABLED,
-} roaming_type_e;
-
-typedef enum {
- TIME_PERIOD_UNKNOWN = 0,
- TIME_PERIOD_HOUR = 3600,
- TIME_PERIOD_DAY = 86400,
- TIME_PERIOD_WEEK = 604800,
- TIME_PERIOD_MONTH = 2419200,
-} time_period_e;
-
-#endif /* __STC_MGR_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <iostream>
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-#include <unistd.h>
-
-#include "unittest.h"
-#include "restriction.h"
-#include "statistics.h"
-#include "manager.h"
-#include "stc-manager.h"
-#include "firewall.h"
-
-#define GTEST_MAC "1:c:e:b:00:da"
-
-using ::testing::InitGoogleTest;
-using ::testing::Test;
-using ::testing::TestCase;
-
-typedef enum {
- FIREWALL_UNKONWN,
- FIREWALL_UNLOCKED,
- FIREWALL_LOCKED
-} firewall_lock_e;
-
-TEST(StcManager_Statistics, Init_p)
-{
- error_e ret = ERROR_NONE;
- Statistics stat;
-
- ret = stat.InitStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Statistics, Get_p)
-{
- error_e ret = ERROR_NONE;
- Statistics stat;
- time_t from = 0;
- time_t to = 0;
-
- from = stat.MakeTime(2000, 1, 1, 1, 1);
- time(&to);
-
- ret = stat.SetRule("TOTAL_DATACALL",
- NULL,
- IFACE_DATACALL,
- from,
- to,
- TIME_PERIOD_DAY);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.GetStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.SetRule("TOTAL_WIFI",
- NULL,
- IFACE_WIFI,
- from,
- to,
- TIME_PERIOD_UNKNOWN);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.GetStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Statistics, GetAll_p)
-{
- error_e ret = ERROR_NONE;
- Statistics stat;
- time_t from = 0;
- time_t to = 0;
-
- from = stat.MakeTime(2000, 1, 1, 1, 1);
- time(&to);
-
- ret = stat.SetRule(NULL,
- NULL,
- IFACE_UNKNOWN,
- from,
- to,
- TIME_PERIOD_UNKNOWN);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.GetAllStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Statistics, GetTotal_p)
-{
- error_e ret = ERROR_NONE;
- Statistics stat;
- time_t from = 0;
- time_t to = 0;
-
- from = stat.MakeTime(2000, 1, 1, 1, 1);
- time(&to);
-
- ret = stat.SetRule(NULL,
- NULL,
- IFACE_DATACALL,
- from,
- to,
- TIME_PERIOD_UNKNOWN);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.GetTotalStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.SetRule(NULL,
- NULL,
- IFACE_WIFI,
- from,
- to,
- TIME_PERIOD_UNKNOWN);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.GetTotalStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Restriction, Set_p)
-{
- error_e ret = ERROR_NONE;
- Restriction rest;
-
- ret = rest.SetRule("Test_tel",
- "seth_w0",
- "1234567890abcdefg",
- IFACE_DATACALL,
- 0,
- 0,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRule("TOTAL_WIFI",
- "wlan0",
- NULL,
- IFACE_WIFI,
- 2,
- 1,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRule("Test_eth",
- "eth0",
- NULL,
- IFACE_WIRED,
- 100000,
- 80000,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Restriction, Get_p)
-{
- error_e ret = ERROR_NONE;
- Restriction rest;
-
- ret = rest.SetRule("Test_tel",
- "seth_w0",
- "1234567890abcdefg",
- IFACE_DATACALL,
- 0,
- 0,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.GetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRule("TOTAL_WIFI",
- "wlan0",
- NULL,
- IFACE_WIFI,
- 0,
- 0,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.GetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRule("TOTAL_IPV4",
- "seth_w0",
- NULL,
- IFACE_DATACALL,
- 0,
- 0,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.GetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Restriction, GetAll_p)
-{
- error_e ret = ERROR_NONE;
- Restriction rest;
-
- ret = rest.GetAllRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-
-TEST(StcManager_Restriction, Unset_p)
-{
- error_e ret = ERROR_NONE;
- Restriction rest;
-
- ret = rest.SetRule("Test_tel",
- "seth_w0",
- "1234567890abcdefg",
- IFACE_DATACALL,
- 0,
- 0,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.UnsetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRule("TOTAL_WIFI",
- "wlan0",
- NULL,
- IFACE_WIFI,
- 2,
- 1,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.UnsetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRule("Test_eth",
- "eth0",
- NULL,
- IFACE_WIRED,
- 100000,
- 80000,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.UnsetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRule("TOTAL_DATACALL",
- "seth_w0",
- NULL,
- IFACE_DATACALL,
- 0,
- 0,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.UnsetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Statistics, Reset_p)
-{
- error_e ret = ERROR_NONE;
- Statistics stat;
- time_t from = 0;
- time_t to = 0;
-
- from = stat.MakeTime(2000, 1, 1, 1, 1);
- time(&to);
-
- ret = stat.SetRule("TOTAL_DATACALL",
- "1234567890abcdefg",
- IFACE_DATACALL,
- from,
- to,
- TIME_PERIOD_UNKNOWN);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.ResetStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.SetRule(NULL,
- NULL,
- IFACE_UNKNOWN,
- from,
- to,
- TIME_PERIOD_UNKNOWN);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = stat.ResetStatistics();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Restriction, RemoveRulePostWarnLimitCrossed_p)
-{
- error_e ret = ERROR_NONE;
- int sys_ret;
- Restriction rest;
-
- ret = rest.SetRule("TOTAL_WIFI",
- "wlan0",
- NULL,
- IFACE_WIFI,
- -1,
- 1,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- sys_ret = system("toybox ping -c 5 www.tizen.org");
- EXPECT_EQ(0, sys_ret);
-
- ret = rest.UnsetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Restriction, RemoveRulePostRestrictionLimitCrossed_p)
-{
- error_e ret = ERROR_NONE;
- int sys_ret;
- Restriction rest;
-
- ret = rest.SetRule("TOTAL_WIFI",
