From 2016a6835480c5df055a9a1ce2a37ed35c245af7 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 19 Nov 2018 16:17:35 +0900 Subject: [PATCH 01/16] Remove dereference after null check and dead code Change-Id: Ie646658cdfb4cb2443161329f48087a0445d559b Signed-off-by: hyunuktak --- src/helper/helper-file.c | 11 ++++------- src/helper/helper-nfacct-rule.c | 18 ++++++------------ src/monitor/stc-monitor-app.c | 3 +++ src/monitor/stc-monitor-rstn.c | 6 ++++++ 4 files changed, 19 insertions(+), 19 deletions(-) mode change 100644 => 100755 src/helper/helper-file.c mode change 100644 => 100755 src/helper/helper-nfacct-rule.c diff --git a/src/helper/helper-file.c b/src/helper/helper-file.c old mode 100644 new mode 100755 index 73b93bd..636ef5d --- a/src/helper/helper-file.c +++ b/src/helper/helper-file.c @@ -24,17 +24,14 @@ int fwrite_str(const char *path, const char *str) _cleanup_fclose_ FILE *f = NULL; int ret; char * t; - struct stat stat_buf; assert(path); assert(str); - if (stat(path, &stat_buf) == 0) { - t = realpath(path, NULL); - ret_value_errno_msg_if(!t, -errno, - "Fail to get realpath %s", path); - free(t); - } + t = realpath(path, NULL); + ret_value_errno_msg_if(!t, -errno, + "Fail to get realpath %s", path); + free(t); f = fopen(path, "w"); ret_value_errno_msg_if(!f, -errno, diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c old mode 100644 new mode 100755 index 4a80fca..fbe17ca --- a/src/helper/helper-nfacct-rule.c +++ b/src/helper/helper-nfacct-rule.c @@ -425,12 +425,9 @@ static char *get_iptables_chain(uint32_t classid, if (iotype == NFACCT_COUNTER_IN) { if (intend == NFACCT_COUNTER || intend == NFACCT_TETH_COUNTER) { - if (app_state == STC_APP_STATE_FOREGROUND) { - if (intend == NFACCT_ALLOW) - return STC_IN_ACCEPT_CHAIN; - else - return STC_IN_FG_CHAIN; - } else + if (app_state == STC_APP_STATE_FOREGROUND) + return STC_IN_FG_CHAIN; + else return STC_IN_BG_CHAIN; } else if (intend == NFACCT_ALLOW || intend == NFACCT_TETH_ALLOW) { @@ -444,12 +441,9 @@ static char *get_iptables_chain(uint32_t classid, } else if (iotype == NFACCT_COUNTER_OUT) { if (intend == NFACCT_COUNTER || intend == NFACCT_TETH_COUNTER) { - if (app_state == STC_APP_STATE_FOREGROUND) { - if (intend == NFACCT_ALLOW) - return STC_OUT_ACCEPT_CHAIN; - else - return STC_OUT_FG_CHAIN; - } else + if (app_state == STC_APP_STATE_FOREGROUND) + return STC_OUT_FG_CHAIN; + else return STC_OUT_BG_CHAIN; } else if (intend == NFACCT_ALLOW || intend == NFACCT_TETH_ALLOW) { diff --git a/src/monitor/stc-monitor-app.c b/src/monitor/stc-monitor-app.c index 6441593..96d602a 100644 --- a/src/monitor/stc-monitor-app.c +++ b/src/monitor/stc-monitor-app.c @@ -56,6 +56,9 @@ static void __app_update_statistics(gpointer key, memset(&stat_key, 0, sizeof(stc_db_classid_iftype_key)); memset(&stat, 0 , sizeof(stc_db_app_stats)); + if (conn == NULL) + return; + /* Do not update statistics for Tethering * if tethering is in-active found */ if (conn && conn->tether_state == FALSE && diff --git a/src/monitor/stc-monitor-rstn.c b/src/monitor/stc-monitor-rstn.c index ce3fa63..f28de3c 100644 --- a/src/monitor/stc-monitor-rstn.c +++ b/src/monitor/stc-monitor-rstn.c @@ -212,6 +212,9 @@ static void __rstn_add_ipt_rule(int64_t classid, nfacct_rule_intend intend, for (; conn_list != NULL; conn_list = conn_list->next) { stc_connection_s *conn = conn_list->data; + if (conn == NULL) + return; + if (!stc->carg) { stc->carg = MALLOC0(counter_arg_s, 1); if (stc->carg == NULL) @@ -258,6 +261,9 @@ static void __rstn_del_ipt_rule(int64_t classid, nfacct_rule_intend intend, for (; conn_list != NULL; conn_list = conn_list->next) { stc_connection_s *conn = conn_list->data; + if (conn == NULL) + return; + if (!stc->carg) { stc->carg = MALLOC0(counter_arg_s, 1); if (stc->carg == NULL) -- 2.7.4 From e3196e55c8dc3729d65b167ef85b6de47f38e98d Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Tue, 20 Nov 2018 14:45:04 +0900 Subject: [PATCH 02/16] Remove error log for reading classid from cgroup Change-Id: Ic8783c8cd385f6932a826664ca7d7c05bfba93cc Signed-off-by: hyunuktak --- include/stc-manager-util.h | 3 ++- src/helper/helper-net-cls.c | 1 - 2 files changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 include/stc-manager-util.h mode change 100644 => 100755 src/helper/helper-net-cls.c diff --git a/include/stc-manager-util.h b/include/stc-manager-util.h old mode 100644 new mode 100755 index 2275b85..b12fff9 --- a/include/stc-manager-util.h +++ b/include/stc-manager-util.h @@ -274,7 +274,8 @@ static inline bool strstart_with(const char *str, const char *with) #define ret_value_errno_msg_if(expr, val, fmt, arg...) do { \ if (expr) { \ - STC_LOGE(fmt, ##arg); \ + if (STC_DEBUG_LOG) \ + STC_LOGE(fmt, ##arg); \ return val; \ } \ } while (0) diff --git a/src/helper/helper-net-cls.c b/src/helper/helper-net-cls.c old mode 100644 new mode 100755 index faa5942..3f460f7 --- a/src/helper/helper-net-cls.c +++ b/src/helper/helper-net-cls.c @@ -80,7 +80,6 @@ static stc_error_e __get_classid_from_cgroup(const char *cgroup, int ret = cgroup_read_node_uint32(buf, CLASSID_FILE_NAME, classid); if (ret < 0) { - STC_LOGE("Can't read classid from cgroup %s", buf); //LCOV_EXCL_LINE *classid = STC_UNKNOWN_CLASSID; return STC_ERROR_NO_DATA; } -- 2.7.4 From d85602243bc6bc9d6e2e8fa84aab0303dc842d59 Mon Sep 17 00:00:00 2001 From: Nishant Chaprana Date: Mon, 26 Nov 2018 19:24:41 +0530 Subject: [PATCH 03/16] [TV Profile] Disabled default connection monitor and procfs monitor. Change-Id: Ic0ab9a4d5472b1b436f6c33a312d36bbdbe83634 Signed-off-by: Nishant Chaprana --- packaging/stc-manager.spec | 2 +- src/stc-manager-gdbus.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index 9f4e7bd..b4a267a 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.81 +Version: 0.0.82 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 04af66c..b265c80 100644 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -306,10 +306,12 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, stc->connection); iptables_init(); +#ifndef TIZEN_TV_EXT stc_connection_monitor_init(stc); stc_plugin_appstatus_register_state_changed_cb(stc, stc_plugin_procfs_app_status_changed, NULL); +#endif __STC_LOG_FUNC_EXIT__; } -- 2.7.4 From 0b23a20ddb9cebc70d966936a54f5b1082ea38b7 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Tue, 20 Nov 2018 17:44:09 +0900 Subject: [PATCH 04/16] Add packet capture functions Change-Id: I287425157c7ca377a585e8b11e502a29c7b189b6 Signed-off-by: hyunuktak --- include/stc-manager-gdbus.h | 1 + include/stc-manager-plugin-pcap.h | 35 + include/stc-manager.h | 1 + include/stc-pcap.h | 50 ++ interfaces/CMakeLists.txt | 1 + interfaces/stcmanager-iface-pcap.xml | 12 + packaging/stc-manager.spec | 11 + plugin/CMakeLists.txt | 1 + plugin/pcap/CMakeLists.txt | 36 + plugin/pcap/include/stc-plugin-pcap.h | 225 ++++++ plugin/pcap/stc-plugin-pcap.c | 1329 +++++++++++++++++++++++++++++++++ src/CMakeLists.txt | 2 + src/stc-manager-gdbus.c | 46 ++ src/stc-manager-plugin-pcap.c | 171 +++++ src/stc-manager.c | 3 + src/stc-pcap.c | 160 ++++ 16 files changed, 2084 insertions(+) mode change 100644 => 100755 include/stc-manager-gdbus.h create mode 100755 include/stc-manager-plugin-pcap.h mode change 100644 => 100755 include/stc-manager.h create mode 100755 include/stc-pcap.h create mode 100644 interfaces/stcmanager-iface-pcap.xml create mode 100644 plugin/pcap/CMakeLists.txt create mode 100755 plugin/pcap/include/stc-plugin-pcap.h create mode 100755 plugin/pcap/stc-plugin-pcap.c mode change 100644 => 100755 src/stc-manager-gdbus.c create mode 100644 src/stc-manager-plugin-pcap.c mode change 100644 => 100755 src/stc-manager.c create mode 100755 src/stc-pcap.c diff --git a/include/stc-manager-gdbus.h b/include/stc-manager-gdbus.h old mode 100644 new mode 100755 index 860b766..263077d --- a/include/stc-manager-gdbus.h +++ b/include/stc-manager-gdbus.h @@ -26,6 +26,7 @@ #define STC_DBUS_SERVICE_STATISTICS_PATH "/net/stc/statistics" #define STC_DBUS_SERVICE_RESTRICTION_PATH "/net/stc/restriction" #define STC_DBUS_SERVICE_FIREWALL_PATH "/net/stc/firewall" +#define STC_DBUS_SERVICE_PCAP_PATH "/net/stc/pcap" #define STC_DBUS_SERVICE_MANAGER_PATH "/net/stc/manager" #define STC_DBUS_REPLY_ERROR_NONE(invocation) \ diff --git a/include/stc-manager-plugin-pcap.h b/include/stc-manager-plugin-pcap.h new file mode 100755 index 0000000..728004f --- /dev/null +++ b/include/stc-manager-plugin-pcap.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_MANAGER_PLUGIN_PCAP_H__ +#define __STC_MANAGER_PLUGIN_PCAP_H__ + +#define STC_PLUGIN_PCAP_FILEPATH "/usr/lib/stc-plugin-pcap.so" + +#include "stc-plugin-pcap.h" + +int stc_plugin_pcap_init(void); +int stc_plugin_pcap_deinit(void); + +int stc_plugin_pcap_lookup_dev(void); +int stc_plugin_pcap_lookup_net(void); +int stc_plugin_pcap_find_alldevs(void); +int stc_plugin_pcap_register_loop_pcap(const char *ifname, + int group); +int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, + int group); + +#endif /* __STC_MANAGER_PLUGIN_PROCFS_H__ */ diff --git a/include/stc-manager.h b/include/stc-manager.h old mode 100644 new mode 100755 index d1f4d93..fabbbb1 --- a/include/stc-manager.h +++ b/include/stc-manager.h @@ -236,6 +236,7 @@ typedef struct { gpointer statistics_obj; gpointer restriction_obj; gpointer firewall_obj; + gpointer pcap_obj; gpointer manager_obj; GDBusObjectManagerServer *obj_mgr; diff --git a/include/stc-pcap.h b/include/stc-pcap.h new file mode 100755 index 0000000..d99d450 --- /dev/null +++ b/include/stc-pcap.h @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_PCAP_H__ +#define __STC_PCAP_H__ + +#include +#include "stc-manager.h" +#include "stc-manager-gdbus.h" + +/***************************************************************************** + * Macros and Typedefs + *****************************************************************************/ + +#define STC_PCAP_IFNAME "ifname" +#define STC_PCAP_NFLOG_GROUP "nflog_group" + +typedef struct { + char *ifname; + int nflog_group; +} stc_pcap_s; + +/***************************************************************************** + * Functions Declaration + *****************************************************************************/ + +gboolean handle_pcap_start(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data); + +gboolean handle_pcap_stop(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data); + +#endif /* __STC_PCAP_H__ */ diff --git a/interfaces/CMakeLists.txt b/interfaces/CMakeLists.txt index 8f03ebf..dc26fa1 100644 --- a/interfaces/CMakeLists.txt +++ b/interfaces/CMakeLists.txt @@ -10,6 +10,7 @@ ADD_CUSTOM_COMMAND( ${INTERFACES}/stcmanager-iface-restriction.xml ${INTERFACES}/stcmanager-iface-statistics.xml ${INTERFACES}/stcmanager-iface-firewall.xml + ${INTERFACES}/stcmanager-iface-pcap.xml COMMENT "Generating GDBus .c/.h") ADD_CUSTOM_TARGET(GENERATED_DBUS_CODE DEPENDS dbus) diff --git a/interfaces/stcmanager-iface-pcap.xml b/interfaces/stcmanager-iface-pcap.xml new file mode 100644 index 0000000..4320ab6 --- /dev/null +++ b/interfaces/stcmanager-iface-pcap.xml @@ -0,0 +1,12 @@ + + + + + + + + + + + + diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index b4a267a..b14ee3f 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -57,6 +57,13 @@ Summary: STC manager exception proc file system plugin %description plugin-procfs A smart traffic control manager extension for proc file system plugin +%package plugin-pcap +Summary: STC manager exception packet capture plugin +BuildRequires: libpcap-devel + +%description plugin-pcap +A smart traffic control manager extension for packet capture plugin + %package plugin-tether Summary: Tethering plugin for data usage of tethering clients @@ -154,6 +161,10 @@ cp resources/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/st %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-procfs.so +%files plugin-pcap +%manifest %{name}.manifest +%attr(500,root,root) %{_libdir}/stc-plugin-pcap.so + %files plugin-tether %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-tether.so diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index e591d7a..04c53b8 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -18,4 +18,5 @@ INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) ADD_SUBDIRECTORY(appstatus) ADD_SUBDIRECTORY(exception) ADD_SUBDIRECTORY(procfs) +ADD_SUBDIRECTORY(pcap) ADD_SUBDIRECTORY(tether) diff --git a/plugin/pcap/CMakeLists.txt b/plugin/pcap/CMakeLists.txt new file mode 100644 index 0000000..be4b022 --- /dev/null +++ b/plugin/pcap/CMakeLists.txt @@ -0,0 +1,36 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) +PROJECT(stc-plugin-pcap C) + +# Set required packages +INCLUDE(FindPkgConfig) +PKG_CHECK_MODULES(pcap_plugin REQUIRED + dlog + gio-2.0 + gio-unix-2.0 + glib-2.0 + ) + +FOREACH(flag ${pcap_plugin_CFLAGS}) + SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") +ENDFOREACH(flag) + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) + +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") +SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") +SET(CMAKE_C_FLAGS_RELEASE "-O2") + +ADD_DEFINITIONS("-DUSE_DLOG") + +SET(SRCS_PLUGIN + stc-plugin-pcap.c + ) + +# library build +ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS_PLUGIN}) +ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${pcap_plugin_LDFLAGS} -lpcap) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "" OUTPUT_NAME ${PROJECT_NAME}) + +# install +INSTALL(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${LIBDIR}) diff --git a/plugin/pcap/include/stc-plugin-pcap.h b/plugin/pcap/include/stc-plugin-pcap.h new file mode 100755 index 0000000..a2b8c34 --- /dev/null +++ b/plugin/pcap/include/stc-plugin-pcap.h @@ -0,0 +1,225 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_PLUGIN_PCAP_H__ +#define __STC_PLUGIN_PCAP_H__ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "stc-error.h" +#include "stc-manager.h" + +#define BUFF_SIZE_IP 16 +#define BUFF_SIZE_IP6 46 +#define BUFF_SIZE_HOST 32 +#define BUFF_SIZE_ID 64 +#define BUFF_SIZE_TIME 64 +#define BUFF_SIZE_NAME 256 + +#define PORT_FTP_DATA 20 +#define PORT_FTP_CTL 21 +#define PORT_SMTP 25 +#define PORT_DNS 53 +#define PORT_BOOTP_S 67 +#define PORT_BOOTP_C 68 +#define PORT_HTTP 80 +#define PORT_NTP 123 +#define PORT_HTTPS 443 +#define PORT_SMTP_MSG 587 + +#define ARP_REQUEST 1 +#define ARP_REPLY 2 +#define ARP_RREQUEST 3 +#define ARP_RREPLY 4 + +#define BOOTP_REQUEST 1 +#define BOOTP_REPLY 2 + +#define BOOTP_CHADDR_LEN 16 +#define BOOTP_SNAME_LEN 64 +#define BOOTP_FILE_LEN 128 +#define BOOTP_MOPTION_LEN 60 + +#define BOOTP_MAGIC_DHCP 0x63825363 + +#define DHCP_TAG_SUBNET_MASK 1 +#define DHCP_TAG_ROUTER 3 +#define DHCP_TAG_DNS 6 +#define DHCP_TAG_HOST_NAME 12 +#define DHCP_TAG_REQUESTED_IP 50 +#define DHCP_TAG_IP_LEASE_TIME 51 +#define DHCP_TAG_MSG_TYPE 53 +#define DHCP_TAG_SERVER_ID 54 +#define DHCP_TAG_MSG_SIZE 57 +#define DHCP_TAG_CLIENT_ID 61 +#define DHCP_TAG_END 255 + +#define DHCP_MSG_TYPE_DISCOVER 1 +#define DHCP_MSG_TYPE_OFFER 2 +#define DHCP_MSG_TYPE_REQUEST 3 +#define DHCP_MSG_TYPE_DECLINE 4 +#define DHCP_MSG_TYPE_ACK 5 +#define DHCP_MSG_TYPE_NAK 6 +#define DHCP_MSG_TYPE_RELEASE 7 +#define DHCP_MSG_TYPE_INFORM 8 + +#define DHCP_CLIENT_ID_ETHERNET 1 +#define DHCP_CLIENT_ID_IEEE802 2 +#define DHCP_CLIENT_ID_ARCNET 7 +#define DHCP_CLIENT_ID_LOCALTALK 11 +#define DHCP_CLIENT_ID_LOCALNET 12 +#define DHCP_CLIENT_ID_SMDS 14 +#define DHCP_CLIENT_ID_FRAMERELAY 15 +#define DHCP_CLIENT_ID_ATM1 16 +#define DHCP_CLIENT_ID_HDLC 17 +#define DHCP_CLIENT_ID_FIBRECHANNEL 18 +#define DHCP_CLIENT_ID_ATM2 19 +#define DHCP_CLIENT_ID_SERIALLINE 20 + +#define NTP_STRATUM_UNSPECIFIED 0 +#define NTP_STRATUM_PRIM_REF 1 +#define NTP_STRATUM_INFO_QUERY 62 +#define NTP_STRATUM_INFO_REPLY 63 + +#define NTP_JAN_1970 2208988800U /* 1970 - 1900 in seconds */ + +#define DNS_QTYPE_A 1 +#define DNS_QTYPE_CNAME 5 +#define DNS_QTYPE_AAAA 28 + +#define DNS_QCLASS_IN 1 +#define DNS_QCLASS_CHAOS 3 +#define DNS_QCLASS_HS 4 +#define DNS_QCLASS_ANY 255 + +typedef struct { + char *name; + int group; + GThread *thread; + pcap_t *handle; +} stc_pcap_data_s; + +typedef struct { + uint16_t id; + uint16_t flags; + uint16_t questions; + uint16_t answerRR; + uint16_t authorityRR; + uint16_t additionalRR; +} dns_t; + +typedef struct { + uint16_t type; + uint16_t class; +} dns_query_t; + +typedef struct { + uint16_t type; + uint16_t class; + uint16_t ttl; + uint16_t rdlen; + char rdata[]; +} dns_recode_t; + +typedef struct { + uint8_t op; /* packet opcode type */ + uint8_t htype; /* hardware addr type */ + uint8_t hlen; /* hardware addr length */ + uint8_t hops; /* gateway hops */ + uint32_t xid; /* transaction ID */ + uint16_t secs; /* seconds since boot began */ + uint16_t flags; /* flags */ + struct in_addr ciaddr; /* client IP address */ + struct in_addr yiaddr; /* 'your' IP address */ + struct in_addr siaddr; /* server IP address */ + struct in_addr giaddr; /* gateway(relay agent) IP address */ + uint8_t chaddr[BOOTP_CHADDR_LEN]; /* client hardware address */ + uint8_t sname[BOOTP_SNAME_LEN]; /* server host name */ + uint8_t file[BOOTP_FILE_LEN]; /* boot file name */ + uint32_t magic; /* must be 0x63825363 (network order) */ + uint8_t moption[BOOTP_MOPTION_LEN]; +} bootp_t; + +typedef struct { + uint16_t second; + uint16_t fraction; +} ntp_short_t; + +typedef struct { + uint32_t second; + uint32_t fraction; +} ntp_long_t; + +typedef struct { + uint8_t flags; /* Mode, version and leap indicator */ + uint8_t stratum; /* Stratum details */ + uint8_t poll; /* Maximum interval in log2 seconds */ + uint8_t precision; /* Clock precision in log2 seconds */ + ntp_short_t rootdelay; /* Root delay */ + ntp_short_t rootdisp; /* Root dispersion */ + uint32_t refid; /* Reference ID */ + ntp_long_t reftime; /* Reference timestamp */ + ntp_long_t orgtime; /* Origin timestamp */ + ntp_long_t rectime; /* Receive timestamp */ + ntp_long_t xmttime; /* Transmit timestamp */ +} ntp_t; + +typedef struct ether_header eth_t; +typedef struct ip ip_t; +typedef struct ip6_hdr ip6_t; +typedef struct arphdr arp_t; +typedef struct icmphdr icmp_t; +typedef struct tcphdr tcp_t; +typedef struct udphdr udp_t; + +#define SIZE_ETHER_HEADER sizeof(eth_t) +#define SIZE_IP_HEADER sizeof(ip_t) +#define SIZE_ARP_HEADER sizeof(arp_t) +#define SIZE_ICMP_HEADER sizeof(icmp_t) +#define SIZE_TCP_HEADER sizeof(tcp_t) +#define SIZE_UDP_HEADER sizeof(udp_t) +#define SIZE_DNS_HEADER sizeof(dns_t) + +#define IS_SRC_OR_DST_PORT(p) (source == (p) || dest == (p)) + +typedef struct { + int (*initialize_plugin) (void); + int (*deinitialize_plugin) (void); + int (*lookup_dev) (void); + int (*lookup_net) (void); + int (*find_alldevs) (void); + int (*register_loop_pcap) (const char *ifname, int group); + int (*unregister_loop_pcap) (const char *ifname, int group); +} stc_plugin_pcap_s; + +#endif /* __STC_PLUGIN_PCAP_H__ */ diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c new file mode 100755 index 0000000..8cba6bd --- /dev/null +++ b/plugin/pcap/stc-plugin-pcap.c @@ -0,0 +1,1329 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "stc-plugin-pcap.h" + +//LCOV_EXCL_START +static GHashTable *g_pcap_tables = NULL; +static bool g_pcap_start_fm = false; +static struct timeval g_pcap_tv = { 0, }; + +static void __pcap_data_free(gpointer value) +{ + stc_pcap_data_s *data = (stc_pcap_data_s *)value; + + g_thread_unref(data->thread); + + FREE(data->name); + FREE(data); +} + +/* +static void __pcap_data_info(const u_char *packet, int len) +{ + GString *data; + + data = g_string_sized_new(len); + if (data == NULL) + return; + + while(len--) + g_string_append_printf(data, "%02x", *(packet++)); + + STC_LOGD("[%s]", g_string_free(data, FALSE)); +} +*/ + +static void __pcap_ntp_time_info(uint32_t s, char *time) +{ + time_t seconds; + char *curr = NULL; + int len = 0; + uint32_t sec = ntohl(s); + + if (sec) { + seconds = sec - NTP_JAN_1970; + curr = ctime(&seconds); + len = strlen(curr); + curr[len - 1] = '\0'; + + snprintf(time, len, "%s", curr); + } else { + snprintf(time, 10, "00:00:00"); + } +} + +static void __pcap_ntp_refid_info(ntp_t *ntp_h, char *refid) +{ + switch (ntp_h->stratum) { + case NTP_STRATUM_UNSPECIFIED: + snprintf(refid, BUFF_SIZE_ID, "%s", "(unspec)"); + break; + case NTP_STRATUM_PRIM_REF: + snprintf(refid, BUFF_SIZE_ID, "%s", "(prim_ref)"); + break; + case NTP_STRATUM_INFO_QUERY: + snprintf(refid, BUFF_SIZE_ID, "%s INFO_QEURY", + inet_ntoa(*((struct in_addr *)&ntp_h->refid))); + break; + case NTP_STRATUM_INFO_REPLY: + snprintf(refid, BUFF_SIZE_ID, "%s INFO_REPLY", + inet_ntoa(*((struct in_addr *)&ntp_h->refid))); + break; + default: + snprintf(refid, BUFF_SIZE_ID, "%s", + inet_ntoa(*((struct in_addr *)&ntp_h->refid))); + break; + } +} + +static uint16_t __pcap_ntp_fraction_info(uint16_t f) +{ + uint16_t fraction; + double ff; + + ff = ntohs(f) / 65536.0; + fraction = (uint16_t)(ff * 1000000.0); + + return fraction; +} + +static void __pcap_ntp_info(const u_char *packet) +{ + ntp_t *ntp_h = (ntp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + char refid[BUFF_SIZE_ID]; + char reftime[BUFF_SIZE_TIME]; + char orgtime[BUFF_SIZE_TIME]; + char rectime[BUFF_SIZE_TIME]; + char xmttime[BUFF_SIZE_TIME]; + + __pcap_ntp_refid_info(ntp_h, refid); + __pcap_ntp_time_info(ntp_h->reftime.second, reftime); + __pcap_ntp_time_info(ntp_h->orgtime.second, orgtime); + __pcap_ntp_time_info(ntp_h->rectime.second, rectime); + __pcap_ntp_time_info(ntp_h->xmttime.second, xmttime); + + STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " + "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", + ntp_h->flags, ntp_h->stratum, ntp_h->poll, + ntp_h->precision, 1 << ntp_h->precision, + ntohs(ntp_h->rootdelay.second), + __pcap_ntp_fraction_info(ntp_h->rootdelay.fraction), + ntohs(ntp_h->rootdisp.second), + __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), + refid); + + STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", + reftime, orgtime, rectime, xmttime); +} + +static const char *__pcap_dhcp_client_id_info(uint8_t data) +{ + char *info = NULL; + + switch (data) { + case DHCP_CLIENT_ID_ETHERNET: + info = "Ethernet"; + break; + case DHCP_CLIENT_ID_IEEE802: + info = "IEEE 802 Networks"; + break; + case DHCP_CLIENT_ID_ARCNET: + info = "ARCNET"; + break; + case DHCP_CLIENT_ID_LOCALTALK: + info = "LocalTalk"; + break; + case DHCP_CLIENT_ID_LOCALNET: + info = "LocalNet"; + break; + case DHCP_CLIENT_ID_SMDS: + info = "SMDS"; + break; + case DHCP_CLIENT_ID_FRAMERELAY: + info = "Frame Relay"; + break; + case DHCP_CLIENT_ID_ATM1: + info = "ATM(Async Transfer Mode)"; + break; + case DHCP_CLIENT_ID_HDLC: + info = "HDLC"; + break; + case DHCP_CLIENT_ID_FIBRECHANNEL: + info = "Fibre Channel"; + break; + case DHCP_CLIENT_ID_ATM2: + info = "ATM(Async Transfer Mode)"; + break; + case DHCP_CLIENT_ID_SERIALLINE: + info = "Serial Line"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static const char *__pcap_dhcp_msg_type_info(uint8_t type) +{ + char *info = NULL; + + switch (type) { + case DHCP_MSG_TYPE_DISCOVER: + info = "Discover"; + break; + case DHCP_MSG_TYPE_OFFER: + info = "Offer"; + break; + case DHCP_MSG_TYPE_REQUEST: + info = "Request"; + break; + case DHCP_MSG_TYPE_DECLINE: + info = "Decline"; + break; + case DHCP_MSG_TYPE_ACK: + info = "ACK"; + break; + case DHCP_MSG_TYPE_NAK: + info = "NAK"; + break; + case DHCP_MSG_TYPE_RELEASE: + info = "Release"; + break; + case DHCP_MSG_TYPE_INFORM: + info = "Inform"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_bootp_magic_info(uint32_t magic, + uint8_t *moption, u_int16_t len) +{ + if (ntohl(magic) == BOOTP_MAGIC_DHCP) { + char buf[BOOTP_MOPTION_LEN]; + uint8_t *opt = moption; + + STC_LOGD("Magic cookie[DHCP]"); + + while(len > 0) { + uint8_t tag = opt[0]; + uint8_t length = opt[1]; + uint8_t *data = &opt[2]; + char addr[BUFF_SIZE_IP]; + char host[BUFF_SIZE_HOST]; + + switch (tag) { + case DHCP_TAG_SUBNET_MASK: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Subnet mask[%s]", addr); + break; + case DHCP_TAG_ROUTER: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Router[%s]", addr); + break; + case DHCP_TAG_DNS: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Domain name server[%s]", addr); + break; + case DHCP_TAG_HOST_NAME: + snprintf(buf, ((length < BOOTP_MOPTION_LEN) ? + (length + 1) : BOOTP_MOPTION_LEN), "%s", (char *)data); + STC_LOGD("Host name[%s]", buf); + break; + case DHCP_TAG_REQUESTED_IP: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Requested IP[%s]", addr); + break; + case DHCP_TAG_IP_LEASE_TIME: + STC_LOGD("IP address lease time[%us]", + ntohl(*(uint32_t *)data)); + break; + case DHCP_TAG_MSG_TYPE: + STC_LOGD("DHCP message type[%u:%s]", *data, + __pcap_dhcp_msg_type_info(*data)); + break; + case DHCP_TAG_SERVER_ID: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("DHCP server identifier[%s]", addr); + break; + case DHCP_TAG_MSG_SIZE: + STC_LOGD("Maximum DHCP message size[%u]", + ntohs(*(uint16_t *)data)); + break; + case DHCP_TAG_CLIENT_ID: + STC_LOGD("Client identifier HW type[0x%02x:%s]", *data, + __pcap_dhcp_client_id_info(*data)); + if (*data == DHCP_CLIENT_ID_ETHERNET) { + g_strlcpy(host, + ether_ntoa((const struct ether_addr *)&data[1]), + sizeof(host)); + STC_LOGD("Client identifier MAC[%s]", host); + } + break; + case DHCP_TAG_END: + STC_LOGD("End"); + return; + default: + STC_LOGD("Unknown[%u]", tag); + break; + } + + opt += (2 + length); + len -= (2 + length); + } + } +} + +static const char *__pcap_bootp_op_info(uint8_t op) +{ + char *info = NULL; + + switch (op) { + case BOOTP_REQUEST: + info = "Request"; + break; + case BOOTP_REPLY: + info = "Reply"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_bootp_info(const u_char *packet) +{ + udp_t *udp_h = (udp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + bootp_t *bootp_h = (bootp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + char ciaddr[BUFF_SIZE_IP]; + char yiaddr[BUFF_SIZE_IP]; + char siaddr[BUFF_SIZE_IP]; + char giaddr[BUFF_SIZE_IP]; + char chaddr[BUFF_SIZE_HOST]; + u_int16_t len; + + inet_ntop(AF_INET, &bootp_h->ciaddr, ciaddr, BUFF_SIZE_IP); + inet_ntop(AF_INET, &bootp_h->yiaddr, yiaddr, BUFF_SIZE_IP); + inet_ntop(AF_INET, &bootp_h->siaddr, siaddr, BUFF_SIZE_IP); + inet_ntop(AF_INET, &bootp_h->giaddr, giaddr, BUFF_SIZE_IP); + + g_strlcpy(chaddr, + ether_ntoa((const struct ether_addr *)bootp_h->chaddr), + sizeof(chaddr)); + + STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " + "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", + bootp_h->op, __pcap_bootp_op_info(bootp_h->op), + bootp_h->htype, bootp_h->hlen, bootp_h->hops, + ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); + + STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " + "Relay agent[%s] Client MAC[%s]", + ciaddr, yiaddr, siaddr, giaddr, chaddr); + + len = ntohs(udp_h->len); + __pcap_bootp_magic_info(bootp_h->magic, bootp_h->moption, len); +} + +static char *__pcap_dns_type_info(uint16_t type) +{ + char *info = NULL; + + switch (type) { + case DNS_QTYPE_A: + info = "A"; + break; + case DNS_QTYPE_CNAME: + info = "CNAME"; + break; + case DNS_QTYPE_AAAA: + info = "AAAA"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static char *__pcap_dns_class_info(uint16_t class) +{ + char *info = NULL; + + switch (class) { + case DNS_QCLASS_IN: + info = "IN"; + break; + case DNS_QCLASS_CHAOS: + info = "CHAOS"; + break; + case DNS_QCLASS_HS: + info = "HS"; + break; + case DNS_QCLASS_ANY: + info = "ANY"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static uint8_t * __pcap_dns_name_info(uint8_t *dns_h, + uint8_t *data, u_char *name) +{ + uint8_t *sec = data; + u_char *dname = name; + uint8_t *nxt = NULL; + + *name = '\0'; + while (1) { + if ((*sec & 0xC0)) { + nxt = sec + 2; + sec = (uint8_t *)dns_h + + (htons(*(uint16_t *)sec) & 0x3FFF); + } else { + if (*sec == 0) { + *dname = '\0'; + sec += 1; + break; + } + + if (dname - name + *sec + 1 > BUFF_SIZE_NAME - 1) { + *name = '\0'; + return NULL; + } + + memcpy(dname, sec + 1, *sec); + dname += *sec; + sec += *sec + 1; + *dname = '.'; + dname++; + } + } + + *(--dname) = '\0'; + + if (nxt == NULL) + nxt = sec; + + return (uint8_t *)nxt; +} + +static void __pcap_dns_data_info(const u_char *packet) +{ + dns_t *dns_h = (dns_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + + SIZE_UDP_HEADER); + uint8_t *data = (uint8_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + + SIZE_UDP_HEADER + SIZE_DNS_HEADER); + uint16_t qdcount = ntohs(dns_h->questions); + uint16_t ancount = ntohs(dns_h->answerRR); + int i = 0; + + for (i = 0; i < qdcount; ++i) { + u_char name[BUFF_SIZE_NAME]; + uint16_t type; + uint16_t class; + + if (i == 0) + STC_LOGD("[Queries]"); + + data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); + if (data == NULL) + return; + + type = ntohs(*(uint16_t *)&data[0]); + class = ntohs(*(uint16_t *)&data[2]); + + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class)); + + data += 4; + } + + for (i = 0; i < ancount; ++i) { + u_char name[BUFF_SIZE_NAME]; + u_char cname[BUFF_SIZE_NAME]; + uint16_t type; + uint16_t class; + uint32_t ttl; + uint16_t length; + char ip[BUFF_SIZE_IP]; + + if (i == 0) + STC_LOGD("[Answers]"); + + data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); + if (data == NULL) + return; + + type = ntohs(*(uint16_t *)&data[0]); + class = ntohs(*(uint16_t *)&data[2]); + ttl = ntohl(*(uint32_t *)&data[4]); + length = ntohs(*(uint16_t *)&data[8]); + + if (class == DNS_QCLASS_IN) { + switch (type) { + case DNS_QTYPE_A: + inet_ntop(AF_INET, (struct in_addr *)&data[10], + ip, BUFF_SIZE_IP); + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] Address[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, ip); + break; + case DNS_QTYPE_CNAME: + __pcap_dns_name_info((uint8_t *)dns_h, &data[10], cname); + if (data == NULL) + return; + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] CName[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, cname); + break; + case DNS_QTYPE_AAAA: + break; + default: + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length); + break; + } + } + + data += (length + 10); + } +} + +static void __pcap_dns_info(const u_char *packet) +{ + dns_t *dns_h = (dns_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + + STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " + "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", + ntohs(dns_h->id), ntohs(dns_h->flags), + ntohs(dns_h->questions), ntohs(dns_h->answerRR), + ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); + + __pcap_dns_data_info(packet); +} + +static const char *__pcap_icmp_code_info(u_int8_t type, u_int8_t code) +{ + char *info = NULL; + + switch (type) { + case ICMP_DEST_UNREACH: + switch (code) { + case ICMP_NET_UNREACH: + info = "Network Unreachable"; + break; + case ICMP_HOST_UNREACH: + info = "Host Unreachable"; + break; + case ICMP_PROT_UNREACH: + info = "Protocol Unreachable"; + break; + case ICMP_PORT_UNREACH: + info = "Port Unreachable"; + break; + case ICMP_FRAG_NEEDED: + info = "Fragmentation Needed/DF set"; + break; + case ICMP_SR_FAILED: + info = "Source Route failed"; + break; + case ICMP_NET_UNKNOWN: + break; + case ICMP_HOST_UNKNOWN: + break; + case ICMP_HOST_ISOLATED: + break; + case ICMP_NET_ANO: + break; + case ICMP_HOST_ANO: + break; + case ICMP_NET_UNR_TOS: + break; + case ICMP_HOST_UNR_TOS: + break; + case ICMP_PKT_FILTERED: + info = "Packet filtered"; + break; + case ICMP_PREC_VIOLATION: + info = "Precedence violation"; + break; + case ICMP_PREC_CUTOFF: + info = "Precedence cut off"; + break; + default: + info = "Unknown"; + break; + } + break; + case ICMP_REDIRECT: + switch (code) { + case ICMP_REDIR_NET: + info = "Redirect Net"; + break; + case ICMP_REDIR_HOST: + info = "Redirect Host"; + break; + case ICMP_REDIR_NETTOS: + info = "Redirect Net for TOS"; + break; + case ICMP_REDIR_HOSTTOS: + info = "Redirect Host for TOS"; + break; + default: + info = "Unknown"; + break; + } + break; + case ICMP_TIME_EXCEEDED: + switch (code) { + case ICMP_EXC_TTL: + info = "TTL count exceeded"; + break; + case ICMP_EXC_FRAGTIME: + info = "Fragment Reass time exceeded"; + break; + default: + info = "Unknown"; + break; + } + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static const char *__pcap_icmp_type_info(u_int8_t type) +{ + char *info = NULL; + + switch (type) { + case ICMP_ECHOREPLY: + info = "Echo Reply"; + break; + case ICMP_DEST_UNREACH: + info = "Destination Unreachable"; + break; + case ICMP_SOURCE_QUENCH: + info = "Source Quench"; + break; + case ICMP_REDIRECT: + info = "Redirect"; + break; + case ICMP_ECHO: + info = "Echo Request"; + break; + case ICMP_TIME_EXCEEDED: + info = "Time Exceeded"; + break; + case ICMP_PARAMETERPROB: + info = "Parameter Problem"; + break; + case ICMP_TIMESTAMP: + info = "Timestamp Request"; + break; + case ICMP_TIMESTAMPREPLY: + info = "Timestamp Reply"; + break; + case ICMP_INFO_REQUEST: + info = "Information Request"; + break; + case ICMP_INFO_REPLY: + info = "Information Reply"; + break; + case ICMP_ADDRESS: + info = "Address Mask Request"; + break; + case ICMP_ADDRESSREPLY: + info = "Address Mask Reply"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_icmp_info(const u_char *packet) +{ + icmp_t *icmp_h = (icmp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + + STC_LOGD("Type[%u:%s] Code[%u:%s] Checksum[0x%x]", + icmp_h->type, __pcap_icmp_type_info(icmp_h->type), + icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), + ntohs(icmp_h->checksum)); +} + +static void __pcap_tcp_info(const u_char *packet) +{ + tcp_t *tcp_h = (tcp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + u_int16_t source = ntohs(tcp_h->source); + u_int16_t dest = ntohs(tcp_h->dest); + + STC_LOGD("Source[%u] Destination[%u] Sequence[%u] " + "Acknowledgment seq[%u] Window size[%u] ", + ntohs(tcp_h->source), ntohs(tcp_h->dest), + ntohl(tcp_h->seq), ntohl(tcp_h->ack_seq), + ntohs(tcp_h->window)); + + STC_LOGD("Checksum[0x%x] URG[%u] ACK[%u] PUSH[%u] " + "RST[%u] SYN[%u] FIN[%u]", + ntohs(tcp_h->check), + tcp_h->urg, tcp_h->ack, tcp_h->psh, + tcp_h->rst, tcp_h->syn, tcp_h->fin); + + if (IS_SRC_OR_DST_PORT(PORT_DNS)) + __pcap_dns_info(packet); +} + +static void __pcap_udp_info(const u_char *packet) +{ + udp_t *udp_h = (udp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + u_int16_t source = ntohs(udp_h->source); + u_int16_t dest = ntohs(udp_h->dest); + + STC_LOGD("Source[%u] Destination[%u] Len[%u] Checksum[0x%x]", + source, dest, ntohs(udp_h->len), ntohs(udp_h->check)); + + if (IS_SRC_OR_DST_PORT(PORT_DNS)) + __pcap_dns_info(packet); + else if (IS_SRC_OR_DST_PORT(PORT_BOOTP_C) || + IS_SRC_OR_DST_PORT(PORT_BOOTP_S)) + __pcap_bootp_info(packet); + else if (IS_SRC_OR_DST_PORT(PORT_NTP)) + __pcap_ntp_info(packet); +} + +static const char *__pcap_eth_type_info(u_int16_t type) +{ + char *info = NULL; + + switch (type) { + case ETHERTYPE_IP: + info = "IP"; + break; + case ETHERTYPE_IPV6: + info = "IPv6"; + break; + case ETHERTYPE_ARP: + info = "ARP"; + break; + case ETHERTYPE_REVARP: + info = "REVARP"; + break; + case ETHERTYPE_LOOPBACK: + info = "LOOPBACK"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static const char *__pcap_arp_opcode_info(u_int16_t opcode) +{ + char *info = NULL; + + switch (opcode) { + case ARP_REQUEST: + info = "Request"; + break; + case ARP_REPLY: + info = "Reply"; + break; + case ARP_RREQUEST: + info = "RRequest"; + break; + case ARP_RREPLY: + info = "RReply"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_arp_info(const u_char *packet) +{ + arp_t *arp_h = (arp_t *)(packet + SIZE_ETHER_HEADER); + u_int8_t *sha = (u_int8_t *)(packet + + SIZE_ETHER_HEADER + SIZE_ARP_HEADER); + u_int8_t *spa = (u_int8_t *)(sha + arp_h->ar_hln); + u_int8_t *tha = (u_int8_t *)(spa + arp_h->ar_pln); + u_int8_t *tpa = (u_int8_t *)(tha + arp_h->ar_hln); + u_int16_t ar_op = ntohs(arp_h->ar_op); + char sma[BUFF_SIZE_HOST]; + char sia[BUFF_SIZE_IP]; + char tma[BUFF_SIZE_HOST]; + char tia[BUFF_SIZE_IP]; + u_int16_t ar_pro; + + g_strlcpy(sma, + ether_ntoa((const struct ether_addr *)sha), + sizeof(sma)); + g_strlcpy(tma, + ether_ntoa((const struct ether_addr *)tha), + sizeof(tma)); + + inet_ntop(AF_INET, (struct in_addr *)spa, sia, BUFF_SIZE_IP); + inet_ntop(AF_INET, (struct in_addr *)tpa, tia, BUFF_SIZE_IP); + + ar_pro = ntohs(arp_h->ar_pro); + + STC_LOGD("HW type[%u] Protocol type[0x%04x:%s] " + "HW size[%u] Protocol size[%u] Opcode[%u:%s] ", + ntohs(arp_h->ar_hrd), ar_pro, + __pcap_eth_type_info(ar_pro), + arp_h->ar_hln, arp_h->ar_pln, + ar_op, __pcap_arp_opcode_info(ar_op)); + + STC_LOGD("Sender MAC[%s] Sender IP[%s] " + "Target MAC[%s] Target IP[%s]", + sma, sia, tma, tia); +} + +static const char *__pcap_ip_protocol_info(u_int8_t p) +{ + char *info = NULL; + + switch (p) { + case IPPROTO_IP: + info = "IP"; + break; + case IPPROTO_ICMP: + info = "ICMP"; + break; + case IPPROTO_IPIP: + info = "IPIP"; + break; + case IPPROTO_TCP: + info = "TCP"; + break; + case IPPROTO_UDP: + info = "UDP"; + break; + case IPPROTO_IPV6: + info = "IPv6"; + break; + case IPPROTO_ICMPV6: + info = "ICMPv6"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_ipv6_info(const u_char *packet) +{ + ip6_t *ip6_h = (ip6_t *)(packet + SIZE_ETHER_HEADER); + char ip6_src[BUFF_SIZE_IP6]; + char ip6_dst[BUFF_SIZE_IP6]; + + inet_ntop(AF_INET6, &ip6_h->ip6_src, ip6_src, BUFF_SIZE_IP6); + inet_ntop(AF_INET6, &ip6_h->ip6_dst, ip6_dst, BUFF_SIZE_IP6); + + STC_LOGD("Flow[0x%08x] Payload len[%u] Next hdr[%u:%s] " + "Hop limit[%u] Source[%s] Destination[%s]", + ntohl(ip6_h->ip6_flow), ntohs(ip6_h->ip6_plen), + ip6_h->ip6_nxt, __pcap_ip_protocol_info(ip6_h->ip6_nxt), + ip6_h->ip6_hlim, ip6_src, ip6_dst); + + switch (ip6_h->ip6_nxt) { + case IPPROTO_IP: + break; + case IPPROTO_ICMP: + break; + case IPPROTO_IPIP: + break; + case IPPROTO_TCP: + break; + case IPPROTO_UDP: + break; + case IPPROTO_IPV6: + break; + case IPPROTO_ICMPV6: + break; + default: + break; + } +} + +static void __pcap_ip_info(const u_char *packet) +{ + ip_t *ip_h = (ip_t *)(packet + SIZE_ETHER_HEADER); + char ip_src[BUFF_SIZE_IP]; + char ip_dst[BUFF_SIZE_IP]; + + inet_ntop(AF_INET, &ip_h->ip_src, ip_src, BUFF_SIZE_IP); + inet_ntop(AF_INET, &ip_h->ip_dst, ip_dst, BUFF_SIZE_IP); + + STC_LOGD("Header len[%u] TOS[0x%02x] Total len[%u] " + "ID[0x%04x] Flags[0x%02x] TTL[%u] Protocol[%u:%s] " + "Checksum[0x%04x] Source[%s] Destination[%s]", + ip_h->ip_hl << 2, ip_h->ip_tos, + ntohs(ip_h->ip_len), ntohs(ip_h->ip_id), + (ntohs(ip_h->ip_off) & 0xe000) >> 13, + ip_h->ip_ttl, ip_h->ip_p, + __pcap_ip_protocol_info(ip_h->ip_p), + ntohs(ip_h->ip_sum), ip_src, ip_dst); + + switch (ip_h->ip_p) { + case IPPROTO_ICMP: + __pcap_icmp_info(packet); + break; + case IPPROTO_TCP: + __pcap_tcp_info(packet); + break; + case IPPROTO_UDP: + __pcap_udp_info(packet); + break; + default: + break; + } +} + +static void __pcap_eth_info(const u_char *packet) +{ + eth_t *eth_h = (eth_t *)packet; + u_int8_t *eth_shost = eth_h->ether_shost; + u_int8_t *eth_dhost = eth_h->ether_dhost; + char shost[BUFF_SIZE_HOST]; + char dhost[BUFF_SIZE_HOST]; + u_int16_t ether_type; + + g_strlcpy(shost, + ether_ntoa((const struct ether_addr *)eth_shost), + sizeof(shost)); + + g_strlcpy(dhost, + ether_ntoa((const struct ether_addr *)eth_dhost), + sizeof(dhost)); + + ether_type = ntohs(eth_h->ether_type); + + STC_LOGD("Source[%s] Destination[%s] Type[0x%04x:%s]", + shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); +} + +static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) +{ + char *curr = NULL; + int len = 0; + struct timeval ts = pkthdr->ts; + __time_t tv_sec = ts.tv_sec; + __suseconds_t tv_usec = tv_usec; + + if (g_pcap_start_fm == false) { + g_pcap_tv = ts; + g_pcap_start_fm = true; + } + + curr = ctime((const time_t *)&tv_sec); + len = strlen(curr); + curr[len - 1] = '\0'; + + STC_LOGD("Arrival time[%s] Timeval[%.06f] " + "Frame len[%u] Capture len[%u]", curr, + (float)((tv_sec - g_pcap_tv.tv_sec) * 1000000 + + (tv_usec - g_pcap_tv.tv_usec)) / 1000000, + pkthdr->len, pkthdr->caplen); +} + +static void __pcap_handler(u_char *param, + const struct pcap_pkthdr *pkthdr, + const u_char *packet) { + eth_t *eth_h; + unsigned short eth_type; + /* int len = pkthdr->len; */ + + __pcap_fm_info(pkthdr); + + eth_h = (eth_t *)packet; + __pcap_eth_info(packet); + + eth_type = ntohs(eth_h->ether_type); + switch (eth_type) { + case ETHERTYPE_IP: + __pcap_ip_info(packet); + /* __pcap_data_info(pcaket, len); */ + break; + case ETHERTYPE_IPV6: + __pcap_ipv6_info(packet); + break; + case ETHERTYPE_ARP: + case ETHERTYPE_REVARP: + __pcap_arp_info(packet); + break; + case ETHERTYPE_LOOPBACK: + break; + default: + break; + } +} + +static gboolean __pcap_thread_source_func(gpointer data) +{ + char buf[MAX_IFACE_LENGTH]; + stc_pcap_data_s *lookup; + stc_pcap_data_s *pcap_data = (stc_pcap_data_s *)data; + + g_pcap_tv.tv_sec = 0; + g_pcap_tv.tv_usec = 0; + g_pcap_start_fm = false; + + if (g_pcap_tables == NULL) + return false; + + snprintf(buf, sizeof(buf), "%s_%d", + pcap_data->name, pcap_data->group); + + lookup = g_hash_table_lookup(g_pcap_tables, buf); + if (!lookup) { + STC_LOGE("pcap loop not found"); + return false; + } + + g_hash_table_remove(g_pcap_tables, buf); + STC_LOGD("Successfully removed pcap loop [%s]", buf); + + return false; +} + +static gpointer __pcap_thread_func(gpointer data) +{ + __STC_LOG_FUNC_ENTER__; + + char errbuf[PCAP_ERRBUF_SIZE]; + pcap_if_t *alldevs = NULL; + pcap_if_t *dev = NULL; + char *name = NULL; + GSource *source = NULL; + GMainContext *context = NULL; + stc_pcap_data_s *pcap_data = (stc_pcap_data_s *)data; + + if (pcap_findalldevs(&alldevs, errbuf) < 0 || + alldevs == NULL) { + STC_LOGE("Failed to find all devs [%s]", errbuf); + goto thread_exit; + } + + for (dev = alldevs; dev; dev = dev->next) { + if (g_strcmp0(dev->name, pcap_data->name) == 0) { + name = g_strdup(dev->name); + break; + } + } + + pcap_freealldevs(alldevs); + + if (name == NULL) { + STC_LOGE("Failed to find dev [%s]", pcap_data->name); + goto thread_exit; + } + + STC_LOGD("Pcap source dev [%s]", name); + + pcap_data->handle = pcap_open_live(name, 65535, 1, 1000, errbuf); + if (pcap_data->handle == NULL) { + STC_LOGE("Failed to open live [%s]", errbuf); + goto thread_exit; + } + + pcap_loop(pcap_data->handle, 0, __pcap_handler, NULL); + + pcap_close(pcap_data->handle); + +thread_exit: + FREE(name); + + context = g_main_context_default(); + + source = g_idle_source_new(); + + g_source_set_callback(source, + __pcap_thread_source_func, pcap_data, NULL); + g_source_attach(source, context); + + g_source_unref(source); + + __STC_LOG_FUNC_EXIT__; + return NULL; +} + +int stc_plugin_pcap_initialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + g_pcap_tables = g_hash_table_new_full(g_str_hash, + g_str_equal, g_free, __pcap_data_free); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_deinitialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (g_pcap_tables) { + g_hash_table_destroy(g_pcap_tables); + g_pcap_tables = NULL; + } + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_lookup_dev(void) +{ + __STC_LOG_FUNC_ENTER__; + + char *dev = NULL; + char errbuf[PCAP_ERRBUF_SIZE]; + + dev = pcap_lookupdev(errbuf); + if (dev == NULL) { + STC_LOGE("Failed to look up dev [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + STC_LOGD("Dev [%s]", dev); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_lookup_net(void) +{ + __STC_LOG_FUNC_ENTER__; + + char *dev = NULL; + char net[BUFF_SIZE_IP]; + char mask[BUFF_SIZE_IP]; + char errbuf[PCAP_ERRBUF_SIZE]; + int ret; + bpf_u_int32 netp; + bpf_u_int32 maskp; + + dev = pcap_lookupdev(errbuf); + if (dev == NULL) { + STC_LOGE("Failed to look up dev [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + STC_LOGD("Dev [%s]", dev); + + ret = pcap_lookupnet(dev, &netp, &maskp, errbuf); + if (ret == -1) { + STC_LOGE("Failed to look up net [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + inet_ntop(AF_INET, &netp, net, BUFF_SIZE_IP); + STC_LOGD("Net [%s]", net); + + inet_ntop(AF_INET, &maskp, mask, BUFF_SIZE_IP); + STC_LOGD("Mask [%s]", mask); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_find_alldevs(void) +{ + __STC_LOG_FUNC_ENTER__; + + char net[BUFF_SIZE_IP]; + char mask[BUFF_SIZE_IP]; + char errbuf[PCAP_ERRBUF_SIZE]; + pcap_if_t *alldevs = NULL; + pcap_if_t *dev = NULL; + bpf_u_int32 netp; + bpf_u_int32 maskp; + + if (pcap_findalldevs(&alldevs, errbuf) < 0 || + alldevs == NULL) { + STC_LOGE("Failed to find all devs [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + for (dev = alldevs; dev; dev = dev->next) { + STC_LOGD("Dev [%s]", dev->name); + + if (dev->description) + STC_LOGD("Decs [%s]", dev->description); + + if (pcap_lookupnet(dev->name, &netp, &maskp, errbuf) == -1) { + STC_LOGE("Failed to look up net [%s]", errbuf); + continue; + } + + inet_ntop(AF_INET, &netp, net, BUFF_SIZE_IP); + STC_LOGD("Net [%s]", net); + + inet_ntop(AF_INET, &maskp, mask, BUFF_SIZE_IP); + STC_LOGD("Mask [%s]", mask); + } + + pcap_freealldevs(alldevs); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_register_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + stc_pcap_data_s *data; + stc_pcap_data_s *lookup; + char