From 3a8554006082ce9470ba24e48e090e5f48710f9a Mon Sep 17 00:00:00 2001 From: Abhishek Sansanwal Date: Tue, 16 Oct 2018 12:04:16 +0530 Subject: [PATCH 01/16] Added additional test cases for stc-manager firewall dbus methods Signed-off-by: Abhishek Sansanwal Change-Id: I1e9fa8f54507950f8b0c7f45f688546bed1081d1 --- unittest/CMakeLists.txt | 2 +- unittest/common.cpp | 66 ++++++ unittest/common.h | 29 +++ unittest/firewall.cpp | 539 +++++++++++++++++++++++++++++++++++++++++++++++ unittest/firewall.h | 118 +++++++++++ unittest/gdbus.h | 16 ++ unittest/restriction.cpp | 55 ++--- unittest/restriction.h | 4 +- unittest/statistics.cpp | 46 ++-- unittest/stcmgr.h | 1 + unittest/unittest.cpp | 356 +++++++++++++++++++++++++------ 11 files changed, 1099 insertions(+), 133 deletions(-) create mode 100644 unittest/common.cpp create mode 100644 unittest/common.h create mode 100644 unittest/firewall.cpp create mode 100644 unittest/firewall.h diff --git a/unittest/CMakeLists.txt b/unittest/CMakeLists.txt index 7cb1f4f..6ae9e48 100644 --- a/unittest/CMakeLists.txt +++ b/unittest/CMakeLists.txt @@ -10,7 +10,7 @@ SET(REQUIRES_LIST ${REQUIRES_LIST} gmock dlog ) - +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) INCLUDE(FindPkgConfig) PKG_CHECK_MODULES(GTEST_TEST_PKG REQUIRED ${REQUIRES_LIST}) diff --git a/unittest/common.cpp b/unittest/common.cpp new file mode 100644 index 0000000..3fbaf8d --- /dev/null +++ b/unittest/common.cpp @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +GMainLoop *MainLoop::m_mainLoop = NULL; +guint MainLoop::m_timerId = 0; + +MainLoop::MainLoop(void) +{ +} + +MainLoop::~MainLoop(void) +{ + if (m_mainLoop) + g_main_loop_quit(m_mainLoop); + if (m_timerId) + g_source_remove(m_timerId); + + m_mainLoop = NULL; + m_timerId = 0; +} + +gboolean MainLoop::timeoutCb(gpointer data) +{ + if (m_mainLoop) + g_main_loop_quit(m_mainLoop); + if (m_timerId) + g_source_remove(m_timerId); + + m_mainLoop = NULL; + m_timerId = 0; + + return false; +} + +void MainLoop::run(unsigned int timeout) +{ + if (m_timerId > 0) + return; + + m_mainLoop = g_main_loop_new(NULL, false); + m_timerId = g_timeout_add(timeout, + (GSourceFunc) &MainLoop::timeoutCb, + NULL); + g_main_loop_run(m_mainLoop); +} + +void MainLoop::quit(void) +{ + timeoutCb(NULL); +} + diff --git a/unittest/common.h b/unittest/common.h new file mode 100644 index 0000000..c0f97aa --- /dev/null +++ b/unittest/common.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +class MainLoop { +private: + static GMainLoop *m_mainLoop; + static guint m_timerId; + + static gboolean timeoutCb(gpointer data); +public: + MainLoop(void); + ~MainLoop(void); + void run(unsigned int timeout); + void quit(void); +}; diff --git a/unittest/firewall.cpp b/unittest/firewall.cpp new file mode 100644 index 0000000..44bcfe5 --- /dev/null +++ b/unittest/firewall.cpp @@ -0,0 +1,539 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include + +#include "firewall.h" +#include "common.h" + +static void AsyncReadyCallback(GObject *source_object, + GAsyncResult *res, gpointer user_data) +{ + MainLoop *M = (MainLoop *)user_data; + GLOGD("Succeeded to response async callback"); + M->quit(); +} + +FRule::FRule() +{ + this->chain[0] = '\0'; + this->direction = 0; + this->siptype = 0; + this->diptype = 0; + this->sporttype = 0; + this->dporttype = 0; + this->protocol = 0; + this->family = 0; + this->sip1[0] = '\0'; + this->dip1[0] = '\0'; + this->sip2[0] = '\0'; + this->dip2[0] = '\0'; + this->dport1 = 0; + this->dport2 = 0; + this->sport1 = 0; + this->sport2 = 0; + this->iface[0] = '\0'; + this->target = 0; +} + +FRule::~FRule() +{ +} + +Firewall::Firewall() +{ + Create(); +} + +Firewall::~Firewall() +{ + Destroy(); +} + +error_e Firewall::SetRule(const char *chain, guint16 direction, + guint16 siptype, guint16 diptype, guint16 sporttype, + guint16 dporttype, guint16 protocol, guint16 family, + const char *sip1, const char *dip1, const char *sip2, + const char *dip2, guint32 dport1, guint32 dport2, + guint32 sport1, guint32 sport2, const char *iface, + guint16 target) +{ + if (chain == NULL || strlen(chain) == 0) + this->m_Rule.chain[0] = '\0'; + else + g_strlcpy(this->m_Rule.chain, chain, CHAIN_LEN); + + if (sip1 == NULL || strlen(sip1) == 0) + this->m_Rule.sip1[0] = '\0'; + else + g_strlcpy(this->m_Rule.sip1, sip1, IP_LEN); + + if (sip2 == NULL || strlen(sip2) == 0) + this->m_Rule.sip2[0] = '\0'; + else + g_strlcpy(this->m_Rule.sip2, sip2, IP_LEN); + + if (dip1 == NULL || strlen(dip1) == 0) + this->m_Rule.dip1[0] = '\0'; + else + g_strlcpy(this->m_Rule.dip1, dip1, IP_LEN); + + if (dip2 == NULL || strlen(dip2) == 0) + this->m_Rule.dip2[0] = '\0'; + else + g_strlcpy(this->m_Rule.dip2, dip2, IP_LEN); + + if (iface == NULL || strlen(iface) == 0) + this->m_Rule.iface[0] = '\0'; + else + g_strlcpy(this->m_Rule.iface, iface, IFACE_LEN); + + + this->m_Rule.direction = direction; + this->m_Rule.siptype = siptype; + this->m_Rule.diptype = diptype; + this->m_Rule.sporttype = sporttype; + this->m_Rule.dporttype = dporttype; + this->m_Rule.protocol = protocol; + this->m_Rule.family = family; + this->m_Rule.dport1 = dport1; + this->m_Rule.dport2 = dport2; + this->m_Rule.sport1 = sport1; + this->m_Rule.sport2 = sport2; + this->m_Rule.target = target; + + return ERROR_NONE; +} + +void Firewall::MakeRuleParams(GVariant **params) +{ + GVariantBuilder *builder; + + builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}")); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_CHAIN, + g_variant_new_string(this->m_Rule.chain)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_DIRECTION, + g_variant_new_uint16(this->m_Rule.direction)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_IFNAME, + g_variant_new_string(this->m_Rule.iface)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_PROTOCOL, + g_variant_new_uint16(this->m_Rule.protocol)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_TARGET, + g_variant_new_uint16(this->m_Rule.target)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_FAMILY, + g_variant_new_uint16(this->m_Rule.family)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_SIPTYPE, + g_variant_new_uint16(this->m_Rule.siptype)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_SIP1, + g_variant_new_string(this->m_Rule.sip1)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_SIP2, + g_variant_new_string(this->m_Rule.sip2)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_DIPTYPE, + g_variant_new_uint16(this->m_Rule.diptype)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_DIP1, + g_variant_new_string(this->m_Rule.dip1)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_DIP2, + g_variant_new_string(this->m_Rule.dip2)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_SPORTTYPE, + g_variant_new_uint16(this->m_Rule.sporttype)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_SPORT1, + g_variant_new_uint32(this->m_Rule.sport1)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_SPORT2, + g_variant_new_uint32(this->m_Rule.sport2)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_DPORTTYPE, + g_variant_new_uint16(this->m_Rule.dporttype)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_DPORT1, + g_variant_new_uint32(this->m_Rule.dport1)); + + g_variant_builder_add(builder, "{sv}", + FIREWALL_RULE_DPORT2, + g_variant_new_uint32(this->m_Rule.dport2)); + + *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder)); + g_variant_builder_unref(builder); +} + +error_e Firewall::GetAllRule(void) +{ + MainLoop M; + error_e error = ERROR_NONE; + + error = InvokeMethodNonblock(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_GET_ALL, + NULL, + DBUS_REPLY_TIMEOUT, + AsyncReadyCallback, + &M); + + if (error != ERROR_NONE) { + GLOGD("Failed to invoke dbus method nonblock"); + return error; + } + + GLOGD("Succeeded to get all restriction"); + + M.run(GMAINTIMEOUT); + return ERROR_NONE; +} + +error_e Firewall::UpdateRule(void) +{ + GVariant *message = NULL; + GVariant *params = NULL; + error_e error = ERROR_NONE; + int result = 0; + + MakeRuleParams(¶ms); + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_UPDATE, + params, + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::RemoveRule(void) +{ + GVariant *message = NULL; + GVariant *params = NULL; + error_e error = ERROR_NONE; + int result = 0; + + MakeRuleParams(¶ms); + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_REMOVE, + params, + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::AddRule(void) +{ + GVariant *message = NULL; + GVariant *params = NULL; + error_e error = ERROR_NONE; + int result = 0; + + MakeRuleParams(¶ms); + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_ADD, + params, + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::SetChain(const char *chain, unsigned int target) +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + int result = 0; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_SET, + g_variant_new("(su)", chain, target), + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::UnsetChain(const char *chain) +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + int result = 0; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_UNSET, + g_variant_new("(s)", chain), + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::FlushChain(const char *chain) +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + int result = 0; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_FLUSH, + g_variant_new("(s)", chain), + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::GetAllChain(void) +{ + MainLoop M; + error_e error = ERROR_NONE; + + error = InvokeMethodNonblock(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_GET_CHAIN, + NULL, + DBUS_REPLY_TIMEOUT, + AsyncReadyCallback, + &M); + + if (error != ERROR_NONE) { + GLOGD("Failed to invoke dbus method nonblock"); + return error; + } + + GLOGD("Succeeded to get all restriction"); + + M.run(GMAINTIMEOUT); + return ERROR_NONE; +} + +error_e Firewall::RemoveChain(const char *chain) +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + int result = 0; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_REMOVE_CHAIN, + g_variant_new("(s)", chain), + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::AddChain(const char *chain) +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + int result = 0; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_ADD_CHAIN, + g_variant_new("(s)", chain), + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to set restriction [%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::GetLock(int *state) +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_GET_LOCK, + NULL, + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &state); + GLOGD("Succeeded to get lock state[%d]", state); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::Unlock() +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + int result = 0; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_UNLOCK, + NULL, + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to unlock result[%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + +error_e Firewall::Lock() +{ + GVariant *message = NULL; + error_e error = ERROR_NONE; + int result = 0; + + message = InvokeMethod(STC_MGR_SERVICE, + STC_MGR_FIREWALL_PATH, + STC_MGR_FIREWALL_INTERFACE, + STC_MGR_METHOD_FIREWALL_LOCK, + NULL, + &error); + + if (message == NULL) { + GLOGD("Failed to invoke dbus method"); + return error; + } + + g_variant_get(message, "(i)", &result); + GLOGD("Succeeded to unlock result[%d]", result); + g_variant_unref(message); + + return ERROR_NONE; +} + diff --git a/unittest/firewall.h b/unittest/firewall.h new file mode 100644 index 0000000..f52e10b --- /dev/null +++ b/unittest/firewall.h @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __STC_MGR_FIREWALL_H__ +#define __STC_MGR_FIREWALL_H__ + +#include +#include + +#include "stcmgr.h" +#include "gdbus.h" + +#define FIREWALL_RULE_CHAIN "chain" +#define FIREWALL_RULE_DIRECTION "direction" +#define FIREWALL_RULE_IFNAME "ifname" +#define FIREWALL_RULE_PROTOCOL "protocol" +#define FIREWALL_RULE_TARGET "target" +#define FIREWALL_RULE_TARGETTYPE "target_type" + +#define FIREWALL_RULE_FAMILY "family" +#define FIREWALL_RULE_SIPTYPE "s_ip_type" +#define FIREWALL_RULE_SIP1 "s_ip1" +#define FIREWALL_RULE_SIP2 "s_ip2" +#define FIREWALL_RULE_DIPTYPE "d_ip_type" +#define FIREWALL_RULE_DIP1 "d_ip1" +#define FIREWALL_RULE_DIP2 "d_ip2" +#define FIREWALL_RULE_SPORTTYPE "s_port_type" +#define FIREWALL_RULE_SPORT1 "s_port1" +#define FIREWALL_RULE_SPORT2 "s_port2" +#define FIREWALL_RULE_DPORTTYPE "d_port_type" +#define FIREWALL_RULE_DPORT1 "d_port1" +#define FIREWALL_RULE_DPORT2 "d_port2" + +#define FIREWALL_RULE_LOG_LEVEL "log_level" +#define FIREWALL_RULE_LOG_PREFIX "log_prefix" +#define FIREWALL_RULE_NFLOG_GROUP "nflog_group" +#define FIREWALL_RULE_NFLOG_PREFIX "nflog_prefix" +#define FIREWALL_RULE_NFLOG_RANGE "nflog_range" +#define FIREWALL_RULE_NFLOG_THRESHOLD "nflog_threshold" + +#define CHAIN_LEN 256 +#define IFACE_LEN 256 +#define IP_LEN 16 + +class FRule { +private: +public: + char chain[CHAIN_LEN]; + guint16 direction; + guint16 siptype; + guint16 diptype; + guint16 sporttype; + guint16 dporttype; + guint16 protocol; + guint16 family; + char sip1[IP_LEN]; + char dip1[IP_LEN]; + char sip2[IP_LEN]; + char dip2[IP_LEN]; + guint32 dport1; + guint32 dport2; + guint32 sport1; + guint32 sport2; + char iface[IFACE_LEN]; + guint16 target; + + FRule(); + ~FRule(); +}; + +class Firewall : public GDbus { +private: + FRule m_Rule; +public: + Firewall(); + ~Firewall(); + error_e SetRule(const char *app_id, const char *iface_name, + const char *subscriber_id, iface_type_e iface_type, + int64_t data_limit, int64_t data_warn_limit, + roaming_type_e roaming_type, const char *mac); + void MakeRuleParams(GVariant **params); + void MakeGetParams(GVariant **params); + void MakeStatusParams(GVariant **params); + error_e Lock(void); + error_e Unlock(void); + error_e GetLock(int *state); + error_e AddChain(const char * chain); + error_e RemoveChain(const char * chain); + error_e FlushChain(const char * chain); + error_e GetAllChain(); + error_e SetChain(const char *chain, unsigned int target); + error_e UnsetChain(const char *chain); + error_e SetRule(const char *chain, guint16 direction, + guint16 siptype, guint16 diptype, guint16 sporttype, + guint16 dporttype, guint16 protocol, guint16 family, + const char *sip1, const char *dip1, const char *sip2, + const char *dip2, guint32 dport1, guint32 dport2, + guint32 sport1, guint32 sport2, const char *iface, + guint16 target); + error_e AddRule(); + error_e RemoveRule(); + error_e UpdateRule(); + error_e GetAllRule(); +}; + +#endif /* __STC_MGR_FIREWALL_H__ */ diff --git a/unittest/gdbus.h b/unittest/gdbus.h index 91596a9..f545629 100644 --- a/unittest/gdbus.h +++ b/unittest/gdbus.h @@ -28,10 +28,12 @@ #define STC_MGR_STATISTICS_INTERFACE STC_MGR_SERVICE ".statistics" #define STC_MGR_RESTRICTION_INTERFACE STC_MGR_SERVICE ".restriction" #define STC_MGR_MANAGER_INTERFACE STC_MGR_SERVICE ".manager" +#define STC_MGR_FIREWALL_INTERFACE STC_MGR_SERVICE ".firewall" #define STC_MGR_STATISTICS_PATH "/net/stc/statistics" #define STC_MGR_RESTRICTION_PATH "/net/stc/restriction" #define STC_MGR_MANAGER_PATH "/net/stc/manager" +#define STC_MGR_FIREWALL_PATH "/net/stc/firewall" #define STC_MGR_METHOD_STATISTICS_INIT "Init" #define STC_MGR_METHOD_STATISTICS_GET_PER_APP_ID "Get" @@ -48,6 +50,20 @@ #define STC_MGR_METHOD_MANAGER_STOP "Stop" +#define STC_MGR_METHOD_FIREWALL_GET_ALL "GetAllRule" +#define STC_MGR_METHOD_FIREWALL_UPDATE "UpdateRule" +#define STC_MGR_METHOD_FIREWALL_REMOVE "RemoveRule" +#define STC_MGR_METHOD_FIREWALL_ADD "AddRule" +#define STC_MGR_METHOD_FIREWALL_SET "SetChain" +#define STC_MGR_METHOD_FIREWALL_UNSET "UnsetChain" +#define STC_MGR_METHOD_FIREWALL_FLUSH "FlushChain" +#define STC_MGR_METHOD_FIREWALL_GET_CHAIN "GetAllChain" +#define STC_MGR_METHOD_FIREWALL_REMOVE_CHAIN "RemoveChain" +#define STC_MGR_METHOD_FIREWALL_ADD_CHAIN "AddChain" +#define STC_MGR_METHOD_FIREWALL_GET_LOCK "GetLock" +#define STC_MGR_METHOD_FIREWALL_LOCK "Lock" +#define STC_MGR_METHOD_FIREWALL_UNLOCK "Unlock" + class GDbus { private: GDBusConnection *m_pConnection; diff --git a/unittest/restriction.cpp b/unittest/restriction.cpp index 0c09ddc..9a3bb4b 100644 --- a/unittest/restriction.cpp +++ b/unittest/restriction.cpp @@ -21,39 +21,14 @@ #include #include "restriction.h" - -static GMainLoop *g_pMainLoop = NULL; -static guint g_nTimeoutId = 0; - -static gboolean CallbackTimeut(gpointer data) -{ - if (g_pMainLoop) - g_main_loop_quit(g_pMainLoop); - - return false; -} - -static void RunMainLoop(void) -{ - g_pMainLoop = g_main_loop_new(NULL, false); - g_nTimeoutId = g_timeout_add(GMAINTIMEOUT, CallbackTimeut, g_pMainLoop); - g_main_loop_run(g_pMainLoop); - - g_source_remove(g_nTimeoutId); - g_pMainLoop = NULL; -} - -static void QuitMainLoop(void) -{ - if (g_pMainLoop) - g_main_loop_quit(g_pMainLoop); -} +#include "common.h" static void AsyncReadyCallback(GObject *source_object, GAsyncResult *res, gpointer user_data) { + MainLoop *M = (MainLoop *)user_data; GLOGD("Succeeded to response async callback"); - QuitMainLoop(); + M->quit(); } RRule::RRule() @@ -84,7 +59,7 @@ Restriction::~Restriction() error_e Restriction::SetRule(const char *app_id, const char *iface_name, const char *subscriber_id, iface_type_e iface_type, int64_t data_limit, int64_t data_warn_limit, - roaming_type_e roaming_type) + roaming_type_e roaming_type, const char *mac) { if (app_id == NULL || strlen(app_id) == 0) this->m_Rule.m_AppID[0] = '\0'; @@ -101,6 +76,11 @@ error_e Restriction::SetRule(const char *app_id, const char *iface_name, else g_strlcpy(this->m_Rule.m_SubscriberID, subscriber_id, SUBSCRIBER_ID_LEN); + if (mac == NULL || strlen(mac) == 0) + this->m_Rule.m_Mac[0] = '\0'; + else + g_strlcpy(this->m_Rule.m_Mac, mac, MAC_LEN); + switch(iface_type) { case IFACE_UNKNOWN: case IFACE_DATACALL: @@ -164,6 +144,11 @@ void Restriction::MakeRuleParams(GVariant **params) RESTRICTION_RULE_DATA_WARN_LIMIT, g_variant_new_int64(this->m_Rule.m_DataWarnLimit)); + g_variant_builder_add(builder, "{sv}", + RESTRICTION_RULE_MAC, + g_variant_new_string(this->m_Rule.m_Mac)); + + *params = g_variant_new("(@a{sv})", g_variant_builder_end(builder)); g_variant_builder_unref(builder); } @@ -293,6 +278,7 @@ error_e Restriction::GetRstrictionStatus(restriction_status_e *status) error_e Restriction::GetRstriction(void) { + MainLoop M; GVariant *params = NULL; error_e error = ERROR_NONE; @@ -305,7 +291,7 @@ error_e Restriction::GetRstriction(void) params, DBUS_REPLY_TIMEOUT, AsyncReadyCallback, - NULL); + &M); if (error != ERROR_NONE) { GLOGD("Failed to invoke dbus method nonblock"); @@ -314,12 +300,13 @@ error_e Restriction::GetRstriction(void) GLOGD("Succeeded to get restriction per app ID"); - RunMainLoop(); + M.run(GMAINTIMEOUT); return ERROR_NONE; } error_e Restriction::GetAllRstriction(void) { + MainLoop M; error_e error = ERROR_NONE; error = InvokeMethodNonblock(STC_MGR_SERVICE, @@ -329,7 +316,7 @@ error_e Restriction::GetAllRstriction(void) NULL, DBUS_REPLY_TIMEOUT, AsyncReadyCallback, - NULL); + &M); if (error != ERROR_NONE) { GLOGD("Failed to invoke dbus method nonblock"); @@ -338,6 +325,6 @@ error_e Restriction::GetAllRstriction(void) GLOGD("Succeeded to get all restriction"); - RunMainLoop(); + M.run(GMAINTIMEOUT); return ERROR_NONE; -} \ No newline at end of file +} diff --git a/unittest/restriction.h b/unittest/restriction.h index c0b0f2d..06cbf2c 100644 --- a/unittest/restriction.h +++ b/unittest/restriction.h @@ -29,6 +29,7 @@ #define RESTRICTION_RULE_SUBSCRIBER_ID "subscriber_id" #define RESTRICTION_RULE_DATA_LIMIT "data_limit" #define RESTRICTION_RULE_DATA_WARN_LIMIT "data_warn_limit" +#define RESTRICTION_RULE_MAC "mac" typedef enum { RESTRICTION_UNKNOWN, @@ -45,6 +46,7 @@ public: char m_AppID[APP_ID_LEN]; char m_IfaceName[IFNAME_LEN]; char m_SubscriberID[SUBSCRIBER_ID_LEN]; + char m_Mac[MAC_LEN]; iface_type_e m_IfaceType; int64_t m_DataLimit; int64_t m_DataWarnLimit; @@ -63,7 +65,7 @@ public: error_e SetRule(const char *app_id, const char *iface_name, const char *subscriber_id, iface_type_e iface_type, int64_t data_limit, int64_t data_warn_limit, - roaming_type_e roaming_type); + roaming_type_e roaming_type, const char *mac); void MakeRuleParams(GVariant **params); void MakeGetParams(GVariant **params); void MakeStatusParams(GVariant **params); diff --git a/unittest/statistics.cpp b/unittest/statistics.cpp index 49ebd6a..2b4b5e5 100644 --- a/unittest/statistics.cpp +++ b/unittest/statistics.cpp @@ -21,39 +21,14 @@ #include #include "statistics.h" - -static GMainLoop *g_pMainLoop = NULL; -static guint g_nTimeoutId = 0; - -static gboolean CallbackTimeut(gpointer data) -{ - if (g_pMainLoop) - g_main_loop_quit(g_pMainLoop); - - return false; -} - -static void RunMainLoop(void) -{ - g_pMainLoop = g_main_loop_new(NULL, false); - g_nTimeoutId = g_timeout_add(GMAINTIMEOUT, CallbackTimeut, g_pMainLoop); - g_main_loop_run(g_pMainLoop); - - g_source_remove(g_nTimeoutId); - g_pMainLoop = NULL; -} - -static void QuitMainLoop(void) -{ - if (g_pMainLoop) - g_main_loop_quit(g_pMainLoop); -} +#include "common.h" static void AsyncReadyCallback(GObject *source_object, GAsyncResult *res, gpointer user_data) { + MainLoop *M = (MainLoop *)user_data; GLOGD("Succeeded to response async callback"); - QuitMainLoop(); + M->quit(); } SRule::SRule() @@ -209,6 +184,7 @@ error_e Statistics::InitStatistics(void) error_e Statistics::GetStatistics(void) { + MainLoop M; GVariant *params = NULL; error_e error = ERROR_NONE; @@ -221,14 +197,14 @@ error_e Statistics::GetStatistics(void) params, DBUS_REPLY_TIMEOUT, AsyncReadyCallback, - NULL); + &M); if (error != ERROR_NONE) { GLOGD("Failed to invoke dbus method nonblock"); return error; } - RunMainLoop(); + M.run(GMAINTIMEOUT); GLOGD("Succeeded to get statistics per app ID"); return ERROR_NONE; @@ -236,6 +212,7 @@ error_e Statistics::GetStatistics(void) error_e Statistics::GetTotalStatistics(void) { + MainLoop M; GVariant *params = NULL; error_e error = ERROR_NONE; @@ -248,14 +225,14 @@ error_e Statistics::GetTotalStatistics(void) params, DBUS_REPLY_TIMEOUT, AsyncReadyCallback, - NULL); + &M); if (error != ERROR_NONE) { GLOGD("Failed to invoke dbus method nonblock"); return error; } - RunMainLoop(); + M.run(GMAINTIMEOUT); GLOGD("Succeeded to get total statistics"); return ERROR_NONE; @@ -263,6 +240,7 @@ error_e Statistics::GetTotalStatistics(void) error_e Statistics::GetAllStatistics(void) { + MainLoop M; GVariant *params = NULL; error_e error = ERROR_NONE; @@ -275,14 +253,14 @@ error_e Statistics::GetAllStatistics(void) params, DBUS_REPLY_TIMEOUT, AsyncReadyCallback, - NULL); + &M); if (error != ERROR_NONE) { GLOGD("Failed to invoke dbus method nonblock"); return error; } - RunMainLoop(); + M.run(GMAINTIMEOUT); GLOGD("Succeeded to get all statistics"); return ERROR_NONE; diff --git a/unittest/stcmgr.h b/unittest/stcmgr.h index 79f9c2c..888544e 100644 --- a/unittest/stcmgr.h +++ b/unittest/stcmgr.h @@ -21,6 +21,7 @@ #define APP_ID_LEN 128 #define IFNAME_LEN 16 #define SUBSCRIBER_ID_LEN 128 +#define MAC_LEN 18 #ifdef USE_DLOG #include diff --git a/unittest/unittest.cpp b/unittest/unittest.cpp index 1141021..8b467f7 100644 --- a/unittest/unittest.cpp +++ b/unittest/unittest.cpp @@ -25,11 +25,21 @@ #include "restriction.h" #include "statistics.h" #include "manager.h" +#include "stc-manager.h" +#include "firewall.h" + +#define GTEST_MAC "1:c:e:b:00:da" using ::testing::InitGoogleTest; using ::testing::Test; using ::testing::TestCase; +typedef enum { + FIREWALL_UNKONWN, + FIREWALL_UNLOCKED, + FIREWALL_LOCKED +} firewall_lock_e; + TEST(StcManager_Statistics, Init_p) { error_e ret = ERROR_NONE; @@ -138,7 +148,8 @@ TEST(StcManager_Restriction, Set_p) IFACE_DATACALL, 0, 0, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.SetRstriction(); @@ -150,7 +161,8 @@ TEST(StcManager_Restriction, Set_p) IFACE_WIFI, 2, 1, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.SetRstriction(); @@ -162,32 +174,14 @@ TEST(StcManager_Restriction, Set_p) IFACE_WIRED, 100000, 80000, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.SetRstriction(); EXPECT_EQ(ERROR_NONE, ret); } -TEST(StcManager_Restriction, Exclude_p) - -{ - error_e ret = ERROR_NONE; - Restriction rest; - - ret = rest.SetRule("TOTAL_DATACALL", - "seth_w0", - NULL, - IFACE_DATACALL, - 0, - 0, - ROAMING_UNKNOWN); - EXPECT_EQ(ERROR_NONE, ret); - - ret = rest.ExcludeRstriction(); - EXPECT_EQ(ERROR_NONE, ret); -} - TEST(StcManager_Restriction, Get_p) { error_e ret = ERROR_NONE; @@ -199,7 +193,8 @@ TEST(StcManager_Restriction, Get_p) IFACE_DATACALL, 0, 0, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.GetRstriction(); @@ -211,7 +206,8 @@ TEST(StcManager_Restriction, Get_p) IFACE_WIFI, 0, 0, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.GetRstriction(); @@ -223,7 +219,8 @@ TEST(StcManager_Restriction, Get_p) IFACE_DATACALL, 0, 0, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.GetRstriction(); @@ -239,40 +236,6 @@ TEST(StcManager_Restriction, GetAll_p) EXPECT_EQ(ERROR_NONE, ret); } -TEST(StcManager_Restriction, GetRst_p) -{ - error_e ret = ERROR_NONE; - Restriction rest; - restriction_status_e status = RESTRICTION_UNKNOWN; - - ret = rest.SetRule("Test_tel", - "seth_w0", - NULL, - IFACE_DATACALL, - 0, - 0, - ROAMING_UNKNOWN); - EXPECT_EQ(ERROR_NONE, ret); - - ret = rest.GetRstrictionStatus(&status); - EXPECT_EQ(ERROR_NONE, ret); - EXPECT_LE(RESTRICTION_UNKNOWN, status); - EXPECT_GE(RESTRICTION_LAST_ELEM, status); - - ret = rest.SetRule("Test_eth", - "eth0", - NULL, - IFACE_WIRED, - 100000, - 80000, - ROAMING_UNKNOWN); - EXPECT_EQ(ERROR_NONE, ret); - - ret = rest.GetRstrictionStatus(&status); - EXPECT_EQ(ERROR_NONE, ret); - EXPECT_LE(RESTRICTION_UNKNOWN, status); - EXPECT_GE(RESTRICTION_LAST_ELEM, status); -} TEST(StcManager_Restriction, Unset_p) { @@ -285,7 +248,8 @@ TEST(StcManager_Restriction, Unset_p) IFACE_DATACALL, 0, 0, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.UnsetRstriction(); @@ -297,7 +261,8 @@ TEST(StcManager_Restriction, Unset_p) IFACE_WIFI, 2, 1, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.UnsetRstriction(); @@ -309,7 +274,8 @@ TEST(StcManager_Restriction, Unset_p) IFACE_WIRED, 100000, 80000, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.UnsetRstriction(); @@ -321,7 +287,8 @@ TEST(StcManager_Restriction, Unset_p) IFACE_DATACALL, 0, 0, - ROAMING_UNKNOWN); + ROAMING_UNKNOWN, + GTEST_MAC); EXPECT_EQ(ERROR_NONE, ret); ret = rest.UnsetRstriction(); @@ -361,6 +328,269 @@ TEST(StcManager_Statistics, Reset_p) EXPECT_EQ(ERROR_NONE, ret); } +TEST(StcManager_Firewall, Lock_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + int state; + f.GetLock(&state); + if (state == FIREWALL_LOCKED) + f.Unlock(); + + ret = f.Lock(); + EXPECT_EQ(ERROR_NONE, ret); + f.Unlock(); +} + +TEST(StcManager_Firewall, Unlock_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + int state; + f.GetLock(&state); + if (state != FIREWALL_LOCKED) + f.Lock(); + + ret = f.Unlock(); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, GetLock_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + int state; + f.GetLock(&state); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, AddChain_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.AddChain("gtest"); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, AddRule_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.SetRule("gtest", + STC_FW_DIRECTION_IN, + STC_FW_IP_SINGLE, + STC_FW_IP_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PROTOCOL_TCP, + STC_FW_FAMILY_V4, + "1.1.1.1", + "1.1.1.1", + "2.2.2.2", + "2.2.2.2", + 9000, + 9000, + 9000, + 9000, + "wlan0", + STC_FW_RULE_TARGET_ACCEPT); + + EXPECT_EQ(ERROR_NONE, ret); + + ret = f.AddRule(); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, AddRule_n) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.SetRule("gtest", + STC_FW_DIRECTION_IN, + STC_FW_IP_SINGLE, + STC_FW_IP_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PROTOCOL_TCP, + STC_FW_FAMILY_V4, + "1.1.1.1", + "1.1.1.1", + "2.2.2.2", + "2.2.2.2", + 9000, + 9000, + 9000, + 9000, + "wlan0", + STC_FW_RULE_TARGET_MAX); + EXPECT_EQ(ERROR_NONE, ret); + + ret = f.AddRule(); + EXPECT_NE(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, UpdateRule_n) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.SetRule("gtest", + STC_FW_DIRECTION_IN, + STC_FW_IP_SINGLE, + STC_FW_IP_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PROTOCOL_TCP, + STC_FW_FAMILY_V4, + "1.1.1.1", + "1.1.1.1", + "2.2.2.2", + "2.2.2.2", + 9000, + 9000, + 9000, + 9000, + "wlan0", + STC_FW_RULE_TARGET_MAX); + EXPECT_EQ(ERROR_NONE, ret); + + ret = f.UpdateRule(); + EXPECT_NE(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, RemoveRule_n) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.SetRule("gtest", + STC_FW_DIRECTION_IN, + STC_FW_IP_SINGLE, + STC_FW_IP_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PORT_SINGLE, + STC_FW_PROTOCOL_TCP, + STC_FW_FAMILY_V4, + "1.1.1.1", + "1.1.1.1", + "2.2.2.2", + "2.2.2.2", + 9000, + 9000, + 9000, + 9000, + "wlan0", + STC_FW_RULE_TARGET_MAX); + EXPECT_EQ(ERROR_NONE, ret); + + ret = f.RemoveRule(); + EXPECT_NE(ERROR_NONE, ret); +} + + +TEST(StcManager_Firewall, SetChain_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.SetChain("gtest", 1); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, SetChain_n) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.SetChain(NULL, 0); + EXPECT_NE(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, UnsetChain_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.UnsetChain("gtest"); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, UnsetChain_n) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.UnsetChain(NULL); + EXPECT_NE(ERROR_NONE, ret); +} + + +TEST(StcManager_Firewall, RemoveChain_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.RemoveChain("gtest"); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, RemoveChain_n) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.RemoveChain("not_a_chain"); + EXPECT_NE(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, FlushChain_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.AddChain("gtest_chains"); + EXPECT_EQ(ERROR_NONE, ret); + + ret = f.FlushChain("gtest_chains"); + EXPECT_EQ(ERROR_NONE, ret); + + f.RemoveChain("gtest_chains"); +} + + +TEST(StcManager_Firewall, FlushChain_n) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.FlushChain(NULL); + EXPECT_NE(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, GetAllChain_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.GetAllChain(); + EXPECT_EQ(ERROR_NONE, ret); +} + +TEST(StcManager_Firewall, GetAllRule_p) +{ + error_e ret = ERROR_NONE; + Firewall f; + + ret = f.GetAllRule(); + EXPECT_EQ(ERROR_NONE, ret); +} + TEST(StcManager_Manager, Stop_p) { error_e ret = ERROR_NONE; -- 2.7.4 From d71b5bc1cd81d5c0d699ec606a2ea2959fd88e07 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Fri, 26 Oct 2018 15:35:32 +0900 Subject: [PATCH 02/16] Add some chains to separate monitoring and restriction Change-Id: I621a21188ce5a03250d6113663848dd1d27b1efb Signed-off-by: hyunuktak --- data/exceptions | 3 + include/stc-manager.h | 2 +- plugin/procfs/stc-plugin-procfs.c | 78 +++-- src/database/tables/table-firewall.c | 0 src/database/tables/table-statistics.c | 7 +- src/helper/helper-cgroup.c | 0 src/helper/helper-file.c | 0 src/helper/helper-file.h | 0 src/helper/helper-firewall.c | 0 src/helper/helper-firewall.h | 0 src/helper/helper-iptables.c | 484 +++++++++++++++++++++++++++++- src/helper/helper-iptables.h | 16 +- src/helper/helper-net-cls.c | 6 +- src/helper/helper-nfacct-rule.c | 71 +++-- src/helper/helper-nfacct-rule.h | 1 + src/monitor/include/stc-monitor-app.h | 9 + src/monitor/include/stc-monitor-context.h | 0 src/monitor/include/stc-monitor-ipt.h | 0 src/monitor/include/stc-monitor-proc.h | 3 + src/monitor/include/stc-monitor-rstn.h | 0 src/monitor/include/stc-monitor.h | 0 src/monitor/stc-monitor-app.c | 155 +++++++++- src/monitor/stc-monitor-ipt.c | 0 src/monitor/stc-monitor-proc.c | 91 ++++++ src/monitor/stc-monitor-rstn.c | 5 +- src/monitor/stc-monitor.c | 10 +- 26 files changed, 848 insertions(+), 93 deletions(-) mode change 100755 => 100644 src/database/tables/table-firewall.c mode change 100755 => 100644 src/helper/helper-cgroup.c mode change 100755 => 100644 src/helper/helper-file.c mode change 100755 => 100644 src/helper/helper-file.h mode change 100755 => 100644 src/helper/helper-firewall.c mode change 100755 => 100644 src/helper/helper-firewall.h mode change 100755 => 100644 src/monitor/include/stc-monitor-app.h mode change 100755 => 100644 src/monitor/include/stc-monitor-context.h mode change 100755 => 100644 src/monitor/include/stc-monitor-ipt.h mode change 100755 => 100644 src/monitor/include/stc-monitor-proc.h mode change 100755 => 100644 src/monitor/include/stc-monitor-rstn.h mode change 100755 => 100644 src/monitor/include/stc-monitor.h mode change 100755 => 100644 src/monitor/stc-monitor-app.c mode change 100755 => 100644 src/monitor/stc-monitor-ipt.c mode change 100755 => 100644 src/monitor/stc-monitor-proc.c mode change 100755 => 100644 src/monitor/stc-monitor-rstn.c mode change 100755 => 100644 src/monitor/stc-monitor.c diff --git a/data/exceptions b/data/exceptions index 178bd7e..ef89dd3 100644 --- a/data/exceptions +++ b/data/exceptions @@ -49,3 +49,6 @@ sdbd:sys sdbd-user:sys pushd:sys dbus-daemon:sys +dlogsend:sys +sync:sys +reboot:sys diff --git a/include/stc-manager.h b/include/stc-manager.h index 9496953..d1f4d93 100644 --- a/include/stc-manager.h +++ b/include/stc-manager.h @@ -25,7 +25,7 @@ #define STC_BACKGROUND_APP_SUFFIX "_BACKGROUND" #define STC_TETHERING_APP_SUFFIX "_TETHERING" -#define STC_BACKGROUND_APP_ID "BACKGROUND" +#define STC_TOTAL_BACKGROUND "TOTAL_BACKGROUND" #define STC_TOTAL_DATACALL "TOTAL_DATACALL" #define STC_TOTAL_WIFI "TOTAL_WIFI" #define STC_TOTAL_BLUETOOTH "TOTAL_BLUETOOTH" diff --git a/plugin/procfs/stc-plugin-procfs.c b/plugin/procfs/stc-plugin-procfs.c index f04446b..4aa36c6 100755 --- a/plugin/procfs/stc-plugin-procfs.c +++ b/plugin/procfs/stc-plugin-procfs.c @@ -62,7 +62,6 @@ static int nl_connector_sock = -1; static guint nl_connector_gsource_id = 0; static GTree *proc_tree; - static gboolean __process_nl_connector_message(GIOChannel *source, GIOCondition condition, gpointer user_data); @@ -304,11 +303,8 @@ static void __process_event_fork(int tgid, int pid) if (STC_ERROR_NONE == proc_get_cmdline(pid, cmdline) && STC_ERROR_NONE == proc_get_status(pid, status)) { - if (__check_excn(cmdline)) { - if (STC_DEBUG_LOG) - STC_LOGD("[%s] monitoring is excepted", cmdline); + if (__check_excn(cmdline)) return; - } unsigned int i; proc_key_s key; @@ -345,11 +341,8 @@ static void __process_event_exec(int tgid, int pid) if (STC_ERROR_NONE == proc_get_cmdline(pid, cmdline) && STC_ERROR_NONE == proc_get_status(pid, status)) { - if (__check_excn(cmdline)) { - if (STC_DEBUG_LOG) - STC_LOGD("[%s] monitoring is excepted", cmdline); + if (__check_excn(cmdline)) return; - } unsigned int i; proc_key_s key; @@ -605,7 +598,8 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, switch (cmd) { case STC_CMD_SET_FOREGRD: { - uint32_t classid; + uint32_t fg_classid; + uint32_t bg_classid; char *bg_app_id; stc_app_value_s app_value; stc_proc_value_s proc_value; @@ -616,26 +610,29 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, bg_app_id = g_strconcat(app_id, STC_BACKGROUND_APP_SUFFIX, NULL); app_value.type = app_type; + app_value.state = STC_APP_STATE_FOREGROUND; app_value.processes = NULL; proc_value.pid = pid; proc_value.ground = STC_APP_STATE_FOREGROUND; - classid = get_classid_by_app_id(bg_app_id, FALSE); - stc_monitor_proc_remove(classid, pid); + bg_classid = get_classid_by_app_id(bg_app_id, FALSE); + fg_classid = get_classid_by_app_id(app_id, TRUE); + + stc_monitor_app_add(fg_classid, app_id, pkg_id, app_value); - classid = get_classid_by_app_id(app_id, TRUE); + stc_monitor_proc_move(bg_classid, fg_classid); - stc_monitor_app_add(classid, app_id, pkg_id, app_value); - stc_monitor_proc_add(classid, app_id, proc_value); - stc_monitor_proc_update_ground(classid, app_id, proc_value); + stc_monitor_proc_add(fg_classid, app_id, proc_value); + stc_monitor_proc_update_ground(fg_classid, app_id, proc_value); FREE(bg_app_id); break; } case STC_CMD_SET_BACKGRD: { - uint32_t classid; + uint32_t bg_classid; + uint32_t fg_classid; char *bg_app_id; stc_app_value_s app_value; stc_proc_value_s proc_value; @@ -646,19 +643,21 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, bg_app_id = g_strconcat(app_id, STC_BACKGROUND_APP_SUFFIX, NULL); app_value.type = app_type; + app_value.state = STC_APP_STATE_BACKGROUND; app_value.processes = NULL; proc_value.pid = pid; proc_value.ground = STC_APP_STATE_BACKGROUND; - classid = get_classid_by_app_id(app_id, FALSE); - stc_monitor_proc_remove(classid, pid); + fg_classid = get_classid_by_app_id(app_id, FALSE); + bg_classid = get_classid_by_app_id(bg_app_id, TRUE); + + stc_monitor_app_add(bg_classid, bg_app_id, pkg_id, app_value); - classid = get_classid_by_app_id(bg_app_id, TRUE); + stc_monitor_proc_move(fg_classid, bg_classid); - stc_monitor_app_add(classid, bg_app_id, pkg_id, app_value); - stc_monitor_proc_add(classid, bg_app_id, proc_value); - stc_monitor_proc_update_ground(classid, bg_app_id, proc_value); + stc_monitor_proc_add(bg_classid, bg_app_id, proc_value); + stc_monitor_proc_update_ground(bg_classid, bg_app_id, proc_value); FREE(bg_app_id); break; @@ -669,24 +668,39 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, char *bg_app_id; stc_app_value_s app_value; stc_proc_value_s proc_value; + gboolean is_exist; memset(&app_value, 0, sizeof(stc_app_value_s)); memset(&proc_value, 0, sizeof(stc_proc_value_s)); - bg_app_id = g_strconcat(app_id, STC_BACKGROUND_APP_SUFFIX, NULL); + classid = get_classid_by_app_id(app_id, FALSE); + is_exist = stc_monitor_app_lookup(classid); + if (is_exist) { + app_value.type = app_type; + app_value.state = STC_APP_STATE_FOREGROUND; + app_value.processes = NULL; - app_value.type = app_type; - app_value.processes = NULL; + proc_value.pid = pid; + proc_value.ground = STC_APP_STATE_FOREGROUND; - proc_value.pid = pid; - proc_value.ground = STC_APP_STATE_BACKGROUND; + stc_monitor_app_add(classid, app_id, pkg_id, app_value); + stc_monitor_proc_add(classid, app_id, proc_value); + } else { + bg_app_id = g_strconcat(app_id, STC_BACKGROUND_APP_SUFFIX, NULL); + classid = get_classid_by_app_id(bg_app_id, TRUE); - classid = get_classid_by_app_id(bg_app_id, TRUE); + app_value.type = app_type; + app_value.state = STC_APP_STATE_BACKGROUND; + app_value.processes = NULL; - stc_monitor_app_add(classid, bg_app_id, pkg_id, app_value); - stc_monitor_proc_add(classid, bg_app_id, proc_value); + proc_value.pid = pid; + proc_value.ground = STC_APP_STATE_BACKGROUND; - FREE(bg_app_id); + stc_monitor_app_add(classid, bg_app_id, pkg_id, app_value); + stc_monitor_proc_add(classid, bg_app_id, proc_value); + + FREE(bg_app_id); + } break; } case STC_CMD_SET_TERMINATED: diff --git a/src/database/tables/table-firewall.c b/src/database/tables/table-firewall.c old mode 100755 new mode 100644 diff --git a/src/database/tables/table-statistics.c b/src/database/tables/table-statistics.c index f0fd084..5983ad7 100644 --- a/src/database/tables/table-statistics.c +++ b/src/database/tables/table-statistics.c @@ -585,6 +585,8 @@ stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_statistics_query; stc_hw_net_protocol_type_e hw_net_protocol_type = STC_PROTOCOL_UNKNOWN; + int64_t rcv; + int64_t snd; if (!stat->rcv_count && !stat->snd_count) { error_code = STC_ERROR_INVALID_PARAMETER; @@ -607,6 +609,8 @@ stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, DB_ACTION(sqlite3_bind_int(stmt, 10, (int)stat->ground)); /*we want to reuse tree*/ + rcv = stat->rcv_count; + snd = stat->snd_count; stat->rcv_count = 0; stat->snd_count = 0; if (sqlite3_step(stmt) != SQLITE_DONE) { @@ -618,7 +622,8 @@ stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, } if (STC_DEBUG_LOG) - STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m]", stat->app_id); + STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m] " + "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd); handle_error: sqlite3_reset(stmt); diff --git a/src/helper/helper-cgroup.c b/src/helper/helper-cgroup.c old mode 100755 new mode 100644 diff --git a/src/helper/helper-file.c b/src/helper/helper-file.c old mode 100755 new mode 100644 diff --git a/src/helper/helper-file.h b/src/helper/helper-file.h old mode 100755 new mode 100644 diff --git a/src/helper/helper-firewall.c b/src/helper/helper-firewall.c old mode 100755 new mode 100644 diff --git a/src/helper/helper-firewall.h b/src/helper/helper-firewall.h old mode 100755 new mode 100644 diff --git a/src/helper/helper-iptables.c b/src/helper/helper-iptables.c index 445b627..9a2cde8 100644 --- a/src/helper/helper-iptables.c +++ b/src/helper/helper-iptables.c @@ -397,6 +397,454 @@ static int __iptables_add_chain_jump_rule(const char *chain, return ret; } +static stc_error_e _iptables_add_in_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_add_chain(stc->connection, STC_IN_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_IN_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_IN_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_IN_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_IN_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_IN_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _iptables_add_out_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_add_chain(stc->connection, STC_OUT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_OUT_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_OUT_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_OUT_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_OUT_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain(stc->connection, STC_OUT_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _ip6tables_add_in_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __ip6tables_add_chain(stc->connection, STC_IN_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_IN_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_IN_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_IN_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_IN_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_IN_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _ip6tables_add_out_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __ip6tables_add_chain(stc->connection, STC_OUT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_OUT_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_OUT_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_OUT_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_OUT_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_add_chain(stc->connection, STC_OUT_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _iptables_add_in_chain_jump_rule(void) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _iptables_add_out_chain_jump_rule(void) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _iptables_remove_in_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_remove_chain(stc->connection, STC_IN_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_IN_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_IN_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_IN_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_IN_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_IN_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _iptables_remove_out_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_remove_chain(stc->connection, STC_OUT_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_OUT_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_OUT_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_OUT_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_OUT_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_remove_chain(stc->connection, STC_OUT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _ip6tables_remove_in_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __ip6tables_remove_chain(stc->connection, STC_IN_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_IN_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_IN_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_IN_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_IN_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_IN_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _ip6tables_remove_out_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __ip6tables_remove_chain(stc->connection, STC_OUT_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_OUT_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_OUT_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_OUT_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_OUT_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_remove_chain(stc->connection, STC_OUT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _iptables_flush_in_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_flush_chain(stc->connection, STC_IN_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_IN_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_IN_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_IN_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_IN_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_IN_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _iptables_flush_out_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __iptables_flush_chain(stc->connection, STC_OUT_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_OUT_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_OUT_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_OUT_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_OUT_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __iptables_flush_chain(stc->connection, STC_OUT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _ip6tables_flush_in_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __ip6tables_flush_chain(stc->connection, STC_IN_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_IN_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_IN_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_IN_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_IN_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_IN_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + +static stc_error_e _ip6tables_flush_out_chain(stc_s *stc) +{ + stc_error_e ret = STC_ERROR_NONE; + + ret = __ip6tables_flush_chain(stc->connection, STC_OUT_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_OUT_FG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_OUT_ACCEPT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_OUT_BG_DROP_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_OUT_BG_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + + ret = __ip6tables_flush_chain(stc->connection, STC_OUT_CHAIN); + if (ret != STC_ERROR_NONE) + goto done; //LCOV_EXCL_LINE + +done: + return ret; +} + stc_error_e iptables_add(iptables_rule_s *rule, iptables_ip_type_e iptype) { stc_error_e ret = STC_ERROR_NONE; @@ -451,11 +899,11 @@ stc_error_e iptables_flush_chains(void) if (!stc || !stc->connection) return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE - ret = __iptables_flush_chain(stc->connection, STC_IN_CHAIN); + ret = _iptables_flush_in_chain(stc); if (ret != STC_ERROR_NONE) goto done; //LCOV_EXCL_LINE - ret = __iptables_flush_chain(stc->connection, STC_OUT_CHAIN); + ret = _iptables_flush_out_chain(stc); if (ret != STC_ERROR_NONE) goto done; //LCOV_EXCL_LINE @@ -467,11 +915,11 @@ stc_error_e iptables_flush_chains(void) if (ret != STC_ERROR_NONE) goto done; //LCOV_EXCL_LINE - ret = __ip6tables_flush_chain(stc->connection, STC_IN_CHAIN); + ret = _ip6tables_flush_in_chain(stc); if (ret != STC_ERROR_NONE) goto done; //LCOV_EXCL_LINE - ret = __ip6tables_flush_chain(stc->connection, STC_OUT_CHAIN); + ret = _ip6tables_flush_out_chain(stc); if (ret != STC_ERROR_NONE) goto done; //LCOV_EXCL_LINE @@ -492,13 +940,13 @@ stc_error_e iptables_init(void) return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } - ret = __iptables_add_chain(stc->connection, STC_IN_CHAIN); + ret = _iptables_add_in_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE } - ret = __iptables_add_chain(stc->connection, STC_OUT_CHAIN); + ret = _iptables_add_out_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE @@ -516,13 +964,13 @@ stc_error_e iptables_init(void) goto done; //LCOV_EXCL_LINE } - ret = __ip6tables_add_chain(stc->connection, STC_IN_CHAIN); + ret = _ip6tables_add_in_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE } - ret = __ip6tables_add_chain(stc->connection, STC_OUT_CHAIN); + ret = _ip6tables_add_out_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE @@ -534,13 +982,13 @@ stc_error_e iptables_init(void) goto done; //LCOV_EXCL_LINE } - ret = __iptables_add_chain_jump_rule("INPUT", STC_IN_CHAIN); + ret = _iptables_add_in_chain_jump_rule(); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE } - ret = __iptables_add_chain_jump_rule("OUTPUT", STC_OUT_CHAIN); + ret = _iptables_add_out_chain_jump_rule(); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE @@ -557,7 +1005,9 @@ stc_error_e iptables_init(void) __STC_LOG_FUNC_EXIT__; goto done; } + done: + __STC_LOG_FUNC_ENTER__; return ret; } @@ -573,13 +1023,13 @@ stc_error_e iptables_deinit(void) return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } - ret = __iptables_remove_chain(stc->connection, STC_IN_CHAIN); + ret = _iptables_remove_in_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE } - ret = __iptables_remove_chain(stc->connection, STC_OUT_CHAIN); + ret = _iptables_remove_out_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE @@ -597,19 +1047,25 @@ stc_error_e iptables_deinit(void) goto done; //LCOV_EXCL_LINE } - ret = __ip6tables_remove_chain(stc->connection, STC_IN_CHAIN); + ret = _ip6tables_remove_in_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE } - ret = __ip6tables_remove_chain(stc->connection, STC_OUT_CHAIN); + ret = _ip6tables_remove_out_chain(stc); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE goto done; //LCOV_EXCL_LINE } ret = __ip6tables_remove_chain(stc->connection, STC_FRWD_CHAIN); + if (ret != STC_ERROR_NONE) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + goto done; //LCOV_EXCL_LINE + } + done: + __STC_LOG_FUNC_ENTER__; return ret; } diff --git a/src/helper/helper-iptables.h b/src/helper/helper-iptables.h index 71b057b..6fa7908 100644 --- a/src/helper/helper-iptables.h +++ b/src/helper/helper-iptables.h @@ -21,11 +21,23 @@ #include "stc-manager.h" #include "stc-error.h" -#define STC_IN_CHAIN "STC_IN" -#define STC_OUT_CHAIN "STC_OUT" +#define STC_IN_CHAIN "STC_IN" +#define STC_OUT_CHAIN "STC_OUT" #define STC_FRWD_CHAIN "STC_FRWD" #define STC_TETHER_CHAIN "STC_TETHER" +#define STC_IN_DROP_CHAIN "STC_IN_DROP" +#define STC_IN_FG_CHAIN "STC_IN_FG" +#define STC_IN_ACCEPT_CHAIN "STC_IN_ACCEPT" +#define STC_IN_BG_DROP_CHAIN "STC_IN_BG_DROP" +#define STC_IN_BG_CHAIN "STC_IN_BG" + +#define STC_OUT_DROP_CHAIN "STC_OUT_DROP" +#define STC_OUT_FG_CHAIN "STC_OUT_FG" +#define STC_OUT_ACCEPT_CHAIN "STC_OUT_ACCEPT" +#define STC_OUT_BG_DROP_CHAIN "STC_OUT_BG_DROP" +#define STC_OUT_BG_CHAIN "STC_OUT_BG" + typedef enum { IPTABLES_DIRECTION_NONE, IPTABLES_DIRECTION_IN, diff --git a/src/helper/helper-net-cls.c b/src/helper/helper-net-cls.c index f9d59e6..faa5942 100644 --- a/src/helper/helper-net-cls.c +++ b/src/helper/helper-net-cls.c @@ -117,7 +117,7 @@ API uint32_t get_classid_by_app_id(const char *app_id, int create) return STC_UNKNOWN_CLASSID; //LCOV_EXCL_LINE } - if (!strcmp(app_id, STC_BACKGROUND_APP_ID)) + if (!strcmp(app_id, STC_TOTAL_BACKGROUND)) return STC_BACKGROUND_APP_CLASSID; if (!strcmp(app_id, STC_TOTAL_DATACALL)) @@ -190,9 +190,7 @@ stc_error_e place_pids_to_net_cgroup(const int pid, const char *app_id) return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } - if (!strcmp(app_id, STC_BACKGROUND_APP_ID)) - path_to_net_cgroup_dir = STC_CGROUP_NETWORK; - else if (strstr(app_id, STC_BACKGROUND_APP_SUFFIX)) + if (strstr(app_id, STC_BACKGROUND_APP_SUFFIX)) path_to_net_cgroup_dir = BACKGROUND_CGROUP_NETWORK; else if (strstr(app_id, STC_TETHERING_APP_SUFFIX)) path_to_net_cgroup_dir = TETHERING_CGROUP_NETWORK; diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c index 0ae07b7..4a80fca 100644 --- a/src/helper/helper-nfacct-rule.c +++ b/src/helper/helper-nfacct-rule.c @@ -417,14 +417,51 @@ static char *get_iptables_cmd(const nfacct_rule_action action) return ""; } -static char *get_iptables_chain(const nfacct_rule_direction iotype) +static char *get_iptables_chain(uint32_t classid, + const nfacct_rule_direction iotype, + const stc_app_state_e app_state, + const nfacct_rule_intend intend) { - if (iotype == NFACCT_COUNTER_IN) - return STC_IN_CHAIN; - else if (iotype == NFACCT_COUNTER_OUT) - return