- "wlan0",
- NULL,
- IFACE_WIFI,
- 2,
- -1,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- sys_ret = system("toybox ping -c 5 www.tizen.org");
- EXPECT_NE(0, sys_ret);
-
- ret = rest.UnsetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Restriction, RemoveRulePostBothLimitCrossed_p)
-{
- error_e ret = ERROR_NONE;
- int sys_ret;
- Restriction rest;
-
- ret = rest.SetRule("TOTAL_WIFI",
- "wlan0",
- NULL,
- IFACE_WIFI,
- 2,
- 1,
- ROAMING_UNKNOWN,
- GTEST_MAC);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = rest.SetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-
- sys_ret = system("toybox ping -c 5 www.tizen.org");
- EXPECT_NE(0, sys_ret);
-
- ret = rest.UnsetRstriction();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, Lock_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- int state;
- f.GetLock(&state);
- if (state == FIREWALL_LOCKED)
- f.Unlock();
-
- ret = f.Lock();
- EXPECT_EQ(ERROR_NONE, ret);
- f.Unlock();
-}
-
-TEST(StcManager_Firewall, Unlock_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- int state;
- f.GetLock(&state);
- if (state != FIREWALL_LOCKED)
- f.Lock();
-
- ret = f.Unlock();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, GetLock_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- int state;
- f.GetLock(&state);
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, AddChain_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.AddChain("gtest");
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, AddRule_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.SetRule("gtest",
- STC_FW_DIRECTION_IN,
- STC_FW_IP_SINGLE,
- STC_FW_IP_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PROTOCOL_TCP,
- STC_FW_FAMILY_V4,
- "1.1.1.1",
- "1.1.1.1",
- "2.2.2.2",
- "2.2.2.2",
- 9000,
- 9000,
- 9000,
- 9000,
- "wlan0",
- STC_FW_RULE_TARGET_ACCEPT);
-
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = f.AddRule();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, AddRule_n)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.SetRule("gtest",
- STC_FW_DIRECTION_IN,
- STC_FW_IP_SINGLE,
- STC_FW_IP_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PROTOCOL_TCP,
- STC_FW_FAMILY_V4,
- "1.1.1.1",
- "1.1.1.1",
- "2.2.2.2",
- "2.2.2.2",
- 9000,
- 9000,
- 9000,
- 9000,
- "wlan0",
- STC_FW_RULE_TARGET_MAX);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = f.AddRule();
- EXPECT_NE(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, UpdateRule_n)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.SetRule("gtest",
- STC_FW_DIRECTION_IN,
- STC_FW_IP_SINGLE,
- STC_FW_IP_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PROTOCOL_TCP,
- STC_FW_FAMILY_V4,
- "1.1.1.1",
- "1.1.1.1",
- "2.2.2.2",
- "2.2.2.2",
- 9000,
- 9000,
- 9000,
- 9000,
- "wlan0",
- STC_FW_RULE_TARGET_MAX);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = f.UpdateRule();
- EXPECT_NE(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, RemoveRule_n)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.SetRule("gtest",
- STC_FW_DIRECTION_IN,
- STC_FW_IP_SINGLE,
- STC_FW_IP_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PORT_SINGLE,
- STC_FW_PROTOCOL_TCP,
- STC_FW_FAMILY_V4,
- "1.1.1.1",
- "1.1.1.1",
- "2.2.2.2",
- "2.2.2.2",
- 9000,
- 9000,
- 9000,
- 9000,
- "wlan0",
- STC_FW_RULE_TARGET_MAX);
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = f.RemoveRule();
- EXPECT_NE(ERROR_NONE, ret);
-}
-
-
-TEST(StcManager_Firewall, SetChain_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.SetChain("gtest", 1);
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, SetChain_n)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.SetChain(NULL, 0);
- EXPECT_NE(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, UnsetChain_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.UnsetChain("gtest");
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, UnsetChain_n)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.UnsetChain(NULL);
- EXPECT_NE(ERROR_NONE, ret);
-}
-
-
-TEST(StcManager_Firewall, RemoveChain_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.RemoveChain("gtest");
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, RemoveChain_n)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.RemoveChain("not_a_chain");
- EXPECT_NE(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, FlushChain_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.AddChain("gtest_chains");
- EXPECT_EQ(ERROR_NONE, ret);
-
- ret = f.FlushChain("gtest_chains");
- EXPECT_EQ(ERROR_NONE, ret);
-
- f.RemoveChain("gtest_chains");
-}
-
-
-TEST(StcManager_Firewall, FlushChain_n)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.FlushChain(NULL);
- EXPECT_NE(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, GetAllChain_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.GetAllChain();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Firewall, GetAllRule_p)
-{
- error_e ret = ERROR_NONE;
- Firewall f;
-
- ret = f.GetAllRule();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-TEST(StcManager_Manager, Stop_p)
-{
- error_e ret = ERROR_NONE;
- Manager mgr;
-
- ret = mgr.StopManager();
- EXPECT_EQ(ERROR_NONE, ret);
-}
-
-int main(int argc, char **argv)
-{
- InitGoogleTest(&argc, argv);
- return RUN_ALL_TESTS();
-}
+++ /dev/null
-/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef __STC_MGR_UNITTEST_H__
-#define __STC_MGR_UNITTEST_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <glib.h>
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __STC_MGR_UNITTEST_H__ */
\ No newline at end of file
projects / platform / core / connectivity / stc-manager.git / commitdiff