buf[MAX_IFACE_LENGTH]; + + ret_value_msg_if(g_pcap_tables == NULL, + STC_ERROR_FAIL, + "pcap tables is not initialized!"); + + ret_value_msg_if(ifname == NULL, + STC_ERROR_FAIL, + "Invalid parameter [ifname]"); + + snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + + lookup = g_hash_table_lookup(g_pcap_tables, buf); + if (lookup) { + STC_LOGD("pcap loop already present"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_ALREADY_DATA; + } + + data = MALLOC0(stc_pcap_data_s, 1); + if (!data) { + STC_LOGE("data allocation failed"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_OUT_OF_MEMORY; + } + + data->name = g_strdup(ifname); + data->group = group; + data->thread = g_thread_new(buf, __pcap_thread_func, data); + + g_hash_table_insert(g_pcap_tables, g_strdup(buf), data); + STC_LOGD("Successfully added pcap loop [%s]", buf); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + stc_pcap_data_s *lookup; + char buf[MAX_IFACE_LENGTH]; + + ret_value_msg_if(g_pcap_tables == NULL, + STC_ERROR_FAIL, + "pcap tables is not initialized!"); + + ret_value_msg_if(ifname == NULL, + STC_ERROR_FAIL, + "Invalid parameter [ifname]"); + + snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + + lookup = g_hash_table_lookup(g_pcap_tables, buf); + if (!lookup) { + STC_LOGE("pcap loop not found"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NO_DATA; + } + + pcap_breakloop(lookup->handle); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +API stc_plugin_pcap_s stc_plugin_pcap = { + .initialize_plugin = + stc_plugin_pcap_initialize, + .deinitialize_plugin = + stc_plugin_pcap_deinitialize, + .lookup_dev = + stc_plugin_pcap_lookup_dev, + .lookup_net = + stc_plugin_pcap_lookup_net, + .find_alldevs = + stc_plugin_pcap_find_alldevs, + .register_loop_pcap = + stc_plugin_pcap_register_loop_pcap, + .unregister_loop_pcap = + stc_plugin_pcap_unregister_loop_pcap +}; +//LCOV_EXCL_STOP diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c845dd0..2ec0178 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -31,6 +31,7 @@ SET(PLUGIN_DIR ${CMAKE_SOURCE_DIR}/plugin) SET(APPSTATUS_SOURCE_DIR ${PLUGIN_DIR}/appstatus) SET(EXCEPTION_SOURCE_DIR ${PLUGIN_DIR}/exception) SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs) +SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap) SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) @@ -54,6 +55,7 @@ INCLUDE_DIRECTORIES(${LIMITATION_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${APPSTATUS_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${EXCEPTION_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR}/include) FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c) diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c old mode 100644 new mode 100755 index b265c80..ef74b17 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -19,6 +19,7 @@ #include "stc-statistics.h" #include "stc-restriction.h" #include "stc-firewall.h" +#include "stc-pcap.h" #include "stc-connection.h" #include "stc-manager-util.h" #include "stc-manager-plugin-appstatus.h" @@ -232,6 +233,45 @@ static gboolean __stc_manager_gdbus_firewall_init(stc_s *stc) return ret; } +static gboolean __stc_manager_gdbus_pcap_init(stc_s *stc) +{ + __STC_LOG_FUNC_ENTER__; + gboolean ret = TRUE; + gchar *s = NULL; + + StcObjectSkeleton *object = NULL; + StcPcap *pcap = NULL; + s = g_strdup_printf(STC_DBUS_SERVICE_PCAP_PATH); + + /* Add interface to default object path */ + object = stc_object_skeleton_new(s); + g_free(s); + + pcap = stc_pcap_skeleton_new(); + stc_object_skeleton_set_pcap(object, pcap); + g_object_unref(pcap); + + /* Register for method callbacks as signal callbacks */ + + g_signal_connect(pcap, "handle-start", + G_CALLBACK(handle_pcap_start), + stc); + + g_signal_connect(pcap, "handle-stop", + G_CALLBACK(handle_pcap_stop), + stc); + + /* Export the object (@manager takes its own reference to @object) */ + g_dbus_object_manager_server_export(stc->obj_mgr, + G_DBUS_OBJECT_SKELETON(object)); + g_object_unref(object); + + stc->pcap_obj = (gpointer)pcap; + + __STC_LOG_FUNC_EXIT__; + return ret; +} + static gboolean __stc_manager_gdbus_manager_init(stc_s *stc) { __STC_LOG_FUNC_ENTER__; @@ -297,6 +337,11 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, /* Deinitialize and quit manager */ } + if (__stc_manager_gdbus_pcap_init(stc) == FALSE) { + STC_LOGE("Cannot signal connect to pcap"); //LCOV_EXCL_LINE + /* Deinitialize and quit manager */ + } + if (__stc_manager_gdbus_manager_init(stc) == FALSE) { STC_LOGE("Cannot signal connect to manager"); //LCOV_EXCL_LINE /* Deinitialize and quit manager */ @@ -362,6 +407,7 @@ void stc_manager_gdbus_deinit(gpointer stc_data) stc->statistics_obj = NULL; stc->restriction_obj = NULL; stc->firewall_obj = NULL; + stc->pcap_obj = NULL; stc->manager_obj = NULL; __STC_LOG_FUNC_EXIT__; } diff --git a/src/stc-manager-plugin-pcap.c b/src/stc-manager-plugin-pcap.c new file mode 100644 index 0000000..c9432a2 --- /dev/null +++ b/src/stc-manager-plugin-pcap.c @@ -0,0 +1,171 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "stc-manager.h" +#include "stc-manager-plugin-pcap.h" + +static gboolean stc_plugin_enabled = FALSE; +static void *handle_plugin; +static stc_plugin_pcap_s *stc_plugin; + +//LCOV_EXCL_START +int stc_plugin_pcap_init(void) +{ + __STC_LOG_FUNC_ENTER__; + + handle_plugin = dlopen(STC_PLUGIN_PCAP_FILEPATH, RTLD_NOW); + if (!handle_plugin) { + STC_LOGE("Can't load %s: %s", STC_PLUGIN_PCAP_FILEPATH, dlerror()); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin = dlsym(handle_plugin, "stc_plugin_pcap"); + if (!stc_plugin) { + STC_LOGE("Can't load symbol: %s", dlerror()); + dlclose(handle_plugin); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->initialize_plugin(); + stc_plugin_enabled = TRUE; + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_deinit(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->deinitialize_plugin(); + stc_plugin_enabled = FALSE; + dlclose(handle_plugin); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_lookup_dev(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->lookup_dev(); +} + +int stc_plugin_pcap_lookup_net(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->lookup_net(); +} + +int stc_plugin_pcap_find_alldevs(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->find_alldevs(); +} + +int stc_plugin_pcap_register_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->register_loop_pcap(ifname, group); +} + +int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->unregister_loop_pcap(ifname, group); +} +//LCOV_EXCL_STOP diff --git a/src/stc-manager.c b/src/stc-manager.c old mode 100644 new mode 100755 index 79acd88..46401fb --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -32,6 +32,7 @@ #include "stc-manager-plugin-exception.h" #include "stc-manager-plugin-procfs.h" #include "stc-manager-plugin-tether.h" +#include "stc-manager-plugin-pcap.h" #define BUF_SIZE_FOR_ERR 100 @@ -91,6 +92,7 @@ static void __stc_manager_deinit(void) stc_plugin_exception_deinit(); stc_plugin_procfs_deinit(); stc_plugin_tether_deinit(); + stc_plugin_pcap_deinit(); inotify_deregister(INFO_STORAGE_DIR); inotify_deinitialize(); @@ -133,6 +135,7 @@ static stc_s *__stc_manager_init(void) stc_plugin_exception_init(); stc_plugin_procfs_init(); stc_plugin_tether_init(); + stc_plugin_pcap_init(); #endif stc_firewall_init(); diff --git a/src/stc-pcap.c b/src/stc-pcap.c new file mode 100755 index 0000000..368971e --- /dev/null +++ b/src/stc-pcap.c @@ -0,0 +1,160 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "stc-db.h" +#include "stc-pcap.h" +#include "stc-manager-plugin-pcap.h" + +#define PCAP_DBUS_ERROR_NAME "net.stc.pcap.Error.Failed" + +#define STC_PCAP_DBUS_REPLY_ERROR(invocation, err_num) \ + g_dbus_method_invocation_return_dbus_error((invocation), \ + PCAP_DBUS_ERROR_NAME, \ + stc_err_strs[-(err_num)]) + +static const gchar *stc_err_strs[] = { + "ERROR_NONE", + "FAIL", + "DB_FAILED", + "OUT_OF_MEMORY", + "INVALID_PARAMETER", + "NO_DATA", + "ALREADY_DATA", + "UNINITIALIZED", + "PERMISSION_DENIED", + "NOTIMPL" +}; + +gboolean __validate_pcap(stc_pcap_s *pcap) +{ + __STC_LOG_FUNC_ENTER__; + + if (pcap == NULL) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return FALSE; //LCOV_EXCL_LINE + } + + if (pcap->ifname == NULL || + pcap->ifname[0] == '\0') { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return FALSE; //LCOV_EXCL_LINE + } + + __STC_LOG_FUNC_EXIT__; + return TRUE; +} + +static void __stc_extract_pcap(const char *key, GVariant *value, + void *user_data) +{ + stc_pcap_s *pcap = (stc_pcap_s *) user_data; + if (pcap == NULL) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return; //LCOV_EXCL_LINE + } + + if (!g_strcmp0(key, STC_PCAP_IFNAME)) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + pcap->ifname = g_strdup(str); + STC_LOGD("ifname: [%s]", pcap->ifname); + + } else if (!g_strcmp0(key, STC_PCAP_NFLOG_GROUP)) { + pcap->nflog_group = g_variant_get_uint32(value); + STC_LOGD("nflog group: [%d]", pcap->nflog_group); + + } else { + STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE + } +} + +gboolean handle_pcap_start(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data) +{ + __STC_LOG_FUNC_ENTER__; + GVariantIter *iter = NULL; + stc_pcap_s pcap; + int ret = STC_ERROR_NONE; + + memset(&pcap, 0, sizeof(stc_pcap_s)); + + g_variant_get(parameters, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __stc_extract_pcap, + &pcap); + g_variant_iter_free(iter); + } + + if (__validate_pcap(&pcap) == FALSE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE + STC_ERROR_INVALID_PARAMETER); + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + ret = stc_plugin_pcap_register_loop_pcap(pcap.ifname, pcap.nflog_group); + if (ret != STC_ERROR_NONE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + STC_DBUS_REPLY_ERROR_NONE(invocation); + __STC_LOG_FUNC_EXIT__; + return TRUE; +} + +gboolean handle_pcap_stop(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data) +{ + __STC_LOG_FUNC_ENTER__; + GVariantIter *iter = NULL; + stc_pcap_s pcap; + int ret = STC_ERROR_NONE; + + memset(&pcap, 0, sizeof(stc_pcap_s)); + + g_variant_get(parameters, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __stc_extract_pcap, + &pcap); + g_variant_iter_free(iter); + } + + if (__validate_pcap(&pcap) == FALSE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE + STC_ERROR_INVALID_PARAMETER); + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + ret = stc_plugin_pcap_unregister_loop_pcap(pcap.ifname, pcap.nflog_group); + if (ret != STC_ERROR_NONE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + STC_DBUS_REPLY_ERROR_NONE(invocation); + __STC_LOG_FUNC_EXIT__; + return TRUE; +} -- 2.7.4 From f2380cadc63c01f6dee9780e7f3ab6ce19ee8faa Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Wed, 21 Nov 2018 16:48:05 +0900 Subject: [PATCH 05/16] Separate debug log with info config Change-Id: I87608b9729a8ad5872c8edc69b1a2aac896421af Signed-off-by: hyunuktak --- include/stc-manager-util.h | 20 ++- include/stc-manager.h | 6 +- plugin/appstatus/stc-plugin-appstatus.c | 2 +- plugin/exception/stc-plugin-exception.c | 6 +- plugin/pcap/stc-plugin-pcap.c | 253 ++++++++++++++++++-------------- plugin/procfs/stc-plugin-procfs.c | 12 +- src/database/tables/table-statistics.c | 2 +- src/helper/helper-cgroup.c | 6 +- src/monitor/stc-monitor-app.c | 10 +- src/monitor/stc-monitor-proc.c | 32 ++-- src/monitor/stc-monitor-rstn.c | 28 ++-- src/stc-firewall.c | 90 ++++++++---- src/stc-manager-util.c | 42 +++++- src/stc-manager.c | 6 +- 14 files changed, 312 insertions(+), 203 deletions(-) mode change 100644 => 100755 plugin/appstatus/stc-plugin-appstatus.c mode change 100644 => 100755 plugin/exception/stc-plugin-exception.c mode change 100644 => 100755 src/database/tables/table-statistics.c mode change 100644 => 100755 src/helper/helper-cgroup.c mode change 100644 => 100755 src/monitor/stc-monitor-app.c mode change 100644 => 100755 src/monitor/stc-monitor-proc.c mode change 100644 => 100755 src/monitor/stc-monitor-rstn.c mode change 100644 => 100755 src/stc-firewall.c mode change 100644 => 100755 src/stc-manager-util.c diff --git a/include/stc-manager-util.h b/include/stc-manager-util.h index b12fff9..4b2eb94 100755 --- a/include/stc-manager-util.h +++ b/include/stc-manager-util.h @@ -330,7 +330,11 @@ static inline bool strstart_with(const char *str, const char *with) #define INFO_STORAGE_DIR "/var/lib/stc" #define INFO_CONFIG "info.config" -#define INFO_DEBUGLOG "debuglog" +#define INFO_DEBUG_LOG "debug_log" +#define INFO_STAT_LOG "stat_log" +#define INFO_RSTN_LOG "rstn_log" +#define INFO_FW_LOG "fw_log" +#define INFO_PCAP_LOG "pcap_log" #define MAX_PATH_LENGTH 512 #define MAX_NAME_LENGTH 256 @@ -395,12 +399,22 @@ enum stc_counter_state { STC_UPDATE_REQUESTED = 1 << 5, }; +typedef enum { + DEBUG_LOG_INFO, + STAT_LOG_INFO, + RSTN_LOG_INFO, + FW_LOG_INFO, + PCAP_LOG_INFO, + MAX_LOG_INFO +} log_info_e; + gboolean stc_util_get_config_bool(char *key); gchar * stc_util_get_config_str(char *key); int stc_util_get_config_int(char *key); -void stc_util_set_debuglog(int debuglog); -int stc_util_get_debuglog(void); +void stc_util_update_log_state(void); +void stc_util_set_log_state(log_info_e info, int state); +int stc_util_get_log_state(log_info_e info); void stc_util_initialize_config(void); diff --git a/include/stc-manager.h b/include/stc-manager.h index fabbbb1..0b930eb 100755 --- a/include/stc-manager.h +++ b/include/stc-manager.h @@ -39,7 +39,11 @@ #define STC_CMD_INSERT "-I" #define STC_CMD_SIZE 256 -#define STC_DEBUG_LOG (stc_util_get_debuglog()) +#define STC_DEBUG_LOG (stc_util_get_log_state(DEBUG_LOG_INFO)) +#define STC_STAT_LOG (stc_util_get_log_state(STAT_LOG_INFO)) +#define STC_RSTN_LOG (stc_util_get_log_state(RSTN_LOG_INFO)) +#define STC_FW_LOG (stc_util_get_log_state(FW_LOG_INFO)) +#define STC_PCAP_LOG (stc_util_get_log_state(PCAP_LOG_INFO)) typedef enum { STC_CANCEL = 0, /**< cancel */ diff --git a/plugin/appstatus/stc-plugin-appstatus.c b/plugin/appstatus/stc-plugin-appstatus.c old mode 100644 new mode 100755 index 2fd1b9e..98fab81 --- a/plugin/appstatus/stc-plugin-appstatus.c +++ b/plugin/appstatus/stc-plugin-appstatus.c @@ -87,7 +87,7 @@ static void __stc_gdbus_handle_aul_changestate(GDBusConnection *connection, else apptype = STC_APP_TYPE_GUI; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { STC_LOGD("\033[1;34mAPP STATUS\033[0;m: PkgID[\033[0;34m%s\033[0;m] " "AppID[\033[0;32m%s\033[0;m] PID[\033[1;33m%d\033[0;m] Status[%s] Type[%s]", pkgid, appid, pid, statstr, pkgtype); diff --git a/plugin/exception/stc-plugin-exception.c b/plugin/exception/stc-plugin-exception.c old mode 100644 new mode 100755 index 4769c3e..cdb47c4 --- a/plugin/exception/stc-plugin-exception.c +++ b/plugin/exception/stc-plugin-exception.c @@ -99,7 +99,7 @@ static void __excn_hash_foreach_print(gpointer key, gpointer value, const char *process_name = key; const char *exe_type = value; - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGI("Process_name[%s] exe_type[%s]", process_name, exe_type); } @@ -258,7 +258,7 @@ int stc_plugin_exception_fill_list(void) table_exceptions_foreach(__insert_exception_cb, NULL); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) __excn_hash_printall(); g_excns_timer_id = g_timeout_add_seconds(EXCNS_TIMER_INTERVAL, @@ -273,7 +273,7 @@ int stc_plugin_exception_update_list(void) __remove_exception_appall(); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) __excn_hash_printall(); return STC_ERROR_NONE; diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 8cba6bd..22dddb7 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -117,18 +117,20 @@ static void __pcap_ntp_info(const u_char *packet) __pcap_ntp_time_info(ntp_h->rectime.second, rectime); __pcap_ntp_time_info(ntp_h->xmttime.second, xmttime); - STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " - "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", - ntp_h->flags, ntp_h->stratum, ntp_h->poll, - ntp_h->precision, 1 << ntp_h->precision, - ntohs(ntp_h->rootdelay.second), - __pcap_ntp_fraction_info(ntp_h->rootdelay.fraction), - ntohs(ntp_h->rootdisp.second), - __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), - refid); - - STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", - reftime, orgtime, rectime, xmttime); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " + "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", + ntp_h->flags, ntp_h->stratum, ntp_h->poll, + ntp_h->precision, 1 << ntp_h->precision, + ntohs(ntp_h->rootdelay.second), + __pcap_ntp_fraction_info(ntp_h->rootdelay.fraction), + ntohs(ntp_h->rootdisp.second), + __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), + refid); + + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", + reftime, orgtime, rectime, xmttime); } static const char *__pcap_dhcp_client_id_info(uint8_t data) @@ -224,7 +226,8 @@ static void __pcap_bootp_magic_info(uint32_t magic, char buf[BOOTP_MOPTION_LEN]; uint8_t *opt = moption; - STC_LOGD("Magic cookie[DHCP]"); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Magic cookie[DHCP]"); while(len > 0) { uint8_t tag = opt[0]; @@ -237,60 +240,73 @@ static void __pcap_bootp_magic_info(uint32_t magic, case DHCP_TAG_SUBNET_MASK: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Subnet mask[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Subnet mask[%s]", addr); break; case DHCP_TAG_ROUTER: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Router[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Router[%s]", addr); break; case DHCP_TAG_DNS: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Domain name server[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Domain name server[%s]", addr); break; case DHCP_TAG_HOST_NAME: snprintf(buf, ((length < BOOTP_MOPTION_LEN) ? (length + 1) : BOOTP_MOPTION_LEN), "%s", (char *)data); - STC_LOGD("Host name[%s]", buf); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Host name[%s]", buf); break; case DHCP_TAG_REQUESTED_IP: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Requested IP[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Requested IP[%s]", addr); break; case DHCP_TAG_IP_LEASE_TIME: - STC_LOGD("IP address lease time[%us]", - ntohl(*(uint32_t *)data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("IP address lease time[%us]", + ntohl(*(uint32_t *)data)); break; case DHCP_TAG_MSG_TYPE: - STC_LOGD("DHCP message type[%u:%s]", *data, - __pcap_dhcp_msg_type_info(*data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("DHCP message type[%u:%s]", *data, + __pcap_dhcp_msg_type_info(*data)); break; case DHCP_TAG_SERVER_ID: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("DHCP server identifier[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("DHCP server identifier[%s]", addr); break; case DHCP_TAG_MSG_SIZE: - STC_LOGD("Maximum DHCP message size[%u]", - ntohs(*(uint16_t *)data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Maximum DHCP message size[%u]", + ntohs(*(uint16_t *)data)); break; case DHCP_TAG_CLIENT_ID: - STC_LOGD("Client identifier HW type[0x%02x:%s]", *data, - __pcap_dhcp_client_id_info(*data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Client identifier HW type[0x%02x:%s]", *data, + __pcap_dhcp_client_id_info(*data)); if (*data == DHCP_CLIENT_ID_ETHERNET) { g_strlcpy(host, ether_ntoa((const struct ether_addr *)&data[1]), sizeof(host)); - STC_LOGD("Client identifier MAC[%s]", host); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Client identifier MAC[%s]", host); } break; case DHCP_TAG_END: - STC_LOGD("End"); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("End"); return; default: - STC_LOGD("Unknown[%u]", tag); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Unknown[%u]", tag); break; } @@ -341,15 +357,17 @@ static void __pcap_bootp_info(const u_char *packet) ether_ntoa((const struct ether_addr *)bootp_h->chaddr), sizeof(chaddr)); - STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " - "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", - bootp_h->op, __pcap_bootp_op_info(bootp_h->op), - bootp_h->htype, bootp_h->hlen, bootp_h->hops, - ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " + "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", + bootp_h->op, __pcap_bootp_op_info(bootp_h->op), + bootp_h->htype, bootp_h->hlen, bootp_h->hops, + ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); - STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " - "Relay agent[%s] Client MAC[%s]", - ciaddr, yiaddr, siaddr, giaddr, chaddr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " + "Relay agent[%s] Client MAC[%s]", + ciaddr, yiaddr, siaddr, giaddr, chaddr); len = ntohs(udp_h->len); __pcap_bootp_magic_info(bootp_h->magic, bootp_h->moption, len); @@ -460,8 +478,10 @@ static void __pcap_dns_data_info(const u_char *packet) uint16_t type; uint16_t class; - if (i == 0) - STC_LOGD("[Queries]"); + if (i == 0) { + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("[Queries]"); + } data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); if (data == NULL) @@ -470,9 +490,10 @@ static void __pcap_dns_data_info(const u_char *packet) type = ntohs(*(uint16_t *)&data[0]); class = ntohs(*(uint16_t *)&data[2]); - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class)); data += 4; } @@ -486,8 +507,10 @@ static void __pcap_dns_data_info(const u_char *packet) uint16_t length; char ip[BUFF_SIZE_IP]; - if (i == 0) - STC_LOGD("[Answers]"); + if (i == 0) { + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("[Answers]"); + } data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); if (data == NULL) @@ -503,30 +526,33 @@ static void __pcap_dns_data_info(const u_char *packet) case DNS_QTYPE_A: inet_ntop(AF_INET, (struct in_addr *)&data[10], ip, BUFF_SIZE_IP); - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " - "TTL[%u] Data length[%u] Address[%s]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class), - ttl, length, ip); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] Address[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, ip); break; case DNS_QTYPE_CNAME: __pcap_dns_name_info((uint8_t *)dns_h, &data[10], cname); if (data == NULL) return; - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " - "TTL[%u] Data length[%u] CName[%s]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class), - ttl, length, cname); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] CName[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, cname); break; case DNS_QTYPE_AAAA: break; default: - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " - "TTL[%u] Data length[%u]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class), - ttl, length); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length); break; } } @@ -540,11 +566,12 @@ static void __pcap_dns_info(const u_char *packet) dns_t *dns_h = (dns_t *)(packet + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); - STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " - "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", - ntohs(dns_h->id), ntohs(dns_h->flags), - ntohs(dns_h->questions), ntohs(dns_h->answerRR), - ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " + "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", + ntohs(dns_h->id), ntohs(dns_h->flags), + ntohs(dns_h->questions), ntohs(dns_h->answerRR), + ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); __pcap_dns_data_info(packet); } @@ -699,10 +726,11 @@ static void __pcap_icmp_info(const u_char *packet) icmp_t *icmp_h = (icmp_t *)(packet + SIZE_ETHER_HEADER + SIZE_IP_HEADER); - STC_LOGD("Type[%u:%s] Code[%u:%s] Checksum[0x%x]", - icmp_h->type, __pcap_icmp_type_info(icmp_h->type), - icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), - ntohs(icmp_h->checksum)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Type[%u:%s] Code[%u:%s] Checksum[0x%x]", + icmp_h->type, __pcap_icmp_type_info(icmp_h->type), + icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), + ntohs(icmp_h->checksum)); } static void __pcap_tcp_info(const u_char *packet) @@ -712,13 +740,15 @@ static void __pcap_tcp_info(const u_char *packet) u_int16_t source = ntohs(tcp_h->source); u_int16_t dest = ntohs(tcp_h->dest); - STC_LOGD("Source[%u] Destination[%u] Sequence[%u] " - "Acknowledgment seq[%u] Window size[%u] ", - ntohs(tcp_h->source), ntohs(tcp_h->dest), - ntohl(tcp_h->seq), ntohl(tcp_h->ack_seq), - ntohs(tcp_h->window)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Source[%u] Destination[%u] Sequence[%u] " + "Acknowledgment seq[%u] Window size[%u] ", + ntohs(tcp_h->source), ntohs(tcp_h->dest), + ntohl(tcp_h->seq), ntohl(tcp_h->ack_seq), + ntohs(tcp_h->window)); - STC_LOGD("Checksum[0x%x] URG[%u] ACK[%u] PUSH[%u] " + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Checksum[0x%x] URG[%u] ACK[%u] PUSH[%u] " "RST[%u] SYN[%u] FIN[%u]", ntohs(tcp_h->check), tcp_h->urg, tcp_h->ack, tcp_h->psh, @@ -735,8 +765,9 @@ static void __pcap_udp_info(const u_char *packet) u_int16_t source = ntohs(udp_h->source); u_int16_t dest = ntohs(udp_h->dest); - STC_LOGD("Source[%u] Destination[%u] Len[%u] Checksum[0x%x]", - source, dest, ntohs(udp_h->len), ntohs(udp_h->check)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Source[%u] Destination[%u] Len[%u] Checksum[0x%x]", + source, dest, ntohs(udp_h->len), ntohs(udp_h->check)); if (IS_SRC_OR_DST_PORT(PORT_DNS)) __pcap_dns_info(packet); @@ -827,16 +858,18 @@ static void __pcap_arp_info(const u_char *packet) ar_pro = ntohs(arp_h->ar_pro); - STC_LOGD("HW type[%u] Protocol type[0x%04x:%s] " - "HW size[%u] Protocol size[%u] Opcode[%u:%s] ", - ntohs(arp_h->ar_hrd), ar_pro, - __pcap_eth_type_info(ar_pro), - arp_h->ar_hln, arp_h->ar_pln, - ar_op, __pcap_arp_opcode_info(ar_op)); - - STC_LOGD("Sender MAC[%s] Sender IP[%s] " - "Target MAC[%s] Target IP[%s]", - sma, sia, tma, tia); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("HW type[%u] Protocol type[0x%04x:%s] " + "HW size[%u] Protocol size[%u] Opcode[%u:%s] ", + ntohs(arp_h->ar_hrd), ar_pro, + __pcap_eth_type_info(ar_pro), + arp_h->ar_hln, arp_h->ar_pln, + ar_op, __pcap_arp_opcode_info(ar_op)); + + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Sender MAC[%s] Sender IP[%s] " + "Target MAC[%s] Target IP[%s]", + sma, sia, tma, tia); } static const char *__pcap_ip_protocol_info(u_int8_t p) @@ -882,11 +915,12 @@ static void __pcap_ipv6_info(const u_char *packet) inet_ntop(AF_INET6, &ip6_h->ip6_src, ip6_src, BUFF_SIZE_IP6); inet_ntop(AF_INET6, &ip6_h->ip6_dst, ip6_dst, BUFF_SIZE_IP6); - STC_LOGD("Flow[0x%08x] Payload len[%u] Next hdr[%u:%s] " - "Hop limit[%u] Source[%s] Destination[%s]", - ntohl(ip6_h->ip6_flow), ntohs(ip6_h->ip6_plen), - ip6_h->ip6_nxt, __pcap_ip_protocol_info(ip6_h->ip6_nxt), - ip6_h->ip6_hlim, ip6_src, ip6_dst); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Flow[0x%08x] Payload len[%u] Next hdr[%u:%s] " + "Hop limit[%u] Source[%s] Destination[%s]", + ntohl(ip6_h->ip6_flow), ntohs(ip6_h->ip6_plen), + ip6_h->ip6_nxt, __pcap_ip_protocol_info(ip6_h->ip6_nxt), + ip6_h->ip6_hlim, ip6_src, ip6_dst); switch (ip6_h->ip6_nxt) { case IPPROTO_IP: @@ -917,15 +951,16 @@ static void __pcap_ip_info(const u_char *packet) inet_ntop(AF_INET, &ip_h->ip_src, ip_src, BUFF_SIZE_IP); inet_ntop(AF_INET, &ip_h->ip_dst, ip_dst, BUFF_SIZE_IP); - STC_LOGD("Header len[%u] TOS[0x%02x] Total len[%u] " - "ID[0x%04x] Flags[0x%02x] TTL[%u] Protocol[%u:%s] " - "Checksum[0x%04x] Source[%s] Destination[%s]", - ip_h->ip_hl << 2, ip_h->ip_tos, - ntohs(ip_h->ip_len), ntohs(ip_h->ip_id), - (ntohs(ip_h->ip_off) & 0xe000) >> 13, - ip_h->ip_ttl, ip_h->ip_p, - __pcap_ip_protocol_info(ip_h->ip_p), - ntohs(ip_h->ip_sum), ip_src, ip_dst); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Header len[%u] TOS[0x%02x] Total len[%u] " + "ID[0x%04x] Flags[0x%02x] TTL[%u] Protocol[%u:%s] " + "Checksum[0x%04x] Source[%s] Destination[%s]", + ip_h->ip_hl << 2, ip_h->ip_tos, + ntohs(ip_h->ip_len), ntohs(ip_h->ip_id), + (ntohs(ip_h->ip_off) & 0xe000) >> 13, + ip_h->ip_ttl, ip_h->ip_p, + __pcap_ip_protocol_info(ip_h->ip_p), + ntohs(ip_h->ip_sum), ip_src, ip_dst); switch (ip_h->ip_p) { case IPPROTO_ICMP: @@ -961,8 +996,9 @@ static void __pcap_eth_info(const u_char *packet) ether_type = ntohs(eth_h->ether_type); - STC_LOGD("Source[%s] Destination[%s] Type[0x%04x:%s]", - shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Source[%s] Destination[%s] Type[0x%04x:%s]", + shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); } static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) @@ -982,11 +1018,12 @@ static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) len = strlen(curr); curr[len - 1] = '\0'; - STC_LOGD("Arrival time[%s] Timeval[%.06f] " - "Frame len[%u] Capture len[%u]", curr, - (float)((tv_sec - g_pcap_tv.tv_sec) * 1000000 + - (tv_usec - g_pcap_tv.tv_usec)) / 1000000, - pkthdr->len, pkthdr->caplen); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Arrival time[%s] Timeval[%.06f] " + "Frame len[%u] Capture len[%u]", curr, + (float)((tv_sec - g_pcap_tv.tv_sec) * 1000000 + + (tv_usec - g_pcap_tv.tv_usec)) / 1000000, + pkthdr->len, pkthdr->caplen); } static void __pcap_handler(u_char *param, diff --git a/plugin/procfs/stc-plugin-procfs.c b/plugin/procfs/stc-plugin-procfs.c index 4aa36c6..5a323a4 100755 --- a/plugin/procfs/stc-plugin-procfs.c +++ b/plugin/procfs/stc-plugin-procfs.c @@ -135,7 +135,7 @@ static proc_value_s * __proc_tree_find_parent(proc_value_s *value) parent = lookup; } while (lookup); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { if (parent != NULL) STC_LOGD("\033[0;35mPARENT\033[0;m: tgid[\033[1;33m%s\033[0;m] " "pid[%s] ppid[%s] cmdline[\033[0;34m%s\033[0;m] name[%s]", @@ -158,7 +158,7 @@ static void __proc_tree_add(proc_key_s *key, proc_value_s *value) } if (key == NULL || value == NULL) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("invalid parameters"); return; } @@ -318,7 +318,7 @@ static void __process_event_fork(int tgid, int pid) g_strlcpy(value.status[i], status[i], sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;32mFORK\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid=[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -357,7 +357,7 @@ static void __process_event_exec(int tgid, int pid) sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;32mEXEC\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -379,7 +379,7 @@ static void __process_event_exit(int tgid, int pid, int exit_code) if (lookup == NULL) /* unmonitored process */ return; - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;31mEXIT\033[0;m: tgid[\033[1;33m%d\033[0;m] " "cmdline[\033[0;34m%s\033[0;m] pid[%d] exitcode[%d]", tgid, lookup->cmdline, pid, exit_code); @@ -591,7 +591,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, { stc_error_e ret = STC_ERROR_NONE; - if ((pkg_id && app_id) && STC_DEBUG_LOG) + if ((pkg_id && app_id) && STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cmd[%d] pkgid[%s] appid[%s] pid[%d] type[%d]", cmd, pkg_id, app_id, pid, app_type); diff --git a/src/database/tables/table-statistics.c b/src/database/tables/table-statistics.c old mode 100644 new mode 100755 index 5983ad7..f8db77b --- a/src/database/tables/table-statistics.c +++ b/src/database/tables/table-statistics.c @@ -621,7 +621,7 @@ stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, goto handle_error; //LCOV_EXCL_LINE } - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m] " "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd); diff --git a/src/helper/helper-cgroup.c b/src/helper/helper-cgroup.c old mode 100644 new mode 100755 index ee7c282..fbb0024 --- a/src/helper/helper-cgroup.c +++ b/src/helper/helper-cgroup.c @@ -119,7 +119,7 @@ int cgroup_write_node_uint32(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, value); //LCOV_EXCL_LINE return fwrite_uint(buf, value); @@ -131,7 +131,7 @@ int cgroup_write_node_str(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cgroup_buf %s, string %s\n", buf, string); //LCOV_EXCL_LINE return fwrite_str(buf, string); @@ -145,7 +145,7 @@ int cgroup_read_node_uint32(const char *cgroup_name, snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); ret = fread_uint(buf, value); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, *value); //LCOV_EXCL_LINE return ret; diff --git a/src/monitor/stc-monitor-app.c b/src/monitor/stc-monitor-app.c old mode 100644 new mode 100755 index 96d602a..ceeb0b4 --- a/src/monitor/stc-monitor-app.c +++ b/src/monitor/stc-monitor-app.c @@ -363,7 +363,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m:" "\033[0;32m%s\033[0;m]", classid, app_id); return STC_ERROR_NONE; @@ -371,7 +371,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, app_value = MALLOC0(stc_app_value_s, 1); if (!app_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -411,7 +411,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, stc_monitor_rstn_add_for_app(classid); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_app(GUINT_TO_POINTER(classid), app_value, NULL); STC_LOGD("\033[1;32mApplication added\033[0;m " "[\033[1;36m%d\033[0;m]", classid); @@ -570,7 +570,7 @@ API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_FAIL; } @@ -589,7 +589,7 @@ API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) /* remove ristrictions if any */ stc_monitor_rstn_remove_for_app(classid); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) __print_app(GUINT_TO_POINTER(classid), app_lookup, NULL); /* remove app_key from the stc-manager */ diff --git a/src/monitor/stc-monitor-proc.c b/src/monitor/stc-monitor-proc.c old mode 100644 new mode 100755 index e472421..be12dd1 --- a/src/monitor/stc-monitor-proc.c +++ b/src/monitor/stc-monitor-proc.c @@ -42,7 +42,7 @@ static void __proc_remove_pid(gpointer key, gpointer value, if (!g_hash_table_remove(app_value->processes, GUINT_TO_POINTER(context->pid))) return; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(app_value->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", context->pid); @@ -91,7 +91,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -99,7 +99,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (!proc_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", value.pid); return STC_ERROR_NO_DATA; } @@ -130,7 +130,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -138,14 +138,14 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (proc_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m]", value.pid); return STC_ERROR_NONE; } proc_value = MALLOC0(stc_proc_value_s, 1); if (!proc_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -160,7 +160,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, /* add pid to application cgroup */ place_pids_to_net_cgroup(proc_value->pid, app_id); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;32mProcess added\033[0;m " "[\033[1;33m%d\033[0;m]", proc_value->pid); @@ -193,21 +193,21 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, app_lookup = context.app_value; if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", pid); return STC_ERROR_NO_DATA; } } else { app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } if (g_hash_table_remove(app_lookup->processes, GUINT_TO_POINTER(pid))) { - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", pid); @@ -235,7 +235,7 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", classid); } @@ -259,14 +259,14 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, to != STC_UNKNOWN_CLASSID) { from_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(from)); if (!from_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", from); return STC_ERROR_NO_DATA; } to_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(to)); if (!to_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", to); return STC_ERROR_NO_DATA; } @@ -274,7 +274,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_foreach(from_lookup->processes, __proc_move_pid, to_lookup); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(to_lookup->processes); STC_LOGD("\033[1;34mProcesses moved\033[0;m " "[\033[1;36m%d\033[0;m] -> [\033[1;36m%d\033[0;m]", @@ -283,7 +283,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove_all(from_lookup->processes); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(from_lookup->processes); STC_LOGD("\033[1;31mProcesses removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); @@ -303,7 +303,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove(apps, GUINT_TO_POINTER(from)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); } diff --git a/src/monitor/stc-monitor-rstn.c b/src/monitor/stc-monitor-rstn.c old mode 100644 new mode 100755 index f28de3c..31a05ab --- a/src/monitor/stc-monitor-rstn.c +++ b/src/monitor/stc-monitor-rstn.c @@ -557,7 +557,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, rstn_data->counter[STC_RSTN_LIMIT_TYPE_WEEKLY] = info.weekly_counter + stat.weekly_stat; rstn_data->counter[STC_RSTN_LIMIT_TYPE_DAILY] = info.daily_counter + stat.daily_stat; - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Rstn counter data[%lld] warn[%lld] " "monthly[%lld] weekly[%lld] daily[%lld]", rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA], @@ -591,7 +591,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, rstn_data->rstn_state = STC_RSTN_STATE_ACTIVATED; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction activated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -606,7 +606,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, rstn_data->limit_exceeded = 0; rstn_data->limit_notified = 0; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction activated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -633,7 +633,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, __rstn_set_noti_state(STC_RSTN_STATE_UNSET); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction deactivated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -651,7 +651,7 @@ static void __rstn_add(gpointer data, gpointer user_data) /* rstn rule is activated */ if (rstn_data->rstn_state == STC_RSTN_STATE_ACTIVATED) { - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction already activated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -671,7 +671,7 @@ static void __rstn_add(gpointer data, gpointer user_data) rstn_data->app_id, rstn_data, user_data); } - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { __print_rstn(rstn_data); STC_LOGD("\033[1;32mRestriction added\033[0;m " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", @@ -703,7 +703,7 @@ static void __rstn_remove(gpointer data, gpointer user_data) __rstn_tethering_process(RST_UNSET, rstn_data->app_id, rstn_data, user_data); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { __print_rstn(rstn_data); STC_LOGD("\033[1;31mRestriction removed\033[0;m " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", @@ -782,7 +782,7 @@ static stc_error_e __rstn_data_remove(stc_rstn_data_s *data) lookup_value = g_hash_table_lookup(rstns, GUINT_TO_POINTER(data->classid)); if (!lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Restriction not found [\033[1;36m%d\033[0;m]", data->classid); return STC_ERROR_NO_DATA; @@ -791,7 +791,7 @@ static stc_error_e __rstn_data_remove(stc_rstn_data_s *data) lookup_list = g_slist_find_custom(lookup_value->rules, data, __rstn_data_comp); if (!lookup_list) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Restriction not found [%d:%s:%s:%d]", data->iftype, data->ifname, data->subscriber_id, data->roaming); @@ -827,7 +827,7 @@ static stc_error_e __rstn_data_add(stc_rstn_data_s *data) rstn_data = MALLOC0(stc_rstn_data_s, 1); if (!rstn_data) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Rstn_data allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -836,7 +836,7 @@ static stc_error_e __rstn_data_add(stc_rstn_data_s *data) if (!lookup_value) { rstn_value = MALLOC0(stc_rstn_value_s, 1); if (!rstn_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Rstn_value allocation failed"); FREE(rstn_data); return STC_ERROR_OUT_OF_MEMORY; @@ -1303,7 +1303,7 @@ void stc_monitor_rstn_action_when_limit_exceeded(stc_rstn_limit_type_e limit_typ stc_plugin_appstatus_send_message(net_popup_content, net_popup_type, rstn_data->app_id, iftype, byte); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Limit exceeded [\033[0;31m%s\033[0;m:%d]", net_popup_content, limit_type); } @@ -1381,7 +1381,7 @@ void stc_monitor_rstn_add_for_app(uint32_t classid) lookup_value = g_hash_table_lookup(rstns, GUINT_TO_POINTER(classid)); if (!lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Restriction not found [\033[1;36m%d\033[0;m]", classid); return; @@ -1432,7 +1432,7 @@ void stc_monitor_rstn_remove_for_app(uint32_t classid) lookup_value = g_hash_table_lookup(rstns, GUINT_TO_POINTER(classid)); if (!lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Restriction not found [\033[1;36m%d\033[0;m]", classid); return; diff --git a/src/stc-firewall.c b/src/stc-firewall.c old mode 100644 new mode 100755 index 2a1799c..f1adadb --- a/src/stc-firewall.c +++ b/src/stc-firewall.c @@ -207,8 +207,10 @@ static void __fw_rule_make_key(firewall_rule_s *rule, info->identifier = g_strdup(rule->identifier); info->key = rule->key; - STC_LOGD("Identifier [%s]", rule->identifier); - STC_LOGD("Key [%u]", rule->key); + if (STC_DEBUG_LOG && STC_FW_LOG) { + STC_LOGD("Identifier [%s]", rule->identifier); + STC_LOGD("Key [%u]", rule->key); + } } static void __fw_rule_free(void *data) @@ -257,13 +259,15 @@ static stc_error_e __fw_chain_add(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (lookup) { - STC_LOGD("chain already present"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("chain already present"); return STC_ERROR_ALREADY_DATA; } data = MALLOC0(stc_fw_data_s, 1); if (!data) { - STC_LOGE("data allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -286,12 +290,14 @@ static stc_error_e __fw_chain_remove(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } @@ -313,12 +319,14 @@ static stc_error_e __fw_chain_flush(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } @@ -338,7 +346,8 @@ static stc_error_e __fw_chain_set(const char *chain, stc_fw_data_s value) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } @@ -357,7 +366,8 @@ static stc_fw_data_s *__fw_chain_get(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return NULL; } @@ -375,7 +385,8 @@ static stc_error_e __fw_chain_unset(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } @@ -747,7 +758,8 @@ stc_cb_ret_e __fw_table_chain_info_cb(const firewall_chain_s *info, data = MALLOC0(stc_fw_data_s, 1); if (!data) { - STC_LOGE("data allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); return STC_CONTINUE; } @@ -768,13 +780,15 @@ stc_cb_ret_e __fw_table_rule_info_cb(const firewall_rule_s *info, lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_CONTINUE; } rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_CONTINUE; } @@ -798,18 +812,21 @@ static stc_error_e __fw_rule_add(firewall_rule_s *info) lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -819,7 +836,8 @@ static stc_error_e __fw_rule_add(firewall_rule_s *info) comp = g_slist_find_custom(lookup->rules, rule, __fw_rule_comp); if (comp) { - STC_LOGD("rule already present"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); __fw_rule_free(rule); return STC_ERROR_ALREADY_DATA; } @@ -842,19 +860,22 @@ static stc_error_e __fw_rule_remove(const firewall_rule_s *info) lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } rule_list = lookup->rules; comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); if (!comp) { - STC_LOGD("rule not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); return STC_ERROR_NO_DATA; } @@ -879,19 +900,22 @@ static stc_error_e __fw_rule_update(firewall_rule_s *info) lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } rule_list = lookup->rules; comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); if (!comp) { - STC_LOGD("rule not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); return STC_ERROR_NO_DATA; } @@ -899,7 +923,8 @@ static stc_error_e __fw_rule_update(firewall_rule_s *info) update_rule = MALLOC0(firewall_rule_s, 1); if (!update_rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -909,7 +934,8 @@ static stc_error_e __fw_rule_update(firewall_rule_s *info) comp = g_slist_find_custom(lookup->rules, update_rule, __fw_rule_comp); if (comp) { - STC_LOGD("rule already present"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); __fw_rule_free(update_rule); return STC_ERROR_ALREADY_DATA; } @@ -1518,7 +1544,8 @@ gboolean handle_firewall_unset_chain(StcFirewall *object, } if (lookup->target == STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("chain is not set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain is not set"); STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); __STC_LOG_FUNC_EXIT__; @@ -1575,7 +1602,8 @@ gboolean handle_firewall_add_rule(StcFirewall *object, rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -1627,7 +1655,8 @@ gboolean handle_firewall_remove_rule(StcFirewall *object, rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -1680,7 +1709,8 @@ gboolean handle_firewall_update_rule(StcFirewall *object, rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } diff --git