STC_OUT_CHAIN; - else if (iotype == NFACCT_COUNTER_FORWARD) //LCOV_EXCL_LINE - return STC_FRWD_CHAIN; //LCOV_EXCL_LINE + if (iotype == NFACCT_COUNTER_IN) { + if (intend == NFACCT_COUNTER || + intend == NFACCT_TETH_COUNTER) { + if (app_state == STC_APP_STATE_FOREGROUND) { + if (intend == NFACCT_ALLOW) + return STC_IN_ACCEPT_CHAIN; + else + return STC_IN_FG_CHAIN; + } else + return STC_IN_BG_CHAIN; + } else if (intend == NFACCT_ALLOW || + intend == NFACCT_TETH_ALLOW) { + return STC_IN_ACCEPT_CHAIN; + } else { + if (classid == STC_BACKGROUND_APP_CLASSID) + return STC_IN_BG_DROP_CHAIN; + else + return STC_IN_DROP_CHAIN; + } + } else if (iotype == NFACCT_COUNTER_OUT) { + if (intend == NFACCT_COUNTER || + intend == NFACCT_TETH_COUNTER) { + if (app_state == STC_APP_STATE_FOREGROUND) { + if (intend == NFACCT_ALLOW) + return STC_OUT_ACCEPT_CHAIN; + else + return STC_OUT_FG_CHAIN; + } else + return STC_OUT_BG_CHAIN; + } else if (intend == NFACCT_ALLOW || + intend == NFACCT_TETH_ALLOW) { + return STC_OUT_ACCEPT_CHAIN; + } else { + if (classid == STC_BACKGROUND_APP_CLASSID) + return STC_OUT_BG_DROP_CHAIN; + else + return STC_OUT_DROP_CHAIN; + } + } else if (iotype == NFACCT_COUNTER_FORWARD) + return STC_FRWD_CHAIN; return ""; } @@ -464,9 +501,13 @@ static stc_error_e exec_iptables_cmd(nfacct_rule_s *rule) rule->intend == NFACCT_TETH_BLOCK) iptables_rule.chain = g_strdup(STC_TETHER_CHAIN); else - iptables_rule.chain = g_strdup(get_iptables_chain(rule->iotype)); + iptables_rule.chain = g_strdup(get_iptables_chain(rule->classid, + rule->iotype, rule->app_state, rule->intend)); - iptables_rule.classid = rule->classid; + if (rule->classid < STC_RESERVED_CLASSID_MAX) + iptables_rule.classid = STC_UNKNOWN_CLASSID; + else + iptables_rule.classid = rule->classid; iptables_rule.direction = (rule->iotype & NFACCT_COUNTER_IN) ? IPTABLES_DIRECTION_IN : IPTABLES_DIRECTION_OUT; iptype = (iptables_ip_type_e)rule->iptype; @@ -646,7 +687,6 @@ static stc_error_e produce_iface_rule(nfacct_rule_s *rule) char *jump_cmd = get_iptables_jump(rule->jump); char nfacct_buf[sizeof(NFACCT_NAME_MOD) + 3*MAX_DEC_SIZE(int) + 4 + 1]; - uint32_t classid = rule->classid; stc_error_e ret; if (rule->iotype & NFACCT_COUNTER_IN) { @@ -674,9 +714,6 @@ static stc_error_e produce_iface_rule(nfacct_rule_s *rule) ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0, STC_ERROR_FAIL, "Not enought buffer"); - classid = rule->classid; - rule->classid = 0; - ret = exec_iptables_cmd(rule); ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL, "Can't set conditional block for ingress" @@ -711,8 +748,6 @@ static stc_error_e produce_iface_rule(nfacct_rule_s *rule) //LCOV_EXCL_STOP } - rule->classid = classid; - if (rule->iotype & NFACCT_COUNTER_OUT) { /* outcome part */ rule->iotype = NFACCT_COUNTER_OUT; @@ -738,9 +773,6 @@ static stc_error_e produce_iface_rule(nfacct_rule_s *rule) ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0, STC_ERROR_FAIL, "Not enough buffer"); - classid = rule->classid; - rule->classid = 0; - ret = exec_iptables_cmd(rule); ret_value_msg_if(ret != STC_ERROR_NONE, STC_ERROR_FAIL, "Can't set conditional block for " @@ -774,8 +806,6 @@ static stc_error_e produce_iface_rule(nfacct_rule_s *rule) //LCOV_EXCL_STOP } - rule->classid = classid; - return STC_ERROR_NONE; } @@ -793,6 +823,7 @@ stc_error_e produce_net_rule(nfacct_rule_s *rule) if (rule->classid != STC_ALL_APP_CLASSID && rule->classid != STC_TETHERING_APP_CLASSID && + rule->classid != STC_BACKGROUND_APP_CLASSID && rule->classid != STC_TOTAL_DATACALL_CLASSID && rule->classid != STC_TOTAL_WIFI_CLASSID && rule->classid != STC_TOTAL_BLUETOOTH_CLASSID && diff --git a/src/helper/helper-nfacct-rule.h b/src/helper/helper-nfacct-rule.h index 7520709..4506f0e 100644 --- a/src/helper/helper-nfacct-rule.h +++ b/src/helper/helper-nfacct-rule.h @@ -105,6 +105,7 @@ struct nfacct_rule { nfacct_rule_direction iotype; nfacct_rule_intend intend; nfacct_rule_jump jump; /* in most cases jump is evalutation based on intend, but not always */ + stc_app_state_e app_state; stc_rstn_state_e rstn_state; nfacct_rule_iptype iptype; nfacct_rule_iprange_type src_iprange_type; diff --git a/src/monitor/include/stc-monitor-app.h b/src/monitor/include/stc-monitor-app.h old mode 100755 new mode 100644 index 17016a0..a00d262 --- a/src/monitor/include/stc-monitor-app.h +++ b/src/monitor/include/stc-monitor-app.h @@ -32,6 +32,7 @@ typedef struct { gchar *pkg_id; /**< package id */ gchar *app_id; /**< application id */ stc_app_type_e type; /**< type of application */ + stc_app_state_e state; stc_data_counter_s data_usage; stc_data_counter_s counter; GHashTable *processes; /**< applications instances */ @@ -57,6 +58,9 @@ void stc_monitor_app_add_monitor(gpointer key, void stc_monitor_app_add_by_connection(default_connection_s *conn); +void stc_monitor_app_add_accept(gpointer key, + gpointer value, gpointer data); + stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id); void stc_monitor_app_remove_monitor(gpointer key, @@ -64,6 +68,11 @@ void stc_monitor_app_remove_monitor(gpointer key, void stc_monitor_app_remove_by_connection(default_connection_s *conn); +void stc_monitor_app_remove_accept(gpointer key, + gpointer value, gpointer data); + +gboolean stc_monitor_app_lookup(uint32_t classid); + GHashTable *stc_monitor_apps_init(void); #endif /* __STC_MONITOR_APP_H__ */ diff --git a/src/monitor/include/stc-monitor-context.h b/src/monitor/include/stc-monitor-context.h old mode 100755 new mode 100644 diff --git a/src/monitor/include/stc-monitor-ipt.h b/src/monitor/include/stc-monitor-ipt.h old mode 100755 new mode 100644 diff --git a/src/monitor/include/stc-monitor-proc.h b/src/monitor/include/stc-monitor-proc.h old mode 100755 new mode 100644 index 6152c56..602912b --- a/src/monitor/include/stc-monitor-proc.h +++ b/src/monitor/include/stc-monitor-proc.h @@ -44,4 +44,7 @@ stc_error_e stc_monitor_proc_add(uint32_t classid, stc_error_e stc_monitor_proc_remove(uint32_t classid, pid_t pid); +stc_error_e stc_monitor_proc_move(uint32_t from, + uint32_t to); + #endif /* __STC_MONITOR_PROC_H__ */ diff --git a/src/monitor/include/stc-monitor-rstn.h b/src/monitor/include/stc-monitor-rstn.h old mode 100755 new mode 100644 diff --git a/src/monitor/include/stc-monitor.h b/src/monitor/include/stc-monitor.h old mode 100755 new mode 100644 diff --git a/src/monitor/stc-monitor-app.c b/src/monitor/stc-monitor-app.c old mode 100755 new mode 100644 index 22405b9..16f0f72 --- a/src/monitor/stc-monitor-app.c +++ b/src/monitor/stc-monitor-app.c @@ -32,10 +32,11 @@ static void __print_app(gpointer key, gpointer value, stc_app_value_s *app_value = (stc_app_value_s *)value; STC_LOGD("PkgID[%s] AppID[\033[0;32m%s\033[0;m] " - "type[%d] classid[\033[1;36m%d\033[0;m] " + "type[%d] state[%d] classid[\033[1;36m%d\033[0;m] " "counter[in(%lld) out(%lld)]", app_value->pkg_id, app_value->app_id, - app_value->type, app_value->classid, + app_value->type, app_value->state, + app_value->classid, app_value->data_usage.in_bytes, app_value->data_usage.out_bytes); } @@ -246,6 +247,13 @@ static void __app_update_counter(classid_bytes_context_s *context, GHashTable *apps = stc_monitor_get_system_apps(); GHashTable *rstns = stc_monitor_get_system_rstns(); + if (!apps) + return; + + lookup_app = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); + if (lookup_app) + stc_monitor_app_update_counter(lookup_app, context); + if (!rstns) return; @@ -258,13 +266,6 @@ static void __app_update_counter(classid_bytes_context_s *context, if (limit_exceeded != 0) return; } - - if (!apps) - return; - - lookup_app = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); - if (lookup_app) - stc_monitor_app_update_counter(lookup_app, context); } void stc_monitor_app_update_counter(stc_app_value_s *value, @@ -375,6 +376,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, app_value->pkg_id = g_strdup(pkg_id); app_value->type = value.type; + app_value->state = value.state; app_value->data_usage.in_bytes = value.data_usage.in_bytes; app_value->data_usage.out_bytes = value.data_usage.out_bytes; g_strlcpy(app_value->mac, value.mac, MAC_ADDRESS_LEN); @@ -392,6 +394,11 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, /* add nfacct rule for this classid */ stc_monitor_app_add_monitor(GUINT_TO_POINTER(classid), app_value, stc_get_default_connection()); + + if (app_value->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_add_accept(GUINT_TO_POINTER(classid), + app_value, stc_get_default_connection()); + stc_monitor_rstn_add_for_app(classid); if (STC_DEBUG_LOG) { @@ -447,6 +454,7 @@ void stc_monitor_app_add_monitor(gpointer key, counter.carg = stc->carg; counter.classid = app_value->classid; + counter.app_state = app_value->state; counter.intend = NFACCT_COUNTER; if (connection->tether_state == TRUE && @@ -487,6 +495,54 @@ void stc_monitor_app_add_by_connection(default_connection_s *conn) g_hash_table_foreach(apps, stc_monitor_app_add_monitor, conn); } +void stc_monitor_app_add_accept(gpointer key, + gpointer value, gpointer data) +{ + stc_app_value_s *app_value = (stc_app_value_s *)value; + default_connection_s *connection = (default_connection_s *)data; + stc_s *stc = stc_get_manager(); + + if (app_value->classid == STC_TOTAL_DATACALL_CLASSID || + app_value->classid == STC_TOTAL_WIFI_CLASSID || + app_value->classid == STC_TOTAL_BLUETOOTH_CLASSID) + return; + + if (stc && connection && connection->ifname) { + struct nfacct_rule counter; + + if (!stc->carg) { + stc->carg = MALLOC0(counter_arg_s, 1); + if (stc->carg == NULL) + return; + + stc->carg->sock = stc_monitor_get_contr_sock(); + } + + memset(&counter, 0, sizeof(struct nfacct_rule)); + + counter.carg = stc->carg; + counter.classid = app_value->classid; + counter.app_state = app_value->state; + counter.intend = NFACCT_ALLOW; + + counter.iftype = connection->type; + g_strlcpy(counter.ifname, connection->ifname, MAX_IFACE_LENGTH); + + if (app_value->classid == STC_TOTAL_IPV4_CLASSID) { + stc_monitor_ipt_add_in(&counter); + stc_monitor_ipt_add_out(&counter); + } else if (app_value->classid == STC_TOTAL_IPV6_CLASSID) { + stc_monitor_ip6t_add_in(&counter); + stc_monitor_ip6t_add_out(&counter); + } else { + stc_monitor_ipt_add_in(&counter); + stc_monitor_ipt_add_out(&counter); + stc_monitor_ip6t_add_in(&counter); + stc_monitor_ip6t_add_out(&counter); + } + } +} + API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) { stc_app_value_s *app_lookup; @@ -542,6 +598,7 @@ void stc_monitor_app_remove_monitor(gpointer key, counter.carg = stc->carg; counter.classid = app_value->classid; + counter.app_state = app_value->state; counter.intend = NFACCT_COUNTER; if (g_str_has_suffix(app_value->app_id, STC_TETHERING_APP_SUFFIX) && @@ -558,10 +615,18 @@ void stc_monitor_app_remove_monitor(gpointer key, g_strlcpy(counter.ifname, connection->ifname, MAX_IFACE_LENGTH); } - stc_monitor_ipt_del_in(&counter); - stc_monitor_ipt_del_out(&counter); - stc_monitor_ip6t_del_in(&counter); - stc_monitor_ip6t_del_out(&counter); + if (app_value->classid == STC_TOTAL_IPV4_CLASSID) { + stc_monitor_ipt_del_in(&counter); + stc_monitor_ipt_del_out(&counter); + } else if (app_value->classid == STC_TOTAL_IPV6_CLASSID) { + stc_monitor_ip6t_del_in(&counter); + stc_monitor_ip6t_del_out(&counter); + } else { + stc_monitor_ipt_del_in(&counter); + stc_monitor_ipt_del_out(&counter); + stc_monitor_ip6t_del_in(&counter); + stc_monitor_ip6t_del_out(&counter); + } } return; @@ -577,6 +642,70 @@ void stc_monitor_app_remove_by_connection(default_connection_s *conn) g_hash_table_foreach(apps, stc_monitor_app_remove_monitor, conn); } +void stc_monitor_app_remove_accept(gpointer key, + gpointer value, gpointer data) +{ + stc_app_value_s *app_value = (stc_app_value_s *)value; + default_connection_s *connection = (default_connection_s *)data; + stc_s *stc = stc_get_manager(); + + if (stc && connection && connection->ifname) { + struct nfacct_rule counter; + + if (!stc->carg) { + stc->carg = MALLOC0(counter_arg_s, 1); + if (stc->carg == NULL) + return; + + stc->carg->sock = stc_monitor_get_contr_sock(); + } + + memset(&counter, 0, sizeof(struct nfacct_rule)); + + counter.carg = stc->carg; + counter.classid = app_value->classid; + counter.app_state = app_value->state; + counter.intend = NFACCT_ALLOW; + + counter.iftype = connection->type; + g_strlcpy(counter.ifname, connection->ifname, MAX_IFACE_LENGTH); + + if (app_value->classid == STC_TOTAL_IPV4_CLASSID) { + stc_monitor_ipt_del_in(&counter); + stc_monitor_ipt_del_out(&counter); + } else if (app_value->classid == STC_TOTAL_IPV6_CLASSID) { + stc_monitor_ip6t_del_in(&counter); + stc_monitor_ip6t_del_out(&counter); + } else { + stc_monitor_ipt_del_in(&counter); + stc_monitor_ipt_del_out(&counter); + stc_monitor_ip6t_del_in(&counter); + stc_monitor_ip6t_del_out(&counter); + } + } + + return; +} + +API gboolean stc_monitor_app_lookup(uint32_t classid) +{ + stc_app_value_s *lookup_value; + + GHashTable *apps = stc_monitor_get_system_apps(); + + if (!apps) + return FALSE; + + if (classid == STC_UNKNOWN_CLASSID) + return FALSE; + + lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); + if (lookup_value) + return TRUE; + + return FALSE; +} + GHashTable *stc_monitor_apps_init(void) { return g_hash_table_new_full(g_direct_hash, g_direct_equal, diff --git a/src/monitor/stc-monitor-ipt.c b/src/monitor/stc-monitor-ipt.c old mode 100755 new mode 100644 diff --git a/src/monitor/stc-monitor-proc.c b/src/monitor/stc-monitor-proc.c old mode 100755 new mode 100644 index e3d2457..8b9dfdd --- a/src/monitor/stc-monitor-proc.c +++ b/src/monitor/stc-monitor-proc.c @@ -52,6 +52,28 @@ static void __proc_remove_pid(gpointer key, gpointer value, context->app_value = app_value; } +static void __proc_move_pid(gpointer key, gpointer value, + gpointer data) +{ + stc_proc_value_s *from_value = (stc_proc_value_s *)value; + stc_app_value_s *to_app_value = (stc_app_value_s *)data; + stc_proc_value_s *to_value; + + to_value = MALLOC0(stc_proc_value_s, 1); + if (!to_value) + return; + + to_value->pid = from_value->pid; + to_value->ground = to_app_value->state; + + g_hash_table_insert(to_app_value->processes, + GUINT_TO_POINTER(to_value->pid), + to_value); + + /* add pid to application cgroup */ + place_pids_to_net_cgroup(to_value->pid, to_app_value->app_id); +} + API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, const char *app_id, const stc_proc_value_s value) @@ -200,6 +222,11 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, /* remove nfacct rule for this classid */ stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), app_lookup, stc_get_default_connection()); + + if (app_lookup->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), + app_lookup, stc_get_default_connection()); + stc_monitor_rstn_remove_for_app(classid); g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); @@ -211,3 +238,67 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, return ret; } + +API stc_error_e stc_monitor_proc_move(uint32_t from, + uint32_t to) +{ + stc_error_e ret = STC_ERROR_NONE; + stc_app_value_s *from_lookup = NULL; + stc_app_value_s *to_lookup = NULL; + GHashTable *apps = stc_monitor_get_system_apps(); + + if (!apps) + return STC_ERROR_NO_DATA; + + if (from != STC_UNKNOWN_CLASSID && + to != STC_UNKNOWN_CLASSID) { + from_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(from)); + if (!from_lookup) { + if (STC_DEBUG_LOG) + STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", from); + return STC_ERROR_NO_DATA; + } + + to_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(to)); + if (!to_lookup) { + if (STC_DEBUG_LOG) + STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", to); + return STC_ERROR_NO_DATA; + } + + g_hash_table_foreach(from_lookup->processes, + __proc_move_pid, to_lookup); + + if (STC_DEBUG_LOG) { + __print_proc_all(to_lookup->processes); + STC_LOGD("\033[1;34mProcesses moved\033[0;m " + "[\033[1;36m%d\033[0;m] -> [\033[1;36m%d\033[0;m]", + from, to); + } + + g_hash_table_remove_all(from_lookup->processes); + + if (STC_DEBUG_LOG) { + __print_proc_all(from_lookup->processes); + STC_LOGD("\033[1;31mProcesses removed\033[0;m " + "[\033[1;36m%d\033[0;m]", from); + } + + stc_monitor_app_remove_monitor(GUINT_TO_POINTER(from), + from_lookup, stc_get_default_connection()); + + if (from_lookup->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_remove_accept(GUINT_TO_POINTER(from), + from_lookup, stc_get_default_connection()); + + stc_monitor_rstn_remove_for_app(from); + + g_hash_table_remove(apps, GUINT_TO_POINTER(from)); + + if (STC_DEBUG_LOG) + STC_LOGD("\033[1;31mApplication removed\033[0;m " + "[\033[1;36m%d\033[0;m]", from); + } + + return ret; +} diff --git a/src/monitor/stc-monitor-rstn.c b/src/monitor/stc-monitor-rstn.c old mode 100755 new mode 100644 index 1bd6704..d717326 --- a/src/monitor/stc-monitor-rstn.c +++ b/src/monitor/stc-monitor-rstn.c @@ -550,6 +550,9 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, __rstn_add_ipt_rule(rstn_data->classid, NFACCT_BLOCK, rstn_data->iftype); } + if (rstn_data->classid == STC_BACKGROUND_APP_CLASSID) + __rstn_add_ipt_rule(rstn_data->classid, NFACCT_BLOCK, rstn_data->iftype); + rstn_data->rstn_state = STC_RSTN_STATE_ACTIVATED; if (STC_DEBUG_LOG) { @@ -1372,7 +1375,7 @@ stc_error_e stc_monitor_rstn_remove(const table_restrictions_info *info) data.subscriber_id = info->subscriber_id; data.roaming = info->roaming; - if (g_strcmp0(info->app_id, STC_BACKGROUND_APP_ID) == 0) { + if (g_strcmp0(info->app_id, STC_TOTAL_BACKGROUND) == 0) { stc_monitor_set_background_state(FALSE); __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, FALSE); } diff --git a/src/monitor/stc-monitor.c b/src/monitor/stc-monitor.c old mode 100755 new mode 100644 index f81cf7c..5d60749 --- a/src/monitor/stc-monitor.c +++ b/src/monitor/stc-monitor.c @@ -150,6 +150,11 @@ static void __fill_nfacct_result(char *cnt_name, int64_t bytes, stc_monitor_app_update_iface_counter(&context); + lookup_app = g_hash_table_lookup(g_system->apps, + GUINT_TO_POINTER(context.counter->classid)); + if (lookup_app) + stc_monitor_app_update_counter(lookup_app, &context); + lookup_rstn = g_hash_table_lookup(g_system->rstns, GUINT_TO_POINTER(context.counter->classid)); if (lookup_rstn) { @@ -160,11 +165,6 @@ static void __fill_nfacct_result(char *cnt_name, int64_t bytes, if (limit_exceeded != 0) return; } - - lookup_app = g_hash_table_lookup(g_system->apps, - GUINT_TO_POINTER(context.counter->classid)); - if (lookup_app) - stc_monitor_app_update_counter(lookup_app, &context); } if (g_system->rstns) { -- 2.7.4 From d16c31436ff6236a51360b75fd4aa54bd54b06bb Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Tue, 30 Oct 2018 14:35:50 +0900 Subject: [PATCH 03/16] Add a macro for tv profile Change-Id: I34cecc24a805bc577669d64fa05cf7fbab4460c7 Signed-off-by: hyunuktak --- packaging/stc-manager.spec | 6 +++++- src/database/db-common.c | 4 ++++ src/stc-manager.c | 7 +++++++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index d524683..e6285e0 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.79 +Version: 0.0.80 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 @@ -72,6 +72,10 @@ chmod 644 %{SOURCE0} export CFLAGS="$CFLAGS -D_GNU_SOURCE" export CXXFLAGS="$CXXFLAGS -D_GNU_SOURCE" +%if "%{tizen_profile_name}" == "tv" + CFLAGS+=" -DTIZEN_TV_EXT" +%endif + %cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \ -DBIN_DIR=%{_bindir} \ -DLIB_PATH=%{_lib} \ diff --git a/src/database/db-common.c b/src/database/db-common.c index a4c2a3d..372eb03 100644 --- a/src/database/db-common.c +++ b/src/database/db-common.c @@ -109,9 +109,11 @@ stc_error_e stc_db_initialize(void) stc_db_initialize_once(); +#ifndef TIZEN_TV_EXT EXEC(STC_ERROR_NONE, table_statistics_prepare(database)); EXEC(STC_ERROR_NONE, table_restrictions_prepare(database)); EXEC(STC_ERROR_NONE, table_counters_prepare(database)); +#endif EXEC(STC_ERROR_NONE, table_firewall_prepare(database)); EXEC(STC_ERROR_NONE, stc_init_db_guard()); @@ -132,9 +134,11 @@ gboolean stc_db_deinitialize(void) return TRUE; //LCOV_EXCL_LINE } +#ifndef TIZEN_TV_EXT table_statistics_finalize(); table_restrictions_finalize(); table_counters_finalize(); +#endif table_firewall_finalize(); sqlite3_close(database); diff --git a/src/stc-manager.c b/src/stc-manager.c index a61a8ac..79acd88 100644 --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -118,7 +118,9 @@ static stc_s *__stc_manager_init(void) inotify_initialize(); inotify_register(INFO_STORAGE_DIR, __stc_inotify_handler); +#ifndef TIZEN_TV_EXT cgroup_set_release_agent(NET_CLS_SUBSYS, NET_RELEASE_AGENT); +#endif err = stc_db_initialize(); if (err != STC_ERROR_NONE) { @@ -126,13 +128,16 @@ static stc_s *__stc_manager_init(void) return NULL; //LCOV_EXCL_LINE } +#ifndef TIZEN_TV_EXT stc_plugin_appstatus_init(); stc_plugin_exception_init(); stc_plugin_procfs_init(); stc_plugin_tether_init(); +#endif stc_firewall_init(); +#ifndef TIZEN_TV_EXT err = stc_monitor_init(); if (err != STC_ERROR_NONE) { STC_LOGD("Failed to initialize stc manager"); //LCOV_EXCL_LINE @@ -140,6 +145,8 @@ static stc_s *__stc_manager_init(void) } stc_plugin_procfs_load_pid(); +#endif + stc_manager_gdbus_init((gpointer)stc); STC_LOGI("stc manager initialized"); -- 2.7.4 From 42a1fa7181ee6aaa9ad5b448ee29713694c4c6e0 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Fri, 9 Nov 2018 16:12:57 +0900 Subject: [PATCH 04/16] Support to multi connection Change-Id: I817d87a99a4b24968652c0075ee47a90481c2b38 Signed-off-by: hyunuktak --- packaging/stc-manager.spec | 2 +- .../{stc-default-connection.h => stc-connection.h} | 17 +- src/monitor/include/stc-monitor-app.h | 6 +- src/monitor/include/stc-monitor-rstn.h | 6 +- src/monitor/include/stc-monitor.h | 6 +- .../{stc-default-connection.c => stc-connection.c} | 414 +++++++++++------- src/monitor/stc-monitor-app.c | 186 +++++---- src/monitor/stc-monitor-proc.c | 34 +- src/monitor/stc-monitor-rstn.c | 463 +++++++++++---------- src/monitor/stc-monitor.c | 53 +-- src/stc-manager-gdbus.c | 6 +- 11 files changed, 696 insertions(+), 497 deletions(-) rename src/monitor/include/{stc-default-connection.h => stc-connection.h} (77%) rename src/monitor/{stc-default-connection.c => stc-connection.c} (62%) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index e6285e0..9f4e7bd 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.80 +Version: 0.0.81 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/src/monitor/include/stc-default-connection.h b/src/monitor/include/stc-connection.h similarity index 77% rename from src/monitor/include/stc-default-connection.h rename to src/monitor/include/stc-connection.h index 222e77b..85d27de 100644 --- a/src/monitor/include/stc-default-connection.h +++ b/src/monitor/include/stc-connection.