a/src/stc-manager-util.c b/src/stc-manager-util.c old mode 100644 new mode 100755 index 51dbd4f..1f25927 --- a/src/stc-manager-util.c +++ b/src/stc-manager-util.c @@ -16,7 +16,18 @@ #include "stc-manager-util.h" -static int g_debuglog = -1; +typedef struct { + int state; + char *key; +} log_info_s; + +log_info_s g_log_info[] = { + {-1, INFO_DEBUG_LOG}, + {-1, INFO_STAT_LOG}, + {-1, INFO_RSTN_LOG}, + {-1, INFO_FW_LOG}, + {-1, INFO_PCAP_LOG}, +}; static void __sync_file_to_disk(const char *path) { @@ -128,31 +139,46 @@ int stc_util_get_config_int(char *key) } //LCOV_EXCL_START -API void stc_util_set_debuglog(int debuglog) +API void stc_util_update_log_state(void) { - g_debuglog = debuglog; + int i; + + for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i) + g_log_info[i].state = stc_util_get_config_int(g_log_info[i].key); + + STC_LOGD("log info [%d:%d:%d:%d:%d]", + g_log_info[DEBUG_LOG_INFO].state, g_log_info[STAT_LOG_INFO].state, + g_log_info[RSTN_LOG_INFO].state, g_log_info[FW_LOG_INFO].state, + g_log_info[PCAP_LOG_INFO].state); +} + +API void stc_util_set_log_state(log_info_e info, int state) +{ + g_log_info[info].state = state; } //LCOV_EXCL_STOP -API int stc_util_get_debuglog(void) +API int stc_util_get_log_state(log_info_e info) { - if (g_debuglog == -1) - g_debuglog = stc_util_get_config_int(INFO_DEBUGLOG); + if (g_log_info[info].state == -1) + g_log_info[info].state = stc_util_get_config_int(g_log_info[info].key); - return g_debuglog; + return g_log_info[info].state; } void stc_util_initialize_config(void) { char path[MAX_PATH_LENGTH]; GKeyFile *keyfile; + int i; snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG); keyfile = __load_key_file(path); if (!keyfile) { keyfile = g_key_file_new(); //LCOV_EXCL_LINE - g_key_file_set_integer(keyfile, path, INFO_DEBUGLOG, 0); + for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i) + g_key_file_set_integer(keyfile, path, g_log_info[i].key, 0); } __save_key_file(keyfile, path); diff --git a/src/stc-manager.c b/src/stc-manager.c index 46401fb..ba9356d 100755 --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -62,10 +62,8 @@ static void __stc_inotify_handler(struct inotify_event *event, const char *ident return; } - if (!g_strcmp0(ident, INFO_CONFIG)) { - int debug = stc_util_get_config_int(INFO_DEBUGLOG); - stc_util_set_debuglog(debug); - } + if (!g_strcmp0(ident, INFO_CONFIG)) + stc_util_update_log_state(); } static void __stc_manager_deinit(void) -- 2.7.4 From f8e88a87a33763dbd5a58a29f8876b7254e6864d Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Thu, 29 Nov 2018 16:49:41 +0900 Subject: [PATCH 06/16] Separate monitoring function plugin Change-Id: I9cab1ed4d30e78bd4489ea6a7f1083f7e5aa1326 Signed-off-by: hyunuktak --- include/stc-manager-plugin-monitor.h | 45 ++++ include/stc-manager-util.h | 4 +- packaging/stc-manager.spec | 12 +- plugin/CMakeLists.txt | 5 +- plugin/appstatus/stc-plugin-appstatus.c | 2 +- plugin/exception/stc-plugin-exception.c | 6 +- plugin/monitor/CMakeLists.txt | 48 ++++ .../monitor/include/stc-plugin-monitor-app.h | 37 +-- .../include/stc-plugin-monitor-connection.h | 12 +- .../monitor/include/stc-plugin-monitor-context.h | 6 +- .../monitor/include/stc-plugin-monitor-ipt.h | 6 +- .../monitor/include/stc-plugin-monitor-proc.h | 16 +- .../monitor/include/stc-plugin-monitor-rstn.h | 29 +-- .../monitor/include/stc-plugin-monitor-time.h | 6 +- .../monitor/include/stc-plugin-monitor.h | 72 +++--- .../monitor/stc-plugin-monitor-app.c | 281 +++++++++++---------- .../monitor/stc-plugin-monitor-connection.c | 8 +- .../monitor/stc-plugin-monitor-ipt.c | 4 +- .../monitor/stc-plugin-monitor-proc.c | 48 ++-- .../monitor/stc-plugin-monitor-rstn.c | 130 +++++----- .../monitor/stc-plugin-monitor-time.c | 6 + .../monitor/stc-plugin-monitor.c | 46 +++- plugin/pcap/stc-plugin-pcap.c | 27 +- plugin/procfs/CMakeLists.txt | 2 + plugin/procfs/include/stc-plugin-procfs.h | 1 - plugin/procfs/stc-plugin-procfs.c | 45 ++-- plugin/tether/CMakeLists.txt | 1 + plugin/tether/stc-plugin-tether.c | 8 +- src/CMakeLists.txt | 9 +- src/database/db-common.c | 4 - src/database/tables/table-counters.c | 10 +- src/database/tables/table-restrictions.c | 2 +- src/database/tables/table-statistics.c | 6 +- src/helper/helper-cgroup.c | 8 +- src/helper/helper-file.c | 18 +- src/helper/helper-iptables.c | 8 +- src/helper/helper-net-cls.c | 8 +- src/helper/helper-nfacct-rule.c | 8 +- src/helper/helper-nl.c | 2 +- src/stc-firewall.c | 14 +- src/stc-manager-gdbus.c | 17 +- src/stc-manager-plugin-appstatus.c | 35 +-- src/stc-manager-plugin-exception.c | 32 +-- src/stc-manager-plugin-monitor.c | 259 +++++++++++++++++++ src/stc-manager-plugin-pcap.c | 55 ++-- src/stc-manager-plugin-tether.c | 25 +- src/stc-manager.c | 19 +- src/stc-restriction.c | 6 +- 48 files changed, 888 insertions(+), 570 deletions(-) create mode 100755 include/stc-manager-plugin-monitor.h create mode 100644 plugin/monitor/CMakeLists.txt rename src/monitor/include/stc-monitor-app.h => plugin/monitor/include/stc-plugin-monitor-app.h (83%) mode change 100644 => 100755 rename src/monitor/include/stc-connection.h => plugin/monitor/include/stc-plugin-monitor-connection.h (86%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-context.h => plugin/monitor/include/stc-plugin-monitor-context.h (92%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-ipt.h => plugin/monitor/include/stc-plugin-monitor-ipt.h (93%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-proc.h => plugin/monitor/include/stc-plugin-monitor-proc.h (71%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-rstn.h => plugin/monitor/include/stc-plugin-monitor-rstn.h (87%) mode change 100644 => 100755 rename src/monitor/include/stc-time.h => plugin/monitor/include/stc-plugin-monitor-time.h (86%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor.h => plugin/monitor/include/stc-plugin-monitor.h (59%) mode change 100644 => 100755 rename src/monitor/stc-monitor-app.c => plugin/monitor/stc-plugin-monitor-app.c (97%) rename src/monitor/stc-connection.c => plugin/monitor/stc-plugin-monitor-connection.c (99%) mode change 100644 => 100755 rename src/monitor/stc-monitor-ipt.c => plugin/monitor/stc-plugin-monitor-ipt.c (98%) mode change 100644 => 100755 rename src/monitor/stc-monitor-proc.c => plugin/monitor/stc-plugin-monitor-proc.c (88%) rename src/monitor/stc-monitor-rstn.c => plugin/monitor/stc-plugin-monitor-rstn.c (99%) rename src/monitor/stc-time.c => plugin/monitor/stc-plugin-monitor-time.c (96%) mode change 100644 => 100755 rename src/monitor/stc-monitor.c => plugin/monitor/stc-plugin-monitor.c (92%) mode change 100644 => 100755 mode change 100644 => 100755 plugin/procfs/include/stc-plugin-procfs.h mode change 100644 => 100755 src/database/db-common.c mode change 100644 => 100755 src/database/tables/table-counters.c mode change 100644 => 100755 src/database/tables/table-restrictions.c mode change 100644 => 100755 src/helper/helper-iptables.c mode change 100644 => 100755 src/helper/helper-nl.c mode change 100644 => 100755 src/stc-manager-plugin-appstatus.c mode change 100644 => 100755 src/stc-manager-plugin-exception.c create mode 100755 src/stc-manager-plugin-monitor.c mode change 100644 => 100755 src/stc-manager-plugin-pcap.c mode change 100644 => 100755 src/stc-manager-plugin-tether.c mode change 100644 => 100755 src/stc-restriction.c diff --git a/include/stc-manager-plugin-monitor.h b/include/stc-manager-plugin-monitor.h new file mode 100755 index 0000000..3830608 --- /dev/null +++ b/include/stc-manager-plugin-monitor.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_MANAGER_PLUGIN_MONITOR_H__ +#define __STC_MANAGER_PLUGIN_MONITOR_H__ + +#define STC_PLUGIN_MONITOR_FILEPATH "/usr/lib/stc-plugin-monitor.so" + +#include "stc-plugin-monitor.h" + +int stc_plugin_monitor_init(void); +int stc_plugin_monitor_deinit(void); + +int stc_plugin_monitor_add_app(uint32_t classid, + const char *app_id, + const char *pkg_id, + const stc_app_value_s value); +int stc_plugin_monitor_remove_app(uint32_t classid, + const char *app_id); +int stc_plugin_monitor_lookup_app(uint32_t classid); +int stc_plugin_monitor_add_rstn(table_restrictions_info *info); +int stc_plugin_monitor_remove_rstn(table_restrictions_info *info); +int stc_plugin_monitor_init_connection(stc_s *stc); +int stc_plugin_monitor_deinit_connection(stc_s *stc); +int stc_plugin_monitor_add_proc(uint32_t classid, + const char *app_id, const stc_proc_value_s value); +int stc_plugin_monitor_remove_proc(uint32_t classid, pid_t pid); +int stc_plugin_monitor_move_proc(uint32_t from, uint32_t to); +int stc_plugin_monitor_update_proc_ground(uint32_t classid, + const char *app_id, const stc_proc_value_s value); + +#endif /* __STC_MANAGER_PLUGIN_MONITOR_H__ */ diff --git a/include/stc-manager-util.h b/include/stc-manager-util.h index 4b2eb94..7440534 100755 --- a/include/stc-manager-util.h +++ b/include/stc-manager-util.h @@ -260,14 +260,14 @@ static inline bool strstart_with(const char *str, const char *with) #define ret_value_if(expr, val) do { \ if (expr) { \ - STC_LOGE("(%s) -> %s():%d return", #expr, __FUNCTION__, __LINE__); \ return (val); \ } \ } while (0) #define ret_value_msg_if(expr, val, fmt, arg...) do { \ if (expr) { \ - STC_LOGE(fmt, ##arg); \ + if (STC_DEBUG_LOG) \ + STC_LOGE(fmt, ##arg); \ return val; \ } \ } while (0) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index b14ee3f..0d98483 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.82 +Version: 0.0.83 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 @@ -70,6 +70,12 @@ Summary: Tethering plugin for data usage of tethering clients %description plugin-tether A smart traffic control manager extension for tethering client data usage plugin +%package plugin-monitor +Summary: Monitor plugin for data usage of clients + +%description plugin-monitor +A smart traffic control manager extension for monitoring client data usage plugin + %prep %setup -q chmod 644 %{SOURCE0} @@ -168,3 +174,7 @@ cp resources/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/st %files plugin-tether %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-tether.so + +%files plugin-monitor +%manifest %{name}.manifest +%attr(500,root,root) %{_libdir}/stc-plugin-monitor.so diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index 04c53b8..a56ee63 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -1,7 +1,6 @@ SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/src) SET(HELPER_SOURCE_DIR ${SOURCE_DIR}/helper) SET(DATABASE_SOURCE_DIR ${SOURCE_DIR}/database) -SET(MONITOR_SOURCE_DIR ${SOURCE_DIR}/monitor) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces) @@ -12,11 +11,9 @@ INCLUDE_DIRECTORIES(${HELPER_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}/include) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) - ADD_SUBDIRECTORY(appstatus) ADD_SUBDIRECTORY(exception) ADD_SUBDIRECTORY(procfs) ADD_SUBDIRECTORY(pcap) ADD_SUBDIRECTORY(tether) +ADD_SUBDIRECTORY(monitor) diff --git a/plugin/appstatus/stc-plugin-appstatus.c b/plugin/appstatus/stc-plugin-appstatus.c index 98fab81..5d5b653 100755 --- a/plugin/appstatus/stc-plugin-appstatus.c +++ b/plugin/appstatus/stc-plugin-appstatus.c @@ -87,7 +87,7 @@ static void __stc_gdbus_handle_aul_changestate(GDBusConnection *connection, else apptype = STC_APP_TYPE_GUI; - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { STC_LOGD("\033[1;34mAPP STATUS\033[0;m: PkgID[\033[0;34m%s\033[0;m] " "AppID[\033[0;32m%s\033[0;m] PID[\033[1;33m%d\033[0;m] Status[%s] Type[%s]", pkgid, appid, pid, statstr, pkgtype); diff --git a/plugin/exception/stc-plugin-exception.c b/plugin/exception/stc-plugin-exception.c index cdb47c4..ec4e2fd 100755 --- a/plugin/exception/stc-plugin-exception.c +++ b/plugin/exception/stc-plugin-exception.c @@ -99,7 +99,7 @@ static void __excn_hash_foreach_print(gpointer key, gpointer value, const char *process_name = key; const char *exe_type = value; - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGI("Process_name[%s] exe_type[%s]", process_name, exe_type); } @@ -258,7 +258,7 @@ int stc_plugin_exception_fill_list(void) table_exceptions_foreach(__insert_exception_cb, NULL); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) __excn_hash_printall(); g_excns_timer_id = g_timeout_add_seconds(EXCNS_TIMER_INTERVAL, @@ -273,7 +273,7 @@ int stc_plugin_exception_update_list(void) __remove_exception_appall(); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) __excn_hash_printall(); return STC_ERROR_NONE; diff --git a/plugin/monitor/CMakeLists.txt b/plugin/monitor/CMakeLists.txt new file mode 100644 index 0000000..c1658b1 --- /dev/null +++ b/plugin/monitor/CMakeLists.txt @@ -0,0 +1,48 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) +PROJECT(stc-plugin-monitor C) + +# Set required packages +INCLUDE(FindPkgConfig) +PKG_CHECK_MODULES(monitor_plugin REQUIRED + dlog + gio-2.0 + gio-unix-2.0 + glib-2.0 + vconf + openssl + ) + +FOREACH(flag ${monitor_plugin_CFLAGS}) + SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") +ENDFOREACH(flag) + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/src/configure/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/tether/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/appstatus/include) + +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") +SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") +SET(CMAKE_C_FLAGS_RELEASE "-O2") + +ADD_DEFINITIONS("-DUSE_DLOG") + +SET(SRCS_PLUGIN + stc-plugin-monitor.c + stc-plugin-monitor-proc.c + stc-plugin-monitor-connection.c + stc-plugin-monitor-rstn.c + stc-plugin-monitor-app.c + stc-plugin-monitor-ipt.c + stc-plugin-monitor-time.c + ) + +# library build +ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS_PLUGIN}) +ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${monitor_plugin_LDFLAGS}) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "" OUTPUT_NAME ${PROJECT_NAME}) + +# install +INSTALL(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${LIBDIR}) diff --git a/src/monitor/include/stc-monitor-app.h b/plugin/monitor/include/stc-plugin-monitor-app.h old mode 100644 new mode 100755 similarity index 83% rename from src/monitor/include/stc-monitor-app.h rename to plugin/monitor/include/stc-plugin-monitor-app.h index 3a312fb..cfd623f --- a/src/monitor/include/stc-monitor-app.h +++ b/plugin/monitor/include/stc-plugin-monitor-app.h @@ -14,15 +14,15 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_APP_H__ -#define __STC_MONITOR_APP_H__ +#ifndef __STC_PLUGIN_MONITOR_APP_H__ +#define __STC_PLUGIN_MONITOR_APP_H__ #include #include "stc-error.h" #include "stc-manager.h" -#include "stc-monitor-context.h" -#include "stc-connection.h" +#include "stc-plugin-monitor-context.h" +#include "stc-plugin-monitor-connection.h" #define MAC_ADDRESS_LEN 18 #define SUBSCRIBERID_NONE "none_subid" @@ -39,40 +39,31 @@ typedef struct { char mac[MAC_ADDRESS_LEN+1]; /**< application mac address */ } stc_app_value_s; -void stc_monitor_app_update_counter(stc_app_value_s *value, - classid_bytes_context_s *context); - -void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context); - -gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data); -stc_error_e stc_monitor_app_add(uint32_t classid, +stc_error_e stc_plugin_monitor_app_add(uint32_t classid, const char *app_id, const char *pkg_id, const stc_app_value_s value); +stc_error_e stc_plugin_monitor_app_remove(uint32_t classid, + const char *app_id); +gboolean stc_plugin_monitor_app_lookup(uint32_t classid); -void stc_monitor_app_add_by_iface(const char *app_id); +void stc_monitor_app_update_counter(stc_app_value_s *value, + classid_bytes_context_s *context); +void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context); +gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data); +void stc_monitor_app_add_by_iface(const char *app_id); void stc_monitor_app_add_monitor(gpointer key, gpointer value, gpointer data); - void stc_monitor_app_add_by_connection(stc_connection_s *conn); - void stc_monitor_app_add_accept(gpointer key, gpointer value, gpointer data); - -stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id); - void stc_monitor_app_remove_monitor(gpointer key, gpointer value, gpointer data); - void stc_monitor_app_remove_by_connection(stc_connection_s *conn); - void stc_monitor_app_remove_accept(gpointer key, gpointer value, gpointer data); - -gboolean stc_monitor_app_lookup(uint32_t classid); - GHashTable *stc_monitor_apps_init(void); -#endif /* __STC_MONITOR_APP_H__ */ +#endif /* __STC_PLUGIN_MONITOR_APP_H__ */ diff --git a/src/monitor/include/stc-connection.h b/plugin/monitor/include/stc-plugin-monitor-connection.h old mode 100644 new mode 100755 similarity index 86% rename from src/monitor/include/stc-connection.h rename to plugin/monitor/include/stc-plugin-monitor-connection.h index 85d27de..6454b2d --- a/src/monitor/include/stc-connection.h +++ b/plugin/monitor/include/stc-plugin-monitor-connection.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_CONNECTION_H__ -#define __STC_CONNECTION_H__ +#ifndef __STC_PLUGIN_MONITOR_CONNECTION_H__ +#define __STC_PLUGIN_MONITOR_CONNECTION_H__ #include #include "stc-error.h" @@ -65,9 +65,11 @@ typedef struct { tether_iface_s tether_iface; } stc_connection_s; -stc_error_e stc_connection_monitor_init(stc_s *stc); -stc_error_e stc_connection_monitor_deinit(stc_s *stc); + +stc_error_e stc_plugin_monitor_connection_init(stc_s *stc); +stc_error_e stc_plugin_monitor_connection_deinit(stc_s *stc); + GSList *stc_get_connection_list(void); -#endif /* __STC_CONNECTION_H__ */ +#endif /* __STC_PLUGIN_MONITOR_CONNECTION_H__ */ diff --git a/src/monitor/include/stc-monitor-context.h b/plugin/monitor/include/stc-plugin-monitor-context.h old mode 100644 new mode 100755 similarity index 92% rename from src/monitor/include/stc-monitor-context.h rename to plugin/monitor/include/stc-plugin-monitor-context.h index 82d15f7..b0d0075 --- a/src/monitor/include/stc-monitor-context.h +++ b/plugin/monitor/include/stc-plugin-monitor-context.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_CONTEXT_H__ -#define __STC_MONITOR_CONTEXT_H__ +#ifndef __STC_PLUGIN_MONITOR_CONTEXT_H__ +#define __STC_PLUGIN_MONITOR_CONTEXT_H__ #include "stc-manager.h" @@ -52,4 +52,4 @@ typedef struct { int month_start_date; } stc_system_s; -#endif /* __STC_MONITOR_CONTEXT_H__ */ +#endif /* __STC_PLUGIN_MONITOR_CONTEXT_H__ */ diff --git a/src/monitor/include/stc-monitor-ipt.h b/plugin/monitor/include/stc-plugin-monitor-ipt.h old mode 100644 new mode 100755 similarity index 93% rename from src/monitor/include/stc-monitor-ipt.h rename to plugin/monitor/include/stc-plugin-monitor-ipt.h index ee38069..a104c10 --- a/src/monitor/include/stc-monitor-ipt.h +++ b/plugin/monitor/include/stc-plugin-monitor-ipt.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_IPT_H__ -#define __STC_MONITOR_IPT_H__ +#ifndef __STC_PLUGIN_MONITOR_IPT_H__ +#define __STC_PLUGIN_MONITOR_IPT_H__ #include "helper-nfacct-rule.h" @@ -38,4 +38,4 @@ stc_error_e stc_monitor_tether_del_in(struct nfacct_rule *counter, stc_error_e stc_monitor_tether_del_out(struct nfacct_rule *counter, const gchar *ipaddr); -#endif /* __STC_MONITOR_IPT_H__ */ +#endif /* __STC_PLUGIN_MONITOR_IPT_H__ */ diff --git a/src/monitor/include/stc-monitor-proc.h b/plugin/monitor/include/stc-plugin-monitor-proc.h old mode 100644 new mode 100755 similarity index 71% rename from src/monitor/include/stc-monitor-proc.h rename to plugin/monitor/include/stc-plugin-monitor-proc.h index 602912b..22bb06a --- a/src/monitor/include/stc-monitor-proc.h +++ b/plugin/monitor/include/stc-plugin-monitor-proc.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_PROC_H__ -#define __STC_MONITOR_PROC_H__ +#ifndef __STC_PLUGIN_MONITOR_PROC_H__ +#define __STC_PLUGIN_MONITOR_PROC_H__ #include @@ -33,18 +33,16 @@ typedef struct { gboolean entry_removed; } remove_pid_context_s; -stc_error_e stc_monitor_proc_update_ground(uint32_t classid, +stc_error_e stc_plugin_monitor_proc_update_ground(uint32_t classid, const char *app_id, const stc_proc_value_s value); -stc_error_e stc_monitor_proc_add(uint32_t classid, +stc_error_e stc_plugin_monitor_proc_add(uint32_t classid, const char *app_id, const stc_proc_value_s value); -stc_error_e stc_monitor_proc_remove(uint32_t classid, - pid_t pid); +stc_error_e stc_plugin_monitor_proc_remove(uint32_t classid, pid_t pid); -stc_error_e stc_monitor_proc_move(uint32_t from, - uint32_t to); +stc_error_e stc_plugin_monitor_proc_move(uint32_t from, uint32_t to); -#endif /* __STC_MONITOR_PROC_H__ */ +#endif /* __STC_PLUGIN_MONITOR_PROC_H__ */ diff --git a/src/monitor/include/stc-monitor-rstn.h b/plugin/monitor/include/stc-plugin-monitor-rstn.h old mode 100644 new mode 100755 similarity index 87% rename from src/monitor/include/stc-monitor-rstn.h rename to plugin/monitor/include/stc-plugin-monitor-rstn.h index ecf404d..0c690c7 --- a/src/monitor/include/stc-monitor-rstn.h +++ b/plugin/monitor/include/stc-plugin-monitor-rstn.h @@ -14,15 +14,15 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_RSTN_H__ -#define __STC_MONITOR_RSTN_H__ +#ifndef __STC_PLUGIN_MONITOR_RSTN_H__ +#define __STC_PLUGIN_MONITOR_RSTN_H__ #include #include "stc-error.h" #include "stc-manager.h" -#include "stc-monitor-context.h" -#include "stc-connection.h" +#include "stc-plugin-monitor-context.h" +#include "stc-plugin-monitor-connection.h" #include "stc-restriction.h" #include "table-restrictions.h" @@ -81,33 +81,24 @@ typedef struct { int64_t daily_stat; } stc_rstn_cumulative_data_s; -void stc_monitor_rstn_reset_time_counters_if_required(void); +stc_error_e stc_plugin_monitor_rstn_add(const table_restrictions_info *info); +stc_error_e stc_plugin_monitor_rstn_remove(const table_restrictions_info *info); + + +void stc_monitor_rstn_reset_time_counters_if_required(void); void stc_monitor_rstn_update_counter(gpointer data, gpointer user_data); - void stc_monitor_rstn_update_iface_counter(classid_bytes_context_s *context); - void stc_monitor_rstn_action_when_limit_exceeded(stc_rstn_limit_type_e limit_type, stc_rstn_data_s *rstn_data, classid_bytes_context_s *context); - gboolean stc_monitor_rstn_flush_contr_to_db(gpointer user_data); - -stc_error_e stc_monitor_rstn_add(const table_restrictions_info *info); - void stc_monitor_rstn_add_for_app(uint32_t classid); - void stc_monitor_rstn_add_by_connection(stc_connection_s *conn); - -stc_error_e stc_monitor_rstn_remove(const table_restrictions_info *info); - void stc_monitor_rstn_remove_for_app(uint32_t classid); - void stc_monitor_rstn_remove_by_connection(stc_connection_s *conn); - void stc_monitor_rstns_load(void); - GHashTable *stc_monitor_rstns_init(void); -#endif /* __STC_MONITOR_RSTN_H__ */ +#endif /* __STC_PLUGIN_MONITOR_RSTN_H__ */ diff --git a/src/monitor/include/stc-time.h b/plugin/monitor/include/stc-plugin-monitor-time.h old mode 100644 new mode 100755 similarity index 86% rename from src/monitor/include/stc-time.h rename to plugin/monitor/include/stc-plugin-monitor-time.h index d331bce..0a7ca6f --- a/src/monitor/include/stc-time.h +++ b/plugin/monitor/include/stc-plugin-monitor-time.h @@ -14,11 +14,11 @@ * limitations under the License. */ -#ifndef __STC_MANAGER_TIME_H__ -#define __STC_MANAGER_TIME_H__ +#ifndef __STC_PLUGIN_MANAGER_TIME_H__ +#define __STC_PLUGIN_MANAGER_TIME_H__ time_t stc_time_get_day_start(time_t now); time_t stc_time_get_week_start(time_t now); time_t stc_time_get_month_start(time_t now, int month_start_date); -#endif /* __STC_MANAGER_TIME_H__ */ +#endif /* __STC_PLUGIN_MANAGER_TIME_H__ */ diff --git a/src/monitor/include/stc-monitor.h b/plugin/monitor/include/stc-plugin-monitor.h old mode 100644 new mode 100755 similarity index 59% rename from src/monitor/include/stc-monitor.h rename to plugin/monitor/include/stc-plugin-monitor.h index 32404b0..35509c8 --- a/src/monitor/include/stc-monitor.h +++ b/plugin/monitor/include/stc-plugin-monitor.h @@ -14,17 +14,17 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_H__ -#define __STC_MONITOR_H__ +#ifndef __STC_PLUGIN_MONITOR_H__ +#define __STC_PLUGIN_MONITOR_H__ #include #include "stc-error.h" #include "stc-manager.h" #include "stc-manager-util.h" -#include "stc-monitor-context.h" -#include "stc-monitor-app.h" -#include "stc-monitor-proc.h" -#include "stc-monitor-rstn.h" +#include "stc-plugin-monitor-context.h" +#include "stc-plugin-monitor-app.h" +#include "stc-plugin-monitor-proc.h" +#include "stc-plugin-monitor-rstn.h" #include "helper-nl.h" /* 1 seconds */ @@ -38,52 +38,56 @@ #define VCONFKEY_SETAPPL_DATA_RESTRICTION_INT "db/setting/data_restriction" #endif -/** - * @brief initializes stc monitor module - */ -stc_error_e stc_monitor_init(void); +typedef struct { + int (*initialize_plugin) (void); + int (*deinitialize_plugin) (void); -/** - * @brief deinitializes stc monitor module - */ -stc_error_e stc_monitor_deinit(void); + int (*add_application) (uint32_t classid, + const char *app_id, + const char *pkg_id, + const stc_app_value_s value); + int (*remove_application) (uint32_t classid, + const char *app_id); -GHashTable *stc_monitor_get_system_apps(void); + int (*add_restriction) (const table_restrictions_info *info); + int (*remove_restriction) (const table_restrictions_info *info); + int (*lookup_application) (uint32_t classid); -GHashTable *stc_monitor_get_system_rstns(void); + int (*init_connection) (stc_s *stc); + int (*deinit_connection) (stc_s *stc); -int stc_monitor_get_contr_sock(void); + int (*add_process) (uint32_t classid, + const char *app_id, + const stc_proc_value_s value); + int (*remove_process) (uint32_t classid, pid_t pid); + int (*move_process) (uint32_t from, uint32_t to); + int (*update_process_ground) (uint32_t classid, + const char *app_id, + const stc_proc_value_s value); -time_t stc_monitor_get_last_month_ts(void); + int (*check_excn_by_cmdline) (char *cmdline); +} stc_plugin_monitor_s; -void stc_monitor_set_last_month_ts(time_t time); +stc_error_e stc_plugin_monitor_initialize(void); +stc_error_e stc_plugin_monitor_deinitialize(void); +GHashTable *stc_monitor_get_system_apps(void); +GHashTable *stc_monitor_get_system_rstns(void); +int stc_monitor_get_contr_sock(void); +time_t stc_monitor_get_last_month_ts(void); +void stc_monitor_set_last_month_ts(time_t time); time_t stc_monitor_get_last_week_ts(void); - void stc_monitor_set_last_week_ts(time_t time); - time_t stc_monitor_get_last_day_ts(void); - void stc_monitor_set_last_day_ts(time_t time); - void stc_monitor_set_rstns_updated(gboolean value); - gboolean stc_monitor_get_rstns_updated(void); - void stc_monitor_set_apps_updated(gboolean value); - gboolean stc_monitor_get_apps_updated(void); - void stc_monitor_set_background_state(gboolean value); - gboolean stc_monitor_get_background_state(void); - void stc_monitor_update_by_connection(void *data); - void stc_monitor_add_by_connection(void *data); - void stc_monitor_remove_by_connection(void *data); -stc_error_e stc_monitor_check_excn_by_cmdline(char *cmdline); - -#endif /* __STC_MONITOR_H__ */ +#endif /* __STC_PLUGIN_MONITOR_H__ */ diff --git a/src/monitor/stc-monitor-app.c b/plugin/monitor/stc-plugin-monitor-app.c similarity index 97% rename from src/monitor/stc-monitor-app.c rename to plugin/monitor/stc-plugin-monitor-app.c index ceeb0b4..d7b3152 100755 --- a/src/monitor/stc-monitor-app.c +++ b/plugin/monitor/stc-plugin-monitor-app.c @@ -17,11 +17,11 @@ #include "stc-db.h" #include "counter.h" #include "stc-manager.h" -#include "stc-monitor.h" -#include "stc-monitor-app.h" -#include "stc-monitor-rstn.h" -#include "stc-monitor-proc.h" -#include "stc-monitor-ipt.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-app.h" +#include "stc-plugin-monitor-rstn.h" +#include "stc-plugin-monitor-proc.h" +#include "stc-plugin-monitor-ipt.h" #include "table-statistics.h" #include "helper-net-cls.h" #include "stc-manager-plugin-tether.h" @@ -274,77 +274,7 @@ static void __app_update_counter(classid_bytes_context_s *context, } } -void stc_monitor_app_update_counter(stc_app_value_s *value, - classid_bytes_context_s *context) -{ - switch (context->counter->iotype) { - case NFACCT_COUNTER_IN: - value->data_usage.in_bytes += context->bytes; - value->counter.in_bytes = context->bytes; - stc_monitor_set_apps_updated(TRUE); - - break; - case NFACCT_COUNTER_OUT: - value->data_usage.out_bytes += context->bytes; - value->counter.out_bytes = context->bytes; - stc_monitor_set_apps_updated(TRUE); - - break; - default: - STC_LOGE("Unknown iotype"); - } -} - -void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context) -{ - switch (context->counter->iftype) { - case STC_IFACE_DATACALL: - __app_update_counter(context, STC_TOTAL_DATACALL_CLASSID); - break; - case STC_IFACE_WIFI: - __app_update_counter(context, STC_TOTAL_WIFI_CLASSID); - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - case STC_IFACE_BLUETOOTH: - __app_update_counter(context, STC_TOTAL_BLUETOOTH_CLASSID); - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - case STC_IFACE_USB: - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - case STC_IFACE_P2P: - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - default: - break; - } -} - -gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data) -{ - time_t current_time = 0; - stc_s *stc = stc_get_manager(); - GHashTable *apps = stc_monitor_get_system_apps(); - gboolean apps_updated = stc_monitor_get_apps_updated(); - - if (stc && stc->carg) - current_time = stc->carg->last_run_time; - - if (apps_updated == FALSE) - return G_SOURCE_REMOVE; - - stc_monitor_set_apps_updated(FALSE); - - if (apps) - g_hash_table_foreach(apps, - __app_update_statistics, - ¤t_time); - - STC_LOGI("Flushed app stats to database"); - return G_SOURCE_REMOVE; -} - -API stc_error_e stc_monitor_app_add(uint32_t classid, +API stc_error_e stc_plugin_monitor_app_add(uint32_t classid, const char *app_id, const char *pkg_id, const stc_app_value_s value) @@ -363,7 +293,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (lookup_value) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m:" "\033[0;32m%s\033[0;m]", classid, app_id); return STC_ERROR_NONE; @@ -371,7 +301,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, app_value = MALLOC0(stc_app_value_s, 1); if (!app_value) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -411,7 +341,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, stc_monitor_rstn_add_for_app(classid); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_app(GUINT_TO_POINTER(classid), app_value, NULL); STC_LOGD("\033[1;32mApplication added\033[0;m " "[\033[1;36m%d\033[0;m]", classid); @@ -420,6 +350,137 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, return STC_ERROR_NONE; } +API stc_error_e stc_plugin_monitor_app_remove(uint32_t classid, + const char *app_id) +{ + stc_app_value_s *app_lookup; + GHashTable *apps = stc_monitor_get_system_apps(); + GSList *conn_list = stc_get_connection_list(); + + if (!apps) + return STC_ERROR_NO_DATA; + + classid = get_classid_by_app_id(app_id, FALSE); + + app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); + if (!app_lookup) { + if (STC_STAT_LOG) + STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); + return STC_ERROR_FAIL; + } + + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + /* remove nfacct rule for this classid */ + stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), + app_lookup, conn); + + if (app_lookup->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), + app_lookup, conn); + } + + /* remove ristrictions if any */ + stc_monitor_rstn_remove_for_app(classid); + + if (STC_STAT_LOG) + __print_app(GUINT_TO_POINTER(classid), app_lookup, NULL); + + /* remove app_key from the stc-manager */ + g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); + + return STC_ERROR_NONE; +} + +API gboolean stc_plugin_monitor_app_lookup(uint32_t classid) +{ + stc_app_value_s *lookup_value; + + GHashTable *apps = stc_monitor_get_system_apps(); + + if (!apps) + return FALSE; + + if (classid == STC_UNKNOWN_CLASSID) + return FALSE; + + lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); + if (lookup_value) + return TRUE; + + return FALSE; +} + +void stc_monitor_app_update_counter(stc_app_value_s *value, + classid_bytes_context_s *context) +{ + switch (context->counter->iotype) { + case NFACCT_COUNTER_IN: + value->data_usage.in_bytes += context->bytes; + value->counter.in_bytes = context->bytes; + stc_monitor_set_apps_updated(TRUE); + + break; + case NFACCT_COUNTER_OUT: + value->data_usage.out_bytes += context->bytes; + value->counter.out_bytes = context->bytes; + stc_monitor_set_apps_updated(TRUE); + + break; + default: + STC_LOGE("Unknown iotype"); + } +} + +void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context) +{ + switch (context->counter->iftype) { + case STC_IFACE_DATACALL: + __app_update_counter(context, STC_TOTAL_DATACALL_CLASSID); + break; + case STC_IFACE_WIFI: + __app_update_counter(context, STC_TOTAL_WIFI_CLASSID); + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + case STC_IFACE_BLUETOOTH: + __app_update_counter(context, STC_TOTAL_BLUETOOTH_CLASSID); + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + case STC_IFACE_USB: + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + case STC_IFACE_P2P: + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + default: + break; + } +} + +gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data) +{ + time_t current_time = 0; + stc_s *stc = stc_get_manager(); + GHashTable *apps = stc_monitor_get_system_apps(); + gboolean apps_updated = stc_monitor_get_apps_updated(); + + if (stc && stc->carg) + current_time = stc->carg->last_run_time; + + if (apps_updated == FALSE) + return G_SOURCE_REMOVE; + + stc_monitor_set_apps_updated(FALSE); + + if (apps) + g_hash_table_foreach(apps, + __app_update_statistics, + ¤t_time); + + STC_LOGI("Flushed app stats to database"); + return G_SOURCE_REMOVE; +} + void stc_monitor_app_add_by_iface(const char *ifname) { stc_app_value_s app_value; @@ -434,7 +495,7 @@ void stc_monitor_app_add_by_iface(const char *ifname) app_value.counter.in_bytes = 0; app_value.counter.out_bytes = 0; - stc_monitor_app_add(STC_UNKNOWN_CLASSID, ifname, ifname, app_value); + stc_plugin_monitor_app_add(STC_UNKNOWN_CLASSID, ifname, ifname, app_value); } void stc_monitor_app_add_monitor(gpointer key, @@ -557,47 +618,6 @@ void stc_monitor_app_add_accept(gpointer key, } } -API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) -{ - stc_app_value_s *app_lookup; - GHashTable *apps = stc_monitor_get_system_apps(); - GSList *conn_list = stc_get_connection_list(); - - if (!apps) - return STC_ERROR_NO_DATA; - - classid = get_classid_by_app_id(app_id, FALSE); - - app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); - if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) - STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); - return STC_ERROR_FAIL; - } - - for (; conn_list != NULL; conn_list = conn_list->next) { - stc_connection_s *conn = conn_list->data; - /* remove nfacct rule for this classid */ - stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), - app_lookup, conn); - - if (app_lookup->state == STC_APP_STATE_FOREGROUND) - stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), - app_lookup, conn); - } - - /* remove ristrictions if any */ - stc_monitor_rstn_remove_for_app(classid); - - if (STC_DEBUG_LOG && STC_STAT_LOG) - __print_app(GUINT_TO_POINTER(classid), app_lookup, NULL); - - /* remove app_key from the stc-manager */ - g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); - - return STC_ERROR_NONE; -} - void stc_monitor_app_remove_monitor(gpointer key, gpointer value, gpointer data) { @@ -718,25 +738,6 @@ void stc_monitor_app_remove_accept(gpointer key, return; } -API gboolean stc_monitor_app_lookup(uint32_t classid) -{ - stc_app_value_s *lookup_value; - - GHashTable *apps = stc_monitor_get_system_apps(); - - if (!apps) - return FALSE; - - if (classid == STC_UNKNOWN_CLASSID) - return FALSE; - - lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); - if (lookup_value) - return TRUE; - - return FALSE; -} - GHashTable *stc_monitor_apps_init(void) { return g_hash_table_new_full(g_direct_hash, g_direct_equal, diff --git a/src/monitor/stc-connection.c b/plugin/monitor/stc-plugin-monitor-connection.c old mode 100644 new mode 100755 similarity index 99% rename from src/monitor/stc-connection.c rename to plugin/monitor/stc-plugin-monitor-connection.c index fb16297..06c4c30 --- a/src/monitor/stc-connection.c +++ b/plugin/monitor/stc-plugin-monitor-connection.c @@ -17,10 +17,10 @@ #include #include -#include "stc-monitor.h" #include "stc-firewall.h" #include "stc-manager-gdbus.h" -#include "stc-connection.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-connection.h" /* connman service dbus details */ #define CONNMAN_SERVICE "net.connman" @@ -695,7 +695,7 @@ done: return; } -stc_error_e stc_connection_monitor_init(stc_s *stc) +stc_error_e stc_plugin_monitor_connection_init(stc_s *stc) { int ret; ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); @@ -719,7 +719,7 @@ stc_error_e stc_connection_monitor_init(stc_s *stc) return STC_ERROR_NONE; } -stc_error_e stc_connection_monitor_deinit(stc_s *stc) +stc_error_e stc_plugin_monitor_connection_deinit(stc_s *stc) { ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); diff --git a/src/monitor/stc-monitor-ipt.c b/plugin/monitor/stc-plugin-monitor-ipt.c old mode 100644 new mode 100755 similarity index 98% rename from src/monitor/stc-monitor-ipt.c rename to plugin/monitor/stc-plugin-monitor-ipt.c index 016ae04..c8fa882 --- a/src/monitor/stc-monitor-ipt.c +++ b/plugin/monitor/stc-plugin-monitor-ipt.c @@ -14,8 +14,8 @@ * limitations under the License. */ -#include "stc-monitor-ipt.h" -#include "stc-monitor-context.h" +#include "stc-plugin-monitor-ipt.h" +#include "stc-plugin-monitor-context.h" static nfacct_rule_jump __get_jump_by_intend(struct nfacct_rule *counter) { diff --git a/src/monitor/stc-monitor-proc.c b/plugin/monitor/stc-plugin-monitor-proc.c similarity index 88% rename from src/monitor/stc-monitor-proc.c rename to plugin/monitor/stc-plugin-monitor-proc.c index be12dd1..12cfe65 100755 --- a/src/monitor/stc-monitor-proc.c +++ b/plugin/monitor/stc-plugin-monitor-proc.c @@ -14,9 +14,9 @@ * limitations under the License. */ -#include "stc-monitor.h" -#include "stc-monitor-proc.h" -#include "stc-connection.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-proc.h" +#include "stc-plugin-monitor-connection.h" #include "helper-net-cls.h" static void __print_proc(gpointer key, gpointer value, @@ -42,7 +42,7 @@ static void __proc_remove_pid(gpointer key, gpointer value, if (!g_hash_table_remove(app_value->processes, GUINT_TO_POINTER(context->pid))) return; - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(app_value->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", context->pid); @@ -74,7 +74,7 @@ static void __proc_move_pid(gpointer key, gpointer value, place_pids_to_net_cgroup(to_value->pid, to_app_value->app_id); } -API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, +API stc_error_e stc_plugin_monitor_proc_update_ground(uint32_t classid, const char *app_id, const stc_proc_value_s value) { @@ -91,7 +91,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -99,7 +99,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (!proc_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", value.pid); return STC_ERROR_NO_DATA; } @@ -112,7 +112,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, return ret; } -API stc_error_e stc_monitor_proc_add(uint32_t classid, +API stc_error_e stc_plugin_monitor_proc_add(uint32_t classid, const char *app_id, const stc_proc_value_s value) { @@ -130,7 +130,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -138,14 +138,14 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (proc_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m]", value.pid); return STC_ERROR_NONE; } proc_value = MALLOC0(stc_proc_value_s, 1); if (!proc_value) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -160,7 +160,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, /* add pid to application cgroup */ place_pids_to_net_cgroup(proc_value->pid, app_id); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;32mProcess added\033[0;m " "[\033[1;33m%d\033[0;m]", proc_value->pid); @@ -169,8 +169,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, return ret; } -API stc_error_e stc_monitor_proc_remove(uint32_t classid, - pid_t pid) +API stc_error_e stc_plugin_monitor_proc_remove(uint32_t classid, pid_t pid) { stc_error_e ret = STC_ERROR_NONE; stc_app_value_s *app_lookup = NULL; @@ -193,21 +192,21 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, app_lookup = context.app_value; if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", pid); return STC_ERROR_NO_DATA; } } else { app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } if (g_hash_table_remove(app_lookup->processes, GUINT_TO_POINTER(pid))) { - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", pid); @@ -235,7 +234,7 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", classid); } @@ -243,8 +242,7 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, return ret; } -API stc_error_e stc_monitor_proc_move(uint32_t from, - uint32_t to) +API stc_error_e stc_plugin_monitor_proc_move(uint32_t from, uint32_t to) { stc_error_e ret = STC_ERROR_NONE; stc_app_value_s *from_lookup = NULL; @@ -259,14 +257,14 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, to != STC_UNKNOWN_CLASSID) { from_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(from)); if (!from_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", from); return STC_ERROR_NO_DATA; } to_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(to)); if (!to_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", to); return STC_ERROR_NO_DATA; } @@ -274,7 +272,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_foreach(from_lookup->processes, __proc_move_pid, to_lookup); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(to_lookup->processes); STC_LOGD("\033[1;34mProcesses moved\033[0;m " "[\033[1;36m%d\033[0;m] -> [\033[1;36m%d\033[0;m]", @@ -283,7 +281,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove_all(from_lookup->processes); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(from_lookup->processes); STC_LOGD("\033[1;31mProcesses removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); @@ -303,7 +301,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove(apps, GUINT_TO_POINTER(from)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); } diff --git a/src/monitor/stc-monitor-rstn.c b/plugin/monitor/stc-plugin-monitor-rstn.c similarity index 99% rename from src/monitor/stc-monitor-rstn.c rename to plugin/monitor/stc-plugin-monitor-rstn.c index 31a05ab..75bc4e5 100755 --- a/src/monitor/stc-monitor-rstn.c +++ b/plugin/monitor/stc-plugin-monitor-rstn.c @@ -18,10 +18,10 @@ #include #include "counter.h" -#include "stc-monitor.h" -#include "stc-monitor-rstn.h" -#include "stc-monitor-ipt.h" -#include "stc-time.