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_DEFAULT_CONNECTION_H__ -#define __STC_DEFAULT_CONNECTION_H__ +#ifndef __STC_CONNECTION_H__ +#define __STC_CONNECTION_H__ #include #include "stc-error.h" @@ -39,7 +39,7 @@ typedef struct { } tether_iface_s; /** - * @brief default connection information will be fetched from net-config + * @brief connection information will be fetched from connman */ typedef struct { /* to identify each connection uniquely */ @@ -63,12 +63,11 @@ typedef struct { /* tethering interface */ tether_iface_s tether_iface; -} default_connection_s; +} stc_connection_s; -stc_error_e stc_default_connection_monitor_init(stc_s *stc); -stc_error_e stc_default_connection_monitor_deinit(stc_s *stc); +stc_error_e stc_connection_monitor_init(stc_s *stc); +stc_error_e stc_connection_monitor_deinit(stc_s *stc); -gchar *stc_default_connection_get_ifname(void); -default_connection_s *stc_get_default_connection(void); +GSList *stc_get_connection_list(void); -#endif /* __STC_DEFAULT_CONNECTION_H__ */ +#endif /* __STC_CONNECTION_H__ */ diff --git a/src/monitor/include/stc-monitor-app.h b/src/monitor/include/stc-monitor-app.h index a00d262..3a312fb 100644 --- a/src/monitor/include/stc-monitor-app.h +++ b/src/monitor/include/stc-monitor-app.h @@ -22,7 +22,7 @@ #include "stc-error.h" #include "stc-manager.h" #include "stc-monitor-context.h" -#include "stc-default-connection.h" +#include "stc-connection.h" #define MAC_ADDRESS_LEN 18 #define SUBSCRIBERID_NONE "none_subid" @@ -56,7 +56,7 @@ void stc_monitor_app_add_by_iface(const char *app_id); void stc_monitor_app_add_monitor(gpointer key, gpointer value, gpointer data); -void stc_monitor_app_add_by_connection(default_connection_s *conn); +void stc_monitor_app_add_by_connection(stc_connection_s *conn); void stc_monitor_app_add_accept(gpointer key, gpointer value, gpointer data); @@ -66,7 +66,7 @@ stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id); void stc_monitor_app_remove_monitor(gpointer key, gpointer value, gpointer data); -void stc_monitor_app_remove_by_connection(default_connection_s *conn); +void stc_monitor_app_remove_by_connection(stc_connection_s *conn); void stc_monitor_app_remove_accept(gpointer key, gpointer value, gpointer data); diff --git a/src/monitor/include/stc-monitor-rstn.h b/src/monitor/include/stc-monitor-rstn.h index 0480c3b..ecf404d 100644 --- a/src/monitor/include/stc-monitor-rstn.h +++ b/src/monitor/include/stc-monitor-rstn.h @@ -22,7 +22,7 @@ #include "stc-error.h" #include "stc-manager.h" #include "stc-monitor-context.h" -#include "stc-default-connection.h" +#include "stc-connection.h" #include "stc-restriction.h" #include "table-restrictions.h" @@ -98,13 +98,13 @@ stc_error_e stc_monitor_rstn_add(const table_restrictions_info *info); void stc_monitor_rstn_add_for_app(uint32_t classid); -void stc_monitor_rstn_add_by_connection(default_connection_s *conn); +void stc_monitor_rstn_add_by_connection(stc_connection_s *conn); stc_error_e stc_monitor_rstn_remove(const table_restrictions_info *info); void stc_monitor_rstn_remove_for_app(uint32_t classid); -void stc_monitor_rstn_remove_by_connection(default_connection_s *conn); +void stc_monitor_rstn_remove_by_connection(stc_connection_s *conn); void stc_monitor_rstns_load(void); diff --git a/src/monitor/include/stc-monitor.h b/src/monitor/include/stc-monitor.h index 8fa8bc9..32404b0 100644 --- a/src/monitor/include/stc-monitor.h +++ b/src/monitor/include/stc-monitor.h @@ -78,7 +78,11 @@ void stc_monitor_set_background_state(gboolean value); gboolean stc_monitor_get_background_state(void); -void stc_monitor_update_by_default_connection(void *data); +void stc_monitor_update_by_connection(void *data); + +void stc_monitor_add_by_connection(void *data); + +void stc_monitor_remove_by_connection(void *data); stc_error_e stc_monitor_check_excn_by_cmdline(char *cmdline); diff --git a/src/monitor/stc-default-connection.c b/src/monitor/stc-connection.c similarity index 62% rename from src/monitor/stc-default-connection.c rename to src/monitor/stc-connection.c index 8c4b1ef..fb16297 100644 --- a/src/monitor/stc-default-connection.c +++ b/src/monitor/stc-connection.c @@ -20,7 +20,7 @@ #include "stc-monitor.h" #include "stc-firewall.h" #include "stc-manager-gdbus.h" -#include "stc-default-connection.h" +#include "stc-connection.h" /* connman service dbus details */ #define CONNMAN_SERVICE "net.connman" @@ -51,8 +51,37 @@ #define VCONF_TELEPHONY_DEFAULT_DATA_SERVICE "db/telephony/dualsim/default_data_service" -default_connection_s g_default_connection; -guint g_default_connection_sub_id = 0; +stc_connection_s *g_default_connection = NULL; +GSList *g_connection_list = NULL; +guint g_connection_sub_id = 0; + +static void __conn_list_free(gpointer value) +{ + stc_connection_s *conn = (stc_connection_s *)value; + + FREE(conn->path); + FREE(conn->ifname); + FREE(conn->tether_iface.ifname); + FREE(conn); +} + +static gint __conn_list_comp(gconstpointer a, gconstpointer b) +{ + stc_connection_s *conn = (stc_connection_s *)a; + char *path = (char *)b; + + if (g_strcmp0(conn->path, path) == 0) + return 0; + + return -1; +} + +static void __update_monitor_by_conn(gpointer data, gpointer user_data) +{ + stc_connection_s *conn = (stc_connection_s *)data; + + stc_monitor_update_by_connection(conn); +} static int __telephony_get_current_sim(void) { @@ -78,7 +107,7 @@ static int __telephony_get_current_sim(void) return current_sim; } -static void __make_imsi_to_subscriber_id(char *imsi) +static void __make_imsi_to_subscriber_id(stc_connection_s *conn, char *imsi) { int i = 0; SHA256_CTX ctx; @@ -89,11 +118,11 @@ static void __make_imsi_to_subscriber_id(char *imsi) SHA256_Final(md, &ctx); for (i = 0; i < SHA256_DIGEST_LENGTH; ++i) - snprintf(g_default_connection.subscriber_id + (i * 2), 3, "%02x", md[i]); + snprintf(conn->subscriber_id + (i * 2), 3, "%02x", md[i]); } static void __telephony_get_modem_subscriber_id(GDBusConnection *connection, - const char *default_modem_name) + stc_connection_s *conn, const char *default_modem_name) { GVariant *message = NULL; char tel_path[MAX_PATH_LENGTH]; @@ -130,14 +159,15 @@ static void __telephony_get_modem_subscriber_id(GDBusConnection *connection, } snprintf(imsi, IMSI_LENGTH, "%s%s", plmn, msin); - __make_imsi_to_subscriber_id(imsi); + __make_imsi_to_subscriber_id(conn, imsi); done: g_variant_unref(message); return; } -static void __telephony_update_default_modem_subscriber_id(GDBusConnection *connection) +static void __telephony_update_default_modem_subscriber_id(GDBusConnection *connection, + stc_connection_s *conn) { GVariant *message = NULL; GVariantIter *iter = NULL; @@ -173,7 +203,7 @@ static void __telephony_update_default_modem_subscriber_id(GDBusConnection *conn current_sim--; //LCOV_EXCL_LINE } - __telephony_get_modem_subscriber_id(connection, default_modem_name); + __telephony_get_modem_subscriber_id(connection, conn, default_modem_name); FREE(default_modem_name); g_variant_iter_free(iter); @@ -181,38 +211,27 @@ static void __telephony_update_default_modem_subscriber_id(GDBusConnection *conn return; } -static void __print_default_connection_info(void) +static void __print_connection_info(stc_connection_s *conn) { - STC_LOGI("============= default connection info ============"); - STC_LOGI("path [%s]", g_default_connection.path); - STC_LOGI("type [%d]", g_default_connection.type); - STC_LOGI("ifname [%s]", g_default_connection.ifname); - STC_LOGI("roaming [%u]", g_default_connection.roaming ? TRUE : FALSE); - if (g_default_connection.type == STC_IFACE_DATACALL) - STC_LOGI("sub_id [%s]", g_default_connection.subscriber_id); + STC_LOGI("============= connection info ============"); + STC_LOGI("path [%s]", conn->path); + STC_LOGI("type [%d]", conn->type); + STC_LOGI("ifname [%s]", conn->ifname); + STC_LOGI("roaming [%u]", conn->roaming ? TRUE : FALSE); + if (conn->type == STC_IFACE_DATACALL) + STC_LOGI("sub_id [%s]", conn->subscriber_id); STC_LOGI("=================================================="); } static void __print_tether_connection_info(void) { STC_LOGI("============= tethering connection info ============"); - STC_LOGI("mode [%u]", g_default_connection.tether_state ? TRUE : FALSE); - STC_LOGI("type [%d]", g_default_connection.tether_iface.type); - STC_LOGI("ifname [%s]", g_default_connection.tether_iface.ifname); + STC_LOGI("mode [%u]", g_default_connection->tether_state ? TRUE : FALSE); + STC_LOGI("type [%d]", g_default_connection->tether_iface.type); + STC_LOGI("ifname [%s]", g_default_connection->tether_iface.ifname); STC_LOGI("===================================================="); } -static void __reset_default_connection_data(void) -{ - FREE(g_default_connection.path); - FREE(g_default_connection.ifname); - FREE(g_default_connection.tether_iface.ifname); - g_default_connection.type = STC_IFACE_UNKNOWN; - g_default_connection.roaming = FALSE; - g_default_connection.tether_iface.type = STC_IFACE_UNKNOWN; - g_default_connection.tether_state = FALSE; -} - static gboolean __is_cellular_internet_profile(const char *profile) { const char internet_suffix[] = "_1"; @@ -293,8 +312,8 @@ static gboolean __is_connected(GVariantIter *array) return is_connected; } -static void __get_default_connection_info(GDBusConnection *connection, - const char *object_path) +static void __get_connection_info(GDBusConnection *connection, + stc_connection_s *conn, const char *object_path) { GVariant *message = NULL; GVariantIter *iter = NULL; @@ -338,8 +357,7 @@ static void __get_default_connection_info(GDBusConnection *connection, const gchar *value = g_variant_get_string(variant1, NULL); - g_default_connection.ifname = - g_strdup(value); + conn->ifname = g_strdup(value); } } @@ -351,7 +369,7 @@ static void __get_default_connection_info(GDBusConnection *connection, if (g_variant_is_of_type(variant, G_VARIANT_TYPE_BOOLEAN)) { roaming = g_variant_get_boolean(variant); - g_default_connection.roaming = roaming; + conn->roaming = roaming; } } } @@ -366,12 +384,14 @@ done: return; } -static stc_error_e __get_default_profile(GDBusConnection *connection) +static stc_error_e __get_connected_profiles(GDBusConnection *connection) { GVariant *message = NULL; GVariantIter *iter = NULL; GVariantIter *next; gchar *object_path; + stc_connection_s *conn; + gboolean default_conn = TRUE; message = stc_manager_gdbus_call_sync(connection, CONNMAN_SERVICE, @@ -383,6 +403,8 @@ static stc_error_e __get_default_profile(GDBusConnection *connection) return STC_ERROR_FAIL; //LCOV_EXCL_LINE } + g_slist_free_full(g_connection_list, __conn_list_free); + g_variant_get(message, "(a(oa{sv}))", &iter); while (g_variant_iter_loop(iter, "(oa{sv})", &object_path, &next)) { if (object_path == NULL) @@ -393,105 +415,144 @@ static stc_error_e __get_default_profile(GDBusConnection *connection) continue; if (__is_connected(next) == TRUE) { - /* reset old default connection data */ - FREE(g_default_connection.path); - FREE(g_default_connection.ifname); - g_default_connection.type = STC_IFACE_UNKNOWN; - g_default_connection.roaming = FALSE; + conn = MALLOC0(stc_connection_s, 1); + if (conn == NULL) + continue; + + conn->path = g_strdup(object_path); + conn->roaming = FALSE; + + if (__is_cellular_profile(conn->path)) { + conn->type = STC_IFACE_DATACALL; + __telephony_update_default_modem_subscriber_id(connection, conn); + } else if (__is_wifi_profile(conn->path)) { + conn->type = STC_IFACE_WIFI; + } else if (__is_ethernet_profile(conn->path)) { + conn->type = STC_IFACE_WIRED; + } else if (__is_bluetooth_profile(conn->path)) { + conn->type = STC_IFACE_BLUETOOTH; + } else { + conn->type = STC_IFACE_UNKNOWN; + } + + __get_connection_info(connection, conn, conn->path); + __print_connection_info(conn); + + if (default_conn == TRUE) { + g_default_connection = conn; + default_conn = FALSE; + } + + g_connection_list = g_slist_append(g_connection_list, conn); - g_default_connection.path = g_strdup(object_path); g_free(object_path); g_variant_iter_free(next); - break; + continue; } } g_variant_iter_free(iter); g_variant_unref(message); - if (__is_cellular_profile(g_default_connection.path)) { - g_default_connection.type = STC_IFACE_DATACALL; //LCOV_EXCL_LINE - __telephony_update_default_modem_subscriber_id(connection); //LCOV_EXCL_LINE - } else if (__is_wifi_profile(g_default_connection.path)) { - g_default_connection.type = STC_IFACE_WIFI; //LCOV_EXCL_LINE - } else if (__is_ethernet_profile(g_default_connection.path)) { - g_default_connection.type = STC_IFACE_WIRED; //LCOV_EXCL_LINE - } else if (__is_bluetooth_profile(g_default_connection.path)) { - g_default_connection.type = STC_IFACE_BLUETOOTH; //LCOV_EXCL_LINE - } else { - g_default_connection.type = STC_IFACE_UNKNOWN; //LCOV_EXCL_LINE - } - - __get_default_connection_info(connection, g_default_connection.path); - - __print_default_connection_info(); - - stc_monitor_update_by_default_connection(&g_default_connection); + g_slist_foreach(g_connection_list, __update_monitor_by_conn, NULL); stc_firewall_update(); return STC_ERROR_NONE; } -static void _service_signal_cb(GDBusConnection *conn, - const gchar *name, const gchar *path, - const gchar *interface, const gchar *sig, - GVariant *param, gpointer user_data) +static stc_error_e __get_default_connection(GDBusConnection *connection) { - gchar *sigvalue = NULL; - GVariant *variant = NULL; - stc_s *stc = (stc_s *)stc_get_manager(); - ret_msg_if(stc == NULL, "failed to get stc data"); + GVariant *message = NULL; + GVariantIter *iter = NULL; + GVariantIter *next; + gchar *object_path; - if (path == NULL || param == NULL) - goto done; + message = stc_manager_gdbus_call_sync(connection, + CONNMAN_SERVICE, + CONNMAN_MANAGER_PATH, + CONNMAN_MANAGER_INTERFACE, + "GetServices", NULL); + if (message == NULL) { + STC_LOGE("Failed to get profiles"); //LCOV_EXCL_LINE + return STC_ERROR_FAIL; //LCOV_EXCL_LINE + } - g_variant_get(param, "(sv)", &sigvalue, &variant); - if (sigvalue == NULL) - goto done; + g_variant_get(message, "(a(oa{sv}))", &iter); + while (g_variant_iter_loop(iter, "(oa{sv})", &object_path, &next)) { + if (object_path == NULL) + continue; //LCOV_EXCL_LINE - if (g_strcmp0(sig, CONNMAN_SIGNAL_PROPERTY_CHANGED) != 0) - goto done; + if (__is_cellular_profile(object_path) && + !__is_cellular_internet_profile(object_path)) + continue; - if (g_strcmp0(sigvalue, "State") == 0 && - g_variant_is_of_type(variant, G_VARIANT_TYPE_STRING)) { - const gchar *state = NULL; + if (__is_connected(next) == TRUE) { + GSList *comp = g_slist_find_custom(g_connection_list, + object_path, __conn_list_comp); + if (comp && comp->data) + g_default_connection = comp->data; - state = g_variant_get_string(variant, NULL); - if (g_strcmp0(state, "ready") == 0 || - g_strcmp0(state, "online") == 0) { - if (g_strcmp0(g_default_connection.path, path)) { - __reset_default_connection_data(); - __get_default_profile(stc->connection); - } - } else { - if (g_strcmp0(g_default_connection.path, path) == 0) { - __reset_default_connection_data(); //LCOV_EXCL_LINE - __get_default_profile(stc->connection); //LCOV_EXCL_LINE - } + break; } - } else if (g_strcmp0(sigvalue, "Roaming") == 0) { - //LCOV_EXCL_START - if (g_strcmp0(g_default_connection.path, path) == 0) { - gboolean roaming = 0; + } - if (g_variant_is_of_type(variant, - G_VARIANT_TYPE_BOOLEAN)) { - roaming = g_variant_get_boolean(variant); - g_default_connection.roaming = roaming; - } - } - //LCOV_EXCL_STOP + g_variant_iter_free(iter); + g_variant_unref(message); + + return STC_ERROR_NONE; +} + +static void __append_connected_profile(GDBusConnection *connection, + const char *path) +{ + stc_connection_s *conn; + + conn = MALLOC0(stc_connection_s, 1); + if (conn == NULL) + return; + + conn->path = g_strdup(path); + conn->roaming = FALSE; + + if (__is_cellular_profile(conn->path)) { + conn->type = STC_IFACE_DATACALL; + __telephony_update_default_modem_subscriber_id(connection, conn); + } else if (__is_wifi_profile(conn->path)) { + conn->type = STC_IFACE_WIFI; + } else if (__is_ethernet_profile(conn->path)) { + conn->type = STC_IFACE_WIRED; + } else if (__is_bluetooth_profile(conn->path)) { + conn->type = STC_IFACE_BLUETOOTH; } else { - ;//Do nothing + conn->type = STC_IFACE_UNKNOWN; } -done: - if (sigvalue) - g_free(sigvalue); - if (variant) - g_variant_unref(variant); + __get_connection_info(connection, conn, conn->path); + __print_connection_info(conn); - return; + g_connection_list = g_slist_append(g_connection_list, conn); + + stc_monitor_add_by_connection(conn); + stc_firewall_update(); + + __get_default_connection(connection); +} + +static void __remove_disconnected_profile(GDBusConnection *connection, + stc_connection_s *conn) +{ + __print_connection_info(conn); + + stc_monitor_remove_by_connection(conn); + + g_connection_list = g_slist_remove(g_connection_list, conn); + + __get_default_connection(connection); + + FREE(conn->path); + FREE(conn->ifname); + FREE(conn->tether_iface.ifname); + FREE(conn); } static void __vconf_key_callback(keynode_t *node, void *user_data) @@ -503,6 +564,9 @@ static void __vconf_key_callback(keynode_t *node, void *user_data) return; } + if (g_default_connection == NULL) + return; + if (vconf_keynode_get_type(node) != VCONF_TYPE_INT) { STC_LOGE("Invalid vconf key type"); return; @@ -514,31 +578,31 @@ static void __vconf_key_callback(keynode_t *node, void *user_data) switch (vconf_key) { case VCONFKEY_MOBILE_HOTSPOT_MODE_USB: STC_LOGI("Hotspot mode USB type !"); - g_default_connection.tether_state = TRUE; - g_default_connection.tether_iface.ifname = g_strdup(TETHERING_USB_IF); - g_default_connection.tether_iface.type = STC_IFACE_USB; + g_default_connection->tether_state = TRUE; + g_default_connection->tether_iface.ifname = g_strdup(TETHERING_USB_IF); + g_default_connection->tether_iface.type = STC_IFACE_USB; break; case VCONFKEY_MOBILE_HOTSPOT_MODE_WIFI: STC_LOGI("Hotspot mode Wi-Fi type !"); - g_default_connection.tether_state = TRUE; - g_default_connection.tether_iface.ifname = g_strdup(TETHERING_WIFI_IF); - g_default_connection.tether_iface.type = STC_IFACE_WIFI; + g_default_connection->tether_state = TRUE; + g_default_connection->tether_iface.ifname = g_strdup(TETHERING_WIFI_IF); + g_default_connection->tether_iface.type = STC_IFACE_WIFI; break; case VCONFKEY_MOBILE_HOTSPOT_MODE_BT: STC_LOGI("Hotspot mode Bluetooth type !"); - g_default_connection.tether_state = TRUE; - g_default_connection.tether_iface.ifname = g_strdup(TETHERING_BT_IF); - g_default_connection.tether_iface.type = STC_IFACE_BLUETOOTH; + g_default_connection->tether_state = TRUE; + g_default_connection->tether_iface.ifname = g_strdup(TETHERING_BT_IF); + g_default_connection->tether_iface.type = STC_IFACE_BLUETOOTH; break; case VCONFKEY_MOBILE_HOTSPOT_MODE_P2P: STC_LOGI("Hotspot mode P2P type !"); - g_default_connection.tether_state = TRUE; - g_default_connection.tether_iface.ifname = g_strdup(TETHERING_P2P_IF); - g_default_connection.tether_iface.type = STC_IFACE_P2P; + g_default_connection->tether_state = TRUE; + g_default_connection->tether_iface.ifname = g_strdup(TETHERING_P2P_IF); + g_default_connection->tether_iface.type = STC_IFACE_P2P; break; case VCONFKEY_MOBILE_HOTSPOT_MODE_NONE: STC_LOGI("Hotspot mode none"); - g_default_connection.tether_state = FALSE; + g_default_connection->tether_state = FALSE; break; default: STC_LOGE("Unknown Hotspot mode type !"); @@ -546,32 +610,98 @@ static void __vconf_key_callback(keynode_t *node, void *user_data) } /* add monitoring for tethering if active found */ - if (g_default_connection.tether_state == TRUE && g_default_connection.tether_iface.ifname) { + if (g_default_connection->tether_state == TRUE && g_default_connection->tether_iface.ifname) { __print_tether_connection_info(); - stc_monitor_update_by_default_connection(&g_default_connection); + stc_monitor_update_by_connection(&g_default_connection); stc_firewall_update(); STC_LOGI("Data monitoring started for tethering iface !"); return; } /* remove monitoring for tethering if in-active found */ - if (g_default_connection.tether_state == FALSE && g_default_connection.tether_iface.ifname) { - stc_monitor_update_by_default_connection(&g_default_connection); - g_free(g_default_connection.tether_iface.ifname); - g_default_connection.tether_iface.ifname = NULL; - g_default_connection.tether_iface.type = STC_IFACE_UNKNOWN; + if (g_default_connection->tether_state == FALSE && g_default_connection->tether_iface.ifname) { + stc_monitor_update_by_connection(&g_default_connection); + g_free(g_default_connection->tether_iface.ifname); + g_default_connection->tether_iface.ifname = NULL; + g_default_connection->tether_iface.type = STC_IFACE_UNKNOWN; STC_LOGI("Data monitoring stopped for tethering iface !"); return; } } -stc_error_e stc_default_connection_monitor_init(stc_s *stc) +static void _service_signal_cb(GDBusConnection *connection, + const gchar *name, const gchar *path, + const gchar *interface, const gchar *sig, + GVariant *param, gpointer user_data) +{ + gchar *sigvalue = NULL; + GVariant *variant = NULL; + stc_s *stc = (stc_s *)stc_get_manager(); + ret_msg_if(stc == NULL, "failed to get stc data"); + + if (path == NULL || param == NULL) + goto done; + + g_variant_get(param, "(sv)", &sigvalue, &variant); + if (sigvalue == NULL) + goto done; + + if (g_strcmp0(sig, CONNMAN_SIGNAL_PROPERTY_CHANGED) != 0) + goto done; + + if (g_strcmp0(sigvalue, "State") == 0 && + g_variant_is_of_type(variant, G_VARIANT_TYPE_STRING)) { + const gchar *state = NULL; + + state = g_variant_get_string(variant, NULL); + if (g_strcmp0(state, "ready") == 0 || + g_strcmp0(state, "online") == 0) { + GSList *comp = g_slist_find_custom(g_connection_list, + path, __conn_list_comp); + if (!comp) + __append_connected_profile(stc->connection, path); + } else if (g_strcmp0(state, "idle") == 0 || + g_strcmp0(state, "disconnect") == 0) { + GSList *comp = g_slist_find_custom(g_connection_list, + path, __conn_list_comp); + if (comp && comp->data) + __remove_disconnected_profile(stc->connection, comp->data); + } + } else if (g_strcmp0(sigvalue, "Roaming") == 0) { + //LCOV_EXCL_START + GSList *comp = g_slist_find_custom(g_connection_list, + path, __conn_list_comp); + + if (comp) { + stc_connection_s *conn = comp->data; + gboolean roaming = 0; + + if (g_variant_is_of_type(variant, G_VARIANT_TYPE_BOOLEAN)) { + roaming = g_variant_get_boolean(variant); + conn->roaming = roaming; + } + } + //LCOV_EXCL_STOP + } else { + ;//Do nothing + } +done: + if (sigvalue) + g_free(sigvalue); + + if (variant) + g_variant_unref(variant); + + return; +} + +stc_error_e stc_connection_monitor_init(stc_s *stc) { int ret; ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); - __get_default_profile(stc->connection); - g_default_connection_sub_id = + __get_connected_profiles(stc->connection); + g_connection_sub_id = stc_manager_gdbus_subscribe_signal(stc->connection, CONNMAN_SERVICE, CONNMAN_SERVICE_INTERFACE, @@ -589,23 +719,19 @@ stc_error_e stc_default_connection_monitor_init(stc_s *stc) return STC_ERROR_NONE; } -stc_error_e stc_default_connection_monitor_deinit(stc_s *stc) +stc_error_e stc_connection_monitor_deinit(stc_s *stc) { ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); stc_manager_gdbus_unsubscribe_signal(stc->connection, - g_default_connection_sub_id); - FREE(g_default_connection.path); - FREE(g_default_connection.ifname); - return STC_ERROR_NONE; -} + g_connection_sub_id); -gchar *stc_default_connection_get_ifname(void) -{ - return g_strdup(g_default_connection.ifname); + g_slist_free_full(g_connection_list, __conn_list_free); + + return STC_ERROR_NONE; } -default_connection_s *stc_get_default_connection(void) +GSList *stc_get_connection_list(void) { - return &g_default_connection; + return g_connection_list; } diff --git a/src/monitor/stc-monitor-app.c b/src/monitor/stc-monitor-app.c index 16f0f72..6441593 100644 --- a/src/monitor/stc-monitor-app.c +++ b/src/monitor/stc-monitor-app.c @@ -46,74 +46,77 @@ static void __app_update_statistics(gpointer key, { stc_app_value_s *app_value = (stc_app_value_s *)value; time_t *touch_time = (time_t *)data; - stc_db_classid_iftype_key stat_key; - stc_db_app_stats stat; - default_connection_s *default_connection = stc_get_default_connection(); - - memset(&stat_key, 0, sizeof(stc_db_classid_iftype_key)); - memset(&stat, 0 , sizeof(stc_db_app_stats)); - - /* Do not update statistics for Tethering - * if tethering is in-active found */ - if (default_connection && - default_connection->tether_state == FALSE && - !strcmp(app_value->app_id, STC_TOTAL_TETHERING)) - return; + GSList *conn_list = stc_get_connection_list(); - /* Do not update statistics for Wi-Fi - * if tethering is active on wlan0 iface */ - if (default_connection && default_connection->tether_state && - default_connection->tether_iface.type == STC_IFACE_WIFI && - !strcmp(app_value->app_id, STC_TOTAL_WIFI)) - return; + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + stc_db_classid_iftype_key stat_key; + stc_db_app_stats stat; + + memset(&stat_key, 0, sizeof(stc_db_classid_iftype_key)); + memset(&stat, 0 , sizeof(stc_db_app_stats)); + + /* Do not update statistics for Tethering + * if tethering is in-active found */ + if (conn && conn->tether_state == FALSE && + !strcmp(app_value->app_id, STC_TOTAL_TETHERING)) + return; + + /* Do not update statistics for Wi-Fi + * if tethering is active on wlan0 iface */ + if (conn && conn->tether_state && + conn->tether_iface.type == STC_IFACE_WIFI && + !strcmp(app_value->app_id, STC_TOTAL_WIFI)) + return; + + stat_key.classid = app_value->classid; - stat_key.classid = app_value->classid; - - if (app_value->classid == STC_TETHERING_APP_CLASSID && - default_connection->tether_state == TRUE) - stat_key.iftype = default_connection->tether_iface.type; - else if (g_str_has_suffix(app_value->app_id, STC_TETHERING_APP_SUFFIX)) - stat_key.iftype = default_connection->tether_iface.type; - else - stat_key.iftype = default_connection->type; - - if (STC_IFACE_DATACALL == stat_key.iftype) - stat_key.subscriber_id = g_strdup(default_connection->subscriber_id); - else - stat_key.subscriber_id = g_strdup(SUBSCRIBERID_NONE); - - if (app_value->classid == STC_TETHERING_APP_CLASSID && - default_connection->tether_state == TRUE) - g_strlcpy(stat_key.ifname, default_connection->tether_iface.ifname, - MAX_IFACE_LENGTH); - else if (g_str_has_suffix(app_value->app_id, STC_TETHERING_APP_SUFFIX)) - g_strlcpy(stat_key.ifname, default_connection->tether_iface.ifname, - MAX_IFACE_LENGTH); - else - g_strlcpy(stat_key.ifname, default_connection->ifname, - MAX_IFACE_LENGTH); - - stat.app_id = g_strdup(app_value->app_id); - stat.snd_count = app_value->counter.out_bytes; - stat.rcv_count = app_value->counter.in_bytes; - stat.is_roaming = default_connection->roaming; - - if (strstr(stat.app_id, "_BACKGROUND")) { - stat.ground = STC_APP_STATE_BACKGROUND; - } else { - if (strstr(stat.app_id, "TOTAL_")) - stat.ground = STC_APP_STATE_UNKNOWN; + if (app_value->classid == STC_TETHERING_APP_CLASSID && + conn->tether_state == TRUE) + stat_key.iftype = conn->tether_iface.type; + else if (g_str_has_suffix(app_value->app_id, STC_TETHERING_APP_SUFFIX)) + stat_key.iftype = conn->tether_iface.type; else - stat.ground = STC_APP_STATE_FOREGROUND; - } + stat_key.iftype = conn->type; + + if (STC_IFACE_DATACALL == stat_key.iftype) + stat_key.subscriber_id = g_strdup(conn->subscriber_id); + else + stat_key.subscriber_id = g_strdup(SUBSCRIBERID_NONE); + + if (app_value->classid == STC_TETHERING_APP_CLASSID && + conn->tether_state == TRUE) + g_strlcpy(stat_key.ifname, conn->tether_iface.ifname, + MAX_IFACE_LENGTH); + else if (g_str_has_suffix(app_value->app_id, STC_TETHERING_APP_SUFFIX)) + g_strlcpy(stat_key.ifname, conn->tether_iface.ifname, + MAX_IFACE_LENGTH); + else + g_strlcpy(stat_key.ifname, conn->ifname, + MAX_IFACE_LENGTH); - table_statistics_insert(&stat_key, &stat, *touch_time); + stat.app_id = g_strdup(app_value->app_id); + stat.snd_count = app_value->counter.out_bytes; + stat.rcv_count = app_value->counter.in_bytes; + stat.is_roaming = conn->roaming; + + if (strstr(stat.app_id, "_BACKGROUND")) { + stat.ground = STC_APP_STATE_BACKGROUND; + } else { + if (strstr(stat.app_id, "TOTAL_")) + stat.ground = STC_APP_STATE_UNKNOWN; + else + stat.ground = STC_APP_STATE_FOREGROUND; + } - app_value->counter.out_bytes = 0; - app_value->counter.in_bytes = 0; + table_statistics_insert(&stat_key, &stat, *touch_time); - FREE(stat.app_id); - FREE(stat_key.subscriber_id); + app_value->counter.out_bytes = 0; + app_value->counter.in_bytes = 0; + + FREE(stat.app_id); + FREE(stat_key.subscriber_id); + } return; } @@ -122,7 +125,7 @@ static gboolean __add_app_monitor_for_tethering(gpointer key, gpointer value, gpointer data) { stc_app_value_s *app_value = (stc_app_value_s *)value; - default_connection_s *connection = (default_connection_s *)data; + stc_connection_s *connection = (stc_connection_s *)data; stc_s *stc = stc_get_manager(); struct nfacct_rule counter; char *ipaddr = NULL; @@ -172,7 +175,7 @@ static gboolean __remove_app_monitor_for_tethering(gpointer key, gpointer value, gpointer data) { stc_app_value_s *app_value = (stc_app_value_s *)value; - default_connection_s *connection = (default_connection_s *)data; + stc_connection_s *connection = (stc_connection_s *)data; stc_s *stc = stc_get_manager(); struct nfacct_rule counter; char *ipaddr = NULL; @@ -347,6 +350,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, stc_app_value_s *lookup_value; GHashTable *apps = stc_monitor_get_system_apps(); + GSList *conn_list = stc_get_connection_list(); if (!apps) return STC_ERROR_NO_DATA; @@ -391,13 +395,16 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, g_hash_table_insert(apps, GUINT_TO_POINTER(classid), app_value); - /* add nfacct rule for this classid */ - stc_monitor_app_add_monitor(GUINT_TO_POINTER(classid), - app_value, stc_get_default_connection()); + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + /* add nfacct rule for this classid */ + stc_monitor_app_add_monitor(GUINT_TO_POINTER(classid), + app_value, conn); - if (app_value->state == STC_APP_STATE_FOREGROUND) - stc_monitor_app_add_accept(GUINT_TO_POINTER(classid), - app_value, stc_get_default_connection()); + if (app_value->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_add_accept(GUINT_TO_POINTER(classid), + app_value, conn); + } stc_monitor_rstn_add_for_app(classid); @@ -431,7 +438,7 @@ void stc_monitor_app_add_monitor(gpointer key, gpointer value, gpointer data) { stc_app_value_s *app_value = (stc_app_value_s *)value; - default_connection_s *connection = (default_connection_s *)data; + stc_connection_s *connection = (stc_connection_s *)data; stc_s *stc = stc_get_manager(); if (app_value->classid == STC_TOTAL_DATACALL_CLASSID || @@ -485,7 +492,7 @@ void stc_monitor_app_add_monitor(gpointer key, } } -void stc_monitor_app_add_by_connection(default_connection_s *conn) +void stc_monitor_app_add_by_connection(stc_connection_s *conn) { GHashTable *apps = stc_monitor_get_system_apps(); @@ -493,13 +500,14 @@ void stc_monitor_app_add_by_connection(default_connection_s *conn) return; g_hash_table_foreach(apps, stc_monitor_app_add_monitor, conn); + g_hash_table_foreach(apps, stc_monitor_app_add_accept, conn); } void stc_monitor_app_add_accept(gpointer key, gpointer value, gpointer data) { stc_app_value_s *app_value = (stc_app_value_s *)value; - default_connection_s *connection = (default_connection_s *)data; + stc_connection_s *connection = (stc_connection_s *)data; stc_s *stc = stc_get_manager(); if (app_value->classid == STC_TOTAL_DATACALL_CLASSID || @@ -507,6 +515,9 @@ void stc_monitor_app_add_accept(gpointer key, app_value->classid == STC_TOTAL_BLUETOOTH_CLASSID) return; + if (app_value->state != STC_APP_STATE_FOREGROUND) + return; + if (stc && connection && connection->ifname) { struct nfacct_rule counter; @@ -547,6 +558,7 @@ API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) { stc_app_value_s *app_lookup; GHashTable *apps = stc_monitor_get_system_apps(); + GSList *conn_list = stc_get_connection_list(); if (!apps) return STC_ERROR_NO_DATA; @@ -560,9 +572,16 @@ API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) return STC_ERROR_FAIL; } - /* remove nfacct rule for this classid */ - stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), - app_lookup, stc_get_default_connection()); + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + /* remove nfacct rule for this classid */ + stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), + app_lookup, conn); + + if (app_lookup->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), + app_lookup, conn); + } /* remove ristrictions if any */ stc_monitor_rstn_remove_for_app(classid); @@ -580,7 +599,7 @@ void stc_monitor_app_remove_monitor(gpointer key, gpointer value, gpointer data) { stc_app_value_s *app_value = (stc_app_value_s *)value; - default_connection_s *connection = (default_connection_s *)data; + stc_connection_s *connection = (stc_connection_s *)data; stc_s *stc = stc_get_manager(); if (stc && connection && connection->ifname) { @@ -632,7 +651,7 @@ void stc_monitor_app_remove_monitor(gpointer key, return; } -void stc_monitor_app_remove_by_connection(default_connection_s *conn) +void stc_monitor_app_remove_by_connection(stc_connection_s *conn) { GHashTable *apps = stc_monitor_get_system_apps(); @@ -640,15 +659,24 @@ void stc_monitor_app_remove_by_connection(default_connection_s *conn) return; g_hash_table_foreach(apps, stc_monitor_app_remove_monitor, conn); + g_hash_table_foreach(apps, stc_monitor_app_remove_accept, conn); } void stc_monitor_app_remove_accept(gpointer key, gpointer value, gpointer data) { stc_app_value_s *app_value = (stc_app_value_s *)value; - default_connection_s *connection = (default_connection_s *)data; + stc_connection_s *connection = (stc_connection_s *)data; stc_s *stc = stc_get_manager(); + if (app_value->classid == STC_TOTAL_DATACALL_CLASSID || + app_value->classid == STC_TOTAL_WIFI_CLASSID || + app_value->classid == STC_TOTAL_BLUETOOTH_CLASSID) + return; + + if (app_value->state != STC_APP_STATE_FOREGROUND) + return; + if (stc && connection && connection->ifname) { struct nfacct_rule counter; diff --git a/src/monitor/stc-monitor-proc.c b/src/monitor/stc-monitor-proc.c index 8b9dfdd..e472421 100644 --- a/src/monitor/stc-monitor-proc.c +++ b/src/monitor/stc-monitor-proc.c @@ -16,7 +16,7 @@ #include "stc-monitor.h" #include "stc-monitor-proc.h" -#include "stc-default-connection.h" +#include "stc-connection.h" #include "helper-net-cls.h" static void __print_proc(gpointer key, gpointer value, @@ -176,6 +176,7 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, stc_app_value_s *app_lookup = NULL; guint pid_count = 0; GHashTable *apps = stc_monitor_get_system_apps(); + GSList *conn_list = stc_get_connection_list(); remove_pid_context_s context = { .pid = pid, .app_value = NULL, @@ -219,13 +220,16 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, pid_count = g_hash_table_size(app_lookup->processes); if (!pid_count) { - /* remove nfacct rule for this classid */ - stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), - app_lookup, stc_get_default_connection()); - - if (app_lookup->state == STC_APP_STATE_FOREGROUND) - stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), - app_lookup, stc_get_default_connection()); + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + /* remove nfacct rule for this classid */ + stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), + app_lookup, conn); + + if (app_lookup->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), + app_lookup, conn); + } stc_monitor_rstn_remove_for_app(classid); @@ -245,6 +249,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, stc_error_e ret = STC_ERROR_NONE; stc_app_value_s *from_lookup = NULL; stc_app_value_s *to_lookup = NULL; + GSList *conn_list = stc_get_connection_list(); GHashTable *apps = stc_monitor_get_system_apps(); if (!apps) @@ -284,12 +289,15 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, "[\033[1;36m%d\033[0;m]", from); } - stc_monitor_app_remove_monitor(GUINT_TO_POINTER(from), - from_lookup, stc_get_default_connection()); + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + stc_monitor_app_remove_monitor(GUINT_TO_POINTER(from), + from_lookup, conn); - if (from_lookup->state == STC_APP_STATE_FOREGROUND) - stc_monitor_app_remove_accept(GUINT_TO_POINTER(from), - from_lookup, stc_get_default_connection()); + if (from_lookup->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_remove_accept(GUINT_TO_POINTER(from), + from_lookup, conn); + } stc_monitor_rstn_remove_for_app(from); diff --git a/src/monitor/stc-monitor-rstn.c b/src/monitor/stc-monitor-rstn.c index d717326..ce3fa63 100644 --- a/src/monitor/stc-monitor-rstn.c +++ b/src/monitor/stc-monitor-rstn.c @@ -104,7 +104,7 @@ static stc_cb_ret_e __statistics_info_cb(const table_statistics_info *info, static void __rstn_add_tether_rule(int64_t classid, gchar *mac, nfacct_rule_intend intend, stc_iface_type_e iftype) { - default_connection_s *connection = stc_get_default_connection(); + GSList *conn_list = stc_get_connection_list(); struct nfacct_rule counter; stc_s *stc = stc_get_manager(); char *ipaddr = NULL; @@ -113,42 +113,46 @@ static void __rstn_add_tether_rule(int64_t classid, gchar *mac, if (!stc || !mac) return; - if (!stc->carg) { - stc->carg = MALLOC0(counter_arg_s, 1); - if (stc->carg == NULL) - return; + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; - stc->carg->sock = stc_monitor_get_contr_sock(); - } + if (!stc->carg) { + stc->carg = MALLOC0(counter_arg_s, 1); + if (stc->carg == NULL) + return; - memset(&counter, 0, sizeof(struct nfacct_rule)); + stc->carg->sock = stc_monitor_get_contr_sock(); + } - counter.carg = stc->carg; - counter.classid = classid; - counter.intend = intend; + memset(&counter, 0, sizeof(struct nfacct_rule)); - if (connection->tether_state != TRUE || - connection->tether_iface.ifname == NULL) - return; + counter.carg = stc->carg; + counter.classid = classid; + counter.intend = intend; - counter.iftype = connection->tether_iface.type; - g_strlcpy(counter.ifname, connection->tether_iface.ifname, MAX_IFACE_LENGTH); + if (conn->tether_state != TRUE || + conn->tether_iface.ifname == NULL) + return; - /* get connected station ip based on its mac */ - ret = stc_plugin_tether_get_station_ip(mac, &ipaddr); - if (ret != STC_ERROR_NONE) - return; + counter.iftype = conn->tether_iface.type; + g_strlcpy(counter.ifname, conn->tether_iface.ifname, MAX_IFACE_LENGTH); - /* tethering iptables rule */ - stc_monitor_tether_add_in(&counter, ipaddr); - stc_monitor_tether_add_out(&counter, ipaddr); - g_free(ipaddr); + /* get connected station ip based on its mac */ + ret = stc_plugin_tether_get_station_ip(mac, &ipaddr); + if (ret != STC_ERROR_NONE) + return; + + /* tethering iptables rule */ + stc_monitor_tether_add_in(&counter, ipaddr); + stc_monitor_tether_add_out(&counter, ipaddr); + g_free(ipaddr); + } } static void __rstn_del_tether_rule(int64_t classid, gchar *mac, nfacct_rule_intend intend, stc_iface_type_e iftype) { - default_connection_s *connection = stc_get_default_connection(); + GSList *conn_list = stc_get_connection_list(); struct nfacct_rule counter; stc_s *stc = stc_get_manager(); char *ipaddr = NULL; @@ -157,134 +161,134 @@ static void __rstn_del_tether_rule(int64_t classid, gchar *mac, if (!stc || !mac) return; - if (!stc->carg) { - stc->carg = MALLOC0(counter_arg_s, 1); - if (stc->carg == NULL) - return; + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; - stc->carg->sock = stc_monitor_get_contr_sock(); - } + if (!stc->carg) { + stc->carg = MALLOC0(counter_arg_s, 1); + if (stc->carg == NULL) + return; - memset(&counter, 0, sizeof(struct nfacct_rule)); + stc->carg->sock = stc_monitor_get_contr_sock(); + } - counter.carg = stc->carg; - counter.classid = classid; - counter.intend = intend; + memset(&counter, 0, sizeof(struct nfacct_rule)); - if (connection->tether_state != TRUE || - connection->tether_iface.ifname == NULL) - return; + counter.carg = stc->carg; + counter.classid = classid; + counter.intend = intend; - counter.iftype = connection->tether_iface.type; - g_strlcpy(counter.ifname, connection->tether_iface.ifname, MAX_IFACE_LENGTH); + if (conn->tether_state != TRUE || + conn->tether_iface.ifname == NULL) + return; - /* get connected station ip based on its mac */ - ret = stc_plugin_tether_get_station_ip(mac, &ipaddr); - if (ret != STC_ERROR_NONE) { - STC_LOGE("Error: no IP found for station mac(%s)", mac); - return; - } + counter.iftype = conn->tether_iface.type; + g_strlcpy(counter.ifname, conn->tether_iface.ifname, MAX_IFACE_LENGTH); + + /* get connected station ip based on its mac */ + ret = stc_plugin_tether_get_station_ip(mac, &ipaddr); + if (ret != STC_ERROR_NONE) { + STC_LOGE("Error: no IP found for station mac(%s)", mac); + return; + } - /* tethering iptables rule */ - stc_monitor_tether_del_in(&counter, ipaddr); - stc_monitor_tether_del_out(&counter, ipaddr); - g_free(ipaddr); + /* tethering iptables rule */ + stc_monitor_tether_del_in(&counter, ipaddr); + stc_monitor_tether_del_out(&counter, ipaddr); + g_free(ipaddr); + } } static void __rstn_add_ipt_rule(int64_t classid, nfacct_rule_intend intend, stc_iface_type_e iftype) { - char *default_ifname = stc_default_connection_get_ifname(); - default_connection_s *connection = stc_get_default_connection(); + GSList *conn_list = stc_get_connection_list(); struct nfacct_rule counter; stc_s *stc = stc_get_manager(); - if (!stc) { - g_free(default_ifname); + + if (!stc) return; - } - if (!stc->carg) { - stc->carg = MALLOC0(counter_arg_s, 1); - if (stc->carg == NULL) { - g_free(default_ifname); - return; - } + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; - stc->carg->sock = stc_monitor_get_contr_sock(); - } + if (!stc->carg) { + stc->carg = MALLOC0(counter_arg_s, 1); + if (stc->carg == NULL) + return; - memset(&counter, 0, sizeof(struct nfacct_rule)); + stc->carg->sock = stc_monitor_get_contr_sock(); + } - counter.carg = stc->carg; - counter.classid = classid; - counter.intend = intend; + memset(&counter, 0, sizeof(struct nfacct_rule)); - if (connection && connection->tether_iface.ifname != NULL && - classid == STC_TETHERING_APP_CLASSID) { - counter.iftype = connection->tether_iface.type; - g_strlcpy(counter.ifname, connection->tether_iface.ifname, MAX_IFACE_LENGTH); - } else { - counter.iftype = iftype; - g_strlcpy(counter.ifname, default_ifname, MAX_IFACE_LENGTH); - } + counter.carg = stc->carg; + counter.classid = classid; + counter.intend = intend; - g_free(default_ifname); + if (conn && conn->tether_iface.ifname != NULL && + classid == STC_TETHERING_APP_CLASSID) { + counter.iftype = conn->tether_iface.type; + g_strlcpy(counter.ifname, conn->tether_iface.ifname, MAX_IFACE_LENGTH); + } else { + counter.iftype = iftype; + g_strlcpy(counter.ifname, conn->ifname, MAX_IFACE_LENGTH); + } - /* iptables rule */ - stc_monitor_ipt_add_in(&counter); - stc_monitor_ipt_add_out(&counter); + /* iptables rule */ + stc_monitor_ipt_add_in(&counter); + stc_monitor_ipt_add_out(&counter); - /* ip6tables rule */ - stc_monitor_ip6t_add_in(&counter); - stc_monitor_ip6t_add_out(&counter); + /* ip6tables rule */ + stc_monitor_ip6t_add_in(&counter); + stc_monitor_ip6t_add_out(&counter); + } } static void __rstn_del_ipt_rule(int64_t classid, nfacct_rule_intend intend, stc_iface_type_e iftype) { - char *default_ifname = stc_default_connection_get_ifname(); - default_connection_s *connection = stc_get_default_connection(); + GSList *conn_list = stc_get_connection_list(); struct nfacct_rule counter; stc_s *stc = stc_get_manager(); - if (!stc) { - g_free(default_ifname); + + if (!stc) return; - } - if (!stc->carg) { - stc->carg = MALLOC0(counter_arg_s, 1); - if (stc->carg == NULL) { - g_free(default_ifname); - return; - } + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; - stc->carg->sock = stc_monitor_get_contr_sock(); - } + if (!stc->carg) { + stc->carg = MALLOC0(counter_arg_s, 1); + if (stc->carg == NULL) + return; - memset(&counter, 0, sizeof(struct nfacct_rule)); + stc->carg->sock = stc_monitor_get_contr_sock(); + } - counter.carg = stc->carg; - counter.classid = classid; - counter.intend = intend; + memset(&counter, 0, sizeof(struct nfacct_rule)); - if (connection && connection->tether_iface.ifname != NULL && - classid == STC_TETHERING_APP_CLASSID) { - counter.iftype = connection->tether_iface.type; - g_strlcpy(counter.ifname, connection->tether_iface.ifname, MAX_IFACE_LENGTH); - } else { - counter.iftype = iftype; - g_strlcpy(counter.ifname, default_ifname, MAX_IFACE_LENGTH); - } + counter.carg = stc->carg; + counter.classid = classid; + counter.intend = intend; - g_free(default_ifname); + if (conn && conn->tether_iface.ifname != NULL && + classid == STC_TETHERING_APP_CLASSID) { + counter.iftype = conn->tether_iface.type; + g_strlcpy(counter.ifname, conn->tether_iface.ifname, MAX_IFACE_LENGTH); + } else { + counter.iftype = iftype; + g_strlcpy(counter.ifname, conn->ifname, MAX_IFACE_LENGTH); + } - /* iptables rule */ - stc_monitor_ipt_del_in(&counter); - stc_monitor_ipt_del_out(&counter); + /* iptables rule */ + stc_monitor_ipt_del_in(&counter); + stc_monitor_ipt_del_out(&counter); - /* ip6tables rule */ - stc_monitor_ip6t_del_in(&counter); - stc_monitor_ip6t_del_out(&counter); + /* ip6tables rule */ + stc_monitor_ip6t_del_in(&counter); + stc_monitor_ip6t_del_out(&counter); + } } static void __rstn_set_noti_state(int value) @@ -305,23 +309,36 @@ static void __rstn_set_noti_state(int value) static void __rstn_tethering_process(enum traffic_restriction_type rstn_type, char *app_id, stc_rstn_data_s *rstn_data, void *data) { - default_connection_s *old_connection = (default_connection_s *)data; - default_connection_s *connection = NULL; + stc_connection_s *old_connection = (stc_connection_s *)data; + stc_connection_s *connection = NULL; char *mac_str = NULL; - if (old_connection != NULL) + if (old_connection != NULL) { connection = old_connection; - else - connection = stc_get_default_connection(); + if (connection->tether_state == FALSE) + return; - /* in case tethering is not active */ - if (connection->tether_state == FALSE) - return; + /* rstn not applicable for this interface */ + if (rstn_data->ifname != NULL && + g_strcmp0("", rstn_data->ifname) != 0 && + g_strcmp0(connection->tether_iface.ifname, rstn_data->ifname) != 0) + return; + } else { + GSList *conn_list = stc_get_connection_list(); + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + if (conn->tether_state == FALSE) + continue; + + if (rstn_data->ifname != NULL && + g_strcmp0(rstn_data->ifname, "") != 0 && + g_strcmp0(conn->tether_iface.ifname, rstn_data->ifname) == 0) + connection = conn; + } - /* rstn not applicable for this interface */ - if (rstn_data->ifname != NULL && g_strcmp0("", rstn_data->ifname) != 0 && - (g_strcmp0(connection->tether_iface.ifname, rstn_data->ifname) != 0)) - return; + if (connection == NULL) + return; + } /* in case appid not a tethering app */ if (!g_str_has_suffix(app_id, STC_TETHERING_APP_SUFFIX)) @@ -443,24 +460,37 @@ static void __rstn_tethering_process(enum traffic_restriction_type rstn_type, static void __rstn_process(enum traffic_restriction_type rstn_type, char *app_id, stc_rstn_data_s *rstn_data, void *data) { - default_connection_s *old_connection = (default_connection_s *)data; - default_connection_s *connection = NULL; + stc_connection_s *old_connection = (stc_connection_s *)data; + stc_connection_s *connection = NULL; - if (old_connection != NULL) + if (old_connection != NULL) { connection = old_connection; - else - connection = stc_get_default_connection(); + if (connection->ifname == NULL) + return; - /* no default ifname */ - if (connection->ifname == NULL) - return; + /* rstn not applicable for this interface */ + if (rstn_data->ifname != NULL && + g_strcmp0(rstn_data->ifname, "") != 0 && + g_strcmp0(connection->ifname, rstn_data->ifname) != 0 && + g_strcmp0(connection->tether_iface.ifname, rstn_data->ifname) != 0) + return; + } else { + GSList *conn_list = stc_get_connection_list(); + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + if (conn == NULL || conn->ifname == NULL) + continue; + + if (rstn_data->ifname != NULL && + g_strcmp0(rstn_data->ifname, "") != 0 && + g_strcmp0(conn->ifname, rstn_data->ifname) == 0 && + g_strcmp0(conn->tether_iface.ifname, rstn_data->ifname) == 0) + connection = conn; + } - /* rstn not applicable for this interface */ - if (rstn_data->ifname != NULL && - g_strcmp0(rstn_data->ifname, "") != 0 && - (g_strcmp0(connection->ifname, rstn_data->ifname) != 0) && - (g_strcmp0(connection->tether_iface.ifname, rstn_data->ifname) != 0)) - return; + if (connection == NULL) + return; + } /* classid is invalid */ if (rstn_data->classid <= STC_UNKNOWN_CLASSID) @@ -986,47 +1016,46 @@ static void __reset_time_counter_foreach_rstn_data(gpointer data, if (rstn_data->limit_exceeded & (1 << i)) { /* remove iptables rule */ - char *default_ifname = stc_default_connection_get_ifname(); + GSList *conn_list = stc_get_connection_list(); struct nfacct_rule counter; stc_s *stc = stc_get_manager(); if (stc == NULL) { STC_LOGE("Can't get stc data"); - g_free(default_ifname); goto try_next_callback; } if (!stc->carg) { stc->carg = MALLOC0(counter_arg_s, 1); if (stc->carg == NULL) { - g_free(default_ifname); goto try_next_callback; } stc->carg->sock = stc_monitor_get_contr_sock(); } - memset(&counter, 0, sizeof(struct nfacct_rule)); + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; - counter.carg = stc->carg; - counter.classid = rstn_data->classid; - counter.intend = NFACCT_BLOCK; - counter.iftype = rstn_data->iftype; - g_strlcpy(counter.ifname, default_ifname, - MAX_IFACE_LENGTH); + memset(&counter, 0, sizeof(struct nfacct_rule)); - g_free(default_ifname); + counter.carg = stc->carg; + counter.classid = rstn_data->classid; + counter.intend = NFACCT_BLOCK; + counter.iftype = rstn_data->iftype; + g_strlcpy(counter.ifname, conn->ifname, MAX_IFACE_LENGTH); - /* iptables rule */ - stc_monitor_ipt_del_in(&counter); - stc_monitor_ipt_del_out(&counter); + /* iptables rule */ + stc_monitor_ipt_del_in(&counter); + stc_monitor_ipt_del_out(&counter); - /* ip6tables rule */ - stc_monitor_ip6t_del_in(&counter); - stc_monitor_ip6t_del_out(&counter); + /* ip6tables rule */ + stc_monitor_ip6t_del_in(&counter); + stc_monitor_ip6t_del_out(&counter); - rstn_data->rstn_state = STC_RSTN_STATE_DEACTIVATED; - rstn_data->limit_exceeded &= ~(1 << i); - rstn_data->limit_notified &= ~(1 << i); + rstn_data->rstn_state = STC_RSTN_STATE_DEACTIVATED; + rstn_data->limit_exceeded &= ~(1 << i); + rstn_data->limit_notified &= ~(1 << i); + } } } } @@ -1084,69 +1113,73 @@ void stc_monitor_rstn_update_counter(gpointer data, int i; stc_rstn_data_s *rstn_data = (stc_rstn_data_s *)data; classid_bytes_context_s *context = (classid_bytes_context_s *)user_data; - default_connection_s *default_connection = stc_get_default_connection(); - - if (rstn_data->iftype != context->counter->iftype) - return; + GSList *conn_list = stc_get_connection_list(); - if (rstn_data->ifname != NULL && - g_strcmp0(rstn_data->ifname, "") && - g_strcmp0(rstn_data->ifname, context->counter->ifname) != 0) - return; + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; - if (rstn_data->subscriber_id != NULL && - g_strcmp0(rstn_data->subscriber_id, "") && - g_strcmp0(rstn_data->subscriber_id, default_connection->subscriber_id) != 0) - return; + if (rstn_data->iftype != context->counter->iftype) + return; - if (rstn_data->roaming != default_connection->roaming) - return; + if (rstn_data->ifname != NULL && + g_strcmp0(rstn_data->ifname, "") && + g_strcmp0(rstn_data->ifname, context->counter->ifname) != 0) + return; - if (rstn_data->limit_exceeded != 0) { - context->data_limit_exceeded = TRUE; - return; - } + if (rstn_data->subscriber_id != NULL && + g_strcmp0(rstn_data->subscriber_id, "") && + g_strcmp0(rstn_data->subscriber_id, conn->subscriber_id) != 0) + return; - switch (context->counter->iotype) { - case NFACCT_COUNTER_IN: - case NFACCT_COUNTER_OUT: - if ((rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA] == 0 && - rstn_data->limit[STC_RSTN_LIMIT_TYPE_DATA] >= 0) || - (rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA_WARN] == 0 && - rstn_data->limit[STC_RSTN_LIMIT_TYPE_DATA_WARN] >= 0) || - (rstn_data->counter[STC_RSTN_LIMIT_TYPE_MONTHLY] == 0 && - rstn_data->limit[STC_RSTN_LIMIT_TYPE_MONTHLY] >= 0) || - (rstn_data->counter[STC_RSTN_LIMIT_TYPE_WEEKLY] == 0 && - rstn_data->limit[STC_RSTN_LIMIT_TYPE_WEEKLY] >= 0) || - (rstn_data->counter[STC_RSTN_LIMIT_TYPE_DAILY] == 0 && - rstn_data->limit[STC_RSTN_LIMIT_TYPE_DAILY] >= 0)) { - table_counters_info info; - memset(&info, 0, sizeof(table_counters_info)); - table_counters_get(rstn_data->restriction_id, &info); + if (rstn_data->roaming != conn->roaming) + return; - rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA] = info.data_counter; - rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA_WARN] = info.warn_counter; - rstn_data->counter[STC_RSTN_LIMIT_TYPE_MONTHLY] = info.monthly_counter; - rstn_data->counter[STC_RSTN_LIMIT_TYPE_WEEKLY] = info.weekly_counter; - rstn_data->counter[STC_RSTN_LIMIT_TYPE_DAILY] = info.daily_counter; + if (rstn_data->limit_exceeded != 0) { + context->data_limit_exceeded = TRUE; + return; } - for (i = 0; i < STC_RSTN_LIMIT_TYPE_MAX; i++) { - if (rstn_data->limit[i] >= 0 && - !(rstn_data->limit_notified & (1 << i))) { - rstn_data->counter[i] += context->bytes; - if (rstn_data->limit[i] <= rstn_data->counter[i]) - stc_monitor_rstn_action_when_limit_exceeded(i, - rstn_data, - context); + switch (context->counter->iotype) { + case NFACCT_COUNTER_IN: + case NFACCT_COUNTER_OUT: + if ((rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA] == 0 && + rstn_data->limit[STC_RSTN_LIMIT_TYPE_DATA] >= 0) || + (rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA_WARN] == 0 && + rstn_data->limit[STC_RSTN_LIMIT_TYPE_DATA_WARN] >= 0) || + (rstn_data->counter[STC_RSTN_LIMIT_TYPE_MONTHLY] == 0 && + rstn_data->limit[STC_RSTN_LIMIT_TYPE_MONTHLY] >= 0) || + (rstn_data->counter[STC_RSTN_LIMIT_TYPE_WEEKLY] == 0 && + rstn_data->limit[STC_RSTN_LIMIT_TYPE_WEEKLY] >= 0) || + (rstn_data->counter[STC_RSTN_LIMIT_TYPE_DAILY] == 0 && + rstn_data->limit[STC_RSTN_LIMIT_TYPE_DAILY] >= 0)) { + table_counters_info info; + memset(&info, 0, sizeof(table_counters_info)); + table_counters_get(rstn_data->restriction_id, &info); + + rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA] = info.data_counter; + rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA_WARN] = info.warn_counter; + rstn_data->counter[STC_RSTN_LIMIT_TYPE_MONTHLY] = info.monthly_counter; + rstn_data->counter[STC_RSTN_LIMIT_TYPE_WEEKLY] = info.weekly_counter; + rstn_data->counter[STC_RSTN_LIMIT_TYPE_DAILY] = info.daily_counter; } - } - stc_monitor_set_rstns_updated(TRUE); - __print_rstn(rstn_data); - break; - default: - STC_LOGE("Unknown iotype"); + for (i = 0; i < STC_RSTN_LIMIT_TYPE_MAX; i++) { + if (rstn_data->limit[i] >= 0 && + !(rstn_data->limit_notified & (1 << i))) { + rstn_data->counter[i] += context->bytes; + if (rstn_data->limit[i] <= rstn_data->counter[i]) + stc_monitor_rstn_action_when_limit_exceeded(i, + rstn_data, + context); + } + } + + stc_monitor_set_rstns_updated(TRUE); + __print_rstn(rstn_data); + break; + default: + STC_LOGE("Unknown iotype"); + } } } @@ -1351,7 +1384,7 @@ void stc_monitor_rstn_add_for_app(uint32_t classid) g_slist_foreach(lookup_value->rules, __rstn_add, NULL); } -void stc_monitor_rstn_add_by_connection(default_connection_s *conn) +void stc_monitor_rstn_add_by_connection(stc_connection_s *conn) { GHashTable *rstns = stc_monitor_get_system_rstns(); @@ -1402,7 +1435,7 @@ void stc_monitor_rstn_remove_for_app(uint32_t classid) g_slist_foreach(lookup_value->rules, __rstn_remove, NULL); } -void stc_monitor_rstn_remove_by_connection(default_connection_s *conn) +void stc_monitor_rstn_remove_by_connection(stc_connection_s *conn) { GHashTable *rstns = stc_monitor_get_system_rstns(); diff --git a/src/monitor/stc-monitor.c b/src/monitor/stc-monitor.c index 5d60749..0bfc5a5 100644 --- a/src/monitor/stc-monitor.c +++ b/src/monitor/stc-monitor.c @@ -18,7 +18,7 @@ #include #include -#include "stc-default-connection.h" +#include "stc-connection.h" #include "helper-nl.h" #include "helper-nfacct-rule.h" #include "helper-net-cls.h" @@ -534,37 +534,38 @@ gboolean stc_monitor_get_background_state(void) return g_system->background_state; } -void stc_monitor_update_by_default_connection(void *data) +void stc_monitor_update_by_connection(void *data) { - static default_connection_s old_connection; - default_connection_s *new_connection = (default_connection_s *)data; + stc_connection_s *connection = (stc_connection_s *)data; - if (old_connection.path != NULL) { - stc_monitor_app_remove_by_connection(&old_connection); - stc_monitor_rstn_remove_by_connection(&old_connection); + if (connection != NULL && connection->path != NULL) { + stc_monitor_app_remove_by_connection(connection); + stc_monitor_rstn_remove_by_connection(connection); iptables_flush_chains(); + + stc_monitor_app_add_by_connection(connection); + stc_monitor_rstn_add_by_connection(connection); } +} + +void stc_monitor_add_by_connection(void *data) +{ + stc_connection_s *connection = (stc_connection_s *)data; + + if (connection != NULL && connection->path != NULL) { + stc_monitor_app_add_by_connection(connection); + stc_monitor_rstn_add_by_connection(connection); + } +} + +void stc_monitor_remove_by_connection(void *data) +{ + stc_connection_s *connection = (stc_connection_s *)data; - FREE(old_connection.path); - FREE(old_connection.ifname); - FREE(old_connection.tether_iface.ifname); - old_connection.type = 0; - old_connection.roaming = 0; - old_connection.tether_state = FALSE; - old_connection.tether_iface.type = 0; - - if (new_connection != NULL && new_connection->path != NULL) { - stc_monitor_app_add_by_connection(new_connection); - stc_monitor_rstn_add_by_connection(new_connection); - - old_connection.path = g_strdup(new_connection->path); - old_connection.ifname = g_strdup(new_connection->ifname); - old_connection.tether_iface.ifname = g_strdup(new_connection->tether_iface.ifname); - old_connection.type = new_connection->type; - old_connection.roaming = new_connection->roaming; - old_connection.tether_state = new_connection->tether_state; - old_connection.tether_iface.type = new_connection->tether_iface.type; + if (connection != NULL && connection->path != NULL) { + stc_monitor_app_remove_by_connection(connection); + stc_monitor_rstn_remove_by_connection(connection); } } diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 2e5803c..04af66c 100644 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -19,7 +19,7 @@ #include "stc-statistics.h" #include "stc-restriction.h" #include "stc-firewall.h" -#include "stc-default-connection.h" +#include "stc-connection.h" #include "stc-manager-util.h" #include "stc-manager-plugin-appstatus.h" #include "stc-manager-plugin-procfs.h" @@ -306,7 +306,7 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, stc->connection); iptables_init(); - stc_default_connection_monitor_init(stc); + stc_connection_monitor_init(stc); stc_plugin_appstatus_register_state_changed_cb(stc, stc_plugin_procfs_app_status_changed, NULL); @@ -353,7 +353,7 @@ void stc_manager_gdbus_deinit(gpointer stc_data) stc_s *stc = (stc_s *)stc_data; stc_plugin_appstatus_deregister_state_changed_cb(stc); - stc_default_connection_monitor_deinit(stc); + stc_connection_monitor_deinit(stc); g_bus_unown_name(stc->gdbus_owner_id); -- 2.7.4 From a2c192c02c7ff20e4723a78fba4b04ffd14d8235 Mon Sep 17 00:00:00 2001 From: Milind Murhekar Date: Tue, 13 Nov 2018 16:37:39 +0530 Subject: [PATCH 05/16] [Fix] Use localtime_r() instead of localtime() Description: This patch fixes the DF180802-00044 issue. Change-Id: I0eb1ea1c6da97923993a9a5a6d99b67b2c5e6bde Signed-off-by: Milind Murhekar --- src/monitor/stc-time.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/monitor/stc-time.c b/src/monitor/stc-time.c index 750b43d..81e7a0f 100644 --- a/src/monitor/stc-time.c +++ b/src/monitor/stc-time.c @@ -22,15 +22,16 @@ time_t stc_time_get_day_start(time_t now) { - struct tm *curr; + struct tm curr; + struct tm *res; - curr = localtime(&now); + res = localtime_r(&now, &curr); - curr->tm_sec = 0; - curr->tm_min = 0; - curr->tm_hour = 0; + curr.tm_sec = 0; + curr.tm_min = 0; + curr.tm_hour = 0; - return mktime(curr); + return mktime(&curr); } time_t stc_time_get_week_start(time_t now) -- 2.7.4 From 98ee36e3589be61365fc85d1204a8427580b9832 Mon Sep 17 00:00:00 2001 From: Milind Murhekar Date: Tue, 13 Nov 2018 16:55:29 +0530 Subject: [PATCH 06/16] [Fix] Use localtime_r() instead of localtime() Description: This patch fixes the DF180802-00045 issue. Change-Id: I78529e672a2f9504168ed98069d8f00b1ededbcc Signed-off-by: Milind Murhekar --- src/monitor/stc-time.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/src/monitor/stc-time.c b/src/monitor/stc-time.c index 81e7a0f..1f30f96 100644 --- a/src/monitor/stc-time.c +++ b/src/monitor/stc-time.c @@ -36,21 +36,22 @@ time_t stc_time_get_day_start(time_t now) time_t stc_time_get_week_start(time_t now) { - struct tm *curr; + struct tm curr; + struct tm *res; int days; - curr = localtime(&now); + res = localtime_r(&now, &curr); - curr->tm_sec = 0; - curr->tm_min = 0; - curr->tm_hour = 0; + curr.tm_sec = 0; + curr.tm_min = 0; + curr.tm_hour = 0; - if (curr->tm_wday > 1) - days = curr->tm_wday - 1; + if (curr.tm_wday > 1) + days = curr.tm_wday - 1; else - days = 1 - curr->tm_wday; + days = 1 - curr.tm_wday; - return (mktime(curr) - (days * SEC_IN_DAY)); + return (mktime(&curr) - (days * SEC_IN_DAY)); } time_t stc_time_get_month_start(time_t now, int month_start_date) -- 2.7.4 From 247145756dbfa5ff532747b93ace67ae66e1a7ff Mon Sep 17 00:00:00 2001 From: Milind Murhekar Date: Tue, 13 Nov 2018 19:00:11 +0530 Subject: [PATCH 07/16] [Fix] Use localtime_r() instead of localtime() Description: This patch fixes the DF180802-00046 issue. Change-Id: Ic2c784e4369deefc8ad74a3616c54da90b289c0f Signed-off-by: Milind Murhekar --- src/monitor/stc-time.c | 49 +++++++++++++++++++++++++------------------------ 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/src/monitor/stc-time.c b/src/monitor/stc-time.c index 1f30f96..e0f86e0 100644 --- a/src/monitor/stc-time.c +++ b/src/monitor/stc-time.c @@ -56,51 +56,52 @@ time_t stc_time_get_week_start(time_t now) time_t stc_time_get_month_start(time_t now, int month_start_date) { - struct tm *curr; + struct tm curr; + struct tm *res; bool is_leap_year; - curr = localtime(&now); + res = localtime_r(&now, &curr); - curr->tm_sec = 0; - curr->tm_min = 0; - curr->tm_hour = 0; + curr.tm_sec = 0; + curr.tm_min = 0; + curr.tm_hour = 0; - if (curr->tm_mday < month_start_date) { - curr->tm_mon--; - if (curr->tm_mon < 0) { - curr->tm_mon = 11; - curr->tm_year--; + if (curr.tm_mday < month_start_date) { + curr.tm_mon--; + if (curr.tm_mon < 0) { + curr.tm_mon = 11; + curr.tm_year--; } } - is_leap_year = ((curr->tm_year + 1900) % 4 ? 0 : 1); - curr->tm_mday = month_start_date; + is_leap_year = ((curr.tm_year + 1900) % 4 ? 0 : 1); + curr.tm_mday = month_start_date; switch (month_start_date) { case 29: case 30: - if (curr->tm_mon == 1 && !is_leap_year) - curr->tm_mday = 28; + if (curr.tm_mon == 1 && !is_leap_year) + curr.tm_mday = 28; - else if (curr->tm_mon == 1 && is_leap_year) - curr->tm_mday = 29; + else if (curr.tm_mon == 1 && is_leap_year) + curr.tm_mday = 29; break; case 31: - if (curr->tm_mon == 1 && !is_leap_year) - curr->tm_mday = 28; + if (curr.tm_mon == 1 && !is_leap_year) + curr.tm_mday = 28; - else if (curr->tm_mon == 1 && is_leap_year) - curr->tm_mday = 29; + else if (curr.tm_mon == 1 && is_leap_year) + curr.tm_mday = 29; - else if (curr->tm_mon == 3 || curr->tm_mon == 5 || - curr->tm_mon == 8 || curr->tm_mon == 10) - curr->tm_mday = 30; + else if (curr.tm_mon == 3 || curr.tm_mon == 5 || + curr.tm_mon == 8 || curr.tm_mon == 10) + curr.tm_mday = 30; break; default: ;//Do Nothing }; - return mktime(curr); + return mktime(&curr); } -- 2.7.4 From dbf7a02303855eb95261a0d568955e7948e1f939 Mon Sep 17 00:00:00 2001 From: Lokesh Date: Wed, 14 Nov 2018 11:08:41 +0530 Subject: [PATCH 08/16] Fix for 4 Svace issues. Added /* fall through */ comments, as there was no break statement at the end of case. Change-Id: I30fa2b77c21853abf1def469a6ba467f8b1e83a7 Signed-off-by: Lokesh --- src/stc-firewall.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/stc-firewall.c b/src/stc-firewall.c index ec1f674..ff2b704 100755 --- a/src/stc-firewall.c +++ b/src/stc-firewall.c @@ -451,6 +451,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) switch (rule->s_ip_type) { case STC_FW_IP_RANGE: + /* fall through */ case STC_FW_IP_MASK: addr = g_try_malloc0(INET_ADDRSTRLEN); if (addr) { @@ -459,6 +460,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) g_variant_new_string(addr)); FREE(addr); } + /* fall through */ case STC_FW_IP_SINGLE: addr = g_try_malloc0(INET_ADDRSTRLEN); if (addr) { @@ -474,6 +476,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) switch (rule->d_ip_type) { case STC_FW_IP_RANGE: + /* fall through */ case STC_FW_IP_MASK: addr = g_try_malloc0(INET_ADDRSTRLEN); if (addr) { @@ -482,6 +485,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) g_variant_new_string(addr)); FREE(addr); } + /* fall through */ case STC_FW_IP_SINGLE: addr = g_try_malloc0(INET_ADDRSTRLEN); if (addr) { @@ -499,6 +503,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) switch (rule->s_ip_type) { case STC_FW_IP_RANGE: + /* fall through */ case STC_FW_IP_MASK: addr = g_try_malloc0(INET6_ADDRSTRLEN); if (addr) { @@ -507,6 +512,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) g_variant_new_string(addr)); FREE(addr); } + /* fall through */ case STC_FW_IP_SINGLE: addr = g_try_malloc0(INET6_ADDRSTRLEN); if (addr) { @@ -522,6 +528,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) switch (rule->d_ip_type) { case STC_FW_IP_RANGE: + /* fall through */ case STC_FW_IP_MASK: addr = g_try_malloc0(INET6_ADDRSTRLEN); if (addr) { @@ -530,6 +537,7 @@ static void __fw_rule_make_params(gpointer data, gpointer user_data) g_variant_new_string(addr)); FREE(addr); } + /* fall through */ case STC_FW_IP_SINGLE: addr = g_try_malloc0(INET6_ADDRSTRLEN); if (addr) { -- 2.7.4 From 2016a6835480c5df055a9a1ce2a37ed35c245af7 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 19 Nov 2018 16:17:35 +0900 Subject: [PATCH 09/16] Remove dereference after null check and dead code Change-Id: Ie646658cdfb4cb2443161329f48087a0445d559b Signed-off-by: hyunuktak --- src/helper/helper-file.c | 11 ++++------- src/helper/helper-nfacct-rule.c | 18 ++++++------------ src/monitor/stc-monitor-app.c | 3 +++ src/monitor/stc-monitor-rstn.c | 6 ++++++ 4 files changed, 19 insertions(+), 19 deletions(-) mode change 100644 => 100755 src/helper/helper-file.c mode change 100644 => 100755 src/helper/helper-nfacct-rule.c diff --git a/src/helper/helper-file.c b/src/helper/helper-file.c old mode 100644 new mode 100755 index 73b93bd..636ef5d --- a/src/helper/helper-file.c +++ b/src/helper/helper-file.c @@ -24,17 +24,14 @@ int fwrite_str(const char *path, const char *str) _cleanup_fclose_ FILE *f = NULL; int ret; char * t; - struct stat stat_buf; assert(path); assert(str); - if (stat(path, &stat_buf) == 0) { - t = realpath(path, NULL); - ret_value_errno_msg_if(!t, -errno, - "Fail to get realpath %s", path); - free(t); - } + t = realpath(path, NULL); + ret_value_errno_msg_if(!t, -errno, + "Fail to get realpath %s", path); + free(t); f = fopen(path, "w"); ret_value_errno_msg_if(!f, -errno, diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c old mode 100644 new mode 100755 index 4a80fca..fbe17ca --- a/src/helper/helper-nfacct-rule.c +++ b/src/helper/helper-nfacct-rule.c @@ -425,12 +425,9 @@ static char *get_iptables_chain(uint32_t classid, if (iotype == NFACCT_COUNTER_IN) { if (intend == NFACCT_COUNTER || intend == NFACCT_TETH_COUNTER) { - if (app_state == STC_APP_STATE_FOREGROUND) { - if (intend == NFACCT_ALLOW) - return STC_IN_ACCEPT_CHAIN; - else - return STC_IN_FG_CHAIN; - } else + if (app_state == STC_APP_STATE_FOREGROUND) + return STC_IN_FG_CHAIN; + else return STC_IN_BG_CHAIN; } else if (intend == NFACCT_ALLOW || intend == NFACCT_TETH_ALLOW) { @@ -444,12 +441,9 @@ static char *get_iptables_chain(uint32_t classid, } else if (iotype == NFACCT_COUNTER_OUT) { if (intend == NFACCT_COUNTER || intend == NFACCT_TETH_COUNTER) { - if (app_state == STC_APP_STATE_FOREGROUND) { - if (intend == NFACCT_ALLOW) - return STC_OUT_ACCEPT_CHAIN; - else - return STC_OUT_FG_CHAIN; - } else + if (app_state == STC_APP_STATE_FOREGROUND) + return STC_OUT_FG_CHAIN; + else return STC_OUT_BG_CHAIN; } else if (intend == NFACCT_ALLOW || intend == NFACCT_TETH_ALLOW) { diff --git a/src/monitor/stc-monitor-app.c b/src/monitor/stc-monitor-app.c index 6441593..96d602a 100644 --- a/src/monitor/stc-monitor-app.c +++ b/src/monitor/stc-monitor-app.c @@ -56,6 +56,9 @@ static void __app_update_statistics(gpointer key, memset(&stat_key, 0, sizeof(stc_db_classid_iftype_key)); memset(&stat, 0 , sizeof(stc_db_app_stats)); + if (conn == NULL) + return; + /* Do not update statistics for Tethering * if tethering is in-active found */ if (conn && conn->tether_state == FALSE && diff --git a/src/monitor/stc-monitor-rstn.c b/src/monitor/stc-monitor-rstn.c index ce3fa63..f28de3c 100644 --- a/src/monitor/stc-monitor-rstn.c +++ b/src/monitor/stc-monitor-rstn.c @@ -212,6 +212,9 @@ static void __rstn_add_ipt_rule(int64_t classid, nfacct_rule_intend intend, for (; conn_list != NULL; conn_list = conn_list->next) { stc_connection_s *conn = conn_list->data; + if (conn == NULL) + return; + if (!stc->carg) { stc->carg = MALLOC0(counter_arg_s, 1); if (stc->carg == NULL) @@ -258,6 +261,9 @@ static void __rstn_del_ipt_rule(int64_t classid, nfacct_rule_intend intend, for (; conn_list != NULL; conn_list = conn_list->next) { stc_connection_s *conn = conn_list->data; + if (conn == NULL) + return; + if (!stc->carg) { stc->carg = MALLOC0(counter_arg_s, 1); if (stc->carg == NULL) -- 2.7.4 From e3196e55c8dc3729d65b167ef85b6de47f38e98d Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Tue, 20 Nov 2018 14:45:04 +0900 Subject: [PATCH 10/16] Remove error log for reading classid from cgroup Change-Id: Ic8783c8cd385f6932a826664ca7d7c05bfba93cc Signed-off-by: hyunuktak --- include/stc-manager-util.h | 3 ++- src/helper/helper-net-cls.c | 1 - 2 files changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 include/stc-manager-util.h mode change 100644 => 100755 src/helper/helper-net-cls.c diff --git a/include/stc-manager-util.h b/include/stc-manager-util.h old mode 100644 new mode 100755 index 2275b85..b12fff9 --- a/include/stc-manager-util.h +++ b/include/stc-manager-util.h @@ -274,7 +274,8 @@ static inline bool strstart_with(const char *str, const char *with) #define ret_value_errno_msg_if(expr, val, fmt, arg...) do { \ if (expr) { \ - STC_LOGE(fmt, ##arg); \ + if (STC_DEBUG_LOG) \ + STC_LOGE(fmt, ##arg); \ return val; \ } \ } while (0) diff --git a/src/helper/helper-net-cls.c b/src/helper/helper-net-cls.c old mode 100644 new mode 100755 index faa5942..3f460f7 --- a/src/helper/helper-net-cls.c +++ b/src/helper/helper-net-cls.c @@ -80,7 +80,6 @@ static stc_error_e __get_classid_from_cgroup(const char *cgroup, int ret = cgroup_read_node_uint32(buf, CLASSID_FILE_NAME, classid); if (ret < 0) { - STC_LOGE("Can't read classid from cgroup %s", buf); //LCOV_EXCL_LINE *classid = STC_UNKNOWN_CLASSID; return STC_ERROR_NO_DATA; } -- 2.7.4 From d85602243bc6bc9d6e2e8fa84aab0303dc842d59 Mon Sep 17 00:00:00 2001 From: Nishant Chaprana Date: Mon, 26 Nov 2018 19:24:41 +0530 Subject: [PATCH 11/16] [TV Profile] Disabled default connection monitor and procfs monitor. Change-Id: Ic0ab9a4d5472b1b436f6c33a312d36bbdbe83634 Signed-off-by: Nishant Chaprana --- packaging/stc-manager.spec | 2 +- src/stc-manager-gdbus.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index 9f4e7bd..b4a267a 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.81 +Version: 0.0.82 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 04af66c..b265c80 100644 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -306,10 +306,12 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, stc->connection); iptables_init(); +#ifndef TIZEN_TV_EXT stc_connection_monitor_init(stc); stc_plugin_appstatus_register_state_changed_cb(stc, stc_plugin_procfs_app_status_changed, NULL); +#endif __STC_LOG_FUNC_EXIT__; } -- 2.7.4 From 0b23a20ddb9cebc70d966936a54f5b1082ea38b7 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Tue, 20 Nov 2018 17:44:09 +0900 Subject: [PATCH 12/16] Add packet capture functions Change-Id: I287425157c7ca377a585e8b11e502a29c7b189b6 Signed-off-by: hyunuktak --- include/stc-manager-gdbus.h | 1 + include/stc-manager-plugin-pcap.h | 35 + include/stc-manager.h | 1 + include/stc-pcap.h | 50 ++ interfaces/CMakeLists.txt | 1 + interfaces/stcmanager-iface-pcap.xml | 12 + packaging/stc-manager.spec | 11 + plugin/CMakeLists.txt | 1 + plugin/pcap/CMakeLists.txt | 36 + plugin/pcap/include/stc-plugin-pcap.h | 225 ++++++ plugin/pcap/stc-plugin-pcap.c | 1329 +++++++++++++++++++++++++++++++++ src/CMakeLists.txt | 2 + src/stc-manager-gdbus.c | 46 ++ src/stc-manager-plugin-pcap.c | 171 +++++ src/stc-manager.c | 3 + src/stc-pcap.c | 160 ++++ 16 files changed, 2084 insertions(+) mode change 100644 => 100755 include/stc-manager-gdbus.h create mode 100755 include/stc-manager-plugin-pcap.h mode change 100644 => 100755 include/stc-manager.h create mode 100755 include/stc-pcap.h create mode 100644 interfaces/stcmanager-iface-pcap.xml create mode 100644 plugin/pcap/CMakeLists.txt create mode 100755 plugin/pcap/include/stc-plugin-pcap.h create mode 100755 plugin/pcap/stc-plugin-pcap.c mode change 100644 => 100755 src/stc-manager-gdbus.c create mode 100644 src/stc-manager-plugin-pcap.c mode change 100644 => 100755 src/stc-manager.c create mode 100755 src/stc-pcap.c diff --git a/include/stc-manager-gdbus.h b/include/stc-manager-gdbus.h old mode 100644 new mode 100755 index 860b766..263077d --- a/include/stc-manager-gdbus.h +++ b/include/stc-manager-gdbus.h @@ -26,6 +26,7 @@ #define STC_DBUS_SERVICE_STATISTICS_PATH "/net/stc/statistics" #define STC_DBUS_SERVICE_RESTRICTION_PATH "/net/stc/restriction" #define STC_DBUS_SERVICE_FIREWALL_PATH "/net/stc/firewall" +#define STC_DBUS_SERVICE_PCAP_PATH "/net/stc/pcap" #define STC_DBUS_SERVICE_MANAGER_PATH "/net/stc/manager" #define STC_DBUS_REPLY_ERROR_NONE(invocation) \ diff --git a/include/stc-manager-plugin-pcap.h b/include/stc-manager-plugin-pcap.h new file mode 100755 index 0000000..728004f --- /dev/null +++ b/include/stc-manager-plugin-pcap.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_MANAGER_PLUGIN_PCAP_H__ +#define __STC_MANAGER_PLUGIN_PCAP_H__ + +#define STC_PLUGIN_PCAP_FILEPATH "/usr/lib/stc-plugin-pcap.so" + +#include "stc-plugin-pcap.h" + +int stc_plugin_pcap_init(void); +int stc_plugin_pcap_deinit(void); + +int stc_plugin_pcap_lookup_dev(void); +int stc_plugin_pcap_lookup_net(void); +int stc_plugin_pcap_find_alldevs(void); +int stc_plugin_pcap_register_loop_pcap(const char *ifname, + int group); +int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, + int group); + +#endif /* __STC_MANAGER_PLUGIN_PROCFS_H__ */ diff --git a/include/stc-manager.h b/include/stc-manager.h old mode 100644 new mode 100755 index d1f4d93..fabbbb1 --- a/include/stc-manager.h +++ b/include/stc-manager.h @@ -236,6 +236,7 @@ typedef struct { gpointer statistics_obj; gpointer restriction_obj; gpointer firewall_obj; + gpointer pcap_obj; gpointer manager_obj; GDBusObjectManagerServer *obj_mgr; diff --git a/include/stc-pcap.h b/include/stc-pcap.h new file mode 100755 index 0000000..d99d450 --- /dev/null +++ b/include/stc-pcap.h @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_PCAP_H__ +#define __STC_PCAP_H__ + +#include +#include "stc-manager.h" +#include "stc-manager-gdbus.h" + +/***************************************************************************** + * Macros and Typedefs + *****************************************************************************/ + +#define STC_PCAP_IFNAME "ifname" +#define STC_PCAP_NFLOG_GROUP "nflog_group" + +typedef struct { + char *ifname; + int nflog_group; +} stc_pcap_s; + +/***************************************************************************** + * Functions Declaration + *****************************************************************************/ + +gboolean handle_pcap_start(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data); + +gboolean handle_pcap_stop(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data); + +#endif /* __STC_PCAP_H__ */ diff --git a/interfaces/CMakeLists.txt b/interfaces/CMakeLists.txt index 8f03ebf..dc26fa1 100644 --- a/interfaces/CMakeLists.txt +++ b/interfaces/CMakeLists.txt @@ -10,6 +10,7 @@ ADD_CUSTOM_COMMAND( ${INTERFACES}/stcmanager-iface-restriction.xml ${INTERFACES}/stcmanager-iface-statistics.xml ${INTERFACES}/stcmanager-iface-firewall.xml + ${INTERFACES}/stcmanager-iface-pcap.xml COMMENT "Generating GDBus .c/.h") ADD_CUSTOM_TARGET(GENERATED_DBUS_CODE DEPENDS dbus) diff --git a/interfaces/stcmanager-iface-pcap.xml b/interfaces/stcmanager-iface-pcap.xml new file mode 100644 index 0000000..4320ab6 --- /dev/null +++ b/interfaces/stcmanager-iface-pcap.xml @@ -0,0 +1,12 @@ + + + + + + + + + + + + diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index b4a267a..b14ee3f 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -57,6 +57,13 @@ Summary: STC manager exception proc file system plugin %description plugin-procfs A smart traffic control manager extension for proc file system plugin +%package plugin-pcap +Summary: STC manager exception packet capture plugin +BuildRequires: libpcap-devel + +%description plugin-pcap +A smart traffic control manager extension for packet capture plugin + %package plugin-tether Summary: Tethering plugin for data usage of tethering clients @@ -154,6 +161,10 @@ cp resources/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/st %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-procfs.so +%files plugin-pcap +%manifest %{name}.manifest +%attr(500,root,root) %{_libdir}/stc-plugin-pcap.so + %files plugin-tether %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-tether.so diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index e591d7a..04c53b8 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -18,4 +18,5 @@ INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) ADD_SUBDIRECTORY(appstatus) ADD_SUBDIRECTORY(exception) ADD_SUBDIRECTORY(procfs) +ADD_SUBDIRECTORY(pcap) ADD_SUBDIRECTORY(tether) diff --git a/plugin/pcap/CMakeLists.txt b/plugin/pcap/CMakeLists.txt new file mode 100644 index 0000000..be4b022 --- /dev/null +++ b/plugin/pcap/CMakeLists.txt @@ -0,0 +1,36 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) +PROJECT(stc-plugin-pcap C) + +# Set required packages +INCLUDE(FindPkgConfig) +PKG_CHECK_MODULES(pcap_plugin REQUIRED + dlog + gio-2.0 + gio-unix-2.0 + glib-2.0 + ) + +FOREACH(flag ${pcap_plugin_CFLAGS}) + SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") +ENDFOREACH(flag) + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) + +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") +SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") +SET(CMAKE_C_FLAGS_RELEASE "-O2") + +ADD_DEFINITIONS("-DUSE_DLOG") + +SET(SRCS_PLUGIN + stc-plugin-pcap.c + ) + +# library build +ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS_PLUGIN}) +ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${pcap_plugin_LDFLAGS} -lpcap) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "" OUTPUT_NAME ${PROJECT_NAME}) + +# install +INSTALL(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${LIBDIR}) diff --git a/plugin/pcap/include/stc-plugin-pcap.h b/plugin/pcap/include/stc-plugin-pcap.h new file mode 100755 index 0000000..a2b8c34 --- /dev/null +++ b/plugin/pcap/include/stc-plugin-pcap.h @@ -0,0 +1,225 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_PLUGIN_PCAP_H__ +#define __STC_PLUGIN_PCAP_H__ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "stc-error.h" +#include "stc-manager.h" + +#define BUFF_SIZE_IP 16 +#define BUFF_SIZE_IP6 46 +#define BUFF_SIZE_HOST 32 +#define BUFF_SIZE_ID 64 +#define BUFF_SIZE_TIME 64 +#define BUFF_SIZE_NAME 256 + +#define PORT_FTP_DATA 20 +#define PORT_FTP_CTL 21 +#define PORT_SMTP 25 +#define PORT_DNS 53 +#define PORT_BOOTP_S 67 +#define PORT_BOOTP_C 68 +#define PORT_HTTP 80 +#define PORT_NTP 123 +#define PORT_HTTPS 443 +#define PORT_SMTP_MSG 587 + +#define ARP_REQUEST 1 +#define ARP_REPLY 2 +#define ARP_RREQUEST 3 +#define ARP_RREPLY 4 + +#define BOOTP_REQUEST 1 +#define BOOTP_REPLY 2 + +#define BOOTP_CHADDR_LEN 16 +#define BOOTP_SNAME_LEN 64 +#define BOOTP_FILE_LEN 128 +#define BOOTP_MOPTION_LEN 60 + +#define BOOTP_MAGIC_DHCP 0x63825363 + +#define DHCP_TAG_SUBNET_MASK 1 +#define DHCP_TAG_ROUTER 3 +#define DHCP_TAG_DNS 6 +#define DHCP_TAG_HOST_NAME 12 +#define DHCP_TAG_REQUESTED_IP 50 +#define DHCP_TAG_IP_LEASE_TIME 51 +#define DHCP_TAG_MSG_TYPE 53 +#define DHCP_TAG_SERVER_ID 54 +#define DHCP_TAG_MSG_SIZE 57 +#define DHCP_TAG_CLIENT_ID 61 +#define DHCP_TAG_END 255 + +#define DHCP_MSG_TYPE_DISCOVER 1 +#define DHCP_MSG_TYPE_OFFER 2 +#define DHCP_MSG_TYPE_REQUEST 3 +#define DHCP_MSG_TYPE_DECLINE 4 +#define DHCP_MSG_TYPE_ACK 5 +#define DHCP_MSG_TYPE_NAK 6 +#define DHCP_MSG_TYPE_RELEASE 7 +#define DHCP_MSG_TYPE_INFORM 8 + +#define DHCP_CLIENT_ID_ETHERNET 1 +#define DHCP_CLIENT_ID_IEEE802 2 +#define DHCP_CLIENT_ID_ARCNET 7 +#define DHCP_CLIENT_ID_LOCALTALK 11 +#define DHCP_CLIENT_ID_LOCALNET 12 +#define DHCP_CLIENT_ID_SMDS 14 +#define DHCP_CLIENT_ID_FRAMERELAY 15 +#define DHCP_CLIENT_ID_ATM1 16 +#define DHCP_CLIENT_ID_HDLC 17 +#define DHCP_CLIENT_ID_FIBRECHANNEL 18 +#define DHCP_CLIENT_ID_ATM2 19 +#define DHCP_CLIENT_ID_SERIALLINE 20 + +#define NTP_STRATUM_UNSPECIFIED 0 +#define NTP_STRATUM_PRIM_REF 1 +#define NTP_STRATUM_INFO_QUERY 62 +#define NTP_STRATUM_INFO_REPLY 63 + +#define NTP_JAN_1970 2208988800U /* 1970 - 1900 in seconds */ + +#define DNS_QTYPE_A 1 +#define DNS_QTYPE_CNAME 5 +#define DNS_QTYPE_AAAA 28 + +#define DNS_QCLASS_IN 1 +#define DNS_QCLASS_CHAOS 3 +#define DNS_QCLASS_HS 4 +#define DNS_QCLASS_ANY 255 + +typedef struct { + char *name; + int group; + GThread *thread; + pcap_t *handle; +} stc_pcap_data_s; + +typedef struct { + uint16_t id; + uint16_t flags; + uint16_t questions; + uint16_t answerRR; + uint16_t authorityRR; + uint16_t additionalRR; +} dns_t; + +typedef struct { + uint16_t type; + uint16_t class; +} dns_query_t; + +typedef struct { + uint16_t type; + uint16_t class; + uint16_t ttl; + uint16_t rdlen; + char rdata[]; +} dns_recode_t; + +typedef struct { + uint8_t op; /* packet opcode type */ + uint8_t htype; /* hardware addr type */ + uint8_t hlen; /* hardware addr length */ + uint8_t hops; /* gateway hops */ + uint32_t xid; /* transaction ID */ + uint16_t secs; /* seconds since boot began */ + uint16_t flags; /* flags */ + struct in_addr ciaddr; /* client IP address */ + struct in_addr yiaddr; /* 'your' IP address */ + struct in_addr siaddr; /* server IP address */ + struct in_addr giaddr; /* gateway(relay agent) IP address */ + uint8_t chaddr[BOOTP_CHADDR_LEN]; /* client hardware address */ + uint8_t