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-rstn.h" +#include "stc-plugin-monitor-ipt.h" +#include "stc-plugin-monitor-time.h" #include "table-counters.h" #include "table-restrictions.h" #include "table-statistics.h" @@ -1079,6 +1079,67 @@ static void __reset_time_counter_foreach_rstn_value(gpointer key, __reset_time_counter_foreach_rstn_data, data); } +API stc_error_e stc_plugin_monitor_rstn_add(const table_restrictions_info *info) +{ + stc_rstn_data_s data; + + memset(&data, 0, sizeof(stc_rstn_data_s)); + + if (info->app_id) { + data.classid = get_classid_by_app_id(info->app_id, TRUE); + data.app_id = info->app_id; + } else + data.classid = STC_UNKNOWN_CLASSID; + + if (data.classid == STC_BACKGROUND_APP_CLASSID) { + stc_monitor_set_background_state(TRUE); + __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, TRUE); + } + + data.iftype = info->iftype; + data.ifname = info->ifname; + data.subscriber_id = info->subscriber_id; + data.roaming = info->roaming; + data.mac = info->mac; + + data.rstn_type = info->rstn_type; + data.rstn_state = STC_RSTN_STATE_UNKNOWN; + data.restriction_id = info->restriction_id; + + data.limit[STC_RSTN_LIMIT_TYPE_DATA] = info->data_limit; + data.limit[STC_RSTN_LIMIT_TYPE_DATA_WARN] = info->data_warn_limit; + data.limit[STC_RSTN_LIMIT_TYPE_MONTHLY] = info->monthly_limit; + data.limit[STC_RSTN_LIMIT_TYPE_WEEKLY] = info->weekly_limit; + data.limit[STC_RSTN_LIMIT_TYPE_DAILY] = info->daily_limit; + data.month_start_date = info->month_start_date; + data.month_start_ts = stc_time_get_month_start(time(NULL), + info->month_start_date); + + return __rstn_data_add(&data); +} + +API stc_error_e stc_plugin_monitor_rstn_remove(const table_restrictions_info *info) +{ + stc_rstn_data_s data; + + memset(&data, 0, sizeof(stc_rstn_data_s)); + + data.classid = get_classid_by_app_id(info->app_id, TRUE); + data.app_id = info->app_id; + + data.iftype = info->iftype; + data.ifname = info->ifname; + data.subscriber_id = info->subscriber_id; + data.roaming = info->roaming; + + if (g_strcmp0(info->app_id, STC_TOTAL_BACKGROUND) == 0) { + stc_monitor_set_background_state(FALSE); + __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, FALSE); + } + + return __rstn_data_remove(&data); +} + void stc_monitor_rstn_reset_time_counters_if_required(void) { reset_time_limits_context_s context; @@ -1332,45 +1393,6 @@ gboolean stc_monitor_rstn_flush_contr_to_db(gpointer user_data) return G_SOURCE_REMOVE; } -stc_error_e stc_monitor_rstn_add(const table_restrictions_info *info) -{ - stc_rstn_data_s data; - - memset(&data, 0, sizeof(stc_rstn_data_s)); - - if (info->app_id) { - data.classid = get_classid_by_app_id(info->app_id, TRUE); - data.app_id = info->app_id; - } else - data.classid = STC_UNKNOWN_CLASSID; - - if (data.classid == STC_BACKGROUND_APP_CLASSID) { - stc_monitor_set_background_state(TRUE); - __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, TRUE); - } - - data.iftype = info->iftype; - data.ifname = info->ifname; - data.subscriber_id = info->subscriber_id; - data.roaming = info->roaming; - data.mac = info->mac; - - data.rstn_type = info->rstn_type; - data.rstn_state = STC_RSTN_STATE_UNKNOWN; - data.restriction_id = info->restriction_id; - - data.limit[STC_RSTN_LIMIT_TYPE_DATA] = info->data_limit; - data.limit[STC_RSTN_LIMIT_TYPE_DATA_WARN] = info->data_warn_limit; - data.limit[STC_RSTN_LIMIT_TYPE_MONTHLY] = info->monthly_limit; - data.limit[STC_RSTN_LIMIT_TYPE_WEEKLY] = info->weekly_limit; - data.limit[STC_RSTN_LIMIT_TYPE_DAILY] = info->daily_limit; - data.month_start_date = info->month_start_date; - data.month_start_ts = stc_time_get_month_start(time(NULL), - info->month_start_date); - - return __rstn_data_add(&data); -} - void stc_monitor_rstn_add_for_app(uint32_t classid) { stc_rstn_value_s *lookup_value; @@ -1400,28 +1422,6 @@ void stc_monitor_rstn_add_by_connection(stc_connection_s *conn) g_hash_table_foreach(rstns, __rstn_add_by_connection, conn); } -stc_error_e stc_monitor_rstn_remove(const table_restrictions_info *info) -{ - stc_rstn_data_s data; - - memset(&data, 0, sizeof(stc_rstn_data_s)); - - data.classid = get_classid_by_app_id(info->app_id, TRUE); - data.app_id = info->app_id; - - data.iftype = info->iftype; - data.ifname = info->ifname; - data.subscriber_id = info->subscriber_id; - data.roaming = info->roaming; - - if (g_strcmp0(info->app_id, STC_TOTAL_BACKGROUND) == 0) { - stc_monitor_set_background_state(FALSE); - __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, FALSE); - } - - return __rstn_data_remove(&data); -} - void stc_monitor_rstn_remove_for_app(uint32_t classid) { stc_rstn_value_s *lookup_value; diff --git a/src/monitor/stc-time.c b/plugin/monitor/stc-plugin-monitor-time.c old mode 100644 new mode 100755 similarity index 96% rename from src/monitor/stc-time.c rename to plugin/monitor/stc-plugin-monitor-time.c index e0f86e0..f3a17cc --- a/src/monitor/stc-time.c +++ b/plugin/monitor/stc-plugin-monitor-time.c @@ -26,6 +26,8 @@ time_t stc_time_get_day_start(time_t now) struct tm *res; res = localtime_r(&now, &curr); + if (!res) + return 0; curr.tm_sec = 0; curr.tm_min = 0; @@ -41,6 +43,8 @@ time_t stc_time_get_week_start(time_t now) int days; res = localtime_r(&now, &curr); + if (!res) + return 0; curr.tm_sec = 0; curr.tm_min = 0; @@ -61,6 +65,8 @@ time_t stc_time_get_month_start(time_t now, int month_start_date) bool is_leap_year; res = localtime_r(&now, &curr); + if (!res) + return 0; curr.tm_sec = 0; curr.tm_min = 0; diff --git a/src/monitor/stc-monitor.c b/plugin/monitor/stc-plugin-monitor.c old mode 100644 new mode 100755 similarity index 92% rename from src/monitor/stc-monitor.c rename to plugin/monitor/stc-plugin-monitor.c index 0bfc5a5..117036e --- a/src/monitor/stc-monitor.c +++ b/plugin/monitor/stc-plugin-monitor.c @@ -18,7 +18,6 @@ #include #include -#include "stc-connection.h" #include "helper-nl.h" #include "helper-nfacct-rule.h" #include "helper-net-cls.h" @@ -27,9 +26,10 @@ #include "counter.h" #include "table-statistics.h" #include "table-counters.h" -#include "stc-monitor.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-connection.h" +#include "stc-plugin-monitor-rstn.h" #include "stc-manager-plugin-exception.h" -#include "stc-manager-plugin-tether.h" static stc_system_s *g_system = NULL; @@ -325,8 +325,10 @@ static void __fill_exceptions_list(void) stc_plugin_fill_exception_list(); } -stc_error_e stc_monitor_init(void) +stc_error_e stc_plugin_monitor_initialize(void) { + __STC_LOG_FUNC_ENTER__; + stc_system_s *system = MALLOC0(stc_system_s, 1); GIOChannel *gio = NULL; @@ -365,7 +367,6 @@ stc_error_e stc_monitor_init(void) stc_monitor_app_add_by_iface(STC_TOTAL_BLUETOOTH); stc_monitor_app_add_by_iface(STC_TOTAL_IPV4); stc_monitor_app_add_by_iface(STC_TOTAL_IPV6); - /* stc_monitor_app_add_by_iface(STC_TOTAL_TETHERING); */ __update_contr_cb(NULL); @@ -385,10 +386,11 @@ stc_error_e stc_monitor_init(void) __fill_exceptions_list(); stc_monitor_rstns_load(); + __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } -stc_error_e stc_monitor_deinit(void) +stc_error_e stc_plugin_monitor_deinitialize(void) { ret_value_msg_if(g_system == NULL, STC_ERROR_FAIL, "stc monitor not initialized!"); @@ -569,7 +571,31 @@ void stc_monitor_remove_by_connection(void *data) } } -API stc_error_e stc_monitor_check_excn_by_cmdline(char *cmdline) -{ - return stc_plugin_check_exception_by_cmdline(cmdline); -} +API stc_plugin_monitor_s stc_plugin_monitor = { + .initialize_plugin = + stc_plugin_monitor_initialize, + .deinitialize_plugin = + stc_plugin_monitor_deinitialize, + .add_application = + stc_plugin_monitor_app_add, + .remove_application = + stc_plugin_monitor_app_remove, + .lookup_application = + stc_plugin_monitor_app_lookup, + .add_restriction = + stc_plugin_monitor_rstn_add, + .remove_restriction = + stc_plugin_monitor_rstn_remove, + .init_connection = + stc_plugin_monitor_connection_init, + .deinit_connection = + stc_plugin_monitor_connection_deinit, + .add_process = + stc_plugin_monitor_proc_add, + .remove_process = + stc_plugin_monitor_proc_remove, + .move_process = + stc_plugin_monitor_proc_move, + .update_process_ground = + stc_plugin_monitor_proc_update_ground +}; diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 22dddb7..fd03c4a 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -49,7 +49,7 @@ static void __pcap_data_info(const u_char *packet, int len) static void __pcap_ntp_time_info(uint32_t s, char *time) { - time_t seconds; + time_t seconds; char *curr = NULL; int len = 0; uint32_t sec = ntohl(s); @@ -775,7 +775,7 @@ static void __pcap_udp_info(const u_char *packet) IS_SRC_OR_DST_PORT(PORT_BOOTP_S)) __pcap_bootp_info(packet); else if (IS_SRC_OR_DST_PORT(PORT_NTP)) - __pcap_ntp_info(packet); + __pcap_ntp_info(packet); } static const char *__pcap_eth_type_info(u_int16_t type) @@ -1142,7 +1142,7 @@ thread_exit: g_source_attach(source, context); g_source_unref(source); - + __STC_LOG_FUNC_EXIT__; return NULL; } @@ -1173,28 +1173,22 @@ int stc_plugin_pcap_deinitialize(void) int stc_plugin_pcap_lookup_dev(void) { - __STC_LOG_FUNC_ENTER__; - char *dev = NULL; char errbuf[PCAP_ERRBUF_SIZE]; dev = pcap_lookupdev(errbuf); if (dev == NULL) { STC_LOGE("Failed to look up dev [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } STC_LOGD("Dev [%s]", dev); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_lookup_net(void) { - __STC_LOG_FUNC_ENTER__; - char *dev = NULL; char net[BUFF_SIZE_IP]; char mask[BUFF_SIZE_IP]; @@ -1206,7 +1200,6 @@ int stc_plugin_pcap_lookup_net(void) dev = pcap_lookupdev(errbuf); if (dev == NULL) { STC_LOGE("Failed to look up dev [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } @@ -1215,7 +1208,6 @@ int stc_plugin_pcap_lookup_net(void) ret = pcap_lookupnet(dev, &netp, &maskp, errbuf); if (ret == -1) { STC_LOGE("Failed to look up net [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } @@ -1225,14 +1217,11 @@ int stc_plugin_pcap_lookup_net(void) inet_ntop(AF_INET, &maskp, mask, BUFF_SIZE_IP); STC_LOGD("Mask [%s]", mask); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_find_alldevs(void) { - __STC_LOG_FUNC_ENTER__; - char net[BUFF_SIZE_IP]; char mask[BUFF_SIZE_IP]; char errbuf[PCAP_ERRBUF_SIZE]; @@ -1244,7 +1233,6 @@ int stc_plugin_pcap_find_alldevs(void) if (pcap_findalldevs(&alldevs, errbuf) < 0 || alldevs == NULL) { STC_LOGE("Failed to find all devs [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } @@ -1268,15 +1256,12 @@ int stc_plugin_pcap_find_alldevs(void) pcap_freealldevs(alldevs); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_register_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - stc_pcap_data_s *data; stc_pcap_data_s *lookup; char buf[MAX_IFACE_LENGTH]; @@ -1294,14 +1279,12 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, lookup = g_hash_table_lookup(g_pcap_tables, buf); if (lookup) { STC_LOGD("pcap loop already present"); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_ALREADY_DATA; } data = MALLOC0(stc_pcap_data_s, 1); if (!data) { STC_LOGE("data allocation failed"); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_OUT_OF_MEMORY; } @@ -1312,15 +1295,12 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, g_hash_table_insert(g_pcap_tables, g_strdup(buf), data); STC_LOGD("Successfully added pcap loop [%s]", buf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - stc_pcap_data_s *lookup; char buf[MAX_IFACE_LENGTH]; @@ -1343,7 +1323,6 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, pcap_breakloop(lookup->handle); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } diff --git a/plugin/procfs/CMakeLists.txt b/plugin/procfs/CMakeLists.txt index dc04ca8..17ab7f2 100644 --- a/plugin/procfs/CMakeLists.txt +++ b/plugin/procfs/CMakeLists.txt @@ -15,6 +15,8 @@ FOREACH(flag ${procfs_plugin_CFLAGS}) ENDFOREACH(flag) INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include) SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") diff --git a/plugin/procfs/include/stc-plugin-procfs.h b/plugin/procfs/include/stc-plugin-procfs.h old mode 100644 new mode 100755 index d548c1f..53635ca --- a/plugin/procfs/include/stc-plugin-procfs.h +++ b/plugin/procfs/include/stc-plugin-procfs.h @@ -20,7 +20,6 @@ #include #include "stc-error.h" #include "stc-manager.h" -#include "stc-monitor.h" typedef struct { int (*initialize_plugin) (void); diff --git a/plugin/procfs/stc-plugin-procfs.c b/plugin/procfs/stc-plugin-procfs.c index 5a323a4..668f15c 100755 --- a/plugin/procfs/stc-plugin-procfs.c +++ b/plugin/procfs/stc-plugin-procfs.c @@ -28,9 +28,10 @@ #include #include "stc-plugin-procfs.h" -#include "stc-monitor.h" #include "helper-net-cls.h" #include "helper-procfs.h" +#include "stc-manager-plugin-monitor.h" +#include "stc-manager-plugin-exception.h" //LCOV_EXCL_START typedef struct { @@ -135,7 +136,7 @@ static proc_value_s * __proc_tree_find_parent(proc_value_s *value) parent = lookup; } while (lookup); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { if (parent != NULL) STC_LOGD("\033[0;35mPARENT\033[0;m: tgid[\033[1;33m%s\033[0;m] " "pid[%s] ppid[%s] cmdline[\033[0;34m%s\033[0;m] name[%s]", @@ -158,7 +159,7 @@ static void __proc_tree_add(proc_key_s *key, proc_value_s *value) } if (key == NULL || value == NULL) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("invalid parameters"); return; } @@ -223,7 +224,7 @@ static gboolean __check_excn(char *cmdline) if (cmdline[0] == '(') return TRUE; - ret = stc_monitor_check_excn_by_cmdline(cmdline); + ret = stc_plugin_check_exception_by_cmdline(cmdline); if (ret == STC_ERROR_UNINITIALIZED || ret == STC_ERROR_NO_DATA) return FALSE; @@ -318,7 +319,7 @@ static void __process_event_fork(int tgid, int pid) g_strlcpy(value.status[i], status[i], sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;32mFORK\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid=[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -357,7 +358,7 @@ static void __process_event_exec(int tgid, int pid) sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;32mEXEC\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -379,7 +380,7 @@ static void __process_event_exit(int tgid, int pid, int exit_code) if (lookup == NULL) /* unmonitored process */ return; - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;31mEXIT\033[0;m: tgid[\033[1;33m%d\033[0;m] " "cmdline[\033[0;34m%s\033[0;m] pid[%d] exitcode[%d]", tgid, lookup->cmdline, pid, exit_code); @@ -591,7 +592,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, { stc_error_e ret = STC_ERROR_NONE; - if ((pkg_id && app_id) && STC_DEBUG_LOG && STC_STAT_LOG) + if ((pkg_id && app_id) && STC_STAT_LOG) STC_LOGD("cmd[%d] pkgid[%s] appid[%s] pid[%d] type[%d]", cmd, pkg_id, app_id, pid, app_type); @@ -619,12 +620,12 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, bg_classid = get_classid_by_app_id(bg_app_id, FALSE); fg_classid = get_classid_by_app_id(app_id, TRUE); - stc_monitor_app_add(fg_classid, app_id, pkg_id, app_value); + stc_plugin_monitor_add_app(fg_classid, app_id, pkg_id, app_value); - stc_monitor_proc_move(bg_classid, fg_classid); + stc_plugin_monitor_move_proc(bg_classid, fg_classid); - stc_monitor_proc_add(fg_classid, app_id, proc_value); - stc_monitor_proc_update_ground(fg_classid, app_id, proc_value); + stc_plugin_monitor_add_proc(fg_classid, app_id, proc_value); + stc_plugin_monitor_update_proc_ground(fg_classid, app_id, proc_value); FREE(bg_app_id); break; @@ -652,12 +653,12 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, fg_classid = get_classid_by_app_id(app_id, FALSE); bg_classid = get_classid_by_app_id(bg_app_id, TRUE); - stc_monitor_app_add(bg_classid, bg_app_id, pkg_id, app_value); + stc_plugin_monitor_add_app(bg_classid, bg_app_id, pkg_id, app_value); - stc_monitor_proc_move(fg_classid, bg_classid); + stc_plugin_monitor_move_proc(fg_classid, bg_classid); - stc_monitor_proc_add(bg_classid, bg_app_id, proc_value); - stc_monitor_proc_update_ground(bg_classid, bg_app_id, proc_value); + stc_plugin_monitor_add_proc(bg_classid, bg_app_id, proc_value); + stc_plugin_monitor_update_proc_ground(bg_classid, bg_app_id, proc_value); FREE(bg_app_id); break; @@ -674,7 +675,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, memset(&proc_value, 0, sizeof(stc_proc_value_s)); classid = get_classid_by_app_id(app_id, FALSE); - is_exist = stc_monitor_app_lookup(classid); + is_exist = stc_plugin_monitor_lookup_app(classid); if (is_exist) { app_value.type = app_type; app_value.state = STC_APP_STATE_FOREGROUND; @@ -683,8 +684,8 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, proc_value.pid = pid; proc_value.ground = STC_APP_STATE_FOREGROUND; - stc_monitor_app_add(classid, app_id, pkg_id, app_value); - stc_monitor_proc_add(classid, app_id, proc_value); + stc_plugin_monitor_add_app(classid, app_id, pkg_id, app_value); + stc_plugin_monitor_add_proc(classid, app_id, proc_value); } else { bg_app_id = g_strconcat(app_id, STC_BACKGROUND_APP_SUFFIX, NULL); classid = get_classid_by_app_id(bg_app_id, TRUE); @@ -696,8 +697,8 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, proc_value.pid = pid; proc_value.ground = STC_APP_STATE_BACKGROUND; - stc_monitor_app_add(classid, bg_app_id, pkg_id, app_value); - stc_monitor_proc_add(classid, bg_app_id, proc_value); + stc_plugin_monitor_add_app(classid, bg_app_id, pkg_id, app_value); + stc_plugin_monitor_add_proc(classid, bg_app_id, proc_value); FREE(bg_app_id); } @@ -714,7 +715,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, if (classid == STC_UNKNOWN_CLASSID) classid = get_classid_by_app_id(app_id, FALSE); - stc_monitor_proc_remove(classid, pid); + stc_plugin_monitor_remove_proc(classid, pid); FREE(bg_app_id); break; diff --git a/plugin/tether/CMakeLists.txt b/plugin/tether/CMakeLists.txt index 889f44a..b64cfbd 100644 --- a/plugin/tether/CMakeLists.txt +++ b/plugin/tether/CMakeLists.txt @@ -15,6 +15,7 @@ FOREACH(flag ${tether_plugin_CFLAGS}) ENDFOREACH(flag) INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor/include) SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") diff --git a/plugin/tether/stc-plugin-tether.c b/plugin/tether/stc-plugin-tether.c index 5270aed..4b1e0b8 100755 --- a/plugin/tether/stc-plugin-tether.c +++ b/plugin/tether/stc-plugin-tether.c @@ -23,8 +23,8 @@ #include #include -#include "stc-monitor.h" #include "stc-plugin-tether.h" +#include "stc-manager-plugin-monitor.h" static GSList *station_list = NULL; static GDBusConnection *connection = NULL; @@ -49,7 +49,7 @@ static stc_error_e add_station_monitor(gchar *pkg_id, gchar *app_id, app_value.processes = NULL; g_strlcpy(app_value.mac, mac, STATION_MAC_STR_LEN); - ret = stc_monitor_app_add(STC_UNKNOWN_CLASSID, app_id, pkg_id, app_value); + ret = stc_plugin_monitor_add_app(STC_UNKNOWN_CLASSID, app_id, pkg_id, app_value); FREE(app_value.pkg_id); FREE(app_value.app_id); return ret; @@ -67,7 +67,7 @@ static stc_error_e remove_station_monitor(gchar *pkg_id, gchar *app_id) sta_app_id = g_strconcat(app_id, STC_TETHERING_APP_SUFFIX, NULL); - ret = stc_monitor_app_remove(STC_UNKNOWN_CLASSID, sta_app_id); + ret = stc_plugin_monitor_remove_app(STC_UNKNOWN_CLASSID, sta_app_id); FREE(sta_app_id); return ret; @@ -281,7 +281,7 @@ int tether_plugin_init(void) _mobileap_signal_cb, NULL, NULL); - STC_LOGI("tether plugin initialised"); + STC_LOGI("tether plugin initialized"); return 0; } diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 2ec0178..d23adde 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -24,7 +24,6 @@ ENDFOREACH(flag) SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/src) SET(HELPER_SOURCE_DIR ${SOURCE_DIR}/helper) SET(DATABASE_SOURCE_DIR ${SOURCE_DIR}/database) -SET(MONITOR_SOURCE_DIR ${SOURCE_DIR}/monitor) SET(CONFIGURE_SOURCE_DIR ${SOURCE_DIR}/configure) SET(LIMITATION_SOURCE_DIR ${SOURCE_DIR}/limitation) SET(PLUGIN_DIR ${CMAKE_SOURCE_DIR}/plugin) @@ -33,6 +32,7 @@ SET(EXCEPTION_SOURCE_DIR ${PLUGIN_DIR}/exception) SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs) SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap) SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether) +SET(MONITOR_SOURCE_DIR ${PLUGIN_DIR}/monitor) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces) @@ -43,9 +43,6 @@ INCLUDE_DIRECTORIES(${HELPER_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}/include) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) - INCLUDE_DIRECTORIES(${CONFIGURE_SOURCE_DIR}) INCLUDE_DIRECTORIES(${CONFIGURE_SOURCE_DIR}/include) @@ -57,14 +54,14 @@ INCLUDE_DIRECTORIES(${EXCEPTION_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c) FILE(GLOB HELPER_SRCS ${HELPER_SOURCE_DIR}/*.c) -FILE(GLOB MONITOR_SRCS ${MONITOR_SOURCE_DIR}/*.c) FILE(GLOB CONFIGURE_SRCS ${CONFIGURE_SOURCE_DIR}/*.c) FILE(GLOB LIMITATION_SRCS ${LIMITATION_SOURCE_DIR}/*.c) -SET(SRCS ${SRCS} ${SOURCE_SRCS} ${HELPER_SRCS} ${MONITOR_SRCS} ${CONFIGURE_SRCS} ${LIMITATION_SRCS}) +SET(SRCS ${SRCS} ${SOURCE_SRCS} ${HELPER_SRCS} ${CONFIGURE_SRCS} ${LIMITATION_SRCS}) IF("${ENABLE_DATABASE}" STREQUAL "YES") FILE(GLOB DATABASE_SRCS ${DATABASE_SOURCE_DIR}/*.c) diff --git a/src/database/db-common.c b/src/database/db-common.c old mode 100644 new mode 100755 index 372eb03..a4c2a3d --- a/src/database/db-common.c +++ b/src/database/db-common.c @@ -109,11 +109,9 @@ stc_error_e stc_db_initialize(void) stc_db_initialize_once(); -#ifndef TIZEN_TV_EXT EXEC(STC_ERROR_NONE, table_statistics_prepare(database)); EXEC(STC_ERROR_NONE, table_restrictions_prepare(database)); EXEC(STC_ERROR_NONE, table_counters_prepare(database)); -#endif EXEC(STC_ERROR_NONE, table_firewall_prepare(database)); EXEC(STC_ERROR_NONE, stc_init_db_guard()); @@ -134,11 +132,9 @@ gboolean stc_db_deinitialize(void) return TRUE; //LCOV_EXCL_LINE } -#ifndef TIZEN_TV_EXT table_statistics_finalize(); table_restrictions_finalize(); table_counters_finalize(); -#endif table_firewall_finalize(); sqlite3_close(database); diff --git a/src/database/tables/table-counters.c b/src/database/tables/table-counters.c old mode 100644 new mode 100755 index 9bd49a2..96c15c5 --- a/src/database/tables/table-counters.c +++ b/src/database/tables/table-counters.c @@ -271,7 +271,7 @@ handle_error: return ret; } -stc_error_e table_counters_get(uint64_t restriction_id, +API stc_error_e table_counters_get(uint64_t restriction_id, table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; @@ -322,7 +322,7 @@ handle_error: } //LCOV_EXCL_START -stc_error_e table_counters_update_counters(const table_counters_info *info) +API stc_error_e table_counters_update_counters(const table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_counter; @@ -359,7 +359,7 @@ handle_error: } //LCOV_EXCL_STOP -stc_error_e table_counters_get_timestamps(uint64_t restriction_id, +API stc_error_e table_counters_get_timestamps(uint64_t restriction_id, table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; @@ -411,7 +411,7 @@ handle_error: } //LCOV_EXCL_START -stc_error_e table_counters_update_timestamps(const table_counters_info *info) +API stc_error_e table_counters_update_timestamps(const table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_timestamp; @@ -443,7 +443,7 @@ handle_error: //LCOV_EXCL_STOP -stc_error_e table_counters_delete(uint64_t restriction_id) +API stc_error_e table_counters_delete(uint64_t restriction_id) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_counter; diff --git a/src/database/tables/table-restrictions.c b/src/database/tables/table-restrictions.c old mode 100644 new mode 100755 index 929449d..debb04d --- a/src/database/tables/table-restrictions.c +++ b/src/database/tables/table-restrictions.c @@ -320,7 +320,7 @@ handle_error: return error_code; } -stc_error_e table_restrictions_foreach(const table_restrictions_info_cb restriction_cb, +API stc_error_e table_restrictions_foreach(const table_restrictions_info_cb restriction_cb, void *user_data) { __STC_LOG_FUNC_ENTER__; diff --git a/src/database/tables/table-statistics.c b/src/database/tables/table-statistics.c index f8db77b..ffb4b97 100755 --- a/src/database/tables/table-statistics.c +++ b/src/database/tables/table-statistics.c @@ -500,7 +500,7 @@ handle_error: return error_code; } -stc_error_e table_statistics_per_app(const char *app_id, +API stc_error_e table_statistics_per_app(const char *app_id, table_statistics_select_rule *rule, table_statistics_info_cb info_cb, void *user_data) @@ -578,7 +578,7 @@ handle_error: return error_code; } -stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, +API stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, stc_db_app_stats *stat, time_t last_touch_time) { @@ -621,7 +621,7 @@ stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, goto handle_error; //LCOV_EXCL_LINE } - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m] " "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd); diff --git a/src/helper/helper-cgroup.c b/src/helper/helper-cgroup.c index fbb0024..1d5ba2b 100755 --- a/src/helper/helper-cgroup.c +++ b/src/helper/helper-cgroup.c @@ -119,7 +119,7 @@ int cgroup_write_node_uint32(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, value); //LCOV_EXCL_LINE return fwrite_uint(buf, value); @@ -131,7 +131,7 @@ int cgroup_write_node_str(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("cgroup_buf %s, string %s\n", buf, string); //LCOV_EXCL_LINE return fwrite_str(buf, string); @@ -145,7 +145,7 @@ int cgroup_read_node_uint32(const char *cgroup_name, snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); ret = fread_uint(buf, value); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, *value); //LCOV_EXCL_LINE return ret; @@ -222,7 +222,7 @@ int cgroup_set_release_agent(const char *cgroup_subsys, return cgroup_write_node_str(buf, NOTIFY_ON_RELEASE, "1"); } -void cgroup_init(void) +API void cgroup_init(void) { /* create stc cgroup directory */ cgroup_make_subdir(CGROUP_NETWORK, STC_CGROUP_NAME, NULL); diff --git a/src/helper/helper-file.c b/src/helper/helper-file.c index 636ef5d..53dcad0 100755 --- a/src/helper/helper-file.c +++ b/src/helper/helper-file.c @@ -29,17 +29,14 @@ int fwrite_str(const char *path, const char *str) assert(str); t = realpath(path, NULL); - ret_value_errno_msg_if(!t, -errno, - "Fail to get realpath %s", path); + ret_value_if(!t, -errno); free(t); f = fopen(path, "w"); - ret_value_errno_msg_if(!f, -errno, - "Fail to open file %s", path); + ret_value_if(!f, -errno); ret = fputs(str, f); - ret_value_errno_msg_if(ret == EOF, errno ? -errno : -EIO, - "Fail to write file"); + ret_value_if(ret == EOF, errno ? -errno : -EIO); return STC_ERROR_NONE; } @@ -50,8 +47,7 @@ int fwrite_uint(const char *path, const uint32_t number) int ret; ret = asprintf(&digit_buf, "%d", number); - ret_value_errno_msg_if(ret < 0, -ENOMEM, - "sprintf failed\n"); + ret_value_if(ret < 0, -ENOMEM); return fwrite_str(path, digit_buf); } @@ -62,12 +58,10 @@ int fread_uint(const char *path, uint32_t *number) int ret; f = fopen(path, "r"); - ret_value_errno_msg_if(!f, -errno, - "Fail to open %s file.", path); + ret_value_if(!f, -errno); ret = fscanf(f, "%u", number); - ret_value_errno_msg_if(ret == EOF, -errno, - "Fail to read file\n"); + ret_value_if(ret == EOF, -errno); return STC_ERROR_NONE; } diff --git a/src/helper/helper-iptables.c b/src/helper/helper-iptables.c old mode 100644 new mode 100755 index 9a2cde8..1e140b7 --- a/src/helper/helper-iptables.c +++ b/src/helper/helper-iptables.c @@ -891,7 +891,7 @@ done: return ret; } -stc_error_e iptables_flush_chains(void) +API stc_error_e iptables_flush_chains(void) { stc_error_e ret = STC_ERROR_NONE; stc_s *stc = stc_get_manager(); @@ -982,6 +982,12 @@ stc_error_e iptables_init(void) goto done; //LCOV_EXCL_LINE } + ret = __ip6tables_add_chain(stc->connection, STC_TETHER_CHAIN); + if (ret != STC_ERROR_NONE) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + goto done; //LCOV_EXCL_LINE + } + ret = _iptables_add_in_chain_jump_rule(); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE diff --git a/src/helper/helper-net-cls.c b/src/helper/helper-net-cls.c index 3f460f7..350dfb6 100755 --- a/src/helper/helper-net-cls.c +++ b/src/helper/helper-net-cls.c @@ -87,7 +87,7 @@ static stc_error_e __get_classid_from_cgroup(const char *cgroup, return STC_ERROR_NONE; } -stc_error_e init_current_classid(void) +API stc_error_e init_current_classid(void) { int ret = 0; struct stat stat_buf; @@ -172,12 +172,12 @@ API uint32_t get_classid_by_app_id(const char *app_id, int create) return classid; handle_error: - - STC_LOGE("error_code: [%d]", ret); //LCOV_EXCL_LINE + if (STC_DEBUG_LOG) + STC_LOGE("error_code: [%d]", ret); //LCOV_EXCL_LINE return STC_UNKNOWN_CLASSID; //LCOV_EXCL_LINE } -stc_error_e place_pids_to_net_cgroup(const int pid, const char *app_id) +API stc_error_e place_pids_to_net_cgroup(const int pid, const char *app_id) { char child_buf[21 + MAX_DEC_SIZE(int) + MAX_DEC_SIZE(int) + 1]; const char *path_to_net_cgroup_dir = NULL; diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c index fbe17ca..1d6d0c6 100755 --- a/src/helper/helper-nfacct-rule.c +++ b/src/helper/helper-nfacct-rule.c @@ -223,7 +223,7 @@ stc_error_e nfacct_send_get_quotas(struct counter_arg *carg, const char *name) NFACCT_F_QUOTA_BYTES); } -stc_error_e nfacct_send_get_all(struct counter_arg *carg) +API stc_error_e nfacct_send_get_all(struct counter_arg *carg) { /* get and reset everything, used when quiting */ return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET_CTRZERO, NULL, @@ -252,7 +252,7 @@ static stc_iface_type_e convert_to_iftype(int type) type > STC_IFACE_UNKNOWN) ? type : STC_IFACE_UNKNOWN; } -bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt) +API bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt) { char *iftype_part; char *classid_part; @@ -396,7 +396,7 @@ next: params->post_eval_attr(carg); } -netlink_serialization_command * +API netlink_serialization_command * netlink_create_command(struct netlink_serialization_params *params) { static netlink_serialization_command command = {0,}; @@ -803,7 +803,7 @@ static stc_error_e produce_iface_rule(nfacct_rule_s *rule) return STC_ERROR_NONE; } -stc_error_e produce_net_rule(nfacct_rule_s *rule) +API stc_error_e produce_net_rule(nfacct_rule_s *rule) { stc_error_e ret = STC_ERROR_NONE; diff --git a/src/helper/helper-nl.c b/src/helper/helper-nl.c old mode 100644 new mode 100755 index 2c3c8f9..ff9d1af --- a/src/helper/helper-nl.c +++ b/src/helper/helper-nl.c @@ -67,7 +67,7 @@ void fill_attribute_list(struct rtattr **atb, const int max_len, /* read netlink message from socket * return opaque pointer to genl structure */ -int read_netlink(int sock, void *buf, size_t len) +API int read_netlink(int sock, void *buf, size_t len) { ssize_t ret; struct sockaddr_nl addr; diff --git a/src/stc-firewall.c b/src/stc-firewall.c index f1adadb..64e7abb 100755 --- a/src/stc-firewall.c +++ b/src/stc-firewall.c @@ -1216,6 +1216,8 @@ gboolean __validate_fw_rule(firewall_rule_s *rule) void stc_firewall_init(void) { + __STC_LOG_FUNC_ENTER__; + int ret = STC_ERROR_NONE; g_firewalls = g_hash_table_new_full(g_str_hash, @@ -1230,21 +1232,31 @@ void stc_firewall_init(void) table_firewall_foreach_chain(__fw_table_chain_info_cb, NULL); table_firewall_foreach_rule(__fw_table_rule_info_cb, NULL); + + __STC_LOG_FUNC_EXIT__; } -void stc_firewall_update(void) +API void stc_firewall_update(void) { + __STC_LOG_FUNC_ENTER__; + __fw_chain_foreach(__fw_foreach_to_add_chain, NULL); __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, NULL); __fw_chain_foreach(__fw_foreach_to_set_chain, NULL); + + __STC_LOG_FUNC_EXIT__; } void stc_firewall_deinit(void) { + __STC_LOG_FUNC_ENTER__; + if (g_firewalls) { g_hash_table_destroy(g_firewalls); g_firewalls = NULL; } + + __STC_LOG_FUNC_EXIT__; } gboolean handle_firewall_lock(StcFirewall *object, diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index ef74b17..22d0375 100755 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -20,10 +20,10 @@ #include "stc-restriction.h" #include "stc-firewall.h" #include "stc-pcap.h" -#include "stc-connection.h" #include "stc-manager-util.h" #include "stc-manager-plugin-appstatus.h" #include "stc-manager-plugin-procfs.h" +#include "stc-manager-plugin-monitor.h" #include "helper-iptables.h" #define MANAGER_DBUS_ERROR_NAME "net.stc.manager.Error.Failed" @@ -351,12 +351,11 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, stc->connection); iptables_init(); -#ifndef TIZEN_TV_EXT - stc_connection_monitor_init(stc); + stc_firewall_update(); + stc_plugin_monitor_init_connection(stc); stc_plugin_appstatus_register_state_changed_cb(stc, stc_plugin_procfs_app_status_changed, NULL); -#endif __STC_LOG_FUNC_EXIT__; } @@ -400,7 +399,7 @@ void stc_manager_gdbus_deinit(gpointer stc_data) stc_s *stc = (stc_s *)stc_data; stc_plugin_appstatus_deregister_state_changed_cb(stc); - stc_connection_monitor_deinit(stc); + stc_plugin_monitor_deinit_connection(stc); g_bus_unown_name(stc->gdbus_owner_id); @@ -412,7 +411,7 @@ void stc_manager_gdbus_deinit(gpointer stc_data) __STC_LOG_FUNC_EXIT__; } -GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection, +API GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection, const char *dest, const char *path, const char *interface_name, const char *method, GVariant *params) @@ -452,7 +451,7 @@ GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection, return reply; } -guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection, +API guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection, const gchar *sender, const gchar *interface_name, const gchar *member, @@ -480,7 +479,7 @@ guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection, user_data_free_func); } -void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection, +API void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection, guint subscription_id) { if (connection == NULL) { @@ -513,7 +512,7 @@ void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb, __STC_LOG_FUNC_EXIT__; } -gboolean stc_manager_dbus_emit_signal(GDBusConnection *connection, +API gboolean stc_manager_dbus_emit_signal(GDBusConnection *connection, const gchar *object_path, const gchar *interface_name, const gchar *signal_name, diff --git a/src/stc-manager-plugin-appstatus.c b/src/stc-manager-plugin-appstatus.c old mode 100644 new mode 100755 index cab52ad..a79bc93 --- a/src/stc-manager-plugin-appstatus.c +++ b/src/stc-manager-plugin-appstatus.c @@ -64,24 +64,21 @@ int stc_plugin_appstatus_deinit(void) return STC_ERROR_NONE; } -int stc_plugin_appstatus_send_message(const char *content, +API int stc_plugin_appstatus_send_message(const char *content, const char *type, const char *app_id, const char *iftype, const char *limit) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->send_message_to_net_popup(content, type, app_id, iftype, limit); } @@ -89,41 +86,35 @@ int stc_plugin_appstatus_send_message(const char *content, int stc_plugin_appstatus_register_state_changed_cb(stc_s *stc, stc_plugin_app_state_changed_cb cb, void *data) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->register_state_changed_cb(stc, cb, data); } int stc_plugin_appstatus_deregister_state_changed_cb(stc_s *stc) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->deregister_state_changed_cb(stc); } //LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-exception.c b/src/stc-manager-plugin-exception.c old mode 100644 new mode 100755 index bc0078d..ad1c092 --- a/src/stc-manager-plugin-exception.c +++ b/src/stc-manager-plugin-exception.c @@ -24,7 +24,7 @@ static void *handle_plugin; static stc_plugin_exception_s *stc_plugin; //LCOV_EXCL_START -int stc_plugin_exception_init(void) +API int stc_plugin_exception_init(void) { __STC_LOG_FUNC_ENTER__; @@ -50,7 +50,7 @@ int stc_plugin_exception_init(void) return STC_ERROR_NONE; } -int stc_plugin_exception_deinit(void) +API int stc_plugin_exception_deinit(void) { __STC_LOG_FUNC_ENTER__; @@ -67,47 +67,41 @@ int stc_plugin_exception_deinit(void) return STC_ERROR_NONE; } -int stc_plugin_fill_exception_list(void) +API int stc_plugin_fill_exception_list(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->fill_exception_list(); } -int stc_plugin_update_exception_list(void) +API int stc_plugin_update_exception_list(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->update_exception_list(); } -int stc_plugin_check_exception_by_cmdline(char *cmdline) +API int stc_plugin_check_exception_by_cmdline(char *cmdline) { if (!stc_plugin_enabled) return STC_ERROR_UNINITIALIZED; diff --git a/src/stc-manager-plugin-monitor.c b/src/stc-manager-plugin-monitor.c new file mode 100755 index 0000000..209b1a1 --- /dev/null +++ b/src/stc-manager-plugin-monitor.c @@ -0,0 +1,259 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "stc-manager.h" +#include "stc-manager-plugin-monitor.h" + +static gboolean stc_plugin_enabled = FALSE; +static void *handle_plugin; +static stc_plugin_monitor_s *stc_plugin; + +//LCOV_EXCL_START +API int stc_plugin_monitor_init(void) +{ + __STC_LOG_FUNC_ENTER__; + + handle_plugin = dlopen(STC_PLUGIN_MONITOR_FILEPATH, RTLD_NOW); + if (!handle_plugin) { + STC_LOGE("Can't load %s: %s", STC_PLUGIN_MONITOR_FILEPATH, dlerror()); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin = dlsym(handle_plugin, "stc_plugin_monitor"); + if (!stc_plugin) { + STC_LOGE("Can't load symbol: %s", dlerror()); + dlclose(handle_plugin); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->initialize_plugin(); + stc_plugin_enabled = TRUE; + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +API int stc_plugin_monitor_deinit(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) + return STC_ERROR_UNINITIALIZED; + + stc_plugin->deinitialize_plugin(); + stc_plugin_enabled = FALSE; + dlclose(handle_plugin); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +API int stc_plugin_monitor_add_app(uint32_t classid, + const char *app_id, + const char *pkg_id, + const stc_app_value_s value) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_application(classid, app_id, pkg_id, value); +} + +API int stc_plugin_monitor_remove_app(uint32_t classid, + const char *app_id) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_application(classid, app_id); +} + +API int stc_plugin_monitor_lookup_app(uint32_t classid) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->lookup_application(classid); +} + +API int stc_plugin_monitor_add_rstn(table_restrictions_info *info) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_restriction(info); +} + +API int stc_plugin_monitor_remove_rstn(table_restrictions_info *info) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_restriction(info); +} + +API int stc_plugin_monitor_init_connection(stc_s *stc) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->init_connection(stc); +} + +API int stc_plugin_monitor_deinit_connection(stc_s *stc) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->deinit_connection(stc); +} + +API int stc_plugin_monitor_add_proc(uint32_t classid, + const char *app_id, const stc_proc_value_s value) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_process(classid, app_id, value); +} + +API int stc_plugin_monitor_remove_proc(uint32_t classid, pid_t pid) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_process(classid, pid); +} + +API int stc_plugin_monitor_move_proc(uint32_t from, uint32_t to) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->move_process(from, to); +} + +API int stc_plugin_monitor_update_proc_ground(uint32_t classid, + const char *app_id, const stc_proc_value_s value) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->update_process_ground(classid, app_id, value); +} +//LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-pcap.c b/src/stc-manager-plugin-pcap.c old mode 100644 new mode 100755 index c9432a2..395031c --- a/src/stc-manager-plugin-pcap.c +++ b/src/stc-manager-plugin-pcap.c @@ -69,103 +69,88 @@ int stc_plugin_pcap_deinit(void) int stc_plugin_pcap_lookup_dev(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->lookup_dev(); } int stc_plugin_pcap_lookup_net(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->lookup_net(); } int stc_plugin_pcap_find_alldevs(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->find_alldevs(); } int stc_plugin_pcap_register_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->register_loop_pcap(ifname, group); } int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->unregister_loop_pcap(ifname, group); } //LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-tether.c b/src/stc-manager-plugin-tether.c old mode 100644 new mode 100755 index afb170d..4c5e528 --- a/src/stc-manager-plugin-tether.c +++ b/src/stc-manager-plugin-tether.c @@ -66,15 +66,14 @@ int stc_plugin_tether_deinit(void) return STC_ERROR_NONE; } -int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr) +API int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr) { - __STC_LOG_FUNC_ENTER__; char ip[INET_ADDRSTRLEN+1]; if (!stc_tether_plugin_enabled || - mac == NULL || ipaddr == NULL) { - STC_LOGE("invalid args"); - __STC_LOG_FUNC_EXIT__; + mac == NULL || ipaddr == NULL) { + if (STC_DEBUG_LOG) + STC_LOGE("invalid args"); return STC_ERROR_INVALID_PARAMETER; } @@ -86,18 +85,17 @@ int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr) *ipaddr = g_strdup(ip); STC_LOGI("station ip(%s)", *ipaddr); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } -int stc_plugin_tether_get_station_by_classid(const int classid, char **mac) +API int stc_plugin_tether_get_station_by_classid(const int classid, char **mac) { __STC_LOG_FUNC_ENTER__; char mac_addr[STATION_MAC_STR_LEN+1]; if (!stc_tether_plugin_enabled || mac == NULL) { - STC_LOGE("invalid args"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("invalid args"); return STC_ERROR_INVALID_PARAMETER; } @@ -109,17 +107,16 @@ int stc_plugin_tether_get_station_by_classid(const int classid, char **mac) *mac = g_strdup(mac_addr); STC_LOGI("station mac(%s)", *mac); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } -int stc_plugin_tether_set_station_classid(const char *mac, int classid) +API int stc_plugin_tether_set_station_classid(const char *mac, int classid) { __STC_LOG_FUNC_ENTER__; if (!stc_tether_plugin_enabled || mac == NULL) { - STC_LOGE("invalid args"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("invalid args"); return STC_ERROR_INVALID_PARAMETER; } @@ -128,6 +125,6 @@ int stc_plugin_tether_set_station_classid(const char *mac, int classid) STC_LOGI("classid(%d) for station mac(%s) is set successfully", classid, mac); - __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; } diff --git a/src/stc-manager.c b/src/stc-manager.c index ba9356d..11fa7bb 100755 --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -26,13 +26,13 @@ #include "helper-nfacct-rule.h" #include "helper-iptables.h" #include "helper-inotify.h" -#include "stc-monitor.h" #include "stc-firewall.h" #include "stc-manager-plugin-appstatus.h" #include "stc-manager-plugin-exception.h" #include "stc-manager-plugin-procfs.h" #include "stc-manager-plugin-tether.h" #include "stc-manager-plugin-pcap.h" +#include "stc-manager-plugin-monitor.h" #define BUF_SIZE_FOR_ERR 100 @@ -75,7 +75,7 @@ static void __stc_manager_deinit(void) return; } - stc_monitor_deinit(); + stc_plugin_monitor_deinit(); stc_deinit_db_guard(); stc_db_deinitialize(); @@ -118,9 +118,7 @@ static stc_s *__stc_manager_init(void) inotify_initialize(); inotify_register(INFO_STORAGE_DIR, __stc_inotify_handler); -#ifndef TIZEN_TV_EXT cgroup_set_release_agent(NET_CLS_SUBSYS, NET_RELEASE_AGENT); -#endif err = stc_db_initialize(); if (err != STC_ERROR_NONE) { @@ -128,25 +126,16 @@ static stc_s *__stc_manager_init(void) return NULL; //LCOV_EXCL_LINE } -#ifndef TIZEN_TV_EXT stc_plugin_appstatus_init(); stc_plugin_exception_init(); stc_plugin_procfs_init(); stc_plugin_tether_init(); stc_plugin_pcap_init(); -#endif + stc_plugin_monitor_init(); stc_firewall_init(); -#ifndef TIZEN_TV_EXT - err = stc_monitor_init(); - if (err != STC_ERROR_NONE) { - STC_LOGD("Failed to initialize stc manager"); //LCOV_EXCL_LINE - return NULL; //LCOV_EXCL_LINE - } - stc_plugin_procfs_load_pid(); -#endif stc_manager_gdbus_init((gpointer)stc); @@ -155,7 +144,7 @@ static stc_s *__stc_manager_init(void) return stc; } -stc_s *stc_get_manager(void) +API stc_s *stc_get_manager(void) { return g_stc; } diff --git a/src/stc-restriction.c b/src/stc-restriction.c old mode 100644 new mode 100755 index 6b207a5..ffe1a85 --- a/src/stc-restriction.c +++ b/src/stc-restriction.c @@ -18,7 +18,7 @@ #include "table-restrictions.h" #include "stc-restriction.h" #include "stc-manager-gdbus.h" -#include "stc-monitor.h" +#include "stc-manager-plugin-monitor.h" #define RESTRICTION_DBUS_ERROR_NAME "net.stc.restriction.Error.Failed" @@ -295,7 +295,7 @@ gboolean handle_restriction_set(StcRestriction *object, return TRUE; } - stc_monitor_rstn_add(&rule); + stc_plugin_monitor_add_rstn(&rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -338,7 +338,7 @@ gboolean handle_restriction_unset(StcRestriction *object, return TRUE; } - stc_monitor_rstn_remove(&rule); + stc_plugin_monitor_remove_rstn(&rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; -- 2.7.4 From 96b16847665efc4abd200aada4c46ba42c73a232 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 3 Dec 2018 15:03:47 +0900 Subject: [PATCH 07/16] Separate firewall function plugin Change-Id: I9df5a225ac7772b2985e2b9d24e6682b7fd60a2d Signed-off-by: hyunuktak --- include/stc-error.h | 0 include/stc-firewall.h | 10 - include/stc-manager-plugin-appstatus.h | 0 include/stc-manager-plugin-exception.h | 0 include/stc-manager-plugin-firewall.h | 44 + include/stc-manager-plugin-procfs.h | 0 include/stc-manager-plugin-tether.h | 0 include/stc-restriction.h | 0 include/stc-statistics.h | 0 include/transmission.h | 0 packaging/stc-manager.spec | 12 +- plugin/CMakeLists.txt | 1 + plugin/firewall/CMakeLists.txt | 36 + plugin/firewall/include/stc-plugin-firewall.h | 61 + plugin/firewall/stc-plugin-firewall.c | 1608 ++++++++++++++++++++++++ plugin/monitor/CMakeLists.txt | 1 + plugin/monitor/stc-plugin-monitor-connection.c | 7 +- src/CMakeLists.txt | 2 + src/database/tables/table-firewall.c | 24 +- src/helper/helper-firewall.c | 10 +- src/stc-firewall.c | 1507 +--------------------- src/stc-manager-gdbus.c | 5 +- src/stc-manager-plugin-firewall.c | 306 +++++ src/stc-manager-plugin-procfs.c | 0 src/stc-manager.c | 9 +- src/stc-statistics.c | 0 26 files changed, 2120 insertions(+), 1523 deletions(-) mode change 100644 => 100755 include/stc-error.h mode change 100644 => 100755 include/stc-firewall.h mode change 100644 => 100755 include/stc-manager-plugin-appstatus.h mode change 100644 => 100755 include/stc-manager-plugin-exception.h create mode 100755 include/stc-manager-plugin-firewall.h mode change 100644 => 100755 include/stc-manager-plugin-procfs.h mode change 100644 => 100755 include/stc-manager-plugin-tether.h mode change 100644 => 100755 include/stc-restriction.h mode change 100644 => 100755 include/stc-statistics.h mode change 100644 => 100755 include/transmission.h create mode 100644 plugin/firewall/CMakeLists.txt create mode 100755 plugin/firewall/include/stc-plugin-firewall.h create mode 100755 plugin/firewall/stc-plugin-firewall.c mode change 100644 => 100755 src/database/tables/table-firewall.c mode change 100644 => 100755 src/helper/helper-firewall.c create mode 100755 src/stc-manager-plugin-firewall.c mode change 100644 => 100755 src/stc-manager-plugin-procfs.c mode change 100644 => 100755 src/stc-statistics.c diff --git a/include/stc-error.h b/include/stc-error.h old mode 100644 new mode 100755 diff --git a/include/stc-firewall.h b/include/stc-firewall.h old mode 100644 new mode 100755 index c857f9b..861dede --- a/include/stc-firewall.h +++ b/include/stc-firewall.h @@ -26,20 +26,10 @@ * Macros and Typedefs *****************************************************************************/ -typedef struct { - stc_fw_chain_target_e target; - uint64_t priority; - GSList *rules; -} stc_fw_data_s; - /***************************************************************************** * Functions Declaration *****************************************************************************/ -void stc_firewall_init(void); -void stc_firewall_update(void); -void stc_firewall_deinit(void); - gboolean handle_firewall_lock(StcFirewall *object, GDBusMethodInvocation *invocation, void *user_data); diff --git a/include/stc-manager-plugin-appstatus.h b/include/stc-manager-plugin-appstatus.h old mode 100644 new mode 100755 diff --git a/include/stc-manager-plugin-exception.h b/include/stc-manager-plugin-exception.h old mode 100644 new mode 100755 diff --git a/include/stc-manager-plugin-firewall.h b/include/stc-manager-plugin-firewall.h new file mode 100755 index 0000000..258abc5 --- /dev/null +++ b/include/stc-manager-plugin-firewall.h @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_MANAGER_PLUGIN_FIREWALL_H__ +#define __STC_MANAGER_PLUGIN_FIREWALL_H__ + +#define STC_PLUGIN_FIREWALL_FILEPATH "/usr/lib/stc-plugin-firewall.so" + +#include "stc-plugin-firewall.h" + +int stc_plugin_firewall_init(void); +int stc_plugin_firewall_deinit(void); + +int stc_plugin_firewall_lock(void); +int stc_plugin_firewall_unlock(void); +int stc_plugin_firewall_get_lock(int *state); +int stc_plugin_firewall_update(void); + +int stc_plugin_firewall_add_chain(char *chain); +int stc_plugin_firewall_remove_chain(char *chain); +int stc_plugin_firewall_flush_chain(char *chain); +int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder); +int stc_plugin_firewall_set_chain(char *chain, uint target); +int stc_plugin_firewall_unset_chain(char *chain); + +int stc_plugin_firewall_add_rule(GVariant *params); +int stc_plugin_firewall_remove_rule(GVariant *params); +int stc_plugin_firewall_update_rule(GVariant *params); +int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder); + +#endif /* __STC_MANAGER_PLUGIN_FIREWALL_H__ */ diff --git a/include/stc-manager-plugin-procfs.h b/include/stc-manager-plugin-procfs.h old mode 100644 new mode 100755 diff --git a/include/stc-manager-plugin-tether.h b/include/stc-manager-plugin-tether.h old mode 100644 new mode 100755 diff --git a/include/stc-restriction.h b/include/stc-restriction.h old mode 100644 new mode 100755 diff --git a/include/stc-statistics.h b/include/stc-statistics.h old mode 100644 new mode 100755 diff --git a/include/transmission.h b/include/transmission.h old mode 100644 new mode 100755 diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index 0d98483..d8dc5c4 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.83 +Version: 0.0.84 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 @@ -76,6 +76,12 @@ Summary: Monitor plugin for data usage of clients %description plugin-monitor A smart traffic control manager extension for monitoring client data usage plugin +%package plugin-firewall +Summary: Firewall plugin for managing firewall rules + +%description plugin-firewall +A smart traffic control manager extension for firewall plugin + %prep %setup -q chmod 644 %{SOURCE0} @@ -178,3 +184,7 @@ cp resources/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/st %files plugin-monitor %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-monitor.so + +%files plugin-firewall +%manifest %{name}.manifest +%attr(500,root,root) %{_libdir}/stc-plugin-firewall.so diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index a56ee63..98f28b7 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -17,3 +17,4 @@ ADD_SUBDIRECTORY(procfs) ADD_SUBDIRECTORY(pcap) ADD_SUBDIRECTORY(tether) ADD_SUBDIRECTORY(monitor) +ADD_SUBDIRECTORY(firewall) diff --git a/plugin/firewall/CMakeLists.txt b/plugin/firewall/CMakeLists.txt new file mode 100644 index 0000000..1b8404b --- /dev/null +++ b/plugin/firewall/CMakeLists.txt @@ -0,0 +1,36 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) +PROJECT(stc-plugin-firewall C) + +# Set required packages +INCLUDE(FindPkgConfig) +PKG_CHECK_MODULES(firewall_plugin REQUIRED + dlog + gio-2.0 + gio-unix-2.0 + glib-2.0 + ) + +FOREACH(flag ${pcap_plugin_CFLAGS}) + SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") +ENDFOREACH(flag) + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) + +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") +SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") +SET(CMAKE_C_FLAGS_RELEASE "-O2") + +ADD_DEFINITIONS("-DUSE_DLOG") + +SET(SRCS_PLUGIN + stc-plugin-firewall.c + ) + +# library build +ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS_PLUGIN}) +ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${firewall_plugin_LDFLAGS}) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "" OUTPUT_NAME ${PROJECT_NAME}) + +# install +INSTALL(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${LIBDIR}) diff --git a/plugin/firewall/include/stc-plugin-firewall.h b/plugin/firewall/include/stc-plugin-firewall.h new file mode 100755 index 0000000..bf36d58 --- /dev/null +++ b/plugin/firewall/include/stc-plugin-firewall.