sname[BOOTP_SNAME_LEN]; /* server host name */ + uint8_t file[BOOTP_FILE_LEN]; /* boot file name */ + uint32_t magic; /* must be 0x63825363 (network order) */ + uint8_t moption[BOOTP_MOPTION_LEN]; +} bootp_t; + +typedef struct { + uint16_t second; + uint16_t fraction; +} ntp_short_t; + +typedef struct { + uint32_t second; + uint32_t fraction; +} ntp_long_t; + +typedef struct { + uint8_t flags; /* Mode, version and leap indicator */ + uint8_t stratum; /* Stratum details */ + uint8_t poll; /* Maximum interval in log2 seconds */ + uint8_t precision; /* Clock precision in log2 seconds */ + ntp_short_t rootdelay; /* Root delay */ + ntp_short_t rootdisp; /* Root dispersion */ + uint32_t refid; /* Reference ID */ + ntp_long_t reftime; /* Reference timestamp */ + ntp_long_t orgtime; /* Origin timestamp */ + ntp_long_t rectime; /* Receive timestamp */ + ntp_long_t xmttime; /* Transmit timestamp */ +} ntp_t; + +typedef struct ether_header eth_t; +typedef struct ip ip_t; +typedef struct ip6_hdr ip6_t; +typedef struct arphdr arp_t; +typedef struct icmphdr icmp_t; +typedef struct tcphdr tcp_t; +typedef struct udphdr udp_t; + +#define SIZE_ETHER_HEADER sizeof(eth_t) +#define SIZE_IP_HEADER sizeof(ip_t) +#define SIZE_ARP_HEADER sizeof(arp_t) +#define SIZE_ICMP_HEADER sizeof(icmp_t) +#define SIZE_TCP_HEADER sizeof(tcp_t) +#define SIZE_UDP_HEADER sizeof(udp_t) +#define SIZE_DNS_HEADER sizeof(dns_t) + +#define IS_SRC_OR_DST_PORT(p) (source == (p) || dest == (p)) + +typedef struct { + int (*initialize_plugin) (void); + int (*deinitialize_plugin) (void); + int (*lookup_dev) (void); + int (*lookup_net) (void); + int (*find_alldevs) (void); + int (*register_loop_pcap) (const char *ifname, int group); + int (*unregister_loop_pcap) (const char *ifname, int group); +} stc_plugin_pcap_s; + +#endif /* __STC_PLUGIN_PCAP_H__ */ diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c new file mode 100755 index 0000000..8cba6bd --- /dev/null +++ b/plugin/pcap/stc-plugin-pcap.c @@ -0,0 +1,1329 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "stc-plugin-pcap.h" + +//LCOV_EXCL_START +static GHashTable *g_pcap_tables = NULL; +static bool g_pcap_start_fm = false; +static struct timeval g_pcap_tv = { 0, }; + +static void __pcap_data_free(gpointer value) +{ + stc_pcap_data_s *data = (stc_pcap_data_s *)value; + + g_thread_unref(data->thread); + + FREE(data->name); + FREE(data); +} + +/* +static void __pcap_data_info(const u_char *packet, int len) +{ + GString *data; + + data = g_string_sized_new(len); + if (data == NULL) + return; + + while(len--) + g_string_append_printf(data, "%02x", *(packet++)); + + STC_LOGD("[%s]", g_string_free(data, FALSE)); +} +*/ + +static void __pcap_ntp_time_info(uint32_t s, char *time) +{ + time_t seconds; + char *curr = NULL; + int len = 0; + uint32_t sec = ntohl(s); + + if (sec) { + seconds = sec - NTP_JAN_1970; + curr = ctime(&seconds); + len = strlen(curr); + curr[len - 1] = '\0'; + + snprintf(time, len, "%s", curr); + } else { + snprintf(time, 10, "00:00:00"); + } +} + +static void __pcap_ntp_refid_info(ntp_t *ntp_h, char *refid) +{ + switch (ntp_h->stratum) { + case NTP_STRATUM_UNSPECIFIED: + snprintf(refid, BUFF_SIZE_ID, "%s", "(unspec)"); + break; + case NTP_STRATUM_PRIM_REF: + snprintf(refid, BUFF_SIZE_ID, "%s", "(prim_ref)"); + break; + case NTP_STRATUM_INFO_QUERY: + snprintf(refid, BUFF_SIZE_ID, "%s INFO_QEURY", + inet_ntoa(*((struct in_addr *)&ntp_h->refid))); + break; + case NTP_STRATUM_INFO_REPLY: + snprintf(refid, BUFF_SIZE_ID, "%s INFO_REPLY", + inet_ntoa(*((struct in_addr *)&ntp_h->refid))); + break; + default: + snprintf(refid, BUFF_SIZE_ID, "%s", + inet_ntoa(*((struct in_addr *)&ntp_h->refid))); + break; + } +} + +static uint16_t __pcap_ntp_fraction_info(uint16_t f) +{ + uint16_t fraction; + double ff; + + ff = ntohs(f) / 65536.0; + fraction = (uint16_t)(ff * 1000000.0); + + return fraction; +} + +static void __pcap_ntp_info(const u_char *packet) +{ + ntp_t *ntp_h = (ntp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + char refid[BUFF_SIZE_ID]; + char reftime[BUFF_SIZE_TIME]; + char orgtime[BUFF_SIZE_TIME]; + char rectime[BUFF_SIZE_TIME]; + char xmttime[BUFF_SIZE_TIME]; + + __pcap_ntp_refid_info(ntp_h, refid); + __pcap_ntp_time_info(ntp_h->reftime.second, reftime); + __pcap_ntp_time_info(ntp_h->orgtime.second, orgtime); + __pcap_ntp_time_info(ntp_h->rectime.second, rectime); + __pcap_ntp_time_info(ntp_h->xmttime.second, xmttime); + + STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " + "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", + ntp_h->flags, ntp_h->stratum, ntp_h->poll, + ntp_h->precision, 1 << ntp_h->precision, + ntohs(ntp_h->rootdelay.second), + __pcap_ntp_fraction_info(ntp_h->rootdelay.fraction), + ntohs(ntp_h->rootdisp.second), + __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), + refid); + + STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", + reftime, orgtime, rectime, xmttime); +} + +static const char *__pcap_dhcp_client_id_info(uint8_t data) +{ + char *info = NULL; + + switch (data) { + case DHCP_CLIENT_ID_ETHERNET: + info = "Ethernet"; + break; + case DHCP_CLIENT_ID_IEEE802: + info = "IEEE 802 Networks"; + break; + case DHCP_CLIENT_ID_ARCNET: + info = "ARCNET"; + break; + case DHCP_CLIENT_ID_LOCALTALK: + info = "LocalTalk"; + break; + case DHCP_CLIENT_ID_LOCALNET: + info = "LocalNet"; + break; + case DHCP_CLIENT_ID_SMDS: + info = "SMDS"; + break; + case DHCP_CLIENT_ID_FRAMERELAY: + info = "Frame Relay"; + break; + case DHCP_CLIENT_ID_ATM1: + info = "ATM(Async Transfer Mode)"; + break; + case DHCP_CLIENT_ID_HDLC: + info = "HDLC"; + break; + case DHCP_CLIENT_ID_FIBRECHANNEL: + info = "Fibre Channel"; + break; + case DHCP_CLIENT_ID_ATM2: + info = "ATM(Async Transfer Mode)"; + break; + case DHCP_CLIENT_ID_SERIALLINE: + info = "Serial Line"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static const char *__pcap_dhcp_msg_type_info(uint8_t type) +{ + char *info = NULL; + + switch (type) { + case DHCP_MSG_TYPE_DISCOVER: + info = "Discover"; + break; + case DHCP_MSG_TYPE_OFFER: + info = "Offer"; + break; + case DHCP_MSG_TYPE_REQUEST: + info = "Request"; + break; + case DHCP_MSG_TYPE_DECLINE: + info = "Decline"; + break; + case DHCP_MSG_TYPE_ACK: + info = "ACK"; + break; + case DHCP_MSG_TYPE_NAK: + info = "NAK"; + break; + case DHCP_MSG_TYPE_RELEASE: + info = "Release"; + break; + case DHCP_MSG_TYPE_INFORM: + info = "Inform"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_bootp_magic_info(uint32_t magic, + uint8_t *moption, u_int16_t len) +{ + if (ntohl(magic) == BOOTP_MAGIC_DHCP) { + char buf[BOOTP_MOPTION_LEN]; + uint8_t *opt = moption; + + STC_LOGD("Magic cookie[DHCP]"); + + while(len > 0) { + uint8_t tag = opt[0]; + uint8_t length = opt[1]; + uint8_t *data = &opt[2]; + char addr[BUFF_SIZE_IP]; + char host[BUFF_SIZE_HOST]; + + switch (tag) { + case DHCP_TAG_SUBNET_MASK: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Subnet mask[%s]", addr); + break; + case DHCP_TAG_ROUTER: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Router[%s]", addr); + break; + case DHCP_TAG_DNS: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Domain name server[%s]", addr); + break; + case DHCP_TAG_HOST_NAME: + snprintf(buf, ((length < BOOTP_MOPTION_LEN) ? + (length + 1) : BOOTP_MOPTION_LEN), "%s", (char *)data); + STC_LOGD("Host name[%s]", buf); + break; + case DHCP_TAG_REQUESTED_IP: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("Requested IP[%s]", addr); + break; + case DHCP_TAG_IP_LEASE_TIME: + STC_LOGD("IP address lease time[%us]", + ntohl(*(uint32_t *)data)); + break; + case DHCP_TAG_MSG_TYPE: + STC_LOGD("DHCP message type[%u:%s]", *data, + __pcap_dhcp_msg_type_info(*data)); + break; + case DHCP_TAG_SERVER_ID: + inet_ntop(AF_INET, (struct in_addr *)data, + addr, BUFF_SIZE_IP); + STC_LOGD("DHCP server identifier[%s]", addr); + break; + case DHCP_TAG_MSG_SIZE: + STC_LOGD("Maximum DHCP message size[%u]", + ntohs(*(uint16_t *)data)); + break; + case DHCP_TAG_CLIENT_ID: + STC_LOGD("Client identifier HW type[0x%02x:%s]", *data, + __pcap_dhcp_client_id_info(*data)); + if (*data == DHCP_CLIENT_ID_ETHERNET) { + g_strlcpy(host, + ether_ntoa((const struct ether_addr *)&data[1]), + sizeof(host)); + STC_LOGD("Client identifier MAC[%s]", host); + } + break; + case DHCP_TAG_END: + STC_LOGD("End"); + return; + default: + STC_LOGD("Unknown[%u]", tag); + break; + } + + opt += (2 + length); + len -= (2 + length); + } + } +} + +static const char *__pcap_bootp_op_info(uint8_t op) +{ + char *info = NULL; + + switch (op) { + case BOOTP_REQUEST: + info = "Request"; + break; + case BOOTP_REPLY: + info = "Reply"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_bootp_info(const u_char *packet) +{ + udp_t *udp_h = (udp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + bootp_t *bootp_h = (bootp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + char ciaddr[BUFF_SIZE_IP]; + char yiaddr[BUFF_SIZE_IP]; + char siaddr[BUFF_SIZE_IP]; + char giaddr[BUFF_SIZE_IP]; + char chaddr[BUFF_SIZE_HOST]; + u_int16_t len; + + inet_ntop(AF_INET, &bootp_h->ciaddr, ciaddr, BUFF_SIZE_IP); + inet_ntop(AF_INET, &bootp_h->yiaddr, yiaddr, BUFF_SIZE_IP); + inet_ntop(AF_INET, &bootp_h->siaddr, siaddr, BUFF_SIZE_IP); + inet_ntop(AF_INET, &bootp_h->giaddr, giaddr, BUFF_SIZE_IP); + + g_strlcpy(chaddr, + ether_ntoa((const struct ether_addr *)bootp_h->chaddr), + sizeof(chaddr)); + + STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " + "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", + bootp_h->op, __pcap_bootp_op_info(bootp_h->op), + bootp_h->htype, bootp_h->hlen, bootp_h->hops, + ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); + + STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " + "Relay agent[%s] Client MAC[%s]", + ciaddr, yiaddr, siaddr, giaddr, chaddr); + + len = ntohs(udp_h->len); + __pcap_bootp_magic_info(bootp_h->magic, bootp_h->moption, len); +} + +static char *__pcap_dns_type_info(uint16_t type) +{ + char *info = NULL; + + switch (type) { + case DNS_QTYPE_A: + info = "A"; + break; + case DNS_QTYPE_CNAME: + info = "CNAME"; + break; + case DNS_QTYPE_AAAA: + info = "AAAA"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static char *__pcap_dns_class_info(uint16_t class) +{ + char *info = NULL; + + switch (class) { + case DNS_QCLASS_IN: + info = "IN"; + break; + case DNS_QCLASS_CHAOS: + info = "CHAOS"; + break; + case DNS_QCLASS_HS: + info = "HS"; + break; + case DNS_QCLASS_ANY: + info = "ANY"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static uint8_t * __pcap_dns_name_info(uint8_t *dns_h, + uint8_t *data, u_char *name) +{ + uint8_t *sec = data; + u_char *dname = name; + uint8_t *nxt = NULL; + + *name = '\0'; + while (1) { + if ((*sec & 0xC0)) { + nxt = sec + 2; + sec = (uint8_t *)dns_h + + (htons(*(uint16_t *)sec) & 0x3FFF); + } else { + if (*sec == 0) { + *dname = '\0'; + sec += 1; + break; + } + + if (dname - name + *sec + 1 > BUFF_SIZE_NAME - 1) { + *name = '\0'; + return NULL; + } + + memcpy(dname, sec + 1, *sec); + dname += *sec; + sec += *sec + 1; + *dname = '.'; + dname++; + } + } + + *(--dname) = '\0'; + + if (nxt == NULL) + nxt = sec; + + return (uint8_t *)nxt; +} + +static void __pcap_dns_data_info(const u_char *packet) +{ + dns_t *dns_h = (dns_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + + SIZE_UDP_HEADER); + uint8_t *data = (uint8_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + + SIZE_UDP_HEADER + SIZE_DNS_HEADER); + uint16_t qdcount = ntohs(dns_h->questions); + uint16_t ancount = ntohs(dns_h->answerRR); + int i = 0; + + for (i = 0; i < qdcount; ++i) { + u_char name[BUFF_SIZE_NAME]; + uint16_t type; + uint16_t class; + + if (i == 0) + STC_LOGD("[Queries]"); + + data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); + if (data == NULL) + return; + + type = ntohs(*(uint16_t *)&data[0]); + class = ntohs(*(uint16_t *)&data[2]); + + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class)); + + data += 4; + } + + for (i = 0; i < ancount; ++i) { + u_char name[BUFF_SIZE_NAME]; + u_char cname[BUFF_SIZE_NAME]; + uint16_t type; + uint16_t class; + uint32_t ttl; + uint16_t length; + char ip[BUFF_SIZE_IP]; + + if (i == 0) + STC_LOGD("[Answers]"); + + data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); + if (data == NULL) + return; + + type = ntohs(*(uint16_t *)&data[0]); + class = ntohs(*(uint16_t *)&data[2]); + ttl = ntohl(*(uint32_t *)&data[4]); + length = ntohs(*(uint16_t *)&data[8]); + + if (class == DNS_QCLASS_IN) { + switch (type) { + case DNS_QTYPE_A: + inet_ntop(AF_INET, (struct in_addr *)&data[10], + ip, BUFF_SIZE_IP); + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] Address[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, ip); + break; + case DNS_QTYPE_CNAME: + __pcap_dns_name_info((uint8_t *)dns_h, &data[10], cname); + if (data == NULL) + return; + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] CName[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, cname); + break; + case DNS_QTYPE_AAAA: + break; + default: + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length); + break; + } + } + + data += (length + 10); + } +} + +static void __pcap_dns_info(const u_char *packet) +{ + dns_t *dns_h = (dns_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); + + STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " + "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", + ntohs(dns_h->id), ntohs(dns_h->flags), + ntohs(dns_h->questions), ntohs(dns_h->answerRR), + ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); + + __pcap_dns_data_info(packet); +} + +static const char *__pcap_icmp_code_info(u_int8_t type, u_int8_t code) +{ + char *info = NULL; + + switch (type) { + case ICMP_DEST_UNREACH: + switch (code) { + case ICMP_NET_UNREACH: + info = "Network Unreachable"; + break; + case ICMP_HOST_UNREACH: + info = "Host Unreachable"; + break; + case ICMP_PROT_UNREACH: + info = "Protocol Unreachable"; + break; + case ICMP_PORT_UNREACH: + info = "Port Unreachable"; + break; + case ICMP_FRAG_NEEDED: + info = "Fragmentation Needed/DF set"; + break; + case ICMP_SR_FAILED: + info = "Source Route failed"; + break; + case ICMP_NET_UNKNOWN: + break; + case ICMP_HOST_UNKNOWN: + break; + case ICMP_HOST_ISOLATED: + break; + case ICMP_NET_ANO: + break; + case ICMP_HOST_ANO: + break; + case ICMP_NET_UNR_TOS: + break; + case ICMP_HOST_UNR_TOS: + break; + case ICMP_PKT_FILTERED: + info = "Packet filtered"; + break; + case ICMP_PREC_VIOLATION: + info = "Precedence violation"; + break; + case ICMP_PREC_CUTOFF: + info = "Precedence cut off"; + break; + default: + info = "Unknown"; + break; + } + break; + case ICMP_REDIRECT: + switch (code) { + case ICMP_REDIR_NET: + info = "Redirect Net"; + break; + case ICMP_REDIR_HOST: + info = "Redirect Host"; + break; + case ICMP_REDIR_NETTOS: + info = "Redirect Net for TOS"; + break; + case ICMP_REDIR_HOSTTOS: + info = "Redirect Host for TOS"; + break; + default: + info = "Unknown"; + break; + } + break; + case ICMP_TIME_EXCEEDED: + switch (code) { + case ICMP_EXC_TTL: + info = "TTL count exceeded"; + break; + case ICMP_EXC_FRAGTIME: + info = "Fragment Reass time exceeded"; + break; + default: + info = "Unknown"; + break; + } + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static const char *__pcap_icmp_type_info(u_int8_t type) +{ + char *info = NULL; + + switch (type) { + case ICMP_ECHOREPLY: + info = "Echo Reply"; + break; + case ICMP_DEST_UNREACH: + info = "Destination Unreachable"; + break; + case ICMP_SOURCE_QUENCH: + info = "Source Quench"; + break; + case ICMP_REDIRECT: + info = "Redirect"; + break; + case ICMP_ECHO: + info = "Echo Request"; + break; + case ICMP_TIME_EXCEEDED: + info = "Time Exceeded"; + break; + case ICMP_PARAMETERPROB: + info = "Parameter Problem"; + break; + case ICMP_TIMESTAMP: + info = "Timestamp Request"; + break; + case ICMP_TIMESTAMPREPLY: + info = "Timestamp Reply"; + break; + case ICMP_INFO_REQUEST: + info = "Information Request"; + break; + case ICMP_INFO_REPLY: + info = "Information Reply"; + break; + case ICMP_ADDRESS: + info = "Address Mask Request"; + break; + case ICMP_ADDRESSREPLY: + info = "Address Mask Reply"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_icmp_info(const u_char *packet) +{ + icmp_t *icmp_h = (icmp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + + STC_LOGD("Type[%u:%s] Code[%u:%s] Checksum[0x%x]", + icmp_h->type, __pcap_icmp_type_info(icmp_h->type), + icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), + ntohs(icmp_h->checksum)); +} + +static void __pcap_tcp_info(const u_char *packet) +{ + tcp_t *tcp_h = (tcp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + u_int16_t source = ntohs(tcp_h->source); + u_int16_t dest = ntohs(tcp_h->dest); + + STC_LOGD("Source[%u] Destination[%u] Sequence[%u] " + "Acknowledgment seq[%u] Window size[%u] ", + ntohs(tcp_h->source), ntohs(tcp_h->dest), + ntohl(tcp_h->seq), ntohl(tcp_h->ack_seq), + ntohs(tcp_h->window)); + + STC_LOGD("Checksum[0x%x] URG[%u] ACK[%u] PUSH[%u] " + "RST[%u] SYN[%u] FIN[%u]", + ntohs(tcp_h->check), + tcp_h->urg, tcp_h->ack, tcp_h->psh, + tcp_h->rst, tcp_h->syn, tcp_h->fin); + + if (IS_SRC_OR_DST_PORT(PORT_DNS)) + __pcap_dns_info(packet); +} + +static void __pcap_udp_info(const u_char *packet) +{ + udp_t *udp_h = (udp_t *)(packet + + SIZE_ETHER_HEADER + SIZE_IP_HEADER); + u_int16_t source = ntohs(udp_h->source); + u_int16_t dest = ntohs(udp_h->dest); + + STC_LOGD("Source[%u] Destination[%u] Len[%u] Checksum[0x%x]", + source, dest, ntohs(udp_h->len), ntohs(udp_h->check)); + + if (IS_SRC_OR_DST_PORT(PORT_DNS)) + __pcap_dns_info(packet); + else if (IS_SRC_OR_DST_PORT(PORT_BOOTP_C) || + IS_SRC_OR_DST_PORT(PORT_BOOTP_S)) + __pcap_bootp_info(packet); + else if (IS_SRC_OR_DST_PORT(PORT_NTP)) + __pcap_ntp_info(packet); +} + +static const char *__pcap_eth_type_info(u_int16_t type) +{ + char *info = NULL; + + switch (type) { + case ETHERTYPE_IP: + info = "IP"; + break; + case ETHERTYPE_IPV6: + info = "IPv6"; + break; + case ETHERTYPE_ARP: + info = "ARP"; + break; + case ETHERTYPE_REVARP: + info = "REVARP"; + break; + case ETHERTYPE_LOOPBACK: + info = "LOOPBACK"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static const char *__pcap_arp_opcode_info(u_int16_t opcode) +{ + char *info = NULL; + + switch (opcode) { + case ARP_REQUEST: + info = "Request"; + break; + case ARP_REPLY: + info = "Reply"; + break; + case ARP_RREQUEST: + info = "RRequest"; + break; + case ARP_RREPLY: + info = "RReply"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_arp_info(const u_char *packet) +{ + arp_t *arp_h = (arp_t *)(packet + SIZE_ETHER_HEADER); + u_int8_t *sha = (u_int8_t *)(packet + + SIZE_ETHER_HEADER + SIZE_ARP_HEADER); + u_int8_t *spa = (u_int8_t *)(sha + arp_h->ar_hln); + u_int8_t *tha = (u_int8_t *)(spa + arp_h->ar_pln); + u_int8_t *tpa = (u_int8_t *)(tha + arp_h->ar_hln); + u_int16_t ar_op = ntohs(arp_h->ar_op); + char sma[BUFF_SIZE_HOST]; + char sia[BUFF_SIZE_IP]; + char tma[BUFF_SIZE_HOST]; + char tia[BUFF_SIZE_IP]; + u_int16_t ar_pro; + + g_strlcpy(sma, + ether_ntoa((const struct ether_addr *)sha), + sizeof(sma)); + g_strlcpy(tma, + ether_ntoa((const struct ether_addr *)tha), + sizeof(tma)); + + inet_ntop(AF_INET, (struct in_addr *)spa, sia, BUFF_SIZE_IP); + inet_ntop(AF_INET, (struct in_addr *)tpa, tia, BUFF_SIZE_IP); + + ar_pro = ntohs(arp_h->ar_pro); + + STC_LOGD("HW type[%u] Protocol type[0x%04x:%s] " + "HW size[%u] Protocol size[%u] Opcode[%u:%s] ", + ntohs(arp_h->ar_hrd), ar_pro, + __pcap_eth_type_info(ar_pro), + arp_h->ar_hln, arp_h->ar_pln, + ar_op, __pcap_arp_opcode_info(ar_op)); + + STC_LOGD("Sender MAC[%s] Sender IP[%s] " + "Target MAC[%s] Target IP[%s]", + sma, sia, tma, tia); +} + +static const char *__pcap_ip_protocol_info(u_int8_t p) +{ + char *info = NULL; + + switch (p) { + case IPPROTO_IP: + info = "IP"; + break; + case IPPROTO_ICMP: + info = "ICMP"; + break; + case IPPROTO_IPIP: + info = "IPIP"; + break; + case IPPROTO_TCP: + info = "TCP"; + break; + case IPPROTO_UDP: + info = "UDP"; + break; + case IPPROTO_IPV6: + info = "IPv6"; + break; + case IPPROTO_ICMPV6: + info = "ICMPv6"; + break; + default: + info = "Unknown"; + break; + } + + return info; +} + +static void __pcap_ipv6_info(const u_char *packet) +{ + ip6_t *ip6_h = (ip6_t *)(packet + SIZE_ETHER_HEADER); + char ip6_src[BUFF_SIZE_IP6]; + char ip6_dst[BUFF_SIZE_IP6]; + + inet_ntop(AF_INET6, &ip6_h->ip6_src, ip6_src, BUFF_SIZE_IP6); + inet_ntop(AF_INET6, &ip6_h->ip6_dst, ip6_dst, BUFF_SIZE_IP6); + + STC_LOGD("Flow[0x%08x] Payload len[%u] Next hdr[%u:%s] " + "Hop limit[%u] Source[%s] Destination[%s]", + ntohl(ip6_h->ip6_flow), ntohs(ip6_h->ip6_plen), + ip6_h->ip6_nxt, __pcap_ip_protocol_info(ip6_h->ip6_nxt), + ip6_h->ip6_hlim, ip6_src, ip6_dst); + + switch (ip6_h->ip6_nxt) { + case IPPROTO_IP: + break; + case IPPROTO_ICMP: + break; + case IPPROTO_IPIP: + break; + case IPPROTO_TCP: + break; + case IPPROTO_UDP: + break; + case IPPROTO_IPV6: + break; + case IPPROTO_ICMPV6: + break; + default: + break; + } +} + +static void __pcap_ip_info(const u_char *packet) +{ + ip_t *ip_h = (ip_t *)(packet + SIZE_ETHER_HEADER); + char ip_src[BUFF_SIZE_IP]; + char ip_dst[BUFF_SIZE_IP]; + + inet_ntop(AF_INET, &ip_h->ip_src, ip_src, BUFF_SIZE_IP); + inet_ntop(AF_INET, &ip_h->ip_dst, ip_dst, BUFF_SIZE_IP); + + STC_LOGD("Header len[%u] TOS[0x%02x] Total len[%u] " + "ID[0x%04x] Flags[0x%02x] TTL[%u] Protocol[%u:%s] " + "Checksum[0x%04x] Source[%s] Destination[%s]", + ip_h->ip_hl << 2, ip_h->ip_tos, + ntohs(ip_h->ip_len), ntohs(ip_h->ip_id), + (ntohs(ip_h->ip_off) & 0xe000) >> 13, + ip_h->ip_ttl, ip_h->ip_p, + __pcap_ip_protocol_info(ip_h->ip_p), + ntohs(ip_h->ip_sum), ip_src, ip_dst); + + switch (ip_h->ip_p) { + case IPPROTO_ICMP: + __pcap_icmp_info(packet); + break; + case IPPROTO_TCP: + __pcap_tcp_info(packet); + break; + case IPPROTO_UDP: + __pcap_udp_info(packet); + break; + default: + break; + } +} + +static void __pcap_eth_info(const u_char *packet) +{ + eth_t *eth_h = (eth_t *)packet; + u_int8_t *eth_shost = eth_h->ether_shost; + u_int8_t *eth_dhost = eth_h->ether_dhost; + char shost[BUFF_SIZE_HOST]; + char dhost[BUFF_SIZE_HOST]; + u_int16_t ether_type; + + g_strlcpy(shost, + ether_ntoa((const struct ether_addr *)eth_shost), + sizeof(shost)); + + g_strlcpy(dhost, + ether_ntoa((const struct ether_addr *)eth_dhost), + sizeof(dhost)); + + ether_type = ntohs(eth_h->ether_type); + + STC_LOGD("Source[%s] Destination[%s] Type[0x%04x:%s]", + shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); +} + +static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) +{ + char *curr = NULL; + int len = 0; + struct timeval ts = pkthdr->ts; + __time_t tv_sec = ts.tv_sec; + __suseconds_t tv_usec = tv_usec; + + if (g_pcap_start_fm == false) { + g_pcap_tv = ts; + g_pcap_start_fm = true; + } + + curr = ctime((const time_t *)&tv_sec); + len = strlen(curr); + curr[len - 1] = '\0'; + + STC_LOGD("Arrival time[%s] Timeval[%.06f] " + "Frame len[%u] Capture len[%u]", curr, + (float)((tv_sec - g_pcap_tv.tv_sec) * 1000000 + + (tv_usec - g_pcap_tv.tv_usec)) / 1000000, + pkthdr->len, pkthdr->caplen); +} + +static void __pcap_handler(u_char *param, + const struct pcap_pkthdr *pkthdr, + const u_char *packet) { + eth_t *eth_h; + unsigned short eth_type; + /* int len = pkthdr->len; */ + + __pcap_fm_info(pkthdr); + + eth_h = (eth_t *)packet; + __pcap_eth_info(packet); + + eth_type = ntohs(eth_h->ether_type); + switch (eth_type) { + case ETHERTYPE_IP: + __pcap_ip_info(packet); + /* __pcap_data_info(pcaket, len); */ + break; + case ETHERTYPE_IPV6: + __pcap_ipv6_info(packet); + break; + case ETHERTYPE_ARP: + case ETHERTYPE_REVARP: + __pcap_arp_info(packet); + break; + case ETHERTYPE_LOOPBACK: + break; + default: + break; + } +} + +static gboolean __pcap_thread_source_func(gpointer data) +{ + char buf[MAX_IFACE_LENGTH]; + stc_pcap_data_s *lookup; + stc_pcap_data_s *pcap_data = (stc_pcap_data_s *)data; + + g_pcap_tv.tv_sec = 0; + g_pcap_tv.tv_usec = 0; + g_pcap_start_fm = false; + + if (g_pcap_tables == NULL) + return false; + + snprintf(buf, sizeof(buf), "%s_%d", + pcap_data->name, pcap_data->group); + + lookup = g_hash_table_lookup(g_pcap_tables, buf); + if (!lookup) { + STC_LOGE("pcap loop not found"); + return false; + } + + g_hash_table_remove(g_pcap_tables, buf); + STC_LOGD("Successfully removed pcap loop [%s]", buf); + + return false; +} + +static gpointer __pcap_thread_func(gpointer data) +{ + __STC_LOG_FUNC_ENTER__; + + char errbuf[PCAP_ERRBUF_SIZE]; + pcap_if_t *alldevs = NULL; + pcap_if_t *dev = NULL; + char *name = NULL; + GSource *source = NULL; + GMainContext *context = NULL; + stc_pcap_data_s *pcap_data = (stc_pcap_data_s *)data; + + if (pcap_findalldevs(&alldevs, errbuf) < 0 || + alldevs == NULL) { + STC_LOGE("Failed to find all devs [%s]", errbuf); + goto thread_exit; + } + + for (dev = alldevs; dev; dev = dev->next) { + if (g_strcmp0(dev->name, pcap_data->name) == 0) { + name = g_strdup(dev->name); + break; + } + } + + pcap_freealldevs(alldevs); + + if (name == NULL) { + STC_LOGE("Failed to find dev [%s]", pcap_data->name); + goto thread_exit; + } + + STC_LOGD("Pcap source dev [%s]", name); + + pcap_data->handle = pcap_open_live(name, 65535, 1, 1000, errbuf); + if (pcap_data->handle == NULL) { + STC_LOGE("Failed to open live [%s]", errbuf); + goto thread_exit; + } + + pcap_loop(pcap_data->handle, 0, __pcap_handler, NULL); + + pcap_close(pcap_data->handle); + +thread_exit: + FREE(name); + + context = g_main_context_default(); + + source = g_idle_source_new(); + + g_source_set_callback(source, + __pcap_thread_source_func, pcap_data, NULL); + g_source_attach(source, context); + + g_source_unref(source); + + __STC_LOG_FUNC_EXIT__; + return NULL; +} + +int stc_plugin_pcap_initialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + g_pcap_tables = g_hash_table_new_full(g_str_hash, + g_str_equal, g_free, __pcap_data_free); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_deinitialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (g_pcap_tables) { + g_hash_table_destroy(g_pcap_tables); + g_pcap_tables = NULL; + } + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_lookup_dev(void) +{ + __STC_LOG_FUNC_ENTER__; + + char *dev = NULL; + char errbuf[PCAP_ERRBUF_SIZE]; + + dev = pcap_lookupdev(errbuf); + if (dev == NULL) { + STC_LOGE("Failed to look up dev [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + STC_LOGD("Dev [%s]", dev); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_lookup_net(void) +{ + __STC_LOG_FUNC_ENTER__; + + char *dev = NULL; + char net[BUFF_SIZE_IP]; + char mask[BUFF_SIZE_IP]; + char