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_PLUGIN_FIREWALL_H__ +#define __STC_PLUGIN_FIREWALL_H__ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "stc-error.h" +#include "stc-manager.h" +#include "stc-manager-gdbus.h" + +typedef struct { + stc_fw_chain_target_e target; + uint64_t priority; + GSList *rules; +} stc_fw_data_s; + +typedef struct { + int (*initialize_plugin) (void); + int (*deinitialize_plugin) (void); + + int (*lock_firewall) (void); + int (*unlock_firewall) (void); + int (*get_lock_firewall) (int *state); + int (*update_firewall) (void); + + int (*add_chain) (char *chain); + int (*remove_chain) (char *chain); + int (*flush_chain) (char *chain); + int (*get_all_chain) (GVariantBuilder *builder); + int (*set_chain) (char *chain, uint target); + int (*unset_chain) (char *chain); + + int (*add_rule) (GVariant *params); + int (*remove_rule) (GVariant *params); + int (*update_rule) (GVariant *params); + int (*get_all_rule) (GVariantBuilder *builder); +} stc_plugin_firewall_s; + +#endif /* __STC_PLUGIN_FIREWALL_H__ */ diff --git a/plugin/firewall/stc-plugin-firewall.c b/plugin/firewall/stc-plugin-firewall.c new file mode 100755 index 0000000..3e5fdd6 --- /dev/null +++ b/plugin/firewall/stc-plugin-firewall.c @@ -0,0 +1,1608 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "stc-plugin-firewall.h" +#include "table-firewall.h" +#include "helper-firewall.h" + +#define LOCK_NAME "admin" + +#define IDENTIFIER_LEN 512 + +#define CHAIN_NAME "chain" +#define CHAIN_TARGET "target" +#define CHAIN_PRIORITY "priority" + +#define RULE_IDENTIFIER "identifier" +#define RULE_KEY "key" + +#define STC_FIREWALL_CHECK_LOCK_STATE() do { \ + if (g_lock_state == FIREWALL_LOCKED) { \ + if (STC_FW_LOG) \ + STC_LOGD("Firewall is locked"); \ + return STC_ERROR_PERMISSION_DENIED; \ + } \ +} while (0) + +static GHashTable *g_firewalls = NULL; +static int g_lock_state = FIREWALL_UNKONWN; +static int g_chain_priority = 0; + +static void __fw_rule_copy(firewall_rule_s *rule, + const firewall_rule_s *info) +{ + if (info->chain) { + FREE(rule->chain); + rule->chain = g_strdup(info->chain); + } + + rule->direction = info->direction; + rule->s_ip_type = info->s_ip_type; + rule->d_ip_type = info->d_ip_type; + rule->s_port_type = info->s_port_type; + rule->d_port_type = info->d_port_type; + rule->protocol = info->protocol; + rule->family = info->family; + + rule->s_ip1 = info->s_ip1; + rule->s_ip2 = info->s_ip2; + rule->d_ip1 = info->d_ip1; + rule->d_ip2 = info->d_ip2; + + rule->s_port1 = info->s_port1; + rule->s_port2 = info->s_port2; + rule->d_port1 = info->d_port1; + rule->d_port2 = info->d_port2; + + if (info->ifname) { + FREE(rule->ifname); + rule->ifname = g_strdup(info->ifname); + } + + rule->target = info->target; + + if (info->target_str) { + FREE(rule->target_str); + rule->target_str = g_strdup(info->target_str); + } + + rule->log_level = info->log_level; + + if (info->log_prefix) { + FREE(rule->log_prefix); + rule->log_prefix = g_strdup(info->log_prefix); + } + + rule->nflog_group = info->nflog_group; + rule->nflog_range = info->nflog_range; + rule->nflog_threshold = info->nflog_threshold; + + if (info->nflog_prefix) { + FREE(rule->nflog_prefix); + rule->nflog_prefix = g_strdup(info->nflog_prefix); + } + + if (info->identifier) { + FREE(rule->identifier); + rule->identifier = g_strdup(info->identifier); + } + + rule->key = info->key; +} + +static void __fw_rule_make_key(firewall_rule_s *rule, + firewall_rule_s *info) +{ + GString *str; + + if (!rule->chain) + return; + + str = g_string_sized_new(IDENTIFIER_LEN); + if (!str) + return; + + g_string_append_printf(str, "%s", rule->chain); + + g_string_append_printf(str, "_%u%u%u%u%u%u%u", rule->direction, + rule->s_ip_type, rule->d_ip_type, rule->s_port_type, + rule->d_port_type, rule->protocol, rule->family); + + if (rule->family == STC_FW_FAMILY_V4) { + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv4.s_addr); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv4.s_addr); + + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv4.s_addr); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[3]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[3]); + + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[3]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[3]); + } + + g_string_append_printf(str, "_%04x", rule->s_port1); + g_string_append_printf(str, "%04x", rule->s_port2); + + g_string_append_printf(str, "_%04x", rule->d_port1); + g_string_append_printf(str, "%04x", rule->d_port2); + + g_string_append_printf(str, "_%s", (rule->ifname) ? rule->ifname : ""); + g_string_append_printf(str, "_%u", rule->target); + + switch (rule->target) { + case STC_FW_RULE_TARGET_LOG: + g_string_append_printf(str, "_%u", rule->log_level); + g_string_append_printf(str, "_%s", rule->log_prefix); + break; + case STC_FW_RULE_TARGET_NFLOG: + g_string_append_printf(str, "_%u", rule->nflog_group); + g_string_append_printf(str, "_%s", rule->nflog_prefix); + g_string_append_printf(str, "_%u", rule->nflog_range); + g_string_append_printf(str, "_%u", rule->nflog_threshold); + break; + default: + break; + } + + FREE(rule->identifier); + rule->identifier = g_string_free(str, FALSE); + rule->key = g_str_hash(rule->identifier); + + FREE(info->identifier); + info->identifier = g_strdup(rule->identifier); + info->key = rule->key; + + if (STC_DEBUG_LOG && STC_FW_LOG) { + STC_LOGD("Identifier [%s]", rule->identifier); + STC_LOGD("Key [%u]", rule->key); + } +} + +static void __fw_rule_free(void *data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + + FREE(rule->chain); + FREE(rule->ifname); + FREE(rule->target_str); + FREE(rule->log_prefix); + FREE(rule->nflog_prefix); + FREE(rule->identifier); + FREE(rule); +} + +static void __fw_data_free(gpointer value) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + + g_slist_free_full(data->rules, __fw_rule_free); + data->rules = NULL; + + FREE(data); +} + +static gint __fw_rule_comp(gconstpointer a, gconstpointer b) +{ + firewall_rule_s *data = (firewall_rule_s *)a; + firewall_rule_s *rule = (firewall_rule_s *)b; + + if ((data->key == rule->key) && + (g_strcmp0(data->identifier, rule->identifier) == 0)) + return 0; + + return -1; +} + +static stc_error_e __fw_chain_add(const char *chain) +{ + stc_fw_data_s *data; + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("chain already present"); + return STC_ERROR_ALREADY_DATA; + } + + data = MALLOC0(stc_fw_data_s, 1); + if (!data) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); + return STC_ERROR_OUT_OF_MEMORY; + } + + data->target = STC_FW_CHAIN_TARGET_NONE; + data->priority = 0; + data->rules = NULL; + + g_hash_table_insert(g_firewalls, g_strdup(chain), data); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_chain_remove(const char *chain) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + g_slist_free_full(lookup->rules, __fw_rule_free); + lookup->rules = NULL; + + g_hash_table_remove(g_firewalls, chain); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_chain_flush(const char *chain) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + g_slist_free_full(lookup->rules, __fw_rule_free); + lookup->rules = NULL; + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_chain_set(const char *chain, stc_fw_data_s value) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + lookup->target = value.target; + lookup->priority = value.priority; + + return STC_ERROR_NONE; +} + +static stc_fw_data_s *__fw_chain_get(const char *chain) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, NULL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return NULL; + } + + return lookup; +} + +static stc_error_e __fw_chain_unset(const char *chain) +{ + stc_error_e ret = STC_ERROR_NONE; + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + lookup->target = STC_FW_CHAIN_TARGET_NONE; + lookup->priority = 0; + + return ret; +} + +static void __fw_chain_make_params(gpointer key, gpointer value, + gpointer user_data) +{ + char *chain = (char *)key; + stc_fw_data_s *data = (stc_fw_data_s *)value; + GVariantBuilder *builder = (GVariantBuilder *)user_data; + GVariantBuilder sub_builder; + + g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); + + g_variant_builder_add(&sub_builder, "{sv}", CHAIN_NAME, + g_variant_new_string(chain)); + + g_variant_builder_add(&sub_builder, "{sv}", CHAIN_PRIORITY, + g_variant_new_uint32(data->priority)); + + g_variant_builder_add(&sub_builder, "{sv}", CHAIN_TARGET, + g_variant_new_uint16(data->target)); + + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); +} + +static void __fw_rule_make_params(gpointer data, gpointer user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + GVariantBuilder *builder = (GVariantBuilder *)user_data; + GVariantBuilder sub_builder; + + g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_CHAIN, + g_variant_new_string(rule->chain)); + + if (rule->direction != STC_FW_DIRECTION_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIRECTION, + g_variant_new_uint16(rule->direction)); + + if (rule->s_ip_type != STC_FW_IP_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIPTYPE, + g_variant_new_uint16(rule->s_ip_type)); + + if (rule->d_ip_type != STC_FW_IP_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIPTYPE, + g_variant_new_uint16(rule->d_ip_type)); + + if (rule->s_port_type != STC_FW_PORT_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORTTYPE, + g_variant_new_uint16(rule->s_port_type)); + + if (rule->d_port_type != STC_FW_PORT_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORTTYPE, + g_variant_new_uint16(rule->d_port_type)); + + if (rule->protocol != STC_FW_PROTOCOL_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_PROTOCOL, + g_variant_new_uint16(rule->protocol)); + + if (rule->family != STC_FW_FAMILY_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_FAMILY, + g_variant_new_uint16(rule->family)); + + if (rule->family == STC_FW_FAMILY_V4) { + char *addr = NULL; + + switch (rule->s_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->s_ip2.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->s_ip1.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + + switch (rule->d_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->d_ip2.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->d_ip1.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + } else if (rule->family == STC_FW_FAMILY_V6) { + char *addr = NULL; + + switch (rule->s_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->s_ip2.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->s_ip1.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + + switch (rule->d_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->d_ip2.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->d_ip1.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + } + + g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT1, + g_variant_new_uint32(rule->s_port1)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT2, + g_variant_new_uint32(rule->s_port2)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT1, + g_variant_new_uint32(rule->d_port1)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT2, + g_variant_new_uint32(rule->d_port2)); + + if (rule->ifname) + g_variant_builder_add(&sub_builder, "{sv}", RULE_IFNAME, + g_variant_new_string(rule->ifname)); + + if (rule->target != STC_FW_RULE_TARGET_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_TARGET, + g_variant_new_uint16(rule->target)); + + switch (rule->target) { + case STC_FW_RULE_TARGET_LOG: + g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_LEVEL, + g_variant_new_uint16(rule->log_level)); + + if (rule->log_prefix) + g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_PREFIX, + g_variant_new_string(rule->log_prefix)); + break; + case STC_FW_RULE_TARGET_NFLOG: + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_GROUP, + g_variant_new_uint16(rule->nflog_group)); + + if (rule->nflog_prefix) + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_PREFIX, + g_variant_new_string(rule->nflog_prefix)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_RANGE, + g_variant_new_uint16(rule->nflog_range)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_THRESHOLD, + g_variant_new_uint16(rule->nflog_threshold)); + break; + default: + break; + } + + g_variant_builder_add(&sub_builder, "{sv}", RULE_IDENTIFIER, + g_variant_new_string(rule->identifier)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_KEY, + g_variant_new_uint32(rule->key)); + + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); +} + +static void __fw_rule_set_to_chain(gpointer data, gpointer user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + char *chain = (char *)user_data; + + if (chain && (g_strcmp0(rule->chain, chain) != 0)) + return; + + switch (rule->target) { + case STC_FW_RULE_TARGET_ACCEPT: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_ACCEPT); + break; + case STC_FW_RULE_TARGET_DROP: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_DROP); + break; + case STC_FW_RULE_TARGET_LOG: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_LOG); + break; + case STC_FW_RULE_TARGET_NFLOG: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_NFLOG); + break; + default: + break; + } + + firewall_rule_append(rule); +} + +static void __fw_rule_print_rules(gpointer data, gpointer user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + + STC_LOGD("[%s][%d][%s][%d][%d][%04x][%04x]" + "[%d][%04x][%04x][%d][%s][%d][%s][%d][%d]", + rule->chain, rule->direction, rule->ifname, + rule->protocol, + rule->s_port_type, rule->s_port1, rule->s_port2, + rule->d_port_type, rule->d_port1, rule->d_port2, + rule->target, rule->target_str, + rule->nflog_group, rule->nflog_prefix, + rule->nflog_range, rule->nflog_threshold); + + switch (rule->family) { + case STC_FW_FAMILY_V4: + STC_LOGD("[%d][%d][%08x][%08x][%d][%08x][%08x]", + rule->family, + rule->s_ip_type, rule->s_ip1.Ipv4.s_addr, rule->s_ip2.Ipv4.s_addr, + rule->d_ip_type, rule->d_ip1.Ipv4.s_addr, rule->d_ip2.Ipv4.s_addr); + break; + case STC_FW_FAMILY_V6: + STC_LOGD("[%d][%d][%08x:%08x:%08x:%08x]" + "[%d][%08x:%08x:%08x:%08x]", + rule->family, + rule->s_ip_type, + rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], + rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3], + rule->d_ip_type, + rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], + rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); + break; + default: + break; + } +} + +static void __fw_foreach_to_print_rule(gpointer key, gpointer value, + gpointer user_data) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + + g_slist_foreach(data->rules, __fw_rule_print_rules, user_data); +} + +static void __fw_foreach_to_make_rule_param(gpointer key, gpointer value, + gpointer user_data) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + + g_slist_foreach(data->rules, __fw_rule_make_params, user_data); +} + +static void __fw_foreach_to_set_rule_to_chain(gpointer key, gpointer value, + gpointer user_data) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + char *chain = (char *)user_data; + + if (chain || (data->target != STC_FW_CHAIN_TARGET_NONE)) + g_slist_foreach(data->rules, __fw_rule_set_to_chain, user_data); +} + +static void __fw_foreach_to_set_chain(gpointer key, gpointer value, + gpointer user_data) +{ + char *chain = (char *)key; + stc_fw_data_s *data = (stc_fw_data_s *)value; + + if (data->target != STC_FW_CHAIN_TARGET_NONE) { + firewall_chain_s info; + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = data->target; + info.priority = data->priority; + firewall_chain_set(&info); + } +} + +static void __fw_foreach_to_add_chain(gpointer key, gpointer value, + gpointer user_data) +{ + char *chain = (char *)key; + stc_fw_data_s *data = (stc_fw_data_s *)value; + + if (data->target != STC_FW_CHAIN_TARGET_NONE) { + firewall_chain_s info; + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = data->target; + info.priority = data->priority; + firewall_chain_add(&info); + } +} + +static void __fw_chain_foreach(GHFunc func, void *user_data) +{ + g_hash_table_foreach(g_firewalls, func, user_data); +} + +stc_cb_ret_e __fw_table_chain_info_cb(const firewall_chain_s *info, + void *user_data) +{ + stc_fw_data_s *data; + + data = MALLOC0(stc_fw_data_s, 1); + if (!data) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); + return STC_CONTINUE; + } + + data->target = info->target; + data->priority = info->priority; + data->rules = NULL; + + g_hash_table_insert(g_firewalls, g_strdup(info->chain), data); + + return STC_CONTINUE; +} + +stc_cb_ret_e __fw_table_rule_info_cb(const firewall_rule_s *info, + void *user_data) +{ + stc_fw_data_s *lookup; + firewall_rule_s *rule; + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_CONTINUE; + } + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); + return STC_CONTINUE; + } + + memset(rule, 0, sizeof(firewall_rule_s)); + __fw_rule_copy(rule, info); + + lookup->rules = g_slist_append(lookup->rules, rule); + + return STC_CONTINUE; +} + +static stc_error_e __fw_rule_add(firewall_rule_s *info) +{ + stc_fw_data_s *lookup; + firewall_rule_s *rule; + GSList *comp; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); + return STC_ERROR_OUT_OF_MEMORY; + } + + memset(rule, 0, sizeof(firewall_rule_s)); + __fw_rule_copy(rule, info); + __fw_rule_make_key(rule, info); + + comp = g_slist_find_custom(lookup->rules, rule, __fw_rule_comp); + if (comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); + __fw_rule_free(rule); + return STC_ERROR_ALREADY_DATA; + } + + lookup->rules = g_slist_append(lookup->rules, rule); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_rule_remove(const firewall_rule_s *info) +{ + stc_fw_data_s *lookup; + GSList *rule_list; + GSList *comp; + firewall_rule_s *rule; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + rule_list = lookup->rules; + comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); + if (!comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); + return STC_ERROR_NO_DATA; + } + + rule = comp->data; + lookup->rules = g_slist_remove(lookup->rules, rule); + __fw_rule_free(rule); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_rule_update(firewall_rule_s *info) +{ + stc_fw_data_s *lookup; + GSList *rule_list; + GSList *comp; + firewall_rule_s *origin_rule; + firewall_rule_s *update_rule; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + rule_list = lookup->rules; + comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); + if (!comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); + return STC_ERROR_NO_DATA; + } + + origin_rule = comp->data; + + update_rule = MALLOC0(firewall_rule_s, 1); + if (!update_rule) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); + return STC_ERROR_OUT_OF_MEMORY; + } + + memset(update_rule, 0, sizeof(firewall_rule_s)); + __fw_rule_copy(update_rule, info); + __fw_rule_make_key(update_rule, info); + + comp = g_slist_find_custom(lookup->rules, update_rule, __fw_rule_comp); + if (comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); + __fw_rule_free(update_rule); + return STC_ERROR_ALREADY_DATA; + } + + lookup->rules = g_slist_remove(lookup->rules, origin_rule); + __fw_rule_free(origin_rule); + + lookup->rules = g_slist_append(lookup->rules, update_rule); + + return STC_ERROR_NONE; +} + +static void __fw_rule_extract(const char *key, GVariant *value, + void *user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)user_data; + if (rule == NULL) { + __STC_LOG_FUNC_EXIT__; + return; + } + + if (g_strcmp0(key, RULE_CHAIN) == 0) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->chain = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain); + + } else if (g_strcmp0(key, RULE_DIRECTION) == 0) { + rule->direction = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction); + + } else if (g_strcmp0(key, RULE_SIPTYPE) == 0) { + rule->s_ip_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type); + + } else if (g_strcmp0(key, RULE_DIPTYPE) == 0) { + rule->d_ip_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type); + + } else if (g_strcmp0(key, RULE_SPORTTYPE) == 0) { + rule->s_port_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type); + + } else if (g_strcmp0(key, RULE_DPORTTYPE) == 0) { + rule->d_port_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type); + + } else if (g_strcmp0(key, RULE_PROTOCOL) == 0) { + rule->protocol = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol); + + } else if (g_strcmp0(key, RULE_FAMILY) == 0) { + rule->family = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_FAMILY, rule->family); + + } else if (g_strcmp0(key, RULE_SIP1) == 0) { + if (rule->s_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->s_ip1.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_SIP1, rule->s_ip1.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->s_ip1.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP1, + rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], + rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_SIP2) == 0) { + if (rule->s_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->s_ip2.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_SIP2, rule->s_ip2.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->s_ip2.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP2, + rule->s_ip2.Ipv6.s6_addr32[0], rule->s_ip2.Ipv6.s6_addr32[1], + rule->s_ip2.Ipv6.s6_addr32[2], rule->s_ip2.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_DIP1) == 0) { + if (rule->d_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->d_ip1.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_DIP1, rule->d_ip1.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->d_ip1.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP1, + rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], + rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_DIP2) == 0) { + if (rule->d_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->d_ip2.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_DIP2, rule->d_ip2.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->d_ip2.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP2, + rule->d_ip2.Ipv6.s6_addr32[0], rule->d_ip2.Ipv6.s6_addr32[1], + rule->d_ip2.Ipv6.s6_addr32[2], rule->d_ip2.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_SPORT1) == 0) { + if (rule->s_port_type != STC_FW_PORT_NONE) { + rule->s_port1 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1); + } + + } else if (g_strcmp0(key, RULE_SPORT2) == 0) { + if (rule->s_port_type != STC_FW_PORT_NONE) { + rule->s_port2 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2); + } + + } else if (g_strcmp0(key, RULE_DPORT1) == 0) { + if (rule->d_port_type != STC_FW_PORT_NONE) { + rule->d_port1 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1); + } + + } else if (g_strcmp0(key, RULE_DPORT2) == 0) { + if (rule->d_port_type != STC_FW_PORT_NONE) { + rule->d_port2 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2); + } + + } else if (g_strcmp0(key, RULE_IFNAME) == 0) { + if (rule->direction != STC_FW_DIRECTION_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->ifname = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname); + } + + } else if (g_strcmp0(key, RULE_TARGET) == 0) { + rule->target = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_TARGET, rule->target); + + } else if (g_strcmp0(key, RULE_LOG_LEVEL) == 0) { + if (rule->target == STC_FW_RULE_TARGET_LOG) { + rule->log_level = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level); + } + + } else if (g_strcmp0(key, RULE_LOG_PREFIX) == 0) { + if (rule->target == STC_FW_RULE_TARGET_LOG) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->log_prefix = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix); + } + + } else if (g_strcmp0(key, RULE_NFLOG_GROUP) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + rule->nflog_group = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group); + } + + } else if (g_strcmp0(key, RULE_NFLOG_PREFIX) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->nflog_prefix = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix); + } + + } else if (g_strcmp0(key, RULE_NFLOG_RANGE) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + rule->nflog_range = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range); + } + + } else if (g_strcmp0(key, RULE_NFLOG_THRESHOLD) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + rule->nflog_threshold = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold); + } + + } else if (g_strcmp0(key, RULE_IDENTIFIER) == 0) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->identifier = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_IDENTIFIER, rule->identifier); + + } else if (g_strcmp0(key, RULE_KEY) == 0) { + rule->key = g_variant_get_uint32(value); + STC_LOGD("%s: [%u]", RULE_KEY, rule->key); + + } else { + STC_LOGD("Unknown rule [%s]", key); + } +} + +gboolean __validate_fw_rule(firewall_rule_s *rule) +{ + __STC_LOG_FUNC_ENTER__; + + if (rule == NULL) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->chain == NULL) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->direction > STC_FW_DIRECTION_OUT) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->s_ip_type > STC_FW_IP_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->d_ip_type > STC_FW_IP_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->s_port_type > STC_FW_PORT_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->d_port_type > STC_FW_PORT_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->protocol > STC_FW_PROTOCOL_ALL) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->family > STC_FW_FAMILY_V6) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->target >= STC_FW_RULE_TARGET_MAX) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->target == STC_FW_RULE_TARGET_LOG && + (rule->log_prefix == NULL || + rule->log_prefix[0] == '\0')) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->target == STC_FW_RULE_TARGET_NFLOG && + (rule->nflog_prefix == NULL || + rule->nflog_prefix[0] == '\0')) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + __STC_LOG_FUNC_EXIT__; + return TRUE; +} + +//LCOV_EXCL_START +int stc_plugin_firewall_initialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + int ret = STC_ERROR_NONE; + + g_firewalls = g_hash_table_new_full(g_str_hash, + g_str_equal, g_free, __fw_data_free); + + ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + + if (g_lock_state == FIREWALL_UNKONWN) + g_lock_state = FIREWALL_UNLOCKED; + + table_firewall_foreach_chain(__fw_table_chain_info_cb, NULL); + table_firewall_foreach_rule(__fw_table_rule_info_cb, NULL); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_deinitialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (g_firewalls) { + g_hash_table_destroy(g_firewalls); + g_firewalls = NULL; + } + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_lock(void) +{ + int ret = STC_ERROR_NONE; + + ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_LOCKED); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_LOCKED); + + g_lock_state = FIREWALL_LOCKED; + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_unlock(void) +{ + int ret = STC_ERROR_NONE; + + ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_UNLOCKED); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + + g_lock_state = FIREWALL_UNLOCKED; + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_get_lock(int *state) +{ + int ret = STC_ERROR_NONE; + + if (g_lock_state == FIREWALL_UNKONWN) { + ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + + if (g_lock_state == FIREWALL_UNKONWN) + g_lock_state = FIREWALL_UNLOCKED; + } + + *state = g_lock_state; + + return STC_ERROR_NONE; +} + +API int stc_plugin_firewall_update(void) +{ + __fw_chain_foreach(__fw_foreach_to_add_chain, NULL); + __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, NULL); + __fw_chain_foreach(__fw_foreach_to_set_chain, NULL); + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_add_chain(char *chain) +{ + int ret = STC_ERROR_NONE; + firewall_chain_s info; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + ret = __fw_chain_add(chain); + if (ret == STC_ERROR_NONE) { + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.priority = 0; + info.target = STC_FW_CHAIN_TARGET_NONE; + table_firewall_insert_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_remove_chain(char *chain) +{ + firewall_chain_s info; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + ret = __fw_chain_remove(chain); + if (ret == STC_ERROR_NONE) { + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + table_firewall_flush_chain(&info); + table_firewall_delete_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_flush_chain(char *chain) +{ + firewall_chain_s info; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + ret = __fw_chain_flush(chain); + if (ret == STC_ERROR_NONE) { + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + table_firewall_flush_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder) +{ + STC_FIREWALL_CHECK_LOCK_STATE(); + + __fw_chain_foreach(__fw_chain_make_params, builder); + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_set_chain(char *chain, uint target) +{ + stc_fw_data_s *lookup = NULL; + stc_fw_data_s data; + firewall_chain_s info; + uint priority; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + lookup = __fw_chain_get(chain); + if (lookup == NULL) + return STC_ERROR_NO_DATA; + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_FW_LOG) + STC_LOGE("chain is already set"); + return STC_ERROR_INVALID_PARAMETER; + } + + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = target; + + ret = firewall_chain_add(&info); + if (ret != STC_ERROR_NONE) + return ret; + + __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, chain); + ret = firewall_chain_set(&info); + if (ret != STC_ERROR_NONE) + return ret; + + priority = g_chain_priority + 1; + + memset(&data, 0, sizeof(stc_fw_data_s)); + data.target = target; + data.priority = priority; + + ret = __fw_chain_set(chain, data); + if (ret == STC_ERROR_NONE) { + info.priority = priority; + table_firewall_update_chain(&info); + g_chain_priority = priority; + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_unset_chain(char *chain) +{ + stc_fw_data_s *lookup = NULL; + firewall_chain_s info; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + lookup = __fw_chain_get(chain); + if (lookup == NULL) + return STC_ERROR_NO_DATA; + + if (lookup->target == STC_FW_CHAIN_TARGET_NONE) { + if (STC_FW_LOG) + STC_LOGE("chain is not set"); + return STC_ERROR_INVALID_PARAMETER; + } + + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = lookup->target; + + ret = firewall_chain_unset(&info); + if (ret != STC_ERROR_NONE) + return ret; + + ret = firewall_chain_remove(&info); + if (ret != STC_ERROR_NONE) + return ret; + + ret = __fw_chain_unset(chain); + if (ret == STC_ERROR_NONE) { + info.target = STC_FW_CHAIN_TARGET_NONE; + info.priority = 0; + table_firewall_update_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_add_rule(GVariant *params) +{ + GVariantIter *iter = NULL; + firewall_rule_s *rule; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) + return STC_ERROR_OUT_OF_MEMORY; + + memset(rule, 0, sizeof(firewall_rule_s)); + + g_variant_get(params, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __fw_rule_extract, + rule); + g_variant_iter_free(iter); + } + + if (__validate_fw_rule(rule) == FALSE) { + __fw_rule_free(rule); + return STC_ERROR_INVALID_PARAMETER; + } + + ret = __fw_rule_add(rule); + if (ret == STC_ERROR_NONE) { + table_firewall_insert_rule(rule); + } else { + __fw_rule_free(rule); + return ret; + } + + __fw_rule_free(rule); + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_remove_rule(GVariant *params) +{ + GVariantIter *iter = NULL; + firewall_rule_s *rule; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) + return STC_ERROR_OUT_OF_MEMORY; + + memset(rule, 0, sizeof(firewall_rule_s)); + + g_variant_get(params, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __fw_rule_extract, + rule); + g_variant_iter_free(iter); + } + + if (__validate_fw_rule(rule) == FALSE) { + __fw_rule_free(rule); + return STC_ERROR_INVALID_PARAMETER; + } + + ret = __fw_rule_remove(rule); + if (ret == STC_ERROR_NONE) { + table_firewall_delete_rule(rule); + } else { + __fw_rule_free(rule); + return ret; + } + + __fw_rule_free(rule); + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_update_rule(GVariant *params) +{ + GVariantIter *iter = NULL; + firewall_rule_s *rule; + guint key; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) + return STC_ERROR_OUT_OF_MEMORY; + + memset(rule, 0, sizeof(firewall_rule_s)); + + g_variant_get(params, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __fw_rule_extract, + rule); + g_variant_iter_free(iter); + } + + if (__validate_fw_rule(rule) == FALSE) { + __fw_rule_free(rule); + return STC_ERROR_INVALID_PARAMETER; + } + + key = rule->key; + ret = __fw_rule_update(rule); + if (ret == STC_ERROR_NONE) { + table_firewall_update_rule(rule, key); + } else { + __fw_rule_free(rule); + return ret; + } + + __fw_rule_free(rule); + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder) +{ + STC_FIREWALL_CHECK_LOCK_STATE(); + + __fw_chain_foreach(__fw_foreach_to_make_rule_param, builder); + __fw_chain_foreach(__fw_foreach_to_print_rule, NULL); + + return STC_ERROR_NONE; +} + +API stc_plugin_firewall_s stc_plugin_firewall = { + .initialize_plugin = + stc_plugin_firewall_initialize, + .deinitialize_plugin = + stc_plugin_firewall_deinitialize, + .lock_firewall = + stc_plugin_firewall_lock, + .unlock_firewall = + stc_plugin_firewall_unlock, + .get_lock_firewall = + stc_plugin_firewall_get_lock, + .update_firewall = + stc_plugin_firewall_update, + .add_chain = + stc_plugin_firewall_add_chain, + .remove_chain = + stc_plugin_firewall_remove_chain, + .flush_chain = + stc_plugin_firewall_flush_chain, + .get_all_chain = + stc_plugin_firewall_get_all_chain, + .set_chain = + stc_plugin_firewall_set_chain, + .unset_chain = + stc_plugin_firewall_unset_chain, + .add_rule = + stc_plugin_firewall_add_rule, + .remove_rule = + stc_plugin_firewall_remove_rule, + .update_rule = + stc_plugin_firewall_update_rule, + .get_all_rule = + stc_plugin_firewall_get_all_rule +}; +//LCOV_EXCL_STOP diff --git a/plugin/monitor/CMakeLists.txt b/plugin/monitor/CMakeLists.txt index c1658b1..d093f06 100644 --- a/plugin/monitor/CMakeLists.txt +++ b/plugin/monitor/CMakeLists.txt @@ -21,6 +21,7 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/src/configure/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/tether/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/appstatus/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/firewall/include) SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") diff --git a/plugin/monitor/stc-plugin-monitor-connection.c b/plugin/monitor/stc-plugin-monitor-connection.c index 06c4c30..010a6f2 100755 --- a/plugin/monitor/stc-plugin-monitor-connection.c +++ b/plugin/monitor/stc-plugin-monitor-connection.c @@ -21,6 +21,7 @@ #include "stc-manager-gdbus.h" #include "stc-plugin-monitor.h" #include "stc-plugin-monitor-connection.h" +#include "stc-manager-plugin-firewall.h" /* connman service dbus details */ #define CONNMAN_SERVICE "net.connman" @@ -455,7 +456,7 @@ static stc_error_e __get_connected_profiles(GDBusConnection *connection) g_variant_unref(message); g_slist_foreach(g_connection_list, __update_monitor_by_conn, NULL); - stc_firewall_update(); + stc_plugin_firewall_update(); return STC_ERROR_NONE; } @@ -533,7 +534,7 @@ static void __append_connected_profile(GDBusConnection *connection, g_connection_list = g_slist_append(g_connection_list, conn); stc_monitor_add_by_connection(conn); - stc_firewall_update(); + stc_plugin_firewall_update(); __get_default_connection(connection); } @@ -613,7 +614,7 @@ static void __vconf_key_callback(keynode_t *node, void *user_data) if (g_default_connection->tether_state == TRUE && g_default_connection->tether_iface.ifname) { __print_tether_connection_info(); stc_monitor_update_by_connection(&g_default_connection); - stc_firewall_update(); + stc_plugin_firewall_update(); STC_LOGI("Data monitoring started for tethering iface !"); return; } diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index d23adde..fb6a283 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -33,6 +33,7 @@ SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs) SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap) SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether) SET(MONITOR_SOURCE_DIR ${PLUGIN_DIR}/monitor) +SET(FIREWALL_SOURCE_DIR ${PLUGIN_DIR}/firewall) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces) @@ -55,6 +56,7 @@ INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${FIREWALL_SOURCE_DIR}/include) FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c) FILE(GLOB HELPER_SRCS ${HELPER_SOURCE_DIR}/*.c) diff --git a/src/database/tables/table-firewall.c b/src/database/tables/table-firewall.c old mode 100644 new mode 100755 index 3df1f52..c80161c --- a/src/database/tables/table-firewall.c +++ b/src/database/tables/table-firewall.c @@ -304,7 +304,7 @@ static void __finalize_insert(void) __STC_LOG_FUNC_EXIT__; } -stc_error_e table_firewall_insert_lock(char *name, int state) +API stc_error_e table_firewall_insert_lock(char *name, int state) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = insert_fw_lock; @@ -328,7 +328,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_update_lock(char *name, int state) +API stc_error_e table_firewall_update_lock(char *name, int state) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_fw_lock; @@ -352,7 +352,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_get_lock(char *name, int *state) +API stc_error_e table_firewall_get_lock(char *name, int *state) { int rc; stc_error_e error_code = STC_ERROR_NONE; @@ -390,7 +390,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_insert_chain(firewall_chain_s *info) +API stc_error_e table_firewall_insert_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = insert_fw_chain; @@ -419,7 +419,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_delete_chain(firewall_chain_s *info) +API stc_error_e table_firewall_delete_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_fw_chain; @@ -447,7 +447,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_flush_chain(firewall_chain_s *info) +API stc_error_e table_firewall_flush_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_fw_rule_per_chain; @@ -475,7 +475,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_update_chain(firewall_chain_s *info) +API stc_error_e table_firewall_update_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_fw_chain; @@ -504,7 +504,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb, +API stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb, void *user_data) { firewall_chain_s info; @@ -541,7 +541,7 @@ stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb, return error_code; } -stc_error_e table_firewall_insert_rule(firewall_rule_s *info) +API stc_error_e table_firewall_insert_rule(firewall_rule_s *info) { stc_error_e error_code = STC_ERROR_NONE; char buf[BUF_SIZE_FOR_IP]; @@ -640,7 +640,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_delete_rule(firewall_rule_s *info) +API stc_error_e table_firewall_delete_rule(firewall_rule_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_fw_rule; @@ -667,7 +667,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key) +API stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key) { stc_error_e error_code = STC_ERROR_NONE; char buf[BUF_SIZE_FOR_IP]; @@ -768,7 +768,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb, +API stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb, void *user_data) { firewall_rule_s info; diff --git a/src/helper/helper-firewall.c b/src/helper/helper-firewall.c old mode 100644 new mode 100755 index 644ab75..a9b0817 --- a/src/helper/helper-firewall.c +++ b/src/helper/helper-firewall.c @@ -613,7 +613,7 @@ static int __fw6_remove_rule(GDBusConnection *connection, return STC_ERROR_NONE; } -stc_error_e firewall_chain_add(firewall_chain_s *chain) +API stc_error_e firewall_chain_add(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -641,7 +641,7 @@ stc_error_e firewall_chain_add(firewall_chain_s *chain) return ret; } -stc_error_e firewall_chain_remove(firewall_chain_s *chain) +API stc_error_e firewall_chain_remove(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -697,7 +697,7 @@ stc_error_e firewall_chain_flush(firewall_chain_s *chain) return ret; } -stc_error_e firewall_chain_set(firewall_chain_s *chain) +API stc_error_e firewall_chain_set(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -708,7 +708,7 @@ stc_error_e firewall_chain_set(firewall_chain_s *chain) return ret; } -stc_error_e firewall_chain_unset(firewall_chain_s *chain) +API stc_error_e firewall_chain_unset(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -719,7 +719,7 @@ stc_error_e firewall_chain_unset(firewall_chain_s *chain) return ret; } -stc_error_e firewall_rule_append(firewall_rule_s *rule) +API stc_error_e firewall_rule_append(firewall_rule_s *rule) { stc_error_e ret = STC_ERROR_NONE; stc_s *stc = stc_get_manager(); diff --git a/src/stc-firewall.c b/src/stc-firewall.c index 64e7abb..bc71cc9 100755 --- a/src/stc-firewall.c +++ b/src/stc-firewall.c @@ -19,17 +19,7 @@ #include "helper-firewall.h" #include "stc-firewall.h" #include "stc-manager-gdbus.h" - -#define IDENTIFIER_LEN 512 - -#define LOCK_NAME "admin" - -#define CHAIN_NAME "chain" -#define CHAIN_TARGET "target" -#define CHAIN_PRIORITY "priority" - -#define RULE_IDENTIFIER "identifier" -#define RULE_KEY "key" +#include "stc-manager-plugin-firewall.h" #define FIREWALL_DBUS_ERROR_NAME "net.stc.firewall.Error.Failed" @@ -38,16 +28,6 @@ FIREWALL_DBUS_ERROR_NAME, \ stc_err_strs[-(err_num)]) -#define STC_FIREWALL_CHECK_LOCK_STATE(invocation) do { \ - if (g_lock_state == FIREWALL_LOCKED) { \ - STC_LOGD("Firewall is locked"); \ - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, \ - STC_ERROR_PERMISSION_DENIED); \ - __STC_LOG_FUNC_EXIT__; \ - return TRUE; \ - } \ -} while (0) - static const gchar *stc_err_strs[] = { "ERROR_NONE", "FAIL", @@ -61,1216 +41,13 @@ static const gchar *stc_err_strs[] = { "NOTIMPL" }; -static GHashTable *g_firewalls = NULL; -static int g_lock_state = FIREWALL_UNKONWN; -static uint g_chain_priority = 0; - -static void __fw_rule_copy(firewall_rule_s *rule, - const firewall_rule_s *info) -{ - if (info->chain) { - FREE(rule->chain); - rule->chain = g_strdup(info->chain); - } - - rule->direction = info->direction; - rule->s_ip_type = info->s_ip_type; - rule->d_ip_type = info->d_ip_type; - rule->s_port_type = info->s_port_type; - rule->d_port_type = info->d_port_type; - rule->protocol = info->protocol; - rule->family = info->family; - - rule->s_ip1 = info->s_ip1; - rule->s_ip2 = info->s_ip2; - rule->d_ip1 = info->d_ip1; - rule->d_ip2 = info->d_ip2; - - rule->s_port1 = info->s_port1; - rule->s_port2 = info->s_port2; - rule->d_port1 = info->d_port1; - rule->d_port2 = info->d_port2; - - if (info->ifname) { - FREE(rule->ifname); - rule->ifname = g_strdup(info->ifname); - } - - rule->target = info->target; - - if (info->target_str) { - FREE(rule->target_str); - rule->target_str = g_strdup(info->target_str); - } - - rule->log_level = info->log_level; - - if (info->log_prefix) { - FREE(rule->log_prefix); - rule->log_prefix = g_strdup(info->log_prefix); - } - - rule->nflog_group = info->nflog_group; - rule->nflog_range = info->nflog_range; - rule->nflog_threshold = info->nflog_threshold; - - if (info->nflog_prefix) { - FREE(rule->nflog_prefix); - rule->nflog_prefix = g_strdup(info->nflog_prefix); - } - - if (info->identifier) { - FREE(rule->identifier); - rule->identifier = g_strdup(info->identifier); - } - - rule->key = info->key; -} - -static void __fw_rule_make_key(firewall_rule_s *rule, - firewall_rule_s *info) -{ - GString *str; - - if (!rule->chain) - return; - - str = g_string_sized_new(IDENTIFIER_LEN); - if (!str) - return; - - g_string_append_printf(str, "%s", rule->chain); - - g_string_append_printf(str, "_%u%u%u%u%u%u%u", rule->direction, - rule->s_ip_type, rule->d_ip_type, rule->s_port_type, - rule->d_port_type, rule->protocol, rule->family); - - if (rule->family == STC_FW_FAMILY_V4) { - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv4.s_addr); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv4.s_addr); - - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv4.s_addr); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[3]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[3]); - - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[3]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[3]); - } - - g_string_append_printf(str, "_%04x", rule->s_port1); - g_string_append_printf(str, "%04x", rule->s_port2); - - g_string_append_printf(str, "_%04x", rule->d_port1); - g_string_append_printf(str, "%04x", rule->d_port2); - - g_string_append_printf(str, "_%s", (rule->ifname) ? rule->ifname : ""); - g_string_append_printf(str, "_%u", rule->target); - - switch (rule->target) { - case STC_FW_RULE_TARGET_LOG: - g_string_append_printf(str, "_%u", rule->log_level); - g_string_append_printf(str, "_%s", rule->log_prefix); - break; - case STC_FW_RULE_TARGET_NFLOG: - g_string_append_printf(str, "_%u", rule->nflog_group); - g_string_append_printf(str, "_%s", rule->nflog_prefix); - g_string_append_printf(str, "_%u", rule->nflog_range); - g_string_append_printf(str, "_%u", rule->nflog_threshold); - break; - default: - break; - } - - FREE(rule->identifier); - rule->identifier = g_string_free(str, FALSE); - rule->key = g_str_hash(rule->identifier); - - FREE(info->identifier); - info->identifier = g_strdup(rule->identifier); - info->key = rule->key; - - if (STC_DEBUG_LOG && STC_FW_LOG) { - STC_LOGD("Identifier [%s]", rule->identifier); - STC_LOGD("Key [%u]", rule->key); - } -} - -static void __fw_rule_free(void *data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - - FREE(rule->chain); - FREE(rule->ifname); - FREE(rule->target_str); - FREE(rule->log_prefix); - FREE(rule->nflog_prefix); - FREE(rule->identifier); - FREE(rule); -} - -static void __fw_data_free(gpointer value) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - - g_slist_free_full(data->rules, __fw_rule_free); - data->rules = NULL; - - FREE(data); -} - -static gint __fw_rule_comp(gconstpointer a, gconstpointer b) -{ - firewall_rule_s *data = (firewall_rule_s *)a; - firewall_rule_s *rule = (firewall_rule_s *)b; - - if ((data->key == rule->key) && - (g_strcmp0(data->identifier, rule->identifier) == 0)) - return 0; - - return -1; -} - -static stc_error_e __fw_chain_add(const char *chain) -{ - stc_fw_data_s *data; - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("chain already present"); - return STC_ERROR_ALREADY_DATA; - } - - data = MALLOC0(stc_fw_data_s, 1); - if (!data) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("data allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - data->target = STC_FW_CHAIN_TARGET_NONE; - data->priority = 0; - data->rules = NULL; - - g_hash_table_insert(g_firewalls, g_strdup(chain), data); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_chain_remove(const char *chain) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - g_slist_free_full(lookup->rules, __fw_rule_free); - lookup->rules = NULL; - - g_hash_table_remove(g_firewalls, chain); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_chain_flush(const char *chain) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - g_slist_free_full(lookup->rules, __fw_rule_free); - lookup->rules = NULL; - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_chain_set(const char *chain, stc_fw_data_s value) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - lookup->target = value.target; - lookup->priority = value.priority; - - return STC_ERROR_NONE; -} - -static stc_fw_data_s *__fw_chain_get(const char *chain) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, NULL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return NULL; - } - - return lookup; -} - -static stc_error_e __fw_chain_unset(const char *chain) -{ - stc_error_e ret = STC_ERROR_NONE; - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - lookup->target = STC_FW_CHAIN_TARGET_NONE; - lookup->priority = 0; - - return ret; -} - -static void __fw_chain_make_params(gpointer key, gpointer value, - gpointer user_data) -{ - char *chain = (char *)key; - stc_fw_data_s *data = (stc_fw_data_s *)value; - GVariantBuilder *builder = (GVariantBuilder *)user_data; - GVariantBuilder sub_builder; - - g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); - - g_variant_builder_add(&sub_builder, "{sv}", CHAIN_NAME, - g_variant_new_string(chain)); - - g_variant_builder_add(&sub_builder, "{sv}", CHAIN_PRIORITY, - g_variant_new_uint32(data->priority)); - - g_variant_builder_add(&sub_builder, "{sv}", CHAIN_TARGET, - g_variant_new_uint16(data->target)); - - g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); -} - -static void __fw_rule_make_params(gpointer data, gpointer user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - GVariantBuilder *builder = (GVariantBuilder *)user_data; - GVariantBuilder sub_builder; - - g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_CHAIN, - g_variant_new_string(rule->chain)); - - if (rule->direction != STC_FW_DIRECTION_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIRECTION, - g_variant_new_uint16(rule->direction)); - - if (rule->s_ip_type != STC_FW_IP_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIPTYPE, - g_variant_new_uint16(rule->s_ip_type)); - - if (rule->d_ip_type != STC_FW_IP_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIPTYPE, - g_variant_new_uint16(rule->d_ip_type)); - - if (rule->s_port_type != STC_FW_PORT_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORTTYPE, - g_variant_new_uint16(rule->s_port_type)); - - if (rule->d_port_type != STC_FW_PORT_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORTTYPE, - g_variant_new_uint16(rule->d_port_type)); - - if (rule->protocol != STC_FW_PROTOCOL_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_PROTOCOL, - g_variant_new_uint16(rule->protocol)); - - if (rule->family != STC_FW_FAMILY_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_FAMILY, - g_variant_new_uint16(rule->family)); - - if (rule->family == STC_FW_FAMILY_V4) { - char *addr = NULL; - - switch (rule->s_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->s_ip2.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->s_ip1.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - - switch (rule->d_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->d_ip2.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->d_ip1.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - } else if (rule->family == STC_FW_FAMILY_V6) { - char *addr = NULL; - - switch (rule->s_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->s_ip2.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->s_ip1.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - - switch (rule->d_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->d_ip2.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->d_ip1.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - } - - g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT1, - g_variant_new_uint32(rule->s_port1)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT2, - g_variant_new_uint32(rule->s_port2)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT1, - g_variant_new_uint32(rule->d_port1)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT2, - g_variant_new_uint32(rule->d_port2)); - - if (rule->ifname) - g_variant_builder_add(&sub_builder, "{sv}", RULE_IFNAME, - g_variant_new_string(rule->ifname)); - - if (rule->target != STC_FW_RULE_TARGET_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_TARGET, - g_variant_new_uint16(rule->target)); - - switch (rule->target) { - case STC_FW_RULE_TARGET_LOG: - g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_LEVEL, - g_variant_new_uint16(rule->log_level)); - - if (rule->log_prefix) - g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_PREFIX, - g_variant_new_string(rule->log_prefix)); - break; - case STC_FW_RULE_TARGET_NFLOG: - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_GROUP, - g_variant_new_uint16(rule->nflog_group)); - - if (rule->nflog_prefix) - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_PREFIX, - g_variant_new_string(rule->nflog_prefix)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_RANGE, - g_variant_new_uint16(rule->nflog_range)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_THRESHOLD, - g_variant_new_uint16(rule->nflog_threshold)); - break; - default: - break; - } - - g_variant_builder_add(&sub_builder, "{sv}", RULE_IDENTIFIER, - g_variant_new_string(rule->identifier)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_KEY, - g_variant_new_uint32(rule->key)); - - g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); -} - -static void __fw_rule_set_to_chain(gpointer data, gpointer user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - char *chain = (char *)user_data; - - if (chain && (g_strcmp0(rule->chain, chain) != 0)) - return; - - switch (rule->target) { - case STC_FW_RULE_TARGET_ACCEPT: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_ACCEPT); - break; - case STC_FW_RULE_TARGET_DROP: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_DROP); - break; - case STC_FW_RULE_TARGET_LOG: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_LOG); - break; - case STC_FW_RULE_TARGET_NFLOG: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_NFLOG); - break; - default: - break; - } - - firewall_rule_append(rule); -} - -static void __fw_rule_print_rules(gpointer data, gpointer user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - - STC_LOGD("[%s][%d][%s][%d][%d][%04x][%04x]" - "[%d][%04x][%04x][%d][%s][%d][%s][%d][%d]", - rule->chain, rule->direction, rule->ifname, - rule->protocol, - rule->s_port_type, rule->s_port1, rule->s_port2, - rule->d_port_type, rule->d_port1, rule->d_port2, - rule->target, rule->target_str, - rule->nflog_group, rule->nflog_prefix, - rule->nflog_range, rule->nflog_threshold); - - switch (rule->family) { - case STC_FW_FAMILY_V4: - STC_LOGD("[%d][%d][%08x][%08x][%d][%08x][%08x]", - rule->family, - rule->s_ip_type, rule->s_ip1.Ipv4.s_addr, rule->s_ip2.Ipv4.s_addr, - rule->d_ip_type, rule->d_ip1.Ipv4.s_addr, rule->d_ip2.Ipv4.s_addr); - break; - case STC_FW_FAMILY_V6: - STC_LOGD("[%d][%d][%08x:%08x:%08x:%08x]" - "[%d][%08x:%08x:%08x:%08x]", - rule->family, - rule->s_ip_type, - rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], - rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3], - rule->d_ip_type, - rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], - rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); - break; - default: - break; - } -} - -static void __fw_foreach_to_print_rule(gpointer key, gpointer value, - gpointer user_data) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - - g_slist_foreach(data->rules, __fw_rule_print_rules, user_data); -} - -static void __fw_foreach_to_make_rule_param(gpointer key, gpointer value, - gpointer user_data) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - - g_slist_foreach(data->rules, __fw_rule_make_params, user_data); -} - -static void __fw_foreach_to_set_rule_to_chain(gpointer key, gpointer value, - gpointer user_data) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - char *chain = (char *)user_data; - - if (chain || (data->target != STC_FW_CHAIN_TARGET_NONE)) - g_slist_foreach(data->rules, __fw_rule_set_to_chain, user_data); -} - -static void __fw_foreach_to_set_chain(gpointer key, gpointer value, - gpointer user_data) -{ - char *chain = (char *)key; - stc_fw_data_s *data = (stc_fw_data_s *)value; - - if (data->target != STC_FW_CHAIN_TARGET_NONE) { - firewall_chain_s info; - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = data->target; - info.priority = data->priority; - firewall_chain_set(&info); - } -} - -static void __fw_foreach_to_add_chain(gpointer key, gpointer value, - gpointer user_data) -{ - char *chain = (char *)key; - stc_fw_data_s *data = (stc_fw_data_s *)value; - - if (data->target != STC_FW_CHAIN_TARGET_NONE) { - firewall_chain_s info; - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = data->target; - info.priority = data->priority; - firewall_chain_add(&info); - } -} - -static void __fw_chain_foreach(GHFunc func, void *user_data) -{ - g_hash_table_foreach(g_firewalls, func, user_data); -} - -stc_cb_ret_e __fw_table_chain_info_cb(const firewall_chain_s *info, - void *user_data) -{ - stc_fw_data_s *data; - - data = MALLOC0(stc_fw_data_s, 1); - if (!data) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("data allocation failed"); - return STC_CONTINUE; - } - - data->target = info->target; - data->priority = info->priority; - data->rules = NULL; - - g_hash_table_insert(g_firewalls, g_strdup(info->chain), data); - - return STC_CONTINUE; -} - -stc_cb_ret_e __fw_table_rule_info_cb(const firewall_rule_s *info, - void *user_data) -{ - stc_fw_data_s *lookup; - firewall_rule_s *rule; - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_CONTINUE; - } - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_CONTINUE; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - __fw_rule_copy(rule, info); - - lookup->rules = g_slist_append(lookup->rules, rule); - - return STC_CONTINUE; -} - -static stc_error_e __fw_rule_add(firewall_rule_s *info) -{ - stc_fw_data_s *lookup; - firewall_rule_s *rule; - GSList *comp; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - __fw_rule_copy(rule, info); - __fw_rule_make_key(rule, info); - - comp = g_slist_find_custom(lookup->rules, rule, __fw_rule_comp); - if (comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule already present"); - __fw_rule_free(rule); - return STC_ERROR_ALREADY_DATA; - } - - lookup->rules = g_slist_append(lookup->rules, rule); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_rule_remove(const firewall_rule_s *info) -{ - stc_fw_data_s *lookup; - GSList *rule_list; - GSList *comp; - firewall_rule_s *rule; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - rule_list = lookup->rules; - comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); - if (!comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule not found"); - return STC_ERROR_NO_DATA; - } - - rule = comp->data; - lookup->rules = g_slist_remove(lookup->rules, rule); - __fw_rule_free(rule); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_rule_update(firewall_rule_s *info) -{ - stc_fw_data_s *lookup; - GSList *rule_list; - GSList *comp; - firewall_rule_s *origin_rule; - firewall_rule_s *update_rule; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - rule_list = lookup->rules; - comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); - if (!comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule not found"); - return STC_ERROR_NO_DATA; - } - - origin_rule = comp->data; - - update_rule = MALLOC0(firewall_rule_s, 1); - if (!update_rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(update_rule, 0, sizeof(firewall_rule_s)); - __fw_rule_copy(update_rule, info); - __fw_rule_make_key(update_rule, info); - - comp = g_slist_find_custom(lookup->rules, update_rule, __fw_rule_comp); - if (comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule already present"); - __fw_rule_free(update_rule); - return STC_ERROR_ALREADY_DATA; - } - - lookup->rules = g_slist_remove(lookup->rules, origin_rule); - __fw_rule_free(origin_rule); - - lookup->rules = g_slist_append(lookup->rules, update_rule); - - return STC_ERROR_NONE; -} - -static void __fw_rule_extract(const char *key, GVariant *value, - void *user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)user_data; - if (rule == NULL) { - __STC_LOG_FUNC_EXIT__; - return; - } - - if (g_strcmp0(key, RULE_CHAIN) == 0) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->chain = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain); - - } else if (g_strcmp0(key, RULE_DIRECTION) == 0) { - rule->direction = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction); - - } else if (g_strcmp0(key, RULE_SIPTYPE) == 0) { - rule->s_ip_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type); - - } else if (g_strcmp0(key, RULE_DIPTYPE) == 0) { - rule->d_ip_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type); - - } else if (g_strcmp0(key, RULE_SPORTTYPE) == 0) { - rule->s_port_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type); - - } else if (g_strcmp0(key, RULE_DPORTTYPE) == 0) { - rule->d_port_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type); - - } else if (g_strcmp0(key, RULE_PROTOCOL) == 0) { - rule->protocol = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol); - - } else if (g_strcmp0(key, RULE_FAMILY) == 0) { - rule->family = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_FAMILY, rule->family); - - } else if (g_strcmp0(key, RULE_SIP1) == 0) { - if (rule->s_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->s_ip1.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_SIP1, rule->s_ip1.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->s_ip1.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP1, - rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], - rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_SIP2) == 0) { - if (rule->s_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->s_ip2.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_SIP2, rule->s_ip2.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->s_ip2.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP2, - rule->s_ip2.Ipv6.s6_addr32[0], rule->s_ip2.Ipv6.s6_addr32[1], - rule->s_ip2.Ipv6.s6_addr32[2], rule->s_ip2.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_DIP1) == 0) { - if (rule->d_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->d_ip1.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_DIP1, rule->d_ip1.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->d_ip1.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP1, - rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], - rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_DIP2) == 0) { - if (rule->d_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->d_ip2.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_DIP2, rule->d_ip2.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->d_ip2.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP2, - rule->d_ip2.Ipv6.s6_addr32[0], rule->d_ip2.Ipv6.s6_addr32[1], - rule->d_ip2.Ipv6.s6_addr32[2], rule->d_ip2.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_SPORT1) == 0) { - if (rule->s_port_type != STC_FW_PORT_NONE) { - rule->s_port1 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1); - } - - } else if (g_strcmp0(key, RULE_SPORT2) == 0) { - if (rule->s_port_type != STC_FW_PORT_NONE) { - rule->s_port2 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2); - } - - } else if (g_strcmp0(key, RULE_DPORT1) == 0) { - if (rule->d_port_type != STC_FW_PORT_NONE) { - rule->d_port1 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1); - } - - } else if (g_strcmp0(key, RULE_DPORT2) == 0) { - if (rule->d_port_type != STC_FW_PORT_NONE) { - rule->d_port2 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2); - } - - } else if (g_strcmp0(key, RULE_IFNAME) == 0) { - if (rule->direction != STC_FW_DIRECTION_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->ifname = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname); - } - - } else if (g_strcmp0(key, RULE_TARGET) == 0) { - rule->target = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_TARGET, rule->target); - - } else if (g_strcmp0(key, RULE_LOG_LEVEL) == 0) { - if (rule->target == STC_FW_RULE_TARGET_LOG) { - rule->log_level = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level); - } - - } else if (g_strcmp0(key, RULE_LOG_PREFIX) == 0) { - if (rule->target == STC_FW_RULE_TARGET_LOG) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->log_prefix = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix); - } - - } else if (g_strcmp0(key, RULE_NFLOG_GROUP) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - rule->nflog_group = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group); - } - - } else if (g_strcmp0(key, RULE_NFLOG_PREFIX) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->nflog_prefix = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix); - } - - } else if (g_strcmp0(key, RULE_NFLOG_RANGE) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - rule->nflog_range = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range); - } - - } else if (g_strcmp0(key, RULE_NFLOG_THRESHOLD) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - rule->nflog_threshold = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold); - } - - } else if (g_strcmp0(key, RULE_IDENTIFIER) == 0) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->identifier = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_IDENTIFIER, rule->identifier); - - } else if (g_strcmp0(key, RULE_KEY) == 0) { - rule->key = g_variant_get_uint32(value); - STC_LOGD("%s: [%u]", RULE_KEY, rule->key); - - } else { - STC_LOGD("Unknown rule [%s]", key); - } -} - -gboolean __validate_fw_rule(firewall_rule_s *rule) -{ - __STC_LOG_FUNC_ENTER__; - - if (rule == NULL) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->chain == NULL) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->direction > STC_FW_DIRECTION_OUT) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->s_ip_type > STC_FW_IP_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->d_ip_type > STC_FW_IP_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->s_port_type > STC_FW_PORT_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->d_port_type > STC_FW_PORT_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->protocol > STC_FW_PROTOCOL_ALL) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->family > STC_FW_FAMILY_V6) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->target >= STC_FW_RULE_TARGET_MAX) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->target == STC_FW_RULE_TARGET_LOG && - (rule->log_prefix == NULL || - rule->log_prefix[0] == '\0')) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->target == STC_FW_RULE_TARGET_NFLOG && - (rule->nflog_prefix == NULL || - rule->nflog_prefix[0] == '\0')) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - __STC_LOG_FUNC_EXIT__; - return TRUE; -} - -void stc_firewall_init(void) -{ - __STC_LOG_FUNC_ENTER__; - - int ret = STC_ERROR_NONE; - - g_firewalls = g_hash_table_new_full(g_str_hash, - g_str_equal, g_free, __fw_data_free); - - ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); - - if (g_lock_state == FIREWALL_UNKONWN) - g_lock_state = FIREWALL_UNLOCKED; - - table_firewall_foreach_chain(__fw_table_chain_info_cb, NULL); - table_firewall_foreach_rule(__fw_table_rule_info_cb, NULL); - - __STC_LOG_FUNC_EXIT__; -} - -API void stc_firewall_update(void) -{ - __STC_LOG_FUNC_ENTER__; - - __fw_chain_foreach(__fw_foreach_to_add_chain, NULL); - __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, NULL); - __fw_chain_foreach(__fw_foreach_to_set_chain, NULL); - - __STC_LOG_FUNC_EXIT__; -} - -void stc_firewall_deinit(void) -{ - __STC_LOG_FUNC_ENTER__; - - if (g_firewalls) { - g_hash_table_destroy(g_firewalls); - g_firewalls = NULL; - } - - __STC_LOG_FUNC_EXIT__; -} - gboolean handle_firewall_lock(StcFirewall *object, GDBusMethodInvocation *invocation, void *user_data) { __STC_LOG_FUNC_ENTER__; - int ret = STC_ERROR_NONE; - ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_LOCKED); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_LOCKED); - - g_lock_state = FIREWALL_LOCKED; + stc_plugin_firewall_lock(); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; @@ -1282,13 +59,8 @@ gboolean handle_firewall_unlock(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - int ret = STC_ERROR_NONE; - ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_UNLOCKED); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); - - g_lock_state = FIREWALL_UNLOCKED; + stc_plugin_firewall_unlock(); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; @@ -1300,19 +72,12 @@ gboolean handle_firewall_get_lock(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - int ret = STC_ERROR_NONE; GVariant *return_parameters = NULL; + int state = 0; - if (g_lock_state == FIREWALL_UNKONWN) { - ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + stc_plugin_firewall_get_lock(&state); - if (g_lock_state == FIREWALL_UNKONWN) - g_lock_state = FIREWALL_UNLOCKED; - } - - return_parameters = g_variant_new("(i)", g_lock_state); + return_parameters = g_variant_new("(i)", state); STC_DBUS_REPLY(invocation, return_parameters); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1324,11 +89,8 @@ gboolean handle_firewall_add_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1336,14 +98,8 @@ gboolean handle_firewall_add_chain(StcFirewall *object, return TRUE; } - ret = __fw_chain_add(chain); - if (ret == STC_ERROR_NONE) { - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.priority = 0; - info.target = STC_FW_CHAIN_TARGET_NONE; - table_firewall_insert_chain(&info); - } else { + ret = stc_plugin_firewall_add_chain(chain); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1360,11 +116,8 @@ gboolean handle_firewall_remove_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1372,13 +125,8 @@ gboolean handle_firewall_remove_chain(StcFirewall *object, return TRUE; } - ret = __fw_chain_remove(chain); - if (ret == STC_ERROR_NONE) { - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - table_firewall_flush_chain(&info); - table_firewall_delete_chain(&info); - } else { + ret = stc_plugin_firewall_remove_chain(chain); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1395,11 +143,8 @@ gboolean handle_firewall_flush_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1407,12 +152,8 @@ gboolean handle_firewall_flush_chain(StcFirewall *object, return TRUE; } - ret = __fw_chain_flush(chain); - if (ret == STC_ERROR_NONE) { - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - table_firewall_flush_chain(&info); - } else { + ret = stc_plugin_firewall_flush_chain(chain); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1431,11 +172,9 @@ gboolean handle_firewall_get_all_chain(StcFirewall *object, GVariantBuilder *builder = NULL; GVariant *return_parameters = NULL; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}")); - __fw_chain_foreach(__fw_chain_make_params, builder); + stc_plugin_firewall_get_all_chain(builder); return_parameters = g_variant_new("(aa{sv})", builder); g_variant_builder_unref(builder); @@ -1453,14 +192,8 @@ gboolean handle_firewall_set_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - stc_fw_data_s *lookup = NULL; - stc_fw_data_s data; - firewall_chain_s info; - uint priority; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL || target >= STC_FW_CHAIN_TARGET_MAX) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, @@ -1469,60 +202,13 @@ gboolean handle_firewall_set_chain(StcFirewall *object, return TRUE; } - lookup = __fw_chain_get(chain); - if (lookup == NULL) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_NO_DATA); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("chain is already set"); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - /* stc-iptables */ - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = target; - - ret = firewall_chain_add(&info); + ret = stc_plugin_firewall_set_chain(chain, target); if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, chain); - ret = firewall_chain_set(&info); - if (ret != STC_ERROR_NONE) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - /* stc-iptables */ - - priority = g_chain_priority + 1; - - memset(&data, 0, sizeof(stc_fw_data_s)); - data.target = target; - data.priority = priority; - - ret = __fw_chain_set(chain, data); - if (ret == STC_ERROR_NONE) { - info.priority = priority; - table_firewall_update_chain(&info); - g_chain_priority = priority; - } else { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1534,12 +220,8 @@ gboolean handle_firewall_unset_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - stc_fw_data_s *lookup = NULL; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1547,53 +229,12 @@ gboolean handle_firewall_unset_chain(StcFirewall *object, return TRUE; } - lookup = __fw_chain_get(chain); - if (lookup == NULL) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_NO_DATA); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - if (lookup->target == STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain is not set"); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - /* stc-iptables */ - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = lookup->target; - - ret = firewall_chain_unset(&info); - if (ret != STC_ERROR_NONE) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - ret = firewall_chain_remove(&info); + ret = stc_plugin_firewall_unset_chain(chain); if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - /* stc-iptables */ - - ret = __fw_chain_unset(chain); - if (ret == STC_ERROR_NONE) { - info.target = STC_FW_CHAIN_TARGET_NONE; - info.priority = 0; - table_firewall_update_chain(&info); - } else { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; @@ -1606,48 +247,15 @@ gboolean handle_firewall_add_rule(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - GVariantIter *iter = NULL; - firewall_rule_s *rule; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - - g_variant_get(parameters, "a{sv}", &iter); - if (iter != NULL) { - stc_manager_gdbus_dict_foreach(iter, - __fw_rule_extract, - rule); - g_variant_iter_free(iter); - } - - if (__validate_fw_rule(rule) == FALSE) { - __fw_rule_free(rule); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - ret = __fw_rule_add(rule); - if (ret == STC_ERROR_NONE) { - table_firewall_insert_rule(rule); - } else { - __fw_rule_free(rule); + ret = stc_plugin_firewall_add_rule(parameters); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_rule_free(rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1659,48 +267,15 @@ gboolean handle_firewall_remove_rule(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - GVariantIter *iter = NULL; - firewall_rule_s *rule; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - - g_variant_get(parameters, "a{sv}", &iter); - if (iter != NULL) { - stc_manager_gdbus_dict_foreach(iter, - __fw_rule_extract, - rule); - g_variant_iter_free(iter); - } - - if (__validate_fw_rule(rule) == FALSE) { - __fw_rule_free(rule); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - ret = __fw_rule_remove(rule); - if (ret == STC_ERROR_NONE) { - table_firewall_delete_rule(rule); - } else { - __fw_rule_free(rule); + ret = stc_plugin_firewall_remove_rule(parameters); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_rule_free(rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1712,50 +287,15 @@ gboolean handle_firewall_update_rule(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - GVariantIter *iter = NULL; - firewall_rule_s *rule; - guint key; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - - g_variant_get(parameters, "a{sv}", &iter); - if (iter != NULL) { - stc_manager_gdbus_dict_foreach(iter, - __fw_rule_extract, - rule); - g_variant_iter_free(iter); - } - - if (__validate_fw_rule(rule) == FALSE) { - __fw_rule_free(rule); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - key = rule->key; - ret = __fw_rule_update(rule); - if (ret == STC_ERROR_NONE) { - table_firewall_update_rule(rule, key); - } else { - __fw_rule_free(rule); + ret = stc_plugin_firewall_update_rule(parameters); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_rule_free(rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1769,12 +309,9 @@ gboolean handle_firewall_get_all_rule(StcFirewall *object, GVariantBuilder *builder = NULL; GVariant *return_parameters = NULL; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}")); - __fw_chain_foreach(__fw_foreach_to_make_rule_param, builder); - __fw_chain_foreach(__fw_foreach_to_print_rule, NULL); + stc_plugin_firewall_get_all_rule(builder); return_parameters = g_variant_new("(aa{sv})", builder); g_variant_builder_unref(builder); diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 22d0375..0268eef 100755 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -24,6 +24,7 @@ #include "stc-manager-plugin-appstatus.h" #include "stc-manager-plugin-procfs.h" #include "stc-manager-plugin-monitor.h" +#include "stc-manager-plugin-firewall.h" #include "helper-iptables.h" #define MANAGER_DBUS_ERROR_NAME "net.stc.manager.Error.Failed" @@ -351,7 +352,7 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, stc->connection); iptables_init(); - stc_firewall_update(); + stc_plugin_firewall_update(); stc_plugin_monitor_init_connection(stc); stc_plugin_appstatus_register_state_changed_cb(stc, @@ -490,7 +491,7 @@ API void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection, g_dbus_connection_signal_unsubscribe(connection, subscription_id); } -void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb, +API void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb, void *user_data) { __STC_LOG_FUNC_ENTER__; diff --git a/src/stc-manager-plugin-firewall.c b/src/stc-manager-plugin-firewall.c new file mode 100755 index 0000000..cc423f5 --- /dev/null +++ b/src/stc-manager-plugin-firewall.c @@ -0,0 +1,306 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "stc-manager.h" +#include "stc-manager-plugin-firewall.h" + +static gboolean stc_plugin_enabled = FALSE; +static void *handle_plugin; +static stc_plugin_firewall_s *stc_plugin; + +//LCOV_EXCL_START +int stc_plugin_firewall_init(void) +{ + __STC_LOG_FUNC_ENTER__; + + handle_plugin = dlopen(STC_PLUGIN_FIREWALL_FILEPATH, RTLD_NOW); + if (!handle_plugin) { + STC_LOGE("Can't load %s: %s", STC_PLUGIN_FIREWALL_FILEPATH, dlerror()); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin = dlsym(handle_plugin, "stc_plugin_firewall"); + if (!stc_plugin) { + STC_LOGE("Can't load symbol: %s", dlerror()); + dlclose(handle_plugin); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->initialize_plugin(); + stc_plugin_enabled = TRUE; + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_deinit(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) + return STC_ERROR_UNINITIALIZED; + + stc_plugin->deinitialize_plugin(); + stc_plugin_enabled = FALSE; + dlclose(handle_plugin); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_lock(void) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->lock_firewall(); +} + +int stc_plugin_firewall_unlock(void) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->unlock_firewall(); +} + + +int stc_plugin_firewall_get_lock(int *state) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_lock_firewall(state); +} + +int stc_plugin_firewall_update(void) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->update_firewall(); +} + +int stc_plugin_firewall_add_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_chain(chain); +} + +int stc_plugin_firewall_remove_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_chain(chain); +} + +int stc_plugin_firewall_flush_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->flush_chain(chain); +} + +int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_all_chain(builder); +} + +int stc_plugin_firewall_set_chain(char *chain, uint target) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->set_chain(chain, target); +} + +int stc_plugin_firewall_unset_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->unset_chain(chain); +} + +int stc_plugin_firewall_add_rule(GVariant *params) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_rule(params); +} + +int stc_plugin_firewall_remove_rule(GVariant *params) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_rule(params); +} + +int stc_plugin_firewall_update_rule(GVariant *params) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->update_rule(params); +} + +int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_all_rule(builder); +} +//LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-procfs.c b/src/stc-manager-plugin-procfs.c old mode 100644 new mode 100755 diff --git a/src/stc-manager.c b/src/stc-manager.c index 11fa7bb..5e5bcef 100755 --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -33,6 +33,7 @@ #include "stc-manager-plugin-tether.h" #include "stc-manager-plugin-pcap.h" #include "stc-manager-plugin-monitor.h" +#include "stc-manager-plugin-firewall.h" #define BUF_SIZE_FOR_ERR 100 @@ -75,7 +76,6 @@ static void __stc_manager_deinit(void) return; } - stc_plugin_monitor_deinit(); stc_deinit_db_guard(); stc_db_deinitialize(); @@ -84,13 +84,13 @@ static void __stc_manager_deinit(void) stc_manager_gdbus_deinit((gpointer)g_stc); - stc_firewall_deinit(); - stc_plugin_appstatus_deinit(); stc_plugin_exception_deinit(); stc_plugin_procfs_deinit(); stc_plugin_tether_deinit(); stc_plugin_pcap_deinit(); + stc_plugin_monitor_deinit(); + stc_plugin_firewall_deinit(); inotify_deregister(INFO_STORAGE_DIR); inotify_deinitialize(); @@ -132,8 +132,7 @@ static stc_s *__stc_manager_init(void) stc_plugin_tether_init(); stc_plugin_pcap_init(); stc_plugin_monitor_init(); - - stc_firewall_init(); + stc_plugin_firewall_init(); stc_plugin_procfs_load_pid(); diff --git a/src/stc-statistics.c b/src/stc-statistics.c old mode 100644 new mode 100755 -- 2.7.4 From 4e4d373d5fea54a24881d1b726e3bd955eb30e54 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Wed, 5 Dec 2018 13:49:46 +0900 Subject: [PATCH 08/16] Add a function to get all pcap loop Change-Id: I92fa7de5a45e758a96f3ae98a31683d81aabe66d Signed-off-by: hyunuktak --- include/stc-manager-plugin-pcap.h | 9 +++-- include/stc-pcap.h | 4 ++ interfaces/stcmanager-iface-pcap.xml | 3 ++ plugin/pcap/include/stc-plugin-pcap.h | 9 +++-- plugin/pcap/stc-plugin-pcap.c | 70 +++++++++++++++++++++++++++-------- src/stc-manager-gdbus.c | 4 ++ src/stc-manager-plugin-pcap.c | 29 ++++++++++++--- src/stc-pcap.c | 25 ++++++++++++- 8 files changed, 121 insertions(+), 32 deletions(-) diff --git a/include/stc-manager-plugin-pcap.h b/include/stc-manager-plugin-pcap.h index 728004f..620f8d7 100755 --- a/include/stc-manager-plugin-pcap.h +++ b/include/stc-manager-plugin-pcap.h @@ -27,9 +27,10 @@ int stc_plugin_pcap_deinit(void); int stc_plugin_pcap_lookup_dev(void); int stc_plugin_pcap_lookup_net(void); int stc_plugin_pcap_find_alldevs(void); -int stc_plugin_pcap_register_loop_pcap(const char *ifname, - int group); -int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, - int group); +int stc_plugin_pcap_register_loop(const char *ifname, + int nflog_group); +int stc_plugin_pcap_unregister_loop(const char *ifname, + int nflog_group); +int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder); #endif /* __STC_MANAGER_PLUGIN_PROCFS_H__ */ diff --git a/include/stc-pcap.h b/include/stc-pcap.h index d99d450..49c310a 100755 --- a/include/stc-pcap.h +++ b/include/stc-pcap.h @@ -47,4 +47,8 @@ gboolean handle_pcap_stop(StcPcap *object, GVariant *parameters, void *user_data); +gboolean handle_pcap_get_all(StcPcap *object, + GDBusMethodInvocation *invocation, + void *user_data); + #endif /* __STC_PCAP_H__ */ diff --git a/interfaces/stcmanager-iface-pcap.xml b/interfaces/stcmanager-iface-pcap.xml index 4320ab6..01c10b6 100644 --- a/interfaces/stcmanager-iface-pcap.xml +++ b/interfaces/stcmanager-iface-pcap.xml @@ -8,5 +8,8 @@ + + + diff --git a/plugin/pcap/include/stc-plugin-pcap.h b/plugin/pcap/include/stc-plugin-pcap.h index a2b8c34..f545445 100755 --- a/plugin/pcap/include/stc-plugin-pcap.h +++ b/plugin/pcap/include/stc-plugin-pcap.h @@ -123,8 +123,8 @@ #define DNS_QCLASS_ANY 255 typedef struct { - char *name; - int group; + char *ifname; + int nflog_group; GThread *thread; pcap_t *handle; } stc_pcap_data_s; @@ -218,8 +218,9 @@ typedef struct { int (*lookup_dev) (void); int (*lookup_net) (void); int (*find_alldevs) (void); - int (*register_loop_pcap) (const char *ifname, int group); - int (*unregister_loop_pcap) (const char *ifname, int group); + int (*register_loop) (const char *ifname, int group); + int (*unregister_loop) (const char *ifname, int group); + int (*get_all_loop) (GVariantBuilder *builder); } stc_plugin_pcap_s; #endif /* __STC_PLUGIN_PCAP_H__ */ diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index fd03c4a..15f9ed8 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -16,6 +16,9 @@ #include "stc-plugin-pcap.h" +#define PCAP_IFNAME "ifname" +#define PCAP_NFLOG_GROUP "nflog_group" + //LCOV_EXCL_START static GHashTable *g_pcap_tables = NULL; static bool g_pcap_start_fm = false; @@ -27,7 +30,7 @@ static void __pcap_data_free(gpointer value) g_thread_unref(data->thread); - FREE(data->name); + FREE(data->ifname); FREE(data); } @@ -1072,7 +1075,7 @@ static gboolean __pcap_thread_source_func(gpointer data) return false; snprintf(buf, sizeof(buf), "%s_%d", - pcap_data->name, pcap_data->group); + pcap_data->ifname, pcap_data->nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (!lookup) { @@ -1105,7 +1108,7 @@ static gpointer __pcap_thread_func(gpointer data) } for (dev = alldevs; dev; dev = dev->next) { - if (g_strcmp0(dev->name, pcap_data->name) == 0) { + if (g_strcmp0(dev->name, pcap_data->ifname) == 0) { name = g_strdup(dev->name); break; } @@ -1114,7 +1117,7 @@ static gpointer __pcap_thread_func(gpointer data) pcap_freealldevs(alldevs); if (name == NULL) { - STC_LOGE("Failed to find dev [%s]", pcap_data->name); + STC_LOGE("Failed to find dev [%s]", pcap_data->ifname); goto thread_exit; } @@ -1126,9 +1129,12 @@ static gpointer __pcap_thread_func(gpointer data) goto thread_exit; } + STC_LOGD("Pcap loop start [%s]", name); pcap_loop(pcap_data->handle, 0, __pcap_handler, NULL); + STC_LOGD("Pcap loop end [%s]", name); pcap_close(pcap_data->handle); + STC_LOGD("Pcap closed [%s]", name); thread_exit: FREE(name); @@ -1147,6 +1153,24 @@ thread_exit: return NULL; } +static void __pcap_make_params(gpointer key, gpointer value, + gpointer user_data) +{ + stc_pcap_data_s *data = (stc_pcap_data_s *)value; + GVariantBuilder *builder = (GVariantBuilder *)user_data; + GVariantBuilder sub_builder; + + g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); + + g_variant_builder_add(&sub_builder, "{sv}", PCAP_IFNAME, + g_variant_new_string(data->ifname)); + + g_variant_builder_add(&sub_builder, "{sv}", PCAP_NFLOG_GROUP, + g_variant_new_uint32(data->nflog_group)); + + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); +} + int stc_plugin_pcap_initialize(void) { __STC_LOG_FUNC_ENTER__; @@ -1259,8 +1283,8 @@ int stc_plugin_pcap_find_alldevs(void) return STC_ERROR_NONE; } -int stc_plugin_pcap_register_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_register_loop(const char *ifname, + int nflog_group) { stc_pcap_data_s *data; stc_pcap_data_s *lookup; @@ -1274,7 +1298,7 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, STC_ERROR_FAIL, "Invalid parameter [ifname]"); - snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + snprintf(buf, sizeof(buf), "%s_%d", ifname, nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (lookup) { @@ -1288,8 +1312,8 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, return STC_ERROR_OUT_OF_MEMORY; } - data->name = g_strdup(ifname); - data->group = group; + data->ifname = g_strdup(ifname); + data->nflog_group = nflog_group; data->thread = g_thread_new(buf, __pcap_thread_func, data); g_hash_table_insert(g_pcap_tables, g_strdup(buf), data); @@ -1298,8 +1322,8 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, return STC_ERROR_NONE; } -int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_unregister_loop(const char *ifname, + int nflog_group) { stc_pcap_data_s *lookup; char buf[MAX_IFACE_LENGTH]; @@ -1312,7 +1336,7 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, STC_ERROR_FAIL, "Invalid parameter [ifname]"); - snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + snprintf(buf, sizeof(buf), "%s_%d", ifname, nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (!lookup) { @@ -1322,6 +1346,18 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, } pcap_breakloop(lookup->handle); + STC_LOGD("Successfully removed pcap loop [%s]", buf); + + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder) +{ + ret_value_msg_if(g_pcap_tables == NULL, + STC_ERROR_FAIL, + "pcap tables is not initialized!"); + + g_hash_table_foreach(g_pcap_tables, __pcap_make_params, builder); return STC_ERROR_NONE; } @@ -1337,9 +1373,11 @@ API stc_plugin_pcap_s stc_plugin_pcap = { stc_plugin_pcap_lookup_net, .find_alldevs = stc_plugin_pcap_find_alldevs, - .register_loop_pcap = - stc_plugin_pcap_register_loop_pcap, - .unregister_loop_pcap = - stc_plugin_pcap_unregister_loop_pcap + .register_loop = + stc_plugin_pcap_register_loop, + .unregister_loop = + stc_plugin_pcap_unregister_loop, + .get_all_loop = + stc_plugin_pcap_get_all_loop }; //LCOV_EXCL_STOP diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 0268eef..14cf127 100755 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -262,6 +262,10 @@ static gboolean __stc_manager_gdbus_pcap_init(stc_s *stc) G_CALLBACK(handle_pcap_stop), stc); + g_signal_connect(pcap, "handle-get-all", + G_CALLBACK(handle_pcap_get_all), + stc); + /* Export the object (@manager takes its own reference to @object) */ g_dbus_object_manager_server_export(stc->obj_mgr, G_DBUS_OBJECT_SKELETON(object)); diff --git a/src/stc-manager-plugin-pcap.c b/src/stc-manager-plugin-pcap.c index 395031c..dc96424 100755 --- a/src/stc-manager-plugin-pcap.c +++ b/src/stc-manager-plugin-pcap.c @@ -118,8 +118,8 @@ int stc_plugin_pcap_find_alldevs(void) return stc_plugin->find_alldevs(); } -int stc_plugin_pcap_register_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_register_loop(const char *ifname, + int nflog_group) { if (!stc_plugin_enabled) { if (STC_DEBUG_LOG) @@ -133,11 +133,11 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, return STC_ERROR_UNINITIALIZED; } - return stc_plugin->register_loop_pcap(ifname, group); + return stc_plugin->register_loop(ifname, nflog_group); } -int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_unregister_loop(const char *ifname, + int nflog_group) { if (!stc_plugin_enabled) { if (STC_DEBUG_LOG) @@ -151,6 +151,23 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, return STC_ERROR_UNINITIALIZED; } - return stc_plugin->unregister_loop_pcap(ifname, group); + return stc_plugin->unregister_loop(ifname, nflog_group); +} + +int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_all_loop(builder); } //LCOV_EXCL_STOP diff --git a/src/stc-pcap.c b/src/stc-pcap.c index 368971e..c24e34b 100755 --- a/src/stc-pcap.c +++ b/src/stc-pcap.c @@ -108,7 +108,7 @@ gboolean handle_pcap_start(StcPcap *object, return TRUE; } - ret = stc_plugin_pcap_register_loop_pcap(pcap.ifname, pcap.nflog_group); + ret = stc_plugin_pcap_register_loop(pcap.ifname, pcap.nflog_group); if (ret != STC_ERROR_NONE) { STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE @@ -147,7 +147,7 @@ gboolean handle_pcap_stop(StcPcap *object, return TRUE; } - ret = stc_plugin_pcap_unregister_loop_pcap(pcap.ifname, pcap.nflog_group); + ret = stc_plugin_pcap_unregister_loop(pcap.ifname, pcap.nflog_group); if (ret != STC_ERROR_NONE) { STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE @@ -158,3 +158,24 @@ gboolean handle_pcap_stop(StcPcap *object, __STC_LOG_FUNC_EXIT__; return TRUE; } + +gboolean handle_pcap_get_all(StcPcap *object, + GDBusMethodInvocation *invocation, + void *user_data) +{ + __STC_LOG_FUNC_ENTER__; + GVariantBuilder *builder = NULL; + GVariant *return_parameters = NULL; + + builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}")); + + stc_plugin_pcap_get_all_loop(builder); + + return_parameters = g_variant_new("(aa{sv})", builder); + g_variant_builder_unref(builder); + + DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters); + STC_DBUS_REPLY(invocation, return_parameters); + __STC_LOG_FUNC_EXIT__; + return TRUE; +} -- 2.7.4 From f275de2b3f112d9cdbdbed81d6193916982b22b9 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Thu, 6 Dec 2018 14:19:23 +0900 Subject: [PATCH 09/16] Add a function to find all devices Change-Id: I7c1a8fa26b18f36955fc89ace5bb6b1d3f5b470c Signed-off-by: hyunuktak --- include/stc-manager-plugin-pcap.h | 2 +- include/stc-pcap.h | 4 ++++ interfaces/stcmanager-iface-pcap.xml | 3 +++ plugin/pcap/include/stc-plugin-pcap.h | 2 +- plugin/pcap/stc-plugin-pcap.c | 28 ++++++++++++++++++++++++---- src/stc-manager-gdbus.c | 4 ++++ src/stc-manager-plugin-pcap.c | 4 ++-- src/stc-pcap.c | 21 +++++++++++++++++++++ 8 files changed, 60 insertions(+), 8 deletions(-) diff --git a/include/stc-manager-plugin-pcap.h b/include/stc-manager-plugin-pcap.h index 620f8d7..7c8fe7e 100755 --- a/include/stc-manager-plugin-pcap.h +++ b/include/stc-manager-plugin-pcap.h @@ -26,7 +26,7 @@ int stc_plugin_pcap_deinit(void); int stc_plugin_pcap_lookup_dev(void); int stc_plugin_pcap_lookup_net(void); -int stc_plugin_pcap_find_alldevs(void); +int stc_plugin_pcap_find_all_devs(GVariantBuilder *builder); int stc_plugin_pcap_register_loop(const char *ifname, int nflog_group); int stc_plugin_pcap_unregister_loop(const char *ifname, diff --git a/include/stc-pcap.h b/include/stc-pcap.h index 49c310a..1bd3d7e 100755 --- a/include/stc-pcap.h +++ b/include/stc-pcap.h @@ -51,4 +51,8 @@ gboolean handle_pcap_get_all(StcPcap *object, GDBusMethodInvocation *invocation, void *user_data); +gboolean handle_pcap_find_all_devs(StcPcap *object, + GDBusMethodInvocation *invocation, + void *user_data); + #endif /* __STC_PCAP_H__ */ diff --git a/interfaces/stcmanager-iface-pcap.xml b/interfaces/stcmanager-iface-pcap.xml index 01c10b6..035e57f 100644 --- a/interfaces/stcmanager-iface-pcap.xml +++ b/interfaces/stcmanager-iface-pcap.xml @@ -11,5 +11,8 @@ + + + diff --git a/plugin/pcap/include/stc-plugin-pcap.h b/plugin/pcap/include/stc-plugin-pcap.h index f545445..d1747b2 100755 --- a/plugin/pcap/include/stc-plugin-pcap.h +++ b/plugin/pcap/include/stc-plugin-pcap.h @@ -217,7 +217,7 @@ typedef struct { int (*deinitialize_plugin) (void); int (*lookup_dev) (void); int (*lookup_net) (void); - int (*find_alldevs) (void); + int (*find_all_devs) (GVariantBuilder *builder); int (*register_loop) (const char *ifname, int group); int (*unregister_loop) (const char *ifname, int group); int (*get_all_loop) (GVariantBuilder *builder); diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 15f9ed8..8785368 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -18,6 +18,10 @@ #define PCAP_IFNAME "ifname" #define PCAP_NFLOG_GROUP "nflog_group" +#define PCAP_DEV_NAME "dev" +#define PCAP_DEV_DECS "decs" +#define PCAP_DEV_NET "net" +#define PCAP_DEV_MASK "mask" //LCOV_EXCL_START static GHashTable *g_pcap_tables = NULL; @@ -1244,7 +1248,7 @@ int stc_plugin_pcap_lookup_net(void) return STC_ERROR_NONE; } -int stc_plugin_pcap_find_alldevs(void) +int stc_plugin_pcap_find_all_devs(GVariantBuilder *builder) { char net[BUFF_SIZE_IP]; char mask[BUFF_SIZE_IP]; @@ -1261,21 +1265,37 @@ int stc_plugin_pcap_find_alldevs(void) } for (dev = alldevs; dev; dev = dev->next) { + GVariantBuilder sub_builder; + + g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); + STC_LOGD("Dev [%s]", dev->name); + g_variant_builder_add(&sub_builder, "{sv}", PCAP_DEV_NAME, + g_variant_new_string(dev->name)); - if (dev->description) + if (dev->description) { STC_LOGD("Decs [%s]", dev->description); + g_variant_builder_add(&sub_builder, "{sv}", PCAP_DEV_DECS, + g_variant_new_string(dev->description)); + } if (pcap_lookupnet(dev->name, &netp, &maskp, errbuf) == -1) { STC_LOGE("Failed to look up net [%s]", errbuf); + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); continue; } inet_ntop(AF_INET, &netp, net, BUFF_SIZE_IP); STC_LOGD("Net [%s]", net); + g_variant_builder_add(&sub_builder, "{sv}", PCAP_DEV_NET, + g_variant_new_string(net)); inet_ntop(AF_INET, &maskp, mask, BUFF_SIZE_IP); STC_LOGD("Mask [%s]", mask); + g_variant_builder_add(&sub_builder, "{sv}", PCAP_DEV_MASK, + g_variant_new_string(mask)); + + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); } pcap_freealldevs(alldevs); @@ -1371,8 +1391,8 @@ API stc_plugin_pcap_s stc_plugin_pcap = { stc_plugin_pcap_lookup_dev, .lookup_net = stc_plugin_pcap_lookup_net, - .find_alldevs = - stc_plugin_pcap_find_alldevs, + .find_all_devs = + stc_plugin_pcap_find_all_devs, .register_loop = stc_plugin_pcap_register_loop, .unregister_loop = diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 14cf127..61a81b4 100755 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -266,6 +266,10 @@ static gboolean __stc_manager_gdbus_pcap_init(stc_s *stc) G_CALLBACK(handle_pcap_get_all), stc); + g_signal_connect(pcap, "handle-find-all-devs", + G_CALLBACK(handle_pcap_find_all_devs), + stc); + /* Export the object (@manager takes its own reference to @object) */ g_dbus_object_manager_server_export(stc->obj_mgr, G_DBUS_OBJECT_SKELETON(object)); diff --git a/src/stc-manager-plugin-pcap.c b/src/stc-manager-plugin-pcap.c index dc96424..8134391 100755 --- a/src/stc-manager-plugin-pcap.c +++ b/src/stc-manager-plugin-pcap.c @@ -101,7 +101,7 @@ int stc_plugin_pcap_lookup_net(void) return stc_plugin->lookup_net(); } -int stc_plugin_pcap_find_alldevs(void) +int stc_plugin_pcap_find_all_devs(GVariantBuilder *builder) { if (!stc_plugin_enabled) { if (STC_DEBUG_LOG) @@ -115,7 +115,7 @@ int stc_plugin_pcap_find_alldevs(void) return STC_ERROR_UNINITIALIZED; } - return stc_plugin->find_alldevs(); + return stc_plugin->find_all_devs(builder); } int stc_plugin_pcap_register_loop(const char *ifname, diff --git a/src/stc-pcap.c b/src/stc-pcap.c index c24e34b..cd961e6 100755 --- a/src/stc-pcap.c +++ b/src/stc-pcap.c @@ -179,3 +179,24 @@ gboolean handle_pcap_get_all(StcPcap *object, __STC_LOG_FUNC_EXIT__; return TRUE; } + +gboolean handle_pcap_find_all_devs(StcPcap *object, + GDBusMethodInvocation *invocation, + void *user_data) +{ + __STC_LOG_FUNC_ENTER__; + GVariantBuilder *builder = NULL; + GVariant *return_parameters = NULL; + + builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}")); + + stc_plugin_pcap_find_all_devs(builder); + + return_parameters = g_variant_new("(aa{sv})", builder); + g_variant_builder_unref(builder); + + DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters); + STC_DBUS_REPLY(invocation, return_parameters); + __STC_LOG_FUNC_EXIT__; + return TRUE; +} -- 2.7.4 From 64fb306678517e3968a1ef50c4041a993959aeee Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 10 Dec 2018 16:16:41 +0900 Subject: [PATCH 10/16] Fixed 64 bit type format Change-Id: I6d94f5b508b6a79f22d4a81d51fd1ab0830989dc Signed-off-by: hyunuktak --- include/stc-manager.h | 4 ++-- include/stc-restriction.h | 8 +++---- packaging/stc-manager.spec | 2 +- plugin/firewall/include/stc-plugin-firewall.h | 2 +- plugin/firewall/stc-plugin-firewall.c | 18 +++++++------- .../monitor/include/stc-plugin-monitor-context.h | 2 +- plugin/monitor/include/stc-plugin-monitor-rstn.h | 12 +++++----- plugin/monitor/stc-plugin-monitor-rstn.c | 28 +++++++++++----------- plugin/monitor/stc-plugin-monitor.c | 6 ++--- src/database/include/db-internal.h | 0 src/database/include/stc-db.h | 4 ++-- src/database/include/table-counters.h | 24 +++++++++---------- src/database/include/table-firewall.h | 0 src/database/include/table-restrictions.h | 12 +++++----- src/database/include/table-statistics.h | 0 src/database/tables/table-counters.c | 10 ++++---- src/database/tables/table-statistics.c | 4 ++-- src/helper/helper-nfacct-rule.c | 4 ++-- src/helper/helper-nfacct-rule.h | 6 ++--- src/stc-pcap.c | 2 +- src/stc-restriction.c | 8 +++---- 21 files changed, 78 insertions(+), 78 deletions(-) mode change 100644 => 100755 src/database/include/db-internal.h mode change 100644 => 100755 src/database/include/stc-db.h mode change 100644 => 100755 src/database/include/table-counters.h mode change 100644 => 100755 src/database/include/table-firewall.h mode change 100644 => 100755 src/database/include/table-restrictions.h mode change 100644 => 100755 src/database/include/table-statistics.h mode change 100644 => 100755 src/helper/helper-nfacct-rule.h diff --git a/include/stc-manager.h b/include/stc-manager.h index 0b930eb..82d8747 100755 --- a/include/stc-manager.h +++ b/include/stc-manager.h @@ -230,8 +230,8 @@ typedef struct { * @brief datausage in bytes */ typedef struct { - int64_t in_bytes; /**< incoming bytes */ - int64_t out_bytes; /**< outgoing bytes */ + long long int in_bytes; /**< incoming bytes */ + long long int out_bytes; /**< outgoing bytes */ } stc_data_counter_s; typedef struct { diff --git a/include/stc-restriction.h b/include/stc-restriction.h index 9f5560a..fe25ea2 100755 --- a/include/stc-restriction.h +++ b/include/stc-restriction.h @@ -29,10 +29,10 @@ typedef struct { stc_app_state_e rs_type; stc_iface_type_e iftype; - int64_t send_limit; - int64_t rcv_limit; - int64_t snd_warning_limit; - int64_t rcv_warning_limit; + long long int send_limit; + long long int rcv_limit; + long long int snd_warning_limit; + long long int rcv_warning_limit; stc_roaming_type_e roaming; char *ifname; char *subscriber_id; diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index d8dc5c4..eeb10ef 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.84 +Version: 0.0.85 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/plugin/firewall/include/stc-plugin-firewall.h b/plugin/firewall/include/stc-plugin-firewall.h index bf36d58..d9f9dc4 100755 --- a/plugin/firewall/include/stc-plugin-firewall.h +++ b/plugin/firewall/include/stc-plugin-firewall.h @@ -32,7 +32,7 @@ typedef struct { stc_fw_chain_target_e target; - uint64_t priority; + long long int priority; GSList *rules; } stc_fw_data_s; diff --git a/plugin/firewall/stc-plugin-firewall.c b/plugin/firewall/stc-plugin-firewall.c index 3e5fdd6..2b13d62 100755 --- a/plugin/firewall/stc-plugin-firewall.c +++ b/plugin/firewall/stc-plugin-firewall.c @@ -934,7 +934,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } if (g_strcmp0(key, RULE_CHAIN) == 0) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->chain = g_strdup(str); STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain); @@ -969,7 +969,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } else if (g_strcmp0(key, RULE_SIP1) == 0) { if (rule->s_ip_type != STC_FW_IP_NONE) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); if (rule->family == STC_FW_FAMILY_V4) { inet_pton(AF_INET, str, &(rule->s_ip1.Ipv4)); @@ -984,7 +984,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } else if (g_strcmp0(key, RULE_SIP2) == 0) { if (rule->s_ip_type != STC_FW_IP_NONE) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); if (rule->family == STC_FW_FAMILY_V4) { inet_pton(AF_INET, str, &(rule->s_ip2.Ipv4)); @@ -999,7 +999,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } else if (g_strcmp0(key, RULE_DIP1) == 0) { if (rule->d_ip_type != STC_FW_IP_NONE) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); if (rule->family == STC_FW_FAMILY_V4) { inet_pton(AF_INET, str, &(rule->d_ip1.Ipv4)); @@ -1014,7 +1014,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } else if (g_strcmp0(key, RULE_DIP2) == 0) { if (rule->d_ip_type != STC_FW_IP_NONE) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); if (rule->family == STC_FW_FAMILY_V4) { inet_pton(AF_INET, str, &(rule->d_ip2.Ipv4)); @@ -1053,7 +1053,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } else if (g_strcmp0(key, RULE_IFNAME) == 0) { if (rule->direction != STC_FW_DIRECTION_NONE) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->ifname = g_strdup(str); STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname); @@ -1071,7 +1071,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } else if (g_strcmp0(key, RULE_LOG_PREFIX) == 0) { if (rule->target == STC_FW_RULE_TARGET_LOG) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->log_prefix = g_strdup(str); STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix); @@ -1085,7 +1085,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } else if (g_strcmp0(key, RULE_NFLOG_PREFIX) == 0) { if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->nflog_prefix = g_strdup(str); STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix); @@ -1104,7 +1104,7 @@ static void __fw_rule_extract(const char *key, GVariant *value, } } else if (g_strcmp0(key, RULE_IDENTIFIER) == 0) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->identifier = g_strdup(str); STC_LOGD("%s: [%s]", RULE_IDENTIFIER, rule->identifier); diff --git a/plugin/monitor/include/stc-plugin-monitor-context.h b/plugin/monitor/include/stc-plugin-monitor-context.h index b0d0075..3e8f324 100755 --- a/plugin/monitor/include/stc-plugin-monitor-context.h +++ b/plugin/monitor/include/stc-plugin-monitor-context.h @@ -29,7 +29,7 @@ typedef struct { typedef struct { struct nfacct_rule *counter; - int64_t bytes; + long long int bytes; gboolean data_limit_exceeded; } classid_bytes_context_s; diff --git a/plugin/monitor/include/stc-plugin-monitor-rstn.h b/plugin/monitor/include/stc-plugin-monitor-rstn.h index 0c690c7..41b1e80 100755 --- a/plugin/monitor/include/stc-plugin-monitor-rstn.h +++ b/plugin/monitor/include/stc-plugin-monitor-rstn.h @@ -55,12 +55,12 @@ typedef struct { stc_roaming_type_e roaming; char *mac; - uint64_t restriction_id; + long long int restriction_id; stc_rstn_state_e rstn_state; stc_rstn_type_e rstn_type; - int64_t counter[STC_RSTN_LIMIT_TYPE_MAX]; - int64_t limit[STC_RSTN_LIMIT_TYPE_MAX]; + long long int counter[STC_RSTN_LIMIT_TYPE_MAX]; + long long int limit[STC_RSTN_LIMIT_TYPE_MAX]; int32_t limit_exceeded; int32_t limit_notified; @@ -76,9 +76,9 @@ typedef struct { time_t month_start_ts; time_t week_start_ts; time_t day_start_ts; - int64_t monthly_stat; - int64_t weekly_stat; - int64_t daily_stat; + long long int monthly_stat; + long long int weekly_stat; + long long int daily_stat; } stc_rstn_cumulative_data_s; diff --git a/plugin/monitor/stc-plugin-monitor-rstn.c b/plugin/monitor/stc-plugin-monitor-rstn.c index 75bc4e5..99951a2 100755 --- a/plugin/monitor/stc-plugin-monitor-rstn.c +++ b/plugin/monitor/stc-plugin-monitor-rstn.c @@ -88,7 +88,7 @@ static stc_cb_ret_e __statistics_info_cb(const table_statistics_info *info, void *user_data) { stc_rstn_cumulative_data_s *stat = (stc_rstn_cumulative_data_s *)user_data; - int64_t counters = 0; + long long int counters = 0; counters = info->cnt.in_bytes + info->cnt.out_bytes; @@ -101,7 +101,7 @@ static stc_cb_ret_e __statistics_info_cb(const table_statistics_info *info, return STC_CONTINUE; } -static void __rstn_add_tether_rule(int64_t classid, gchar *mac, +static void __rstn_add_tether_rule(long long int classid, gchar *mac, nfacct_rule_intend intend, stc_iface_type_e iftype) { GSList *conn_list = stc_get_connection_list(); @@ -149,7 +149,7 @@ static void __rstn_add_tether_rule(int64_t classid, gchar *mac, } } -static void __rstn_del_tether_rule(int64_t classid, gchar *mac, +static void __rstn_del_tether_rule(long long int classid, gchar *mac, nfacct_rule_intend intend, stc_iface_type_e iftype) { GSList *conn_list = stc_get_connection_list(); @@ -199,7 +199,7 @@ static void __rstn_del_tether_rule(int64_t classid, gchar *mac, } } -static void __rstn_add_ipt_rule(int64_t classid, nfacct_rule_intend intend, +static void __rstn_add_ipt_rule(long long int classid, nfacct_rule_intend intend, stc_iface_type_e iftype) { GSList *conn_list = stc_get_connection_list(); @@ -248,7 +248,7 @@ static void __rstn_add_ipt_rule(int64_t classid, nfacct_rule_intend intend, } } -static void __rstn_del_ipt_rule(int64_t classid, nfacct_rule_intend intend, +static void __rstn_del_ipt_rule(long long int classid, nfacct_rule_intend intend, stc_iface_type_e iftype) { GSList *conn_list = stc_get_connection_list(); @@ -367,7 +367,7 @@ static void __rstn_tethering_process(enum traffic_restriction_type rstn_type, { int i; table_counters_info info; - int64_t effective_limit[STC_RSTN_LIMIT_TYPE_MAX] = { 0, }; + long long int effective_limit[STC_RSTN_LIMIT_TYPE_MAX] = { 0, }; memset(&info, 0, sizeof(table_counters_info)); rstn_data->limit_exceeded = 0; @@ -514,7 +514,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, { int i; table_counters_info info; - int64_t effective_limit[STC_RSTN_LIMIT_TYPE_MAX] = { 0, }; + long long int effective_limit[STC_RSTN_LIMIT_TYPE_MAX] = { 0, }; memset(&info, 0, sizeof(table_counters_info)); rstn_data->limit_exceeded = 0; @@ -593,7 +593,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction activated " - "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", + "[\033[1;36m%d\033[0;m:\033[1;35m%lld\033[0;m]", rstn_data->classid, rstn_data->restriction_id); } } @@ -608,7 +608,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction activated " - "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", + "[\033[1;36m%d\033[0;m:\033[1;35m%lld\033[0;m]", rstn_data->classid, rstn_data->restriction_id); } break; @@ -635,7 +635,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction deactivated " - "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", + "[\033[1;36m%d\033[0;m:\033[1;35m%lld\033[0;m]", rstn_data->classid, rstn_data->restriction_id); } } @@ -653,7 +653,7 @@ static void __rstn_add(gpointer data, gpointer user_data) if (rstn_data->rstn_state == STC_RSTN_STATE_ACTIVATED) { if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction already activated " - "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", + "[\033[1;36m%d\033[0;m:\033[1;35m%lld\033[0;m]", rstn_data->classid, rstn_data->restriction_id); } return; @@ -674,7 +674,7 @@ static void __rstn_add(gpointer data, gpointer user_data) if (STC_DEBUG_LOG && STC_RSTN_LOG) { __print_rstn(rstn_data); STC_LOGD("\033[1;32mRestriction added\033[0;m " - "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", + "[\033[1;36m%d\033[0;m:\033[1;35m%lld\033[0;m]", rstn_data->classid, rstn_data->restriction_id); } } @@ -693,7 +693,7 @@ static void __rstn_remove(gpointer data, gpointer user_data) if (rstn_data->rstn_state == STC_RSTN_STATE_DEACTIVATED) { STC_LOGD("\033[1;31mRestriction already deactivated\033[0;m " - "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", + "[\033[1;36m%d\033[0;m:\033[1;35m%lld\033[0;m]", rstn_data->classid, rstn_data->restriction_id); return; } @@ -706,7 +706,7 @@ static void __rstn_remove(gpointer data, gpointer user_data) if (STC_DEBUG_LOG && STC_RSTN_LOG) { __print_rstn(rstn_data); STC_LOGD("\033[1;31mRestriction removed\033[0;m " - "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", + "[\033[1;36m%d\033[0;m:\033[1;35m%lld\033[0;m]", rstn_data->classid, rstn_data->restriction_id); } } diff --git a/plugin/monitor/stc-plugin-monitor.c b/plugin/monitor/stc-plugin-monitor.c index 117036e..fc71c8c 100755 --- a/plugin/monitor/stc-plugin-monitor.c +++ b/plugin/monitor/stc-plugin-monitor.c @@ -112,7 +112,7 @@ static void __check_rstn_limit_exceeded(gpointer data, *limit_exceeded = rstn_data->limit_exceeded; } -static void __fill_nfacct_result(char *cnt_name, int64_t bytes, +static void __fill_nfacct_result(char *cnt_name, long long int bytes, struct counter_arg *carg) { stc_monitor_rstn_reset_time_counters_if_required(); @@ -198,8 +198,8 @@ static int __fill_counters(struct rtattr *attr_list[__NFACCT_MAX], populate_counters(cnt_name, carg); */ } else { - int64_t *bytes_p = - (int64_t *)RTA_DATA(attr_list[NFACCT_BYTES]); + long long int *bytes_p = + (long long int *)RTA_DATA(attr_list[NFACCT_BYTES]); int bytes = be64toh(*bytes_p); if (bytes) { ++carg->serialized_counters; diff --git a/src/database/include/db-internal.h b/src/database/include/db-internal.h old mode 100644 new mode 100755 diff --git a/src/database/include/stc-db.h b/src/database/include/stc-db.h old mode 100644 new mode 100755 index 13ae916..c15d3fa --- a/src/database/include/stc-db.h +++ b/src/database/include/stc-db.h @@ -48,8 +48,8 @@ typedef struct { */ typedef struct { char *app_id; - int64_t rcv_count; - int64_t snd_count; + long long int rcv_count; + long long int snd_count; #ifndef CONFIG_DATAUSAGE_NFACCT pid_t pid; diff --git a/src/database/include/table-counters.h b/src/database/include/table-counters.h old mode 100644 new mode 100755 index 5faff83..41febcb --- a/src/database/include/table-counters.h +++ b/src/database/include/table-counters.h @@ -18,32 +18,32 @@ #define __TABLE_COUNTERS_H__ typedef struct { - uint64_t restriction_id; - int64_t data_counter; - int64_t warn_counter; - int64_t monthly_counter; - int64_t weekly_counter; - int64_t daily_counter; + long long int restriction_id; + long long int data_counter; + long long int warn_counter; + long long int monthly_counter; + long long int weekly_counter; + long long int daily_counter; int32_t month_start_date; - int64_t month_start_ts; - int64_t week_start_ts; - int64_t day_start_ts; + long long int month_start_ts; + long long int week_start_ts; + long long int day_start_ts; } table_counters_info; typedef stc_cb_ret_e(*table_counters_info_cb)(const table_counters_info *info, void *user_data); -stc_error_e table_counters_get(uint64_t restriction_id, +stc_error_e table_counters_get(long long int restriction_id, table_counters_info *info); stc_error_e table_counters_update_counters(const table_counters_info *info); -stc_error_e table_counters_get_timestamps(uint64_t restriction_id, +stc_error_e table_counters_get_timestamps(long long int restriction_id, table_counters_info *info); stc_error_e table_counters_update_timestamps(const table_counters_info *info); -stc_error_e table_counters_delete(uint64_t restriction_id); +stc_error_e table_counters_delete(long long int restriction_id); stc_error_e table_counters_prepare(sqlite3 *db); diff --git a/src/database/include/table-firewall.h b/src/database/include/table-firewall.h old mode 100644 new mode 100755 diff --git a/src/database/include/table-restrictions.h b/src/database/include/table-restrictions.h old mode 100644 new mode 100755 index e9d46bf..4f4528a --- a/src/database/include/table-restrictions.h +++ b/src/database/include/table-restrictions.h @@ -25,13 +25,13 @@ typedef struct { stc_iface_type_e iftype; stc_rstn_type_e rstn_type; stc_roaming_type_e roaming; - int64_t data_limit; - int64_t data_warn_limit; - int64_t monthly_limit; - int64_t weekly_limit; - int64_t daily_limit; + long long int data_limit; + long long int data_warn_limit; + long long int monthly_limit; + long long int weekly_limit; + long long int daily_limit; int month_start_date; - uint64_t restriction_id; + long long int restriction_id; } table_restrictions_info; typedef stc_cb_ret_e diff --git a/src/database/include/table-statistics.h b/src/database/include/table-statistics.h old mode 100644 new mode 100755 diff --git a/src/database/tables/table-counters.c b/src/database/tables/table-counters.c index 96c15c5..78b7723 100755 --- a/src/database/tables/table-counters.c +++ b/src/database/tables/table-counters.c @@ -237,11 +237,11 @@ static void __finalize_insert(void) __STC_LOG_FUNC_EXIT__; } -static bool __table_counters_is_entry_present(uint64_t restriction_id) +static bool __table_counters_is_entry_present(long long int restriction_id) { bool ret = FALSE; int rc; - uint64_t l_restriction_id = -1; + long long int l_restriction_id = -1; sqlite3_stmt *stmt = select_restriction_id; if (sqlite3_bind_int(stmt, 1, restriction_id) != SQLITE_OK) { @@ -271,7 +271,7 @@ handle_error: return ret; } -API stc_error_e table_counters_get(uint64_t restriction_id, +API stc_error_e table_counters_get(long long int restriction_id, table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; @@ -359,7 +359,7 @@ handle_error: } //LCOV_EXCL_STOP -API stc_error_e table_counters_get_timestamps(uint64_t restriction_id, +API stc_error_e table_counters_get_timestamps(long long int restriction_id, table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; @@ -443,7 +443,7 @@ handle_error: //LCOV_EXCL_STOP -API stc_error_e table_counters_delete(uint64_t restriction_id) +API stc_error_e table_counters_delete(long long int restriction_id) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_counter; diff --git a/src/database/tables/table-statistics.c b/src/database/tables/table-statistics.c index ffb4b97..7670e28 100755 --- a/src/database/tables/table-statistics.c +++ b/src/database/tables/table-statistics.c @@ -585,8 +585,8 @@ API stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_statistics_query; stc_hw_net_protocol_type_e hw_net_protocol_type = STC_PROTOCOL_UNKNOWN; - int64_t rcv; - int64_t snd; + long long int rcv; + long long int snd; if (!stat->rcv_count && !stat->snd_count) { error_code = STC_ERROR_INVALID_PARAMETER; diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c index 1d6d0c6..24376f3 100755 --- a/src/helper/helper-nfacct-rule.c +++ b/src/helper/helper-nfacct-rule.c @@ -108,7 +108,7 @@ static void add_string_attr(struct genl *req, const char *str, int type) add_value_attr(req, str, strlen(str) + 1, type); } -static void add_uint64_attr(struct genl *req, const uint64_t v, int type) +static void add_uint64_attr(struct genl *req, const long long unsigned int v, int type) { add_value_attr(req, &v, sizeof(v), type); } @@ -147,7 +147,7 @@ static stc_error_e nfacct_send_new(nfacct_rule_s *counter) add_uint64_attr(req, 0, NFACCT_BYTES); //LCOV_EXCL_START if (counter->quota) { - STC_LOGD("quota bytes %"PRId64, counter->quota); + STC_LOGD("quota bytes %lld", counter->quota); add_uint32_attr(req, htobe32(NFACCT_F_QUOTA_BYTES), NFACCT_FLAGS); diff --git a/src/helper/helper-nfacct-rule.h b/src/helper/helper-nfacct-rule.h old mode 100644 new mode 100755 index 4506f0e..97c9b5e --- a/src/helper/helper-nfacct-rule.h +++ b/src/helper/helper-nfacct-rule.h @@ -117,12 +117,12 @@ struct nfacct_rule { struct counter_arg *carg; stc_error_e(*iptables_rule)(struct nfacct_rule *counter); - int64_t quota; + long long int quota; int quota_id; stc_roaming_type_e roaming; - int64_t send_limit; - int64_t rcv_limit; + long long int send_limit; + long long int rcv_limit; }; typedef struct nfacct_rule nfacct_rule_s; diff --git a/src/stc-pcap.c b/src/stc-pcap.c index cd961e6..91dd1e2 100755 --- a/src/stc-pcap.c +++ b/src/stc-pcap.c @@ -67,7 +67,7 @@ static void __stc_extract_pcap(const char *key, GVariant *value, } if (!g_strcmp0(key, STC_PCAP_IFNAME)) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); pcap->ifname = g_strdup(str); STC_LOGD("ifname: [%s]", pcap->ifname); diff --git a/src/stc-restriction.c b/src/stc-restriction.c index ffe1a85..42bf9bc 100755 --- a/src/stc-restriction.c +++ b/src/stc-restriction.c @@ -195,13 +195,13 @@ static void __stc_extract_restriction_rule(const char *key, GVariant *value, } if (!g_strcmp0(key, "app_id")) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->app_id = g_strdup(str); STC_LOGD("app_id: [%s]", rule->app_id); } else if (!g_strcmp0(key, "ifname")) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->ifname = g_strdup(str); STC_LOGD("ifname: [%s]", rule->ifname); @@ -239,7 +239,7 @@ static void __stc_extract_restriction_rule(const char *key, GVariant *value, STC_LOGD("roaming: [%u]", rule->roaming); } else if (!g_strcmp0(key, "subscriber_id")) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->subscriber_id = g_strdup(str); STC_LOGD("subscriber_id: [%s]", rule->subscriber_id); @@ -249,7 +249,7 @@ static void __stc_extract_restriction_rule(const char *key, GVariant *value, STC_LOGD("type: [%u]", (unsigned int) rule->rstn_type); } else if (!g_strcmp0(key, "mac")) { - guint str_length; + gsize str_length; const gchar *str = g_variant_get_string(value, &str_length); rule->mac = g_strdup(str); STC_LOGD("mac: [%s]", rule->mac); -- 2.7.4 From a3db1a1c0b17a19aedec46fef4214510b9cdd576 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 17 Dec 2018 14:45:47 +0900 Subject: [PATCH 11/16] Add hdr and tlv of nflog for pcap Change-Id: I99e01ab3262c4d0a002a35c7d1eeefdadb8c20fe Signed-off-by: hyunuktak --- packaging/stc-manager.spec | 2 +- plugin/pcap/include/stc-plugin-pcap.h | 6 + plugin/pcap/stc-plugin-pcap.c | 452 ++++++++++++++++++++++++++-------- 3 files changed, 358 insertions(+), 102 deletions(-) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index eeb10ef..4f177eb 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.85 +Version: 0.0.86 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/plugin/pcap/include/stc-plugin-pcap.h b/plugin/pcap/include/stc-plugin-pcap.h index d1747b2..aced8f9 100755 --- a/plugin/pcap/include/stc-plugin-pcap.h +++ b/plugin/pcap/include/stc-plugin-pcap.h @@ -26,6 +26,7 @@ #include #include #include +#include #include #include #include @@ -124,9 +125,11 @@ typedef struct { char *ifname; + char *nfname; int nflog_group; GThread *thread; pcap_t *handle; + int encap_type; } stc_pcap_data_s; typedef struct { @@ -210,6 +213,9 @@ typedef struct udphdr udp_t; #define SIZE_UDP_HEADER sizeof(udp_t) #define SIZE_DNS_HEADER sizeof(dns_t) +#define SIZE_NFLOG_HDR sizeof(nflog_hdr_t) +#define SIZE_NFLOG_TLV sizeof(nflog_tlv_t) + #define IS_SRC_OR_DST_PORT(p) (source == (p) || dest == (p)) typedef struct { diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 8785368..7921a1e 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -16,6 +16,9 @@ #include "stc-plugin-pcap.h" +#define ENCAPTYPE_ETHERNET 1 +#define ENCAPTYPE_NFLOG 141 + #define PCAP_IFNAME "ifname" #define PCAP_NFLOG_GROUP "nflog_group" #define PCAP_DEV_NAME "dev" @@ -23,6 +26,12 @@ #define PCAP_DEV_NET "net" #define PCAP_DEV_MASK "mask" +#define NFLOG_IFNAME "nflog" + +typedef struct { + u_int32_t ts[4]; +} nflog_timestamp_s; + //LCOV_EXCL_START static GHashTable *g_pcap_tables = NULL; static bool g_pcap_start_fm = false; @@ -35,6 +44,7 @@ static void __pcap_data_free(gpointer value) g_thread_unref(data->thread); FREE(data->ifname); + FREE(data->nfname); FREE(data); } @@ -108,10 +118,9 @@ static uint16_t __pcap_ntp_fraction_info(uint16_t f) return fraction; } -static void __pcap_ntp_info(const u_char *packet) +static void __pcap_ntp_info(const u_char **packet) { - ntp_t *ntp_h = (ntp_t *)(packet + - SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + ntp_t *ntp_h = (ntp_t *)*packet; char refid[BUFF_SIZE_ID]; char reftime[BUFF_SIZE_TIME]; char orgtime[BUFF_SIZE_TIME]; @@ -124,7 +133,7 @@ static void __pcap_ntp_info(const u_char *packet) __pcap_ntp_time_info(ntp_h->rectime.second, rectime); __pcap_ntp_time_info(ntp_h->xmttime.second, xmttime); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", ntp_h->flags, ntp_h->stratum, ntp_h->poll, @@ -135,7 +144,7 @@ static void __pcap_ntp_info(const u_char *packet) __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), refid); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", reftime, orgtime, rectime, xmttime); } @@ -233,7 +242,7 @@ static void __pcap_bootp_magic_info(uint32_t magic, char buf[BOOTP_MOPTION_LEN]; uint8_t *opt = moption; - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Magic cookie[DHCP]"); while(len > 0) { @@ -247,72 +256,72 @@ static void __pcap_bootp_magic_info(uint32_t magic, case DHCP_TAG_SUBNET_MASK: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Subnet mask[%s]", addr); break; case DHCP_TAG_ROUTER: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Router[%s]", addr); break; case DHCP_TAG_DNS: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Domain name server[%s]", addr); break; case DHCP_TAG_HOST_NAME: snprintf(buf, ((length < BOOTP_MOPTION_LEN) ? (length + 1) : BOOTP_MOPTION_LEN), "%s", (char *)data); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Host name[%s]", buf); break; case DHCP_TAG_REQUESTED_IP: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Requested IP[%s]", addr); break; case DHCP_TAG_IP_LEASE_TIME: - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("IP address lease time[%us]", ntohl(*(uint32_t *)data)); break; case DHCP_TAG_MSG_TYPE: - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("DHCP message type[%u:%s]", *data, __pcap_dhcp_msg_type_info(*data)); break; case DHCP_TAG_SERVER_ID: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("DHCP server identifier[%s]", addr); break; case DHCP_TAG_MSG_SIZE: - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Maximum DHCP message size[%u]", ntohs(*(uint16_t *)data)); break; case DHCP_TAG_CLIENT_ID: - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Client identifier HW type[0x%02x:%s]", *data, __pcap_dhcp_client_id_info(*data)); if (*data == DHCP_CLIENT_ID_ETHERNET) { g_strlcpy(host, ether_ntoa((const struct ether_addr *)&data[1]), sizeof(host)); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Client identifier MAC[%s]", host); } break; case DHCP_TAG_END: - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("End"); return; default: - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Unknown[%u]", tag); break; } @@ -342,18 +351,14 @@ static const char *__pcap_bootp_op_info(uint8_t op) return info; } -static void __pcap_bootp_info(const u_char *packet) +static void __pcap_bootp_info(const u_char **packet, u_int16_t len) { - udp_t *udp_h = (udp_t *)(packet - + SIZE_ETHER_HEADER + SIZE_IP_HEADER); - bootp_t *bootp_h = (bootp_t *)(packet + - SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + bootp_t *bootp_h = (bootp_t *)*packet; char ciaddr[BUFF_SIZE_IP]; char yiaddr[BUFF_SIZE_IP]; char siaddr[BUFF_SIZE_IP]; char giaddr[BUFF_SIZE_IP]; char chaddr[BUFF_SIZE_HOST]; - u_int16_t len; inet_ntop(AF_INET, &bootp_h->ciaddr, ciaddr, BUFF_SIZE_IP); inet_ntop(AF_INET, &bootp_h->yiaddr, yiaddr, BUFF_SIZE_IP); @@ -364,19 +369,18 @@ static void __pcap_bootp_info(const u_char *packet) ether_ntoa((const struct ether_addr *)bootp_h->chaddr), sizeof(chaddr)); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", bootp_h->op, __pcap_bootp_op_info(bootp_h->op), bootp_h->htype, bootp_h->hlen, bootp_h->hops, ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " "Relay agent[%s] Client MAC[%s]", ciaddr, yiaddr, siaddr, giaddr, chaddr); - len = ntohs(udp_h->len); __pcap_bootp_magic_info(bootp_h->magic, bootp_h->moption, len); } @@ -468,14 +472,9 @@ static uint8_t * __pcap_dns_name_info(uint8_t *dns_h, return (uint8_t *)nxt; } -static void __pcap_dns_data_info(const u_char *packet) +static void __pcap_dns_data_info(const u_char **packet, dns_t *dns_h) { - dns_t *dns_h = (dns_t *)(packet + - SIZE_ETHER_HEADER + SIZE_IP_HEADER + - SIZE_UDP_HEADER); - uint8_t *data = (uint8_t *)(packet + - SIZE_ETHER_HEADER + SIZE_IP_HEADER + - SIZE_UDP_HEADER + SIZE_DNS_HEADER); + uint8_t *data = (uint8_t *)*packet; uint16_t qdcount = ntohs(dns_h->questions); uint16_t ancount = ntohs(dns_h->answerRR); int i = 0; @@ -486,7 +485,7 @@ static void __pcap_dns_data_info(const u_char *packet) uint16_t class; if (i == 0) { - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("[Queries]"); } @@ -497,7 +496,7 @@ static void __pcap_dns_data_info(const u_char *packet) type = ntohs(*(uint16_t *)&data[0]); class = ntohs(*(uint16_t *)&data[2]); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s]", name, type, __pcap_dns_type_info(type), class, __pcap_dns_class_info(class)); @@ -515,7 +514,7 @@ static void __pcap_dns_data_info(const u_char *packet) char ip[BUFF_SIZE_IP]; if (i == 0) { - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("[Answers]"); } @@ -533,7 +532,7 @@ static void __pcap_dns_data_info(const u_char *packet) case DNS_QTYPE_A: inet_ntop(AF_INET, (struct in_addr *)&data[10], ip, BUFF_SIZE_IP); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " "TTL[%u] Data length[%u] Address[%s]", name, type, __pcap_dns_type_info(type), @@ -544,7 +543,7 @@ static void __pcap_dns_data_info(const u_char *packet) __pcap_dns_name_info((uint8_t *)dns_h, &data[10], cname); if (data == NULL) return; - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " "TTL[%u] Data length[%u] CName[%s]", name, type, __pcap_dns_type_info(type), @@ -554,7 +553,7 @@ static void __pcap_dns_data_info(const u_char *packet) case DNS_QTYPE_AAAA: break; default: - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " "TTL[%u] Data length[%u]", name, type, __pcap_dns_type_info(type), @@ -568,19 +567,20 @@ static void __pcap_dns_data_info(const u_char *packet) } } -static void __pcap_dns_info(const u_char *packet) +static void __pcap_dns_info(const u_char **packet) { - dns_t *dns_h = (dns_t *)(packet + - SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + dns_t *dns_h = (dns_t *)*packet; - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", ntohs(dns_h->id), ntohs(dns_h->flags), ntohs(dns_h->questions), ntohs(dns_h->answerRR), ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); - __pcap_dns_data_info(packet); + *packet += SIZE_DNS_HEADER; + + __pcap_dns_data_info(packet, dns_h); } static const char *__pcap_icmp_code_info(u_int8_t type, u_int8_t code) @@ -728,59 +728,61 @@ static const char *__pcap_icmp_type_info(u_int8_t type) return info; } -static void __pcap_icmp_info(const u_char *packet) +static void __pcap_icmp_info(const u_char **packet) { - icmp_t *icmp_h = (icmp_t *)(packet + - SIZE_ETHER_HEADER + SIZE_IP_HEADER); + icmp_t *icmp_h = (icmp_t *)*packet; - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Type[%u:%s] Code[%u:%s] Checksum[0x%x]", icmp_h->type, __pcap_icmp_type_info(icmp_h->type), icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), ntohs(icmp_h->checksum)); } -static void __pcap_tcp_info(const u_char *packet) +static void __pcap_tcp_info(const u_char **packet) { - tcp_t *tcp_h = (tcp_t *)(packet + - SIZE_ETHER_HEADER + SIZE_IP_HEADER); + tcp_t *tcp_h = (tcp_t *)*packet; u_int16_t source = ntohs(tcp_h->source); u_int16_t dest = ntohs(tcp_h->dest); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Source[%u] Destination[%u] Sequence[%u] " "Acknowledgment seq[%u] Window size[%u] ", ntohs(tcp_h->source), ntohs(tcp_h->dest), ntohl(tcp_h->seq), ntohl(tcp_h->ack_seq), ntohs(tcp_h->window)); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Checksum[0x%x] URG[%u] ACK[%u] PUSH[%u] " "RST[%u] SYN[%u] FIN[%u]", ntohs(tcp_h->check), tcp_h->urg, tcp_h->ack, tcp_h->psh, tcp_h->rst, tcp_h->syn, tcp_h->fin); + *packet += SIZE_TCP_HEADER; + if (IS_SRC_OR_DST_PORT(PORT_DNS)) __pcap_dns_info(packet); } -static void __pcap_udp_info(const u_char *packet) +static void __pcap_udp_info(const u_char **packet) { - udp_t *udp_h = (udp_t *)(packet - + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + udp_t *udp_h = (udp_t *)*packet; u_int16_t source = ntohs(udp_h->source); u_int16_t dest = ntohs(udp_h->dest); + u_int16_t len = ntohs(udp_h->len); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Source[%u] Destination[%u] Len[%u] Checksum[0x%x]", - source, dest, ntohs(udp_h->len), ntohs(udp_h->check)); + source, dest, len, ntohs(udp_h->check)); + + *packet += SIZE_UDP_HEADER; if (IS_SRC_OR_DST_PORT(PORT_DNS)) __pcap_dns_info(packet); else if (IS_SRC_OR_DST_PORT(PORT_BOOTP_C) || IS_SRC_OR_DST_PORT(PORT_BOOTP_S)) - __pcap_bootp_info(packet); + __pcap_bootp_info(packet, len); else if (IS_SRC_OR_DST_PORT(PORT_NTP)) __pcap_ntp_info(packet); } @@ -838,11 +840,10 @@ static const char *__pcap_arp_opcode_info(u_int16_t opcode) return info; } -static void __pcap_arp_info(const u_char *packet) +static void __pcap_arp_info(const u_char **packet) { - arp_t *arp_h = (arp_t *)(packet + SIZE_ETHER_HEADER); - u_int8_t *sha = (u_int8_t *)(packet + - SIZE_ETHER_HEADER + SIZE_ARP_HEADER); + arp_t *arp_h = (arp_t *)*packet; + u_int8_t *sha = (u_int8_t *)(*packet + SIZE_ARP_HEADER); u_int8_t *spa = (u_int8_t *)(sha + arp_h->ar_hln); u_int8_t *tha = (u_int8_t *)(spa + arp_h->ar_pln); u_int8_t *tpa = (u_int8_t *)(tha + arp_h->ar_hln); @@ -865,7 +866,7 @@ static void __pcap_arp_info(const u_char *packet) ar_pro = ntohs(arp_h->ar_pro); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("HW type[%u] Protocol type[0x%04x:%s] " "HW size[%u] Protocol size[%u] Opcode[%u:%s] ", ntohs(arp_h->ar_hrd), ar_pro, @@ -873,7 +874,7 @@ static void __pcap_arp_info(const u_char *packet) arp_h->ar_hln, arp_h->ar_pln, ar_op, __pcap_arp_opcode_info(ar_op)); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Sender MAC[%s] Sender IP[%s] " "Target MAC[%s] Target IP[%s]", sma, sia, tma, tia); @@ -913,16 +914,16 @@ static const char *__pcap_ip_protocol_info(u_int8_t p) return info; } -static void __pcap_ipv6_info(const u_char *packet) +static void __pcap_ipv6_info(const u_char **packet) { - ip6_t *ip6_h = (ip6_t *)(packet + SIZE_ETHER_HEADER); + ip6_t *ip6_h = (ip6_t *)*packet; char ip6_src[BUFF_SIZE_IP6]; char ip6_dst[BUFF_SIZE_IP6]; inet_ntop(AF_INET6, &ip6_h->ip6_src, ip6_src, BUFF_SIZE_IP6); inet_ntop(AF_INET6, &ip6_h->ip6_dst, ip6_dst, BUFF_SIZE_IP6); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Flow[0x%08x] Payload len[%u] Next hdr[%u:%s] " "Hop limit[%u] Source[%s] Destination[%s]", ntohl(ip6_h->ip6_flow), ntohs(ip6_h->ip6_plen), @@ -949,16 +950,16 @@ static void __pcap_ipv6_info(const u_char *packet) } } -static void __pcap_ip_info(const u_char *packet) +static void __pcap_ip_info(const u_char **packet) { - ip_t *ip_h = (ip_t *)(packet + SIZE_ETHER_HEADER); + ip_t *ip_h = (ip_t *)*packet; char ip_src[BUFF_SIZE_IP]; char ip_dst[BUFF_SIZE_IP]; inet_ntop(AF_INET, &ip_h->ip_src, ip_src, BUFF_SIZE_IP); inet_ntop(AF_INET, &ip_h->ip_dst, ip_dst, BUFF_SIZE_IP); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Header len[%u] TOS[0x%02x] Total len[%u] " "ID[0x%04x] Flags[0x%02x] TTL[%u] Protocol[%u:%s] " "Checksum[0x%04x] Source[%s] Destination[%s]", @@ -969,6 +970,8 @@ static void __pcap_ip_info(const u_char *packet) __pcap_ip_protocol_info(ip_h->ip_p), ntohs(ip_h->ip_sum), ip_src, ip_dst); + *packet += SIZE_IP_HEADER; + switch (ip_h->ip_p) { case IPPROTO_ICMP: __pcap_icmp_info(packet); @@ -984,9 +987,9 @@ static void __pcap_ip_info(const u_char *packet) } } -static void __pcap_eth_info(const u_char *packet) +static void __pcap_eth_info(const u_char **packet) { - eth_t *eth_h = (eth_t *)packet; + eth_t *eth_h = (eth_t *)*packet; u_int8_t *eth_shost = eth_h->ether_shost; u_int8_t *eth_dhost = eth_h->ether_dhost; char shost[BUFF_SIZE_HOST]; @@ -1003,9 +1006,219 @@ static void __pcap_eth_info(const u_char *packet) ether_type = ntohs(eth_h->ether_type); - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Source[%s] Destination[%s] Type[0x%04x:%s]", shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); + + *packet += SIZE_ETHER_HEADER; +} + +static const char *__pcap_family_info(u_int8_t family) +{ + char *info = NULL; + + switch (family) { + case AF_INET: + info = "IPv4"; + break; + case AF_INET6: + info = "IPv6"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static const char *__pcap_tlv_type_info(u_int16_t type) +{ + char *info = NULL; + + switch (type) { + case NFULA_PACKET_HDR: + info = "NFULA_PACKET_HDR"; + break; + case NFULA_MARK: + info = "NFULA_MARK"; + break; + case NFULA_TIMESTAMP: + info = "NFULA_TIMESTAMP"; + break; + case NFULA_IFINDEX_INDEV: + info = "NFULA_IFINDEX_INDEV"; + break; + case NFULA_IFINDEX_OUTDEV: + info = "NFULA_IFINDEX_OUTDEV"; + break; + case NFULA_IFINDEX_PHYSINDEV: + info = "NFULA_IFINDEX_PHYSINDEV"; + break; + case NFULA_IFINDEX_PHYSOUTDEV: + info = "NFULA_IFINDEX_PHYSOUTDEV"; + break; + case NFULA_HWADDR: + info = "NFULA_HWADDR"; + break; + case NFULA_PAYLOAD: + info = "NFULA_PAYLOAD"; + break; + case NFULA_PREFIX: + info = "NFULA_PREFIX"; + break; + case NFULA_UID: + info = "NFULA_UID"; + break; + case NFULA_SEQ: + info = "NFULA_SEQ"; + break; + case NFULA_SEQ_GLOBAL: + info = "NFULA_SEQ_GLOBAL"; + break; + case NFULA_GID: + info = "NFULA_GID"; + break; + case NFULA_HWTYPE: + info = "NFULA_HWTYPE"; + break; + case NFULA_HWHEADER: + info = "NFULA_HWHEADER"; + break; + case NFULA_HWLEN: + info = "NFULA_HWLEN"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_nflog_tlv_info(const u_char **packet, + u_int32_t length, u_int32_t caplen) +{ + nflog_tlv_t *tlv_h; + u_int16_t tlv_length; + u_int16_t tlv_type; + GString *value; + u_int16_t value_len; + u_char *value_pos = NULL; + gchar *value_str = NULL; + + length -= SIZE_NFLOG_HDR; + caplen -= SIZE_NFLOG_HDR; + + while (length > 0) { + if (caplen < SIZE_NFLOG_TLV || length < SIZE_NFLOG_TLV) + break; + + tlv_h = (nflog_tlv_t *)*packet; + tlv_length = tlv_h->tlv_length; + if (tlv_length % 4 != 0) + tlv_length += 4 - tlv_length % 4; + tlv_type = tlv_h->tlv_type; + + if (tlv_length < SIZE_NFLOG_TLV) + break; + + if (caplen < tlv_length || length < tlv_length) + break; + + if (STC_PCAP_LOG) { + if (tlv_type != NFULA_PAYLOAD) { + nflog_hwaddr_t *hwaddr; + nflog_timestamp_s *timestamp; + char host[BUFF_SIZE_HOST]; + u_int32_t sec; + int len = 0; + char *time = NULL; + + switch (tlv_type) { + case NFULA_HWADDR: + hwaddr = (nflog_hwaddr_t *)((u_char *)tlv_h + SIZE_NFLOG_TLV); + g_strlcpy(host, + ether_ntoa((const struct ether_addr *)hwaddr->hw_addr), + sizeof(host)); + STC_LOGD("Type[%s:%u] Length[%u] Hwaddr[%s]", + __pcap_tlv_type_info(tlv_type), tlv_type, + tlv_h->tlv_length, host); + break; + case NFULA_TIMESTAMP: + timestamp = (nflog_timestamp_s *)((u_char *)tlv_h + SIZE_NFLOG_TLV); + sec = ntohl(timestamp->ts[1]); + time = ctime((const time_t *)&sec); + len = strlen(time); + time[len - 1] = '\0'; + + STC_LOGD("Type[%s:%u] Length[%u] Timestamp[%s]", + __pcap_tlv_type_info(tlv_type), tlv_type, + tlv_h->tlv_length, time); + break; + case NFULA_PREFIX: + value_len = tlv_h->tlv_length - SIZE_NFLOG_TLV; + value = g_string_sized_new(value_len); + if (value) { + value_pos = (u_char *)tlv_h + SIZE_NFLOG_TLV; + while (value_len--) + g_string_append_printf(value, "%c", *(value_pos++)); + value_str = g_string_free(value, FALSE); + } + + STC_LOGD("Type[%s:%u] Length[%u] Prefix[%s]", + __pcap_tlv_type_info(tlv_type), tlv_type, + tlv_h->tlv_length, value_str); + + FREE(value_str); + break; + default: + value_len = tlv_h->tlv_length - SIZE_NFLOG_TLV; + value = g_string_sized_new(value_len); + if (value) { + value_pos = (u_char *)tlv_h + SIZE_NFLOG_TLV; + while (value_len--) + g_string_append_printf(value, "%02x", *(value_pos++)); + value_str = g_string_free(value, FALSE); + } + + STC_LOGD("Type[%s:%u] Length[%u] Value[%s]", + __pcap_tlv_type_info(tlv_type), tlv_type, + tlv_h->tlv_length, value_str); + + FREE(value_str); + break; + } + } else { + STC_LOGD("Type[%s:%u] Length[%u]", + __pcap_tlv_type_info(tlv_type), + tlv_type, tlv_h->tlv_length); + } + } + + if (tlv_type == NFULA_PAYLOAD) { + *packet += SIZE_NFLOG_TLV; + break; + } + + *packet += tlv_length; + length -= tlv_length; + caplen -= tlv_length; + } +} + +static void __pcap_nflog_hdr_info(const u_char **packet) +{ + nflog_hdr_t *hdr_h = (nflog_hdr_t *)*packet; + u_int8_t family = hdr_h->nflog_family; + u_int8_t version = hdr_h->nflog_version; + u_int16_t resource_id = ntohs(hdr_h->nflog_rid); + + if (STC_PCAP_LOG) + STC_LOGD("Family[%s:%u] Version[%u] Resource id[%u]", + __pcap_family_info(family), family, version, resource_id); + + *packet += SIZE_NFLOG_HDR; } static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) @@ -1014,7 +1227,7 @@ static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) int len = 0; struct timeval ts = pkthdr->ts; __time_t tv_sec = ts.tv_sec; - __suseconds_t tv_usec = tv_usec; + __suseconds_t tv_usec = ts.tv_usec; if (g_pcap_start_fm == false) { g_pcap_tv = ts; @@ -1025,7 +1238,7 @@ static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) len = strlen(curr); curr[len - 1] = '\0'; - if (STC_DEBUG_LOG && STC_PCAP_LOG) + if (STC_PCAP_LOG) STC_LOGD("Arrival time[%s] Timeval[%.06f] " "Frame len[%u] Capture len[%u]", curr, (float)((tv_sec - g_pcap_tv.tv_sec) * 1000000 + @@ -1036,29 +1249,57 @@ static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) static void __pcap_handler(u_char *param, const struct pcap_pkthdr *pkthdr, const u_char *packet) { - eth_t *eth_h; - unsigned short eth_type; /* int len = pkthdr->len; */ + stc_pcap_data_s *pcap_data = (stc_pcap_data_s *)param; + eth_t *eth_h; + u_int16_t eth_type; + nflog_hdr_t *nflog_h; + u_int8_t nflog_family; __pcap_fm_info(pkthdr); - eth_h = (eth_t *)packet; - __pcap_eth_info(packet); + switch (pcap_data->encap_type) { + case ENCAPTYPE_ETHERNET: + eth_h = (eth_t *)packet; + eth_type = ntohs(eth_h->ether_type); - eth_type = ntohs(eth_h->ether_type); - switch (eth_type) { - case ETHERTYPE_IP: - __pcap_ip_info(packet); - /* __pcap_data_info(pcaket, len); */ - break; - case ETHERTYPE_IPV6: - __pcap_ipv6_info(packet); - break; - case ETHERTYPE_ARP: - case ETHERTYPE_REVARP: - __pcap_arp_info(packet); + __pcap_eth_info(&packet); + + switch (eth_type) { + case ETHERTYPE_IP: + __pcap_ip_info(&packet); + /* __pcap_data_info(pcaket, len); */ + break; + case ETHERTYPE_IPV6: + __pcap_ipv6_info(&packet); + break; + case ETHERTYPE_ARP: + case ETHERTYPE_REVARP: + __pcap_arp_info(&packet); + break; + case ETHERTYPE_LOOPBACK: + break; + default: + break; + } break; - case ETHERTYPE_LOOPBACK: + case ENCAPTYPE_NFLOG: + nflog_h = (nflog_hdr_t *)packet; + nflog_family = nflog_h->nflog_family; + + __pcap_nflog_hdr_info(&packet); + __pcap_nflog_tlv_info(&packet, pkthdr->len, pkthdr->caplen); + + switch (nflog_family) { + case AF_INET: + __pcap_ip_info(&packet); + break; + case AF_INET6: + __pcap_ipv6_info(&packet); + break; + default: + break; + } break; default: break; @@ -1078,7 +1319,7 @@ static gboolean __pcap_thread_source_func(gpointer data) if (g_pcap_tables == NULL) return false; - snprintf(buf, sizeof(buf), "%s_%d", + snprintf(buf, sizeof(buf), "%s:%d", pcap_data->ifname, pcap_data->nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); @@ -1113,7 +1354,13 @@ static gpointer __pcap_thread_func(gpointer data) for (dev = alldevs; dev; dev = dev->next) { if (g_strcmp0(dev->name, pcap_data->ifname) == 0) { - name = g_strdup(dev->name); + if (g_strcmp0(dev->name, NFLOG_IFNAME) == 0) { + name = g_strdup(pcap_data->nfname); + pcap_data->encap_type = ENCAPTYPE_NFLOG; + } else { + name = g_strdup(pcap_data->ifname); + pcap_data->encap_type = ENCAPTYPE_ETHERNET; + } break; } } @@ -1133,12 +1380,14 @@ static gpointer __pcap_thread_func(gpointer data) goto thread_exit; } + STC_LOGD("Pcap open live [%p]", pcap_data->handle); + STC_LOGD("Pcap loop start [%s]", name); - pcap_loop(pcap_data->handle, 0, __pcap_handler, NULL); + pcap_loop(pcap_data->handle, 0, __pcap_handler, (u_char *)pcap_data); STC_LOGD("Pcap loop end [%s]", name); pcap_close(pcap_data->handle); - STC_LOGD("Pcap closed [%s]", name); + STC_LOGD("Pcap closed [%p]", pcap_data->handle); thread_exit: FREE(name); @@ -1318,7 +1567,7 @@ int stc_plugin_pcap_register_loop(const char *ifname, STC_ERROR_FAIL, "Invalid parameter [ifname]"); - snprintf(buf, sizeof(buf), "%s_%d", ifname, nflog_group); + snprintf(buf, sizeof(buf), "%s:%d", ifname, nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (lookup) { @@ -1333,6 +1582,7 @@ int stc_plugin_pcap_register_loop(const char *ifname, } data->ifname = g_strdup(ifname); + data->nfname = g_strdup(buf); data->nflog_group = nflog_group; data->thread = g_thread_new(buf, __pcap_thread_func, data); @@ -1356,7 +1606,7 @@ int stc_plugin_pcap_unregister_loop(const char *ifname, STC_ERROR_FAIL, "Invalid parameter [ifname]"); - snprintf(buf, sizeof(buf), "%s_%d", ifname, nflog_group); + snprintf(buf, sizeof(buf), "%s:%d", ifname, nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (!lookup) { -- 2.7.4 From 382d8f78352424b6767fd7ff43adaa0929266c7f Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Tue, 8 Jan 2019 17:34:58 +0900 Subject: [PATCH 12/16] Add http infomation for pcap and checking length of packet Change-Id: I84486ec739c1ed0baf3feacebd22c475b7468971 Signed-off-by: hyunuktak --- packaging/stc-manager.spec | 2 +- plugin/appstatus/stc-plugin-appstatus.c | 10 +- plugin/pcap/include/stc-plugin-pcap.h | 13 +++ plugin/pcap/stc-plugin-pcap.c | 192 +++++++++++++++++++++----------- 4 files changed, 146 insertions(+), 71 deletions(-) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index 4f177eb..e34256e 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.86 +Version: 0.0.87 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/plugin/appstatus/stc-plugin-appstatus.c b/plugin/appstatus/stc-plugin-appstatus.c index 5d5b653..108e0ab 100755 --- a/plugin/appstatus/stc-plugin-appstatus.c +++ b/plugin/appstatus/stc-plugin-appstatus.c @@ -127,10 +127,13 @@ signal_map_s signal_map[] = { static stc_error_e __ground_status_monitor_init(stc_s *stc) { guint i = 0; + guint size = 0; ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); - for (i = 0; signal_map[i].member != NULL; i++) { + size = sizeof(signal_map) / sizeof(signal_map[0]); + + for (i = 0; signal_map[i].member != NULL && i < size; i++) { signal_map[i].sub_id = g_dbus_connection_signal_subscribe(stc->connection, NULL, @@ -152,10 +155,13 @@ static stc_error_e __ground_status_monitor_init(stc_s *stc) static stc_error_e __ground_status_monitor_deinit(stc_s *stc) { guint i = 0; + guint size = 0; ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); - for (i = 0; signal_map[i].member != NULL; i++) { + size = sizeof(signal_map) / sizeof(signal_map[0]); + + for (i = 0; signal_map[i].member != NULL && i < size; i++) { g_dbus_connection_signal_unsubscribe(stc->connection, signal_map[i].sub_id); signal_map[i].sub_id = 0; diff --git a/plugin/pcap/include/stc-plugin-pcap.h b/plugin/pcap/include/stc-plugin-pcap.h index aced8f9..ccd97d8 100755 --- a/plugin/pcap/include/stc-plugin-pcap.h +++ b/plugin/pcap/include/stc-plugin-pcap.h @@ -57,6 +57,7 @@ #define PORT_NTP 123 #define PORT_HTTPS 443 #define PORT_SMTP_MSG 587 +#define PORT_HTTP_ALT 8080 #define ARP_REQUEST 1 #define ARP_REPLY 2 @@ -123,6 +124,13 @@ #define DNS_QCLASS_HS 4 #define DNS_QCLASS_ANY 255 +#define ETHERTYPE_EAPOL 0x888e + +#define HR_SINGLE "----------------------------------------" \ + "-------------------------" +#define HR_DOUBLE "========================================" \ + "=========================" + typedef struct { char *ifname; char *nfname; @@ -197,6 +205,10 @@ typedef struct { ntp_long_t xmttime; /* Transmit timestamp */ } ntp_t; +typedef struct { + uint32_t ts[4]; +} nflog_timestamp_s; + typedef struct ether_header eth_t; typedef struct ip ip_t; typedef struct ip6_hdr ip6_t; @@ -207,6 +219,7 @@ typedef struct udphdr udp_t; #define SIZE_ETHER_HEADER sizeof(eth_t) #define SIZE_IP_HEADER sizeof(ip_t) +#define SIZE_IP6_HEADER sizeof(ip6_t) #define SIZE_ARP_HEADER sizeof(arp_t) #define SIZE_ICMP_HEADER sizeof(icmp_t) #define SIZE_TCP_HEADER sizeof(tcp_t) diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 7921a1e..6c53ef3 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -28,10 +28,6 @@ #define NFLOG_IFNAME "nflog" -typedef struct { - u_int32_t ts[4]; -} nflog_timestamp_s; - //LCOV_EXCL_START static GHashTable *g_pcap_tables = NULL; static bool g_pcap_start_fm = false; @@ -118,7 +114,7 @@ static uint16_t __pcap_ntp_fraction_info(uint16_t f) return fraction; } -static void __pcap_ntp_info(const u_char **packet) +static void __pcap_ntp_info(const u_char **packet, uint32_t *pktlen) { ntp_t *ntp_h = (ntp_t *)*packet; char refid[BUFF_SIZE_ID]; @@ -133,7 +129,8 @@ static void __pcap_ntp_info(const u_char **packet) __pcap_ntp_time_info(ntp_h->rectime.second, rectime); __pcap_ntp_time_info(ntp_h->xmttime.second, xmttime); - if (STC_PCAP_LOG) + if (STC_PCAP_LOG) { + STC_LOGD(HR_SINGLE); STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", ntp_h->flags, ntp_h->stratum, ntp_h->poll, @@ -143,10 +140,10 @@ static void __pcap_ntp_info(const u_char **packet) ntohs(ntp_h->rootdisp.second), __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), refid); - - if (STC_PCAP_LOG) STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", reftime, orgtime, rectime, xmttime); + STC_LOGD(HR_SINGLE); + } } static const char *__pcap_dhcp_client_id_info(uint8_t data) @@ -245,7 +242,7 @@ static void __pcap_bootp_magic_info(uint32_t magic, if (STC_PCAP_LOG) STC_LOGD("Magic cookie[DHCP]"); - while(len > 0) { + while (len > 0) { uint8_t tag = opt[0]; uint8_t length = opt[1]; uint8_t *data = &opt[2]; @@ -369,19 +366,22 @@ static void __pcap_bootp_info(const u_char **packet, u_int16_t len) ether_ntoa((const struct ether_addr *)bootp_h->chaddr), sizeof(chaddr)); - if (STC_PCAP_LOG) + if (STC_PCAP_LOG) { + STC_LOGD(HR_SINGLE); STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", bootp_h->op, __pcap_bootp_op_info(bootp_h->op), bootp_h->htype, bootp_h->hlen, bootp_h->hops, ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); - - if (STC_PCAP_LOG) STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " "Relay agent[%s] Client MAC[%s]", ciaddr, yiaddr, siaddr, giaddr, chaddr); + } __pcap_bootp_magic_info(bootp_h->magic, bootp_h->moption, len); + + if (STC_PCAP_LOG) + STC_LOGD(HR_SINGLE); } static char *__pcap_dns_type_info(uint16_t type) @@ -451,7 +451,7 @@ static uint8_t * __pcap_dns_name_info(uint8_t *dns_h, break; } - if (dname - name + *sec + 1 > BUFF_SIZE_NAME - 1) { + if (dname + *sec >= name + BUFF_SIZE_NAME) { *name = '\0'; return NULL; } @@ -472,7 +472,7 @@ static uint8_t * __pcap_dns_name_info(uint8_t *dns_h, return (uint8_t *)nxt; } -static void __pcap_dns_data_info(const u_char **packet, dns_t *dns_h) +static void __pcap_dns_data_info(const u_char **packet, dns_t *dns_h, uint32_t *pktlen) { uint8_t *data = (uint8_t *)*packet; uint16_t qdcount = ntohs(dns_h->questions); @@ -567,20 +567,26 @@ static void __pcap_dns_data_info(const u_char **packet, dns_t *dns_h) } } -static void __pcap_dns_info(const u_char **packet) +static void __pcap_dns_info(const u_char **packet, uint32_t *pktlen) { dns_t *dns_h = (dns_t *)*packet; - if (STC_PCAP_LOG) + if (STC_PCAP_LOG) { + STC_LOGD(HR_SINGLE); STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", ntohs(dns_h->id), ntohs(dns_h->flags), ntohs(dns_h->questions), ntohs(dns_h->answerRR), ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); + } *packet += SIZE_DNS_HEADER; + *pktlen -= SIZE_DNS_HEADER; + + __pcap_dns_data_info(packet, dns_h, pktlen); - __pcap_dns_data_info(packet, dns_h); + if (STC_PCAP_LOG) + STC_LOGD(HR_SINGLE); } static const char *__pcap_icmp_code_info(u_int8_t type, u_int8_t code) @@ -728,7 +734,7 @@ static const char *__pcap_icmp_type_info(u_int8_t type) return info; } -static void __pcap_icmp_info(const u_char **packet) +static void __pcap_icmp_info(const u_char **packet, uint32_t *pktlen) { icmp_t *icmp_h = (icmp_t *)*packet; @@ -737,9 +743,36 @@ static void __pcap_icmp_info(const u_char **packet) icmp_h->type, __pcap_icmp_type_info(icmp_h->type), icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), ntohs(icmp_h->checksum)); + + *packet += SIZE_ICMP_HEADER; + *pktlen -= SIZE_ICMP_HEADER; } -static void __pcap_tcp_info(const u_char **packet) +static void __pcap_http_info(const u_char **packet, uint32_t *pktlen) +{ + GString *value; + gsize value_len; + u_char *value_pos = NULL; + gchar *value_str = NULL; + + value_len = *pktlen; + value = g_string_sized_new(value_len); + if (value) { + value_pos = (u_char *)*packet; + while (value_len--) + g_string_append_printf(value, "%c", *(value_pos++)); + value_str = g_string_free(value, FALSE); + } + + if (STC_PCAP_LOG) { + STC_LOGD(HR_SINGLE "\n%s", value_str); + STC_LOGD(HR_SINGLE); + } + + FREE(value_str); +} + +static void __pcap_tcp_info(const u_char **packet, uint32_t *pktlen) { tcp_t *tcp_h = (tcp_t *)*packet; u_int16_t source = ntohs(tcp_h->source); @@ -759,13 +792,19 @@ static void __pcap_tcp_info(const u_char **packet) tcp_h->urg, tcp_h->ack, tcp_h->psh, tcp_h->rst, tcp_h->syn, tcp_h->fin); - *packet += SIZE_TCP_HEADER; + *packet += (tcp_h->th_off * 4); + *pktlen -= (tcp_h->th_off * 4); - if (IS_SRC_OR_DST_PORT(PORT_DNS)) - __pcap_dns_info(packet); + if (*pktlen > 0) { + if (IS_SRC_OR_DST_PORT(PORT_DNS)) + __pcap_dns_info(packet, pktlen); + else if (IS_SRC_OR_DST_PORT(PORT_HTTP) || + IS_SRC_OR_DST_PORT(PORT_HTTP_ALT)) + __pcap_http_info(packet, pktlen); + } } -static void __pcap_udp_info(const u_char **packet) +static void __pcap_udp_info(const u_char **packet, uint32_t *pktlen) { udp_t *udp_h = (udp_t *)*packet; u_int16_t source = ntohs(udp_h->source); @@ -777,14 +816,17 @@ static void __pcap_udp_info(const u_char **packet) source, dest, len, ntohs(udp_h->check)); *packet += SIZE_UDP_HEADER; - - if (IS_SRC_OR_DST_PORT(PORT_DNS)) - __pcap_dns_info(packet); - else if (IS_SRC_OR_DST_PORT(PORT_BOOTP_C) || - IS_SRC_OR_DST_PORT(PORT_BOOTP_S)) - __pcap_bootp_info(packet, len); - else if (IS_SRC_OR_DST_PORT(PORT_NTP)) - __pcap_ntp_info(packet); + *pktlen -= SIZE_UDP_HEADER; + + if (*pktlen > 0) { + if (IS_SRC_OR_DST_PORT(PORT_DNS)) + __pcap_dns_info(packet, pktlen); + else if (IS_SRC_OR_DST_PORT(PORT_BOOTP_C) || + IS_SRC_OR_DST_PORT(PORT_BOOTP_S)) + __pcap_bootp_info(packet, len); + else if (IS_SRC_OR_DST_PORT(PORT_NTP)) + __pcap_ntp_info(packet, pktlen); + } } static const char *__pcap_eth_type_info(u_int16_t type) @@ -815,6 +857,10 @@ static const char *__pcap_eth_type_info(u_int16_t type) return info; } +static void __pcap_eapol_info(const u_char **packet, uint32_t *pktlen) +{ +} + static const char *__pcap_arp_opcode_info(u_int16_t opcode) { char *info = NULL; @@ -840,7 +886,7 @@ static const char *__pcap_arp_opcode_info(u_int16_t opcode) return info; } -static void __pcap_arp_info(const u_char **packet) +static void __pcap_arp_info(const u_char **packet, uint32_t *pktlen) { arp_t *arp_h = (arp_t *)*packet; u_int8_t *sha = (u_int8_t *)(*packet + SIZE_ARP_HEADER); @@ -878,6 +924,9 @@ static void __pcap_arp_info(const u_char **packet) STC_LOGD("Sender MAC[%s] Sender IP[%s] " "Target MAC[%s] Target IP[%s]", sma, sia, tma, tia); + + *packet += SIZE_ARP_HEADER; + *pktlen -= SIZE_ARP_HEADER; } static const char *__pcap_ip_protocol_info(u_int8_t p) @@ -914,7 +963,7 @@ static const char *__pcap_ip_protocol_info(u_int8_t p) return info; } -static void __pcap_ipv6_info(const u_char **packet) +static void __pcap_ipv6_info(const u_char **packet, uint32_t *pktlen) { ip6_t *ip6_h = (ip6_t *)*packet; char ip6_src[BUFF_SIZE_IP6]; @@ -930,27 +979,25 @@ static void __pcap_ipv6_info(const u_char **packet) ip6_h->ip6_nxt, __pcap_ip_protocol_info(ip6_h->ip6_nxt), ip6_h->ip6_hlim, ip6_src, ip6_dst); + *packet += SIZE_IP6_HEADER; + *pktlen -= SIZE_IP6_HEADER; + switch (ip6_h->ip6_nxt) { - case IPPROTO_IP: - break; - case IPPROTO_ICMP: - break; - case IPPROTO_IPIP: - break; case IPPROTO_TCP: + __pcap_tcp_info(packet, pktlen); break; case IPPROTO_UDP: - break; - case IPPROTO_IPV6: + __pcap_udp_info(packet, pktlen); break; case IPPROTO_ICMPV6: + __pcap_icmp_info(packet, pktlen); break; default: break; } } -static void __pcap_ip_info(const u_char **packet) +static void __pcap_ip_info(const u_char **packet, uint32_t *pktlen) { ip_t *ip_h = (ip_t *)*packet; char ip_src[BUFF_SIZE_IP]; @@ -971,23 +1018,24 @@ static void __pcap_ip_info(const u_char **packet) ntohs(ip_h->ip_sum), ip_src, ip_dst); *packet += SIZE_IP_HEADER; + *pktlen -= SIZE_IP_HEADER; switch (ip_h->ip_p) { case IPPROTO_ICMP: - __pcap_icmp_info(packet); + __pcap_icmp_info(packet, pktlen); break; case IPPROTO_TCP: - __pcap_tcp_info(packet); + __pcap_tcp_info(packet, pktlen); break; case IPPROTO_UDP: - __pcap_udp_info(packet); + __pcap_udp_info(packet, pktlen); break; default: break; } } -static void __pcap_eth_info(const u_char **packet) +static void __pcap_eth_info(const u_char **packet, uint32_t *pktlen) { eth_t *eth_h = (eth_t *)*packet; u_int8_t *eth_shost = eth_h->ether_shost; @@ -1011,6 +1059,7 @@ static void __pcap_eth_info(const u_char **packet) shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); *packet += SIZE_ETHER_HEADER; + *pktlen -= SIZE_ETHER_HEADER; } static const char *__pcap_family_info(u_int8_t family) @@ -1097,7 +1146,7 @@ static const char *__pcap_tlv_type_info(u_int16_t type) } static void __pcap_nflog_tlv_info(const u_char **packet, - u_int32_t length, u_int32_t caplen) + u_int32_t *pktlen) { nflog_tlv_t *tlv_h; u_int16_t tlv_length; @@ -1107,11 +1156,10 @@ static void __pcap_nflog_tlv_info(const u_char **packet, u_char *value_pos = NULL; gchar *value_str = NULL; - length -= SIZE_NFLOG_HDR; - caplen -= SIZE_NFLOG_HDR; + *pktlen -= SIZE_NFLOG_HDR; - while (length > 0) { - if (caplen < SIZE_NFLOG_TLV || length < SIZE_NFLOG_TLV) + while (*pktlen > 0) { + if (*pktlen < SIZE_NFLOG_TLV) break; tlv_h = (nflog_tlv_t *)*packet; @@ -1123,7 +1171,7 @@ static void __pcap_nflog_tlv_info(const u_char **packet, if (tlv_length < SIZE_NFLOG_TLV) break; - if (caplen < tlv_length || length < tlv_length) + if (*pktlen < tlv_length) break; if (STC_PCAP_LOG) { @@ -1198,16 +1246,16 @@ static void __pcap_nflog_tlv_info(const u_char **packet, if (tlv_type == NFULA_PAYLOAD) { *packet += SIZE_NFLOG_TLV; + *pktlen -= SIZE_NFLOG_TLV; break; } *packet += tlv_length; - length -= tlv_length; - caplen -= tlv_length; + *pktlen -= tlv_length; } } -static void __pcap_nflog_hdr_info(const u_char **packet) +static void __pcap_nflog_hdr_info(const u_char **packet, uint32_t *pktlen) { nflog_hdr_t *hdr_h = (nflog_hdr_t *)*packet; u_int8_t family = hdr_h->nflog_family; @@ -1219,6 +1267,7 @@ static void __pcap_nflog_hdr_info(const u_char **packet) __pcap_family_info(family), family, version, resource_id); *packet += SIZE_NFLOG_HDR; + *pktlen -= SIZE_NFLOG_HDR; } static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) @@ -1249,12 +1298,14 @@ static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) static void __pcap_handler(u_char *param, const struct pcap_pkthdr *pkthdr, const u_char *packet) { - /* int len = pkthdr->len; */ + uint32_t pktlen = pkthdr->len; stc_pcap_data_s *pcap_data = (stc_pcap_data_s *)param; eth_t *eth_h; - u_int16_t eth_type; + uint16_t eth_type; nflog_hdr_t *nflog_h; - u_int8_t nflog_family; + uint8_t nflog_family; + + STC_LOGD(HR_DOUBLE); __pcap_fm_info(pkthdr); @@ -1263,22 +1314,25 @@ static void __pcap_handler(u_char *param, eth_h = (eth_t *)packet; eth_type = ntohs(eth_h->ether_type); - __pcap_eth_info(&packet); + __pcap_eth_info(&packet, &pktlen); switch (eth_type) { case ETHERTYPE_IP: - __pcap_ip_info(&packet); - /* __pcap_data_info(pcaket, len); */ + __pcap_ip_info(&packet, &pktlen); + /* __pcap_data_info(pcaket, pktlen); */ break; case ETHERTYPE_IPV6: - __pcap_ipv6_info(&packet); + __pcap_ipv6_info(&packet, &pktlen); break; case ETHERTYPE_ARP: case ETHERTYPE_REVARP: - __pcap_arp_info(&packet); + __pcap_arp_info(&packet, &pktlen); break; case ETHERTYPE_LOOPBACK: break; + case ETHERTYPE_EAPOL: + __pcap_eapol_info(&packet, &pktlen); + break; default: break; } @@ -1287,15 +1341,15 @@ static void __pcap_handler(u_char *param, nflog_h = (nflog_hdr_t *)packet; nflog_family = nflog_h->nflog_family; - __pcap_nflog_hdr_info(&packet); - __pcap_nflog_tlv_info(&packet, pkthdr->len, pkthdr->caplen); + __pcap_nflog_hdr_info(&packet, &pktlen); + __pcap_nflog_tlv_info(&packet, &pktlen); switch (nflog_family) { case AF_INET: - __pcap_ip_info(&packet); + __pcap_ip_info(&packet, &pktlen); break; case AF_INET6: - __pcap_ipv6_info(&packet); + __pcap_ipv6_info(&packet, &pktlen); break; default: break; @@ -1304,6 +1358,8 @@ static void __pcap_handler(u_char *param, default: break; } + + STC_LOGD(HR_DOUBLE); } static gboolean __pcap_thread_source_func(gpointer data) @@ -1362,7 +1418,7 @@ static gpointer __pcap_thread_func(gpointer data) pcap_data->encap_type = ENCAPTYPE_ETHERNET; } break; - } + } } pcap_freealldevs(alldevs); -- 2.7.4 From 5ac5a543cf2c66f3a9264136d1fe118a15ec8ae4 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Wed, 16 Jan 2019 15:54:49 +0900 Subject: [PATCH 13/16] Fix a svace issue for negative code error Change-Id: I4ed552ae7de2d691a26239c3390fde62f2a0d40f Signed-off-by: hyunuktak --- packaging/stc-manager.spec | 2 +- plugin/procfs/stc-plugin-procfs.c | 23 +++++++++++++---------- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index e34256e..f83c3f0 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.87 +Version: 0.0.88 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/plugin/procfs/stc-plugin-procfs.c b/plugin/procfs/stc-plugin-procfs.c index 668f15c..9538a61 100755 --- a/plugin/procfs/stc-plugin-procfs.c +++ b/plugin/procfs/stc-plugin-procfs.c @@ -447,7 +447,7 @@ static int __subscribe_proc_events(void) if (sock == -1) { __STC_LOG_FUNC_EXIT__; - return -1; + return STC_ERROR_INVALID_PARAMETER; } memset(&msg, 0, sizeof(nl_connector_msg_s)); @@ -466,11 +466,11 @@ static int __subscribe_proc_events(void) if (ret == -1) { STC_LOGE("Error sending netlink connector message"); __STC_LOG_FUNC_EXIT__; - return -1; + return STC_ERROR_FAIL; } __STC_LOG_FUNC_EXIT__; - return 0; + return STC_ERROR_NONE; } static int __unsubscribe_proc_events(void) @@ -482,7 +482,7 @@ static int __unsubscribe_proc_events(void) if (sock == -1) { __STC_LOG_FUNC_EXIT__; - return -1; + return STC_ERROR_INVALID_PARAMETER; } memset(&msg, 0, sizeof(nl_connector_msg_s)); @@ -501,11 +501,11 @@ static int __unsubscribe_proc_events(void) if (ret == -1) { STC_LOGE("Error sending netlink connector message"); __STC_LOG_FUNC_EXIT__; - return -1; + return STC_ERROR_FAIL; } __STC_LOG_FUNC_EXIT__; - return 0; + return STC_ERROR_NONE; } static bool __process_pid_cb(pid_t pid, void *user_data) @@ -542,6 +542,7 @@ static bool __process_pid_cb(pid_t pid, void *user_data) int stc_plugin_procfs_initialize(void) { __STC_LOG_FUNC_ENTER__; + int ret = STC_ERROR_NONE; proc_tree = g_tree_new_full(__proc_tree_key_compare, NULL, __proc_tree_key_free, @@ -550,28 +551,30 @@ int stc_plugin_procfs_initialize(void) /* TODO: Fill proc tree with current procfs state */ __open_nl_connector_sock(); - __subscribe_proc_events(); + ret = __subscribe_proc_events(); + __STC_LOG_FUNC_EXIT__; - return STC_ERROR_NONE; + return ret; } int stc_plugin_procfs_deinitialize(void) { __STC_LOG_FUNC_ENTER__; + int ret = STC_ERROR_NONE; if (nl_connector_sock == -1) { STC_LOGD("socket already closed"); return STC_ERROR_NONE; } - __unsubscribe_proc_events(); + ret = __unsubscribe_proc_events(); __close_nl_connector_sock(); g_tree_destroy(proc_tree); proc_tree = NULL; __STC_LOG_FUNC_EXIT__; - return STC_ERROR_NONE; + return ret; } stc_error_e stc_plugin_procfs_load(void) -- 2.7.4 From 310dd4f2b2c1be903aad780c092f1ed11cd5e549 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Thu, 17 Jan 2019 13:15:48 +0900 Subject: [PATCH 14/16] Fix some svace issues for unchecking return value Change-Id: I87e056e9f8538f199a27f2bba7a204c5db21e7a5 Signed-off-by: hyunuktak --- packaging/stc-manager.spec | 2 +- src/database/tables/table-counters.c | 28 ++++++++++++---- src/database/tables/table-firewall.c | 44 ++++++++++++++++++------- src/database/tables/table-restrictions.c | 56 +++++++++++++++++++++++++------- src/database/tables/table-statistics.c | 22 ++++++++++--- 5 files changed, 116 insertions(+), 36 deletions(-) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index f83c3f0..6c7bbcf 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.88 +Version: 0.0.89 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/src/database/tables/table-counters.c b/src/database/tables/table-counters.c index 78b7723..fa22cc5 100755 --- a/src/database/tables/table-counters.c +++ b/src/database/tables/table-counters.c @@ -246,7 +246,6 @@ static bool __table_counters_is_entry_present(long long int restriction_id) if (sqlite3_bind_int(stmt, 1, restriction_id) != SQLITE_OK) { ret = FALSE; - __STC_LOG_FUNC_EXIT__; goto handle_error; } @@ -267,7 +266,10 @@ static bool __table_counters_is_entry_present(long long int restriction_id) } handle_error: - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + ret = FALSE; + return ret; } @@ -317,7 +319,10 @@ API stc_error_e table_counters_get(long long int restriction_id, } while (rc == SQLITE_ROW); handle_error: - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -354,7 +359,9 @@ API stc_error_e table_counters_update_counters(const table_counters_info *info) info->restriction_id); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } //LCOV_EXCL_STOP @@ -406,7 +413,10 @@ API stc_error_e table_counters_get_timestamps(long long int restriction_id, } while (rc == SQLITE_ROW); handle_error: - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -437,7 +447,9 @@ API stc_error_e table_counters_update_timestamps(const table_counters_info *info info->restriction_id); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } //LCOV_EXCL_STOP @@ -460,7 +472,9 @@ API stc_error_e table_counters_delete(long long int restriction_id) STC_LOGD("Counter deleted for restriction_id [%llu]", restriction_id); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } diff --git a/src/database/tables/table-firewall.c b/src/database/tables/table-firewall.c index c80161c..5e179e3 100755 --- a/src/database/tables/table-firewall.c +++ b/src/database/tables/table-firewall.c @@ -324,7 +324,9 @@ API stc_error_e table_firewall_insert_lock(char *name, int state) STC_LOGD("Firewall lock state inserted [%d]", state); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -348,7 +350,9 @@ API stc_error_e table_firewall_update_lock(char *name, int state) STC_LOGD("Firewall lock state updated [%d]", state); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -386,7 +390,9 @@ API stc_error_e table_firewall_get_lock(char *name, int *state) STC_LOGD("Firewall lock state [%d]", *state); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -415,7 +421,9 @@ API stc_error_e table_firewall_insert_chain(firewall_chain_s *info) STC_LOGD("Firewall chain inserted [%s]", info->chain); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -442,8 +450,9 @@ API stc_error_e table_firewall_delete_chain(firewall_chain_s *info) STC_LOGD("Firewall chain deleted [%s]", info->chain); handle_error: + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; - sqlite3_reset(stmt); return error_code; } @@ -470,8 +479,9 @@ API stc_error_e table_firewall_flush_chain(firewall_chain_s *info) STC_LOGD("Firewall chain flushed [%s]", info->chain); handle_error: + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; - sqlite3_reset(stmt); return error_code; } @@ -500,7 +510,9 @@ API stc_error_e table_firewall_update_chain(firewall_chain_s *info) STC_LOGD("Firewall chain updated [%s]", info->chain); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -537,7 +549,9 @@ API stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb, } } while (rc == SQLITE_ROW); - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -636,7 +650,9 @@ API stc_error_e table_firewall_insert_rule(firewall_rule_s *info) STC_LOGD("Firewall rule inserted [%s]", info->chain); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -662,8 +678,9 @@ API stc_error_e table_firewall_delete_rule(firewall_rule_s *info) STC_LOGD("Firewall rule deleted [%s]", info->chain); handle_error: + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; - sqlite3_reset(stmt); return error_code; } @@ -763,8 +780,9 @@ API stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key) STC_LOGD("Firewall rule updated [%s]", info->chain); handle_error: + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; - sqlite3_reset(stmt); return error_code; } @@ -843,7 +861,9 @@ API stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb, } } while (rc == SQLITE_ROW); - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } diff --git a/src/database/tables/table-restrictions.c b/src/database/tables/table-restrictions.c index debb04d..71167ee 100755 --- a/src/database/tables/table-restrictions.c +++ b/src/database/tables/table-restrictions.c @@ -315,7 +315,10 @@ stc_error_e table_restrictions_per_app(const gchar* app_id, } while (rc == SQLITE_ROW); handle_error: - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + __STC_LOG_FUNC_EXIT__; return error_code; } @@ -366,7 +369,10 @@ API stc_error_e table_restrictions_foreach(const table_restrictions_info_cb rest } } while (rc == SQLITE_ROW); - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + __STC_LOG_FUNC_EXIT__; return error_code; } @@ -388,8 +394,17 @@ stc_error_e table_restrictions_get_restriction_type_subscriber_id(const char *ap } *type = STC_RSTN_TYPE_UNKNOWN; - sqlite3_reset(select_restriction_type_subscriber_id); - sqlite3_reset(select_restriction_type); + ret = sqlite3_reset(select_restriction_type_subscriber_id); + if (ret != SQLITE_OK) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE + } + + ret = sqlite3_reset(select_restriction_type); + if (ret != SQLITE_OK) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE + } if (subscriber_id == NULL) { state_subscriber_id = 0; @@ -428,8 +443,14 @@ stc_error_e table_restrictions_get_restriction_type_subscriber_id(const char *ap } handle_error: - sqlite3_reset(select_restriction_type); - sqlite3_reset(select_restriction_type_subscriber_id); + ret = sqlite3_reset(select_restriction_type); + if (ret != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + + ret = sqlite3_reset(select_restriction_type_subscriber_id); + if (ret != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -475,7 +496,9 @@ stc_error_e table_restrictions_delete(const char *app_id, handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -508,10 +531,14 @@ stc_error_e __get_restriction_id(table_restrictions_info *info) default: STC_LOGE("Failed to get restriction id: %s\n", //LCOV_EXCL_LINE sqlite3_errmsg(stc_db_get_database())); + error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE } handle_error: - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + __STC_LOG_FUNC_EXIT__; return error_code; } @@ -526,7 +553,11 @@ stc_error_e table_restrictions_update(table_restrictions_info *info) goto handle_error; //LCOV_EXCL_LINE } - __get_restriction_id(info); + if (__get_restriction_id(info) != STC_ERROR_NONE) { + error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE + goto handle_error; //LCOV_EXCL_LINE + } + if (info->restriction_id) stmt = update_net_restrictions; @@ -561,11 +592,14 @@ stc_error_e table_restrictions_update(table_restrictions_info *info) STC_LOGD("Restriction updated app_id [%s]", info->app_id); } else { STC_LOGD("Restriction inserted app_id [%s]", info->app_id); - __get_restriction_id(info); + if (__get_restriction_id(info) != STC_ERROR_NONE) + error_code = STC_ERROR_DB_FAILED; //LCOV_EXCL_LINE } handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } diff --git a/src/database/tables/table-statistics.c b/src/database/tables/table-statistics.c index 7670e28..719b9a2 100755 --- a/src/database/tables/table-statistics.c +++ b/src/database/tables/table-statistics.c @@ -375,7 +375,9 @@ stc_error_e table_statistics_reset_first_n_entries(int num) __STC_LOG_FUNC_EXIT__; } handle_error: - sqlite3_reset(delete_query[4]); + if (sqlite3_reset(delete_query[4]) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } //LCOV_EXCL_STOP @@ -419,7 +421,9 @@ stc_error_e table_statistics_reset(const table_statistics_reset_rule *rule) STC_LOGD("Entry deleted successfully."); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } @@ -495,7 +499,10 @@ stc_error_e table_statistics_foreach_app(const table_statistics_select_rule *rul } while (rc == SQLITE_ROW); handle_error: - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + __STC_LOG_FUNC_EXIT__; return error_code; } @@ -573,7 +580,10 @@ API stc_error_e table_statistics_per_app(const char *app_id, } while (rc == SQLITE_ROW); handle_error: - sqlite3_reset(stmt); + rc = sqlite3_reset(stmt); + if (rc != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + __STC_LOG_FUNC_EXIT__; return error_code; } @@ -626,7 +636,9 @@ API stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd); handle_error: - sqlite3_reset(stmt); + if (sqlite3_reset(stmt) != SQLITE_OK) + error_code = STC_ERROR_DB_FAILED; + return error_code; } -- 2.7.4 From 4941ccbc7b096e8898226d715a698023202b0a09 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Fri, 1 Feb 2019 10:34:11 +0900 Subject: [PATCH 15/16] Fix some coverity issues 1020742 : Unchecked return value 1037124 : Logically dead code Change-Id: I60af7ca69b055884bd41047435b2bfff8213f3a7 Signed-off-by: hyunuktak --- plugin/pcap/stc-plugin-pcap.c | 2 -- src/helper/helper-nfacct-rule.c | 36 ++++++++++++++++++++++++++++-------- 2 files changed, 28 insertions(+), 10 deletions(-) diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 6c53ef3..17fe73e 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -541,8 +541,6 @@ static void __pcap_dns_data_info(const u_char **packet, dns_t *dns_h, uint32_t * break; case DNS_QTYPE_CNAME: __pcap_dns_name_info((uint8_t *)dns_h, &data[10], cname); - if (data == NULL) - return; if (STC_PCAP_LOG) STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " "TTL[%u] Data length[%u] CName[%s]", diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c index 24376f3..070052b 100755 --- a/src/helper/helper-nfacct-rule.c +++ b/src/helper/helper-nfacct-rule.c @@ -511,14 +511,33 @@ static stc_error_e exec_iptables_cmd(nfacct_rule_s *rule) iptables_rule.d_iprange_type = rule->dst_iprange_type; /* specify source and destination ip address if any */ - if (rule->src_ip1) - inet_aton(rule->src_ip1, &iptables_rule.s_ip1); - if (rule->src_ip2) - inet_aton(rule->src_ip2, &iptables_rule.s_ip2); - if (rule->dst_ip1) - inet_aton(rule->dst_ip1, &iptables_rule.d_ip1); - if (rule->dst_ip2) - inet_aton(rule->dst_ip2, &iptables_rule.d_ip2); + if (rule->src_ip1) { + if (!inet_aton(rule->src_ip1, &iptables_rule.s_ip1)) { + ret = STC_ERROR_INVALID_PARAMETER; + goto free; + } + } + + if (rule->src_ip2) { + if (!inet_aton(rule->src_ip2, &iptables_rule.s_ip2)) { + ret = STC_ERROR_INVALID_PARAMETER; + goto free; + } + } + + if (rule->dst_ip1) { + if (!inet_aton(rule->dst_ip1, &iptables_rule.d_ip1)) { + ret = STC_ERROR_INVALID_PARAMETER; + goto free; + } + } + + if (rule->dst_ip2) { + if (!inet_aton(rule->dst_ip2, &iptables_rule.d_ip2)) { + ret = STC_ERROR_INVALID_PARAMETER; + goto free; + } + } if (rule->action == NFACCT_ACTION_DELETE) { /* delete interface rule */ @@ -528,6 +547,7 @@ static stc_error_e exec_iptables_cmd(nfacct_rule_s *rule) ret = iptables_add(&iptables_rule, iptype); } +free: g_free(iptables_rule.nfacct_name); g_free(iptables_rule.ifname); g_free(iptables_rule.target); -- 2.7.4 From 72abd9f62109bdd946278752b3e65a5ce6673f11 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Fri, 1 Feb 2019 14:42:37 +0900 Subject: [PATCH 16/16] First check the index size of signal map Change-Id: I592a919ef58281be6038157ba1e2f9acd059f233 Signed-off-by: hyunuktak --- plugin/appstatus/stc-plugin-appstatus.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugin/appstatus/stc-plugin-appstatus.c b/plugin/appstatus/stc-plugin-appstatus.c index 108e0ab..ced6be6 100755 --- a/plugin/appstatus/stc-plugin-appstatus.c +++ b/plugin/appstatus/stc-plugin-appstatus.c @@ -133,7 +133,7 @@ static stc_error_e __ground_status_monitor_init(stc_s *stc) size = sizeof(signal_map) / sizeof(signal_map[0]); - for (i = 0; signal_map[i].member != NULL && i < size; i++) { + for (i = 0; i < size && signal_map[i].member != NULL; i++) { signal_map[i].sub_id = g_dbus_connection_signal_subscribe(stc->connection, NULL, @@ -161,7 +161,7 @@ static stc_error_e __ground_status_monitor_deinit(stc_s *stc) size = sizeof(signal_map) / sizeof(signal_map[0]); - for (i = 0; signal_map[i].member != NULL && i < size; i++) { + for (i = 0; i < size && signal_map[i].member != NULL; i++) { g_dbus_connection_signal_unsubscribe(stc->connection, signal_map[i].sub_id); signal_map[i].sub_id = 0; -- 2.7.4