errbuf[PCAP_ERRBUF_SIZE]; + int ret; + bpf_u_int32 netp; + bpf_u_int32 maskp; + + dev = pcap_lookupdev(errbuf); + if (dev == NULL) { + STC_LOGE("Failed to look up dev [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + STC_LOGD("Dev [%s]", dev); + + ret = pcap_lookupnet(dev, &netp, &maskp, errbuf); + if (ret == -1) { + STC_LOGE("Failed to look up net [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + inet_ntop(AF_INET, &netp, net, BUFF_SIZE_IP); + STC_LOGD("Net [%s]", net); + + inet_ntop(AF_INET, &maskp, mask, BUFF_SIZE_IP); + STC_LOGD("Mask [%s]", mask); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_find_alldevs(void) +{ + __STC_LOG_FUNC_ENTER__; + + char net[BUFF_SIZE_IP]; + char mask[BUFF_SIZE_IP]; + char errbuf[PCAP_ERRBUF_SIZE]; + pcap_if_t *alldevs = NULL; + pcap_if_t *dev = NULL; + bpf_u_int32 netp; + bpf_u_int32 maskp; + + if (pcap_findalldevs(&alldevs, errbuf) < 0 || + alldevs == NULL) { + STC_LOGE("Failed to find all devs [%s]", errbuf); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_FAIL; + } + + for (dev = alldevs; dev; dev = dev->next) { + STC_LOGD("Dev [%s]", dev->name); + + if (dev->description) + STC_LOGD("Decs [%s]", dev->description); + + if (pcap_lookupnet(dev->name, &netp, &maskp, errbuf) == -1) { + STC_LOGE("Failed to look up net [%s]", errbuf); + continue; + } + + inet_ntop(AF_INET, &netp, net, BUFF_SIZE_IP); + STC_LOGD("Net [%s]", net); + + inet_ntop(AF_INET, &maskp, mask, BUFF_SIZE_IP); + STC_LOGD("Mask [%s]", mask); + } + + pcap_freealldevs(alldevs); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_register_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + stc_pcap_data_s *data; + stc_pcap_data_s *lookup; + char buf[MAX_IFACE_LENGTH]; + + ret_value_msg_if(g_pcap_tables == NULL, + STC_ERROR_FAIL, + "pcap tables is not initialized!"); + + ret_value_msg_if(ifname == NULL, + STC_ERROR_FAIL, + "Invalid parameter [ifname]"); + + snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + + lookup = g_hash_table_lookup(g_pcap_tables, buf); + if (lookup) { + STC_LOGD("pcap loop already present"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_ALREADY_DATA; + } + + data = MALLOC0(stc_pcap_data_s, 1); + if (!data) { + STC_LOGE("data allocation failed"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_OUT_OF_MEMORY; + } + + data->name = g_strdup(ifname); + data->group = group; + data->thread = g_thread_new(buf, __pcap_thread_func, data); + + g_hash_table_insert(g_pcap_tables, g_strdup(buf), data); + STC_LOGD("Successfully added pcap loop [%s]", buf); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + stc_pcap_data_s *lookup; + char buf[MAX_IFACE_LENGTH]; + + ret_value_msg_if(g_pcap_tables == NULL, + STC_ERROR_FAIL, + "pcap tables is not initialized!"); + + ret_value_msg_if(ifname == NULL, + STC_ERROR_FAIL, + "Invalid parameter [ifname]"); + + snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + + lookup = g_hash_table_lookup(g_pcap_tables, buf); + if (!lookup) { + STC_LOGE("pcap loop not found"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NO_DATA; + } + + pcap_breakloop(lookup->handle); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +API stc_plugin_pcap_s stc_plugin_pcap = { + .initialize_plugin = + stc_plugin_pcap_initialize, + .deinitialize_plugin = + stc_plugin_pcap_deinitialize, + .lookup_dev = + stc_plugin_pcap_lookup_dev, + .lookup_net = + stc_plugin_pcap_lookup_net, + .find_alldevs = + stc_plugin_pcap_find_alldevs, + .register_loop_pcap = + stc_plugin_pcap_register_loop_pcap, + .unregister_loop_pcap = + stc_plugin_pcap_unregister_loop_pcap +}; +//LCOV_EXCL_STOP diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c845dd0..2ec0178 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -31,6 +31,7 @@ SET(PLUGIN_DIR ${CMAKE_SOURCE_DIR}/plugin) SET(APPSTATUS_SOURCE_DIR ${PLUGIN_DIR}/appstatus) SET(EXCEPTION_SOURCE_DIR ${PLUGIN_DIR}/exception) SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs) +SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap) SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) @@ -54,6 +55,7 @@ INCLUDE_DIRECTORIES(${LIMITATION_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${APPSTATUS_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${EXCEPTION_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR}/include) FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c) diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c old mode 100644 new mode 100755 index b265c80..ef74b17 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -19,6 +19,7 @@ #include "stc-statistics.h" #include "stc-restriction.h" #include "stc-firewall.h" +#include "stc-pcap.h" #include "stc-connection.h" #include "stc-manager-util.h" #include "stc-manager-plugin-appstatus.h" @@ -232,6 +233,45 @@ static gboolean __stc_manager_gdbus_firewall_init(stc_s *stc) return ret; } +static gboolean __stc_manager_gdbus_pcap_init(stc_s *stc) +{ + __STC_LOG_FUNC_ENTER__; + gboolean ret = TRUE; + gchar *s = NULL; + + StcObjectSkeleton *object = NULL; + StcPcap *pcap = NULL; + s = g_strdup_printf(STC_DBUS_SERVICE_PCAP_PATH); + + /* Add interface to default object path */ + object = stc_object_skeleton_new(s); + g_free(s); + + pcap = stc_pcap_skeleton_new(); + stc_object_skeleton_set_pcap(object, pcap); + g_object_unref(pcap); + + /* Register for method callbacks as signal callbacks */ + + g_signal_connect(pcap, "handle-start", + G_CALLBACK(handle_pcap_start), + stc); + + g_signal_connect(pcap, "handle-stop", + G_CALLBACK(handle_pcap_stop), + stc); + + /* Export the object (@manager takes its own reference to @object) */ + g_dbus_object_manager_server_export(stc->obj_mgr, + G_DBUS_OBJECT_SKELETON(object)); + g_object_unref(object); + + stc->pcap_obj = (gpointer)pcap; + + __STC_LOG_FUNC_EXIT__; + return ret; +} + static gboolean __stc_manager_gdbus_manager_init(stc_s *stc) { __STC_LOG_FUNC_ENTER__; @@ -297,6 +337,11 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, /* Deinitialize and quit manager */ } + if (__stc_manager_gdbus_pcap_init(stc) == FALSE) { + STC_LOGE("Cannot signal connect to pcap"); //LCOV_EXCL_LINE + /* Deinitialize and quit manager */ + } + if (__stc_manager_gdbus_manager_init(stc) == FALSE) { STC_LOGE("Cannot signal connect to manager"); //LCOV_EXCL_LINE /* Deinitialize and quit manager */ @@ -362,6 +407,7 @@ void stc_manager_gdbus_deinit(gpointer stc_data) stc->statistics_obj = NULL; stc->restriction_obj = NULL; stc->firewall_obj = NULL; + stc->pcap_obj = NULL; stc->manager_obj = NULL; __STC_LOG_FUNC_EXIT__; } diff --git a/src/stc-manager-plugin-pcap.c b/src/stc-manager-plugin-pcap.c new file mode 100644 index 0000000..c9432a2 --- /dev/null +++ b/src/stc-manager-plugin-pcap.c @@ -0,0 +1,171 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "stc-manager.h" +#include "stc-manager-plugin-pcap.h" + +static gboolean stc_plugin_enabled = FALSE; +static void *handle_plugin; +static stc_plugin_pcap_s *stc_plugin; + +//LCOV_EXCL_START +int stc_plugin_pcap_init(void) +{ + __STC_LOG_FUNC_ENTER__; + + handle_plugin = dlopen(STC_PLUGIN_PCAP_FILEPATH, RTLD_NOW); + if (!handle_plugin) { + STC_LOGE("Can't load %s: %s", STC_PLUGIN_PCAP_FILEPATH, dlerror()); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin = dlsym(handle_plugin, "stc_plugin_pcap"); + if (!stc_plugin) { + STC_LOGE("Can't load symbol: %s", dlerror()); + dlclose(handle_plugin); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->initialize_plugin(); + stc_plugin_enabled = TRUE; + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_deinit(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->deinitialize_plugin(); + stc_plugin_enabled = FALSE; + dlclose(handle_plugin); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_lookup_dev(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->lookup_dev(); +} + +int stc_plugin_pcap_lookup_net(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->lookup_net(); +} + +int stc_plugin_pcap_find_alldevs(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->find_alldevs(); +} + +int stc_plugin_pcap_register_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->register_loop_pcap(ifname, group); +} + +int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, + int group) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) { + STC_LOGE("Plugin wasn't enabled"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + __STC_LOG_FUNC_EXIT__; + return stc_plugin->unregister_loop_pcap(ifname, group); +} +//LCOV_EXCL_STOP diff --git a/src/stc-manager.c b/src/stc-manager.c old mode 100644 new mode 100755 index 79acd88..46401fb --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -32,6 +32,7 @@ #include "stc-manager-plugin-exception.h" #include "stc-manager-plugin-procfs.h" #include "stc-manager-plugin-tether.h" +#include "stc-manager-plugin-pcap.h" #define BUF_SIZE_FOR_ERR 100 @@ -91,6 +92,7 @@ static void __stc_manager_deinit(void) stc_plugin_exception_deinit(); stc_plugin_procfs_deinit(); stc_plugin_tether_deinit(); + stc_plugin_pcap_deinit(); inotify_deregister(INFO_STORAGE_DIR); inotify_deinitialize(); @@ -133,6 +135,7 @@ static stc_s *__stc_manager_init(void) stc_plugin_exception_init(); stc_plugin_procfs_init(); stc_plugin_tether_init(); + stc_plugin_pcap_init(); #endif stc_firewall_init(); diff --git a/src/stc-pcap.c b/src/stc-pcap.c new file mode 100755 index 0000000..368971e --- /dev/null +++ b/src/stc-pcap.c @@ -0,0 +1,160 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "stc-db.h" +#include "stc-pcap.h" +#include "stc-manager-plugin-pcap.h" + +#define PCAP_DBUS_ERROR_NAME "net.stc.pcap.Error.Failed" + +#define STC_PCAP_DBUS_REPLY_ERROR(invocation, err_num) \ + g_dbus_method_invocation_return_dbus_error((invocation), \ + PCAP_DBUS_ERROR_NAME, \ + stc_err_strs[-(err_num)]) + +static const gchar *stc_err_strs[] = { + "ERROR_NONE", + "FAIL", + "DB_FAILED", + "OUT_OF_MEMORY", + "INVALID_PARAMETER", + "NO_DATA", + "ALREADY_DATA", + "UNINITIALIZED", + "PERMISSION_DENIED", + "NOTIMPL" +}; + +gboolean __validate_pcap(stc_pcap_s *pcap) +{ + __STC_LOG_FUNC_ENTER__; + + if (pcap == NULL) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return FALSE; //LCOV_EXCL_LINE + } + + if (pcap->ifname == NULL || + pcap->ifname[0] == '\0') { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return FALSE; //LCOV_EXCL_LINE + } + + __STC_LOG_FUNC_EXIT__; + return TRUE; +} + +static void __stc_extract_pcap(const char *key, GVariant *value, + void *user_data) +{ + stc_pcap_s *pcap = (stc_pcap_s *) user_data; + if (pcap == NULL) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return; //LCOV_EXCL_LINE + } + + if (!g_strcmp0(key, STC_PCAP_IFNAME)) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + pcap->ifname = g_strdup(str); + STC_LOGD("ifname: [%s]", pcap->ifname); + + } else if (!g_strcmp0(key, STC_PCAP_NFLOG_GROUP)) { + pcap->nflog_group = g_variant_get_uint32(value); + STC_LOGD("nflog group: [%d]", pcap->nflog_group); + + } else { + STC_LOGD("Unknown select rule"); //LCOV_EXCL_LINE + } +} + +gboolean handle_pcap_start(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data) +{ + __STC_LOG_FUNC_ENTER__; + GVariantIter *iter = NULL; + stc_pcap_s pcap; + int ret = STC_ERROR_NONE; + + memset(&pcap, 0, sizeof(stc_pcap_s)); + + g_variant_get(parameters, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __stc_extract_pcap, + &pcap); + g_variant_iter_free(iter); + } + + if (__validate_pcap(&pcap) == FALSE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE + STC_ERROR_INVALID_PARAMETER); + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + ret = stc_plugin_pcap_register_loop_pcap(pcap.ifname, pcap.nflog_group); + if (ret != STC_ERROR_NONE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + STC_DBUS_REPLY_ERROR_NONE(invocation); + __STC_LOG_FUNC_EXIT__; + return TRUE; +} + +gboolean handle_pcap_stop(StcPcap *object, + GDBusMethodInvocation *invocation, + GVariant *parameters, + void *user_data) +{ + __STC_LOG_FUNC_ENTER__; + GVariantIter *iter = NULL; + stc_pcap_s pcap; + int ret = STC_ERROR_NONE; + + memset(&pcap, 0, sizeof(stc_pcap_s)); + + g_variant_get(parameters, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __stc_extract_pcap, + &pcap); + g_variant_iter_free(iter); + } + + if (__validate_pcap(&pcap) == FALSE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE + STC_ERROR_INVALID_PARAMETER); + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + ret = stc_plugin_pcap_unregister_loop_pcap(pcap.ifname, pcap.nflog_group); + if (ret != STC_ERROR_NONE) { + STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + return TRUE; + } + + STC_DBUS_REPLY_ERROR_NONE(invocation); + __STC_LOG_FUNC_EXIT__; + return TRUE; +} -- 2.7.4 From f2380cadc63c01f6dee9780e7f3ab6ce19ee8faa Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Wed, 21 Nov 2018 16:48:05 +0900 Subject: [PATCH 13/16] Separate debug log with info config Change-Id: I87608b9729a8ad5872c8edc69b1a2aac896421af Signed-off-by: hyunuktak --- include/stc-manager-util.h | 20 ++- include/stc-manager.h | 6 +- plugin/appstatus/stc-plugin-appstatus.c | 2 +- plugin/exception/stc-plugin-exception.c | 6 +- plugin/pcap/stc-plugin-pcap.c | 253 ++++++++++++++++++-------------- plugin/procfs/stc-plugin-procfs.c | 12 +- src/database/tables/table-statistics.c | 2 +- src/helper/helper-cgroup.c | 6 +- src/monitor/stc-monitor-app.c | 10 +- src/monitor/stc-monitor-proc.c | 32 ++-- src/monitor/stc-monitor-rstn.c | 28 ++-- src/stc-firewall.c | 90 ++++++++---- src/stc-manager-util.c | 42 +++++- src/stc-manager.c | 6 +- 14 files changed, 312 insertions(+), 203 deletions(-) mode change 100644 => 100755 plugin/appstatus/stc-plugin-appstatus.c mode change 100644 => 100755 plugin/exception/stc-plugin-exception.c mode change 100644 => 100755 src/database/tables/table-statistics.c mode change 100644 => 100755 src/helper/helper-cgroup.c mode change 100644 => 100755 src/monitor/stc-monitor-app.c mode change 100644 => 100755 src/monitor/stc-monitor-proc.c mode change 100644 => 100755 src/monitor/stc-monitor-rstn.c mode change 100644 => 100755 src/stc-firewall.c mode change 100644 => 100755 src/stc-manager-util.c diff --git a/include/stc-manager-util.h b/include/stc-manager-util.h index b12fff9..4b2eb94 100755 --- a/include/stc-manager-util.h +++ b/include/stc-manager-util.h @@ -330,7 +330,11 @@ static inline bool strstart_with(const char *str, const char *with) #define INFO_STORAGE_DIR "/var/lib/stc" #define INFO_CONFIG "info.config" -#define INFO_DEBUGLOG "debuglog" +#define INFO_DEBUG_LOG "debug_log" +#define INFO_STAT_LOG "stat_log" +#define INFO_RSTN_LOG "rstn_log" +#define INFO_FW_LOG "fw_log" +#define INFO_PCAP_LOG "pcap_log" #define MAX_PATH_LENGTH 512 #define MAX_NAME_LENGTH 256 @@ -395,12 +399,22 @@ enum stc_counter_state { STC_UPDATE_REQUESTED = 1 << 5, }; +typedef enum { + DEBUG_LOG_INFO, + STAT_LOG_INFO, + RSTN_LOG_INFO, + FW_LOG_INFO, + PCAP_LOG_INFO, + MAX_LOG_INFO +} log_info_e; + gboolean stc_util_get_config_bool(char *key); gchar * stc_util_get_config_str(char *key); int stc_util_get_config_int(char *key); -void stc_util_set_debuglog(int debuglog); -int stc_util_get_debuglog(void); +void stc_util_update_log_state(void); +void stc_util_set_log_state(log_info_e info, int state); +int stc_util_get_log_state(log_info_e info); void stc_util_initialize_config(void); diff --git a/include/stc-manager.h b/include/stc-manager.h index fabbbb1..0b930eb 100755 --- a/include/stc-manager.h +++ b/include/stc-manager.h @@ -39,7 +39,11 @@ #define STC_CMD_INSERT "-I" #define STC_CMD_SIZE 256 -#define STC_DEBUG_LOG (stc_util_get_debuglog()) +#define STC_DEBUG_LOG (stc_util_get_log_state(DEBUG_LOG_INFO)) +#define STC_STAT_LOG (stc_util_get_log_state(STAT_LOG_INFO)) +#define STC_RSTN_LOG (stc_util_get_log_state(RSTN_LOG_INFO)) +#define STC_FW_LOG (stc_util_get_log_state(FW_LOG_INFO)) +#define STC_PCAP_LOG (stc_util_get_log_state(PCAP_LOG_INFO)) typedef enum { STC_CANCEL = 0, /**< cancel */ diff --git a/plugin/appstatus/stc-plugin-appstatus.c b/plugin/appstatus/stc-plugin-appstatus.c old mode 100644 new mode 100755 index 2fd1b9e..98fab81 --- a/plugin/appstatus/stc-plugin-appstatus.c +++ b/plugin/appstatus/stc-plugin-appstatus.c @@ -87,7 +87,7 @@ static void __stc_gdbus_handle_aul_changestate(GDBusConnection *connection, else apptype = STC_APP_TYPE_GUI; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { STC_LOGD("\033[1;34mAPP STATUS\033[0;m: PkgID[\033[0;34m%s\033[0;m] " "AppID[\033[0;32m%s\033[0;m] PID[\033[1;33m%d\033[0;m] Status[%s] Type[%s]", pkgid, appid, pid, statstr, pkgtype); diff --git a/plugin/exception/stc-plugin-exception.c b/plugin/exception/stc-plugin-exception.c old mode 100644 new mode 100755 index 4769c3e..cdb47c4 --- a/plugin/exception/stc-plugin-exception.c +++ b/plugin/exception/stc-plugin-exception.c @@ -99,7 +99,7 @@ static void __excn_hash_foreach_print(gpointer key, gpointer value, const char *process_name = key; const char *exe_type = value; - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGI("Process_name[%s] exe_type[%s]", process_name, exe_type); } @@ -258,7 +258,7 @@ int stc_plugin_exception_fill_list(void) table_exceptions_foreach(__insert_exception_cb, NULL); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) __excn_hash_printall(); g_excns_timer_id = g_timeout_add_seconds(EXCNS_TIMER_INTERVAL, @@ -273,7 +273,7 @@ int stc_plugin_exception_update_list(void) __remove_exception_appall(); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) __excn_hash_printall(); return STC_ERROR_NONE; diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 8cba6bd..22dddb7 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -117,18 +117,20 @@ static void __pcap_ntp_info(const u_char *packet) __pcap_ntp_time_info(ntp_h->rectime.second, rectime); __pcap_ntp_time_info(ntp_h->xmttime.second, xmttime); - STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " - "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", - ntp_h->flags, ntp_h->stratum, ntp_h->poll, - ntp_h->precision, 1 << ntp_h->precision, - ntohs(ntp_h->rootdelay.second), - __pcap_ntp_fraction_info(ntp_h->rootdelay.fraction), - ntohs(ntp_h->rootdisp.second), - __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), - refid); - - STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", - reftime, orgtime, rectime, xmttime); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Flags[0x%02x] Stratum[%u] Poll[%u:%us] Precision[%u] " + "Root delay[%u.%06us] Root dispersion[%u.%06us] Ref ID[%s]", + ntp_h->flags, ntp_h->stratum, ntp_h->poll, + ntp_h->precision, 1 << ntp_h->precision, + ntohs(ntp_h->rootdelay.second), + __pcap_ntp_fraction_info(ntp_h->rootdelay.fraction), + ntohs(ntp_h->rootdisp.second), + __pcap_ntp_fraction_info(ntp_h->rootdisp.fraction), + refid); + + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Reference[%s] Origin[%s] Receive[%s] Transmit[%s]", + reftime, orgtime, rectime, xmttime); } static const char *__pcap_dhcp_client_id_info(uint8_t data) @@ -224,7 +226,8 @@ static void __pcap_bootp_magic_info(uint32_t magic, char buf[BOOTP_MOPTION_LEN]; uint8_t *opt = moption; - STC_LOGD("Magic cookie[DHCP]"); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Magic cookie[DHCP]"); while(len > 0) { uint8_t tag = opt[0]; @@ -237,60 +240,73 @@ static void __pcap_bootp_magic_info(uint32_t magic, case DHCP_TAG_SUBNET_MASK: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Subnet mask[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Subnet mask[%s]", addr); break; case DHCP_TAG_ROUTER: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Router[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Router[%s]", addr); break; case DHCP_TAG_DNS: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Domain name server[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Domain name server[%s]", addr); break; case DHCP_TAG_HOST_NAME: snprintf(buf, ((length < BOOTP_MOPTION_LEN) ? (length + 1) : BOOTP_MOPTION_LEN), "%s", (char *)data); - STC_LOGD("Host name[%s]", buf); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Host name[%s]", buf); break; case DHCP_TAG_REQUESTED_IP: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("Requested IP[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Requested IP[%s]", addr); break; case DHCP_TAG_IP_LEASE_TIME: - STC_LOGD("IP address lease time[%us]", - ntohl(*(uint32_t *)data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("IP address lease time[%us]", + ntohl(*(uint32_t *)data)); break; case DHCP_TAG_MSG_TYPE: - STC_LOGD("DHCP message type[%u:%s]", *data, - __pcap_dhcp_msg_type_info(*data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("DHCP message type[%u:%s]", *data, + __pcap_dhcp_msg_type_info(*data)); break; case DHCP_TAG_SERVER_ID: inet_ntop(AF_INET, (struct in_addr *)data, addr, BUFF_SIZE_IP); - STC_LOGD("DHCP server identifier[%s]", addr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("DHCP server identifier[%s]", addr); break; case DHCP_TAG_MSG_SIZE: - STC_LOGD("Maximum DHCP message size[%u]", - ntohs(*(uint16_t *)data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Maximum DHCP message size[%u]", + ntohs(*(uint16_t *)data)); break; case DHCP_TAG_CLIENT_ID: - STC_LOGD("Client identifier HW type[0x%02x:%s]", *data, - __pcap_dhcp_client_id_info(*data)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Client identifier HW type[0x%02x:%s]", *data, + __pcap_dhcp_client_id_info(*data)); if (*data == DHCP_CLIENT_ID_ETHERNET) { g_strlcpy(host, ether_ntoa((const struct ether_addr *)&data[1]), sizeof(host)); - STC_LOGD("Client identifier MAC[%s]", host); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Client identifier MAC[%s]", host); } break; case DHCP_TAG_END: - STC_LOGD("End"); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("End"); return; default: - STC_LOGD("Unknown[%u]", tag); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Unknown[%u]", tag); break; } @@ -341,15 +357,17 @@ static void __pcap_bootp_info(const u_char *packet) ether_ntoa((const struct ether_addr *)bootp_h->chaddr), sizeof(chaddr)); - STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " - "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", - bootp_h->op, __pcap_bootp_op_info(bootp_h->op), - bootp_h->htype, bootp_h->hlen, bootp_h->hops, - ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Message type[%u:%s] HW type[0x%02x] HW len[%u] Hops[%u] " + "Transaction ID[0x%08x] Seconds elapsed[%u] Flags[0x%04x]", + bootp_h->op, __pcap_bootp_op_info(bootp_h->op), + bootp_h->htype, bootp_h->hlen, bootp_h->hops, + ntohl(bootp_h->xid), ntohs(bootp_h->secs), ntohs(bootp_h->flags)); - STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " - "Relay agent[%s] Client MAC[%s]", - ciaddr, yiaddr, siaddr, giaddr, chaddr); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Client[%s] Your(client)[%s] Next server[%s] " + "Relay agent[%s] Client MAC[%s]", + ciaddr, yiaddr, siaddr, giaddr, chaddr); len = ntohs(udp_h->len); __pcap_bootp_magic_info(bootp_h->magic, bootp_h->moption, len); @@ -460,8 +478,10 @@ static void __pcap_dns_data_info(const u_char *packet) uint16_t type; uint16_t class; - if (i == 0) - STC_LOGD("[Queries]"); + if (i == 0) { + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("[Queries]"); + } data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); if (data == NULL) @@ -470,9 +490,10 @@ static void __pcap_dns_data_info(const u_char *packet) type = ntohs(*(uint16_t *)&data[0]); class = ntohs(*(uint16_t *)&data[2]); - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class)); data += 4; } @@ -486,8 +507,10 @@ static void __pcap_dns_data_info(const u_char *packet) uint16_t length; char ip[BUFF_SIZE_IP]; - if (i == 0) - STC_LOGD("[Answers]"); + if (i == 0) { + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("[Answers]"); + } data = __pcap_dns_name_info((uint8_t *)dns_h, data, name); if (data == NULL) @@ -503,30 +526,33 @@ static void __pcap_dns_data_info(const u_char *packet) case DNS_QTYPE_A: inet_ntop(AF_INET, (struct in_addr *)&data[10], ip, BUFF_SIZE_IP); - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " - "TTL[%u] Data length[%u] Address[%s]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class), - ttl, length, ip); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] Address[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, ip); break; case DNS_QTYPE_CNAME: __pcap_dns_name_info((uint8_t *)dns_h, &data[10], cname); if (data == NULL) return; - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " - "TTL[%u] Data length[%u] CName[%s]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class), - ttl, length, cname); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u] CName[%s]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length, cname); break; case DNS_QTYPE_AAAA: break; default: - STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " - "TTL[%u] Data length[%u]", - name, type, __pcap_dns_type_info(type), - class, __pcap_dns_class_info(class), - ttl, length); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Name[%s] Type[%u:%s] Class[0x%04x:%s] " + "TTL[%u] Data length[%u]", + name, type, __pcap_dns_type_info(type), + class, __pcap_dns_class_info(class), + ttl, length); break; } } @@ -540,11 +566,12 @@ static void __pcap_dns_info(const u_char *packet) dns_t *dns_h = (dns_t *)(packet + SIZE_ETHER_HEADER + SIZE_IP_HEADER + SIZE_UDP_HEADER); - STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " - "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", - ntohs(dns_h->id), ntohs(dns_h->flags), - ntohs(dns_h->questions), ntohs(dns_h->answerRR), - ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Transaction ID[0x%x] Flags[0x%x] Questions[%u] " + "Answer RRs[%u] Authority RRs[%u] Additional RRs[%u]", + ntohs(dns_h->id), ntohs(dns_h->flags), + ntohs(dns_h->questions), ntohs(dns_h->answerRR), + ntohs(dns_h->authorityRR), ntohs(dns_h->additionalRR)); __pcap_dns_data_info(packet); } @@ -699,10 +726,11 @@ static void __pcap_icmp_info(const u_char *packet) icmp_t *icmp_h = (icmp_t *)(packet + SIZE_ETHER_HEADER + SIZE_IP_HEADER); - STC_LOGD("Type[%u:%s] Code[%u:%s] Checksum[0x%x]", - icmp_h->type, __pcap_icmp_type_info(icmp_h->type), - icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), - ntohs(icmp_h->checksum)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Type[%u:%s] Code[%u:%s] Checksum[0x%x]", + icmp_h->type, __pcap_icmp_type_info(icmp_h->type), + icmp_h->code, __pcap_icmp_code_info(icmp_h->type, icmp_h->code), + ntohs(icmp_h->checksum)); } static void __pcap_tcp_info(const u_char *packet) @@ -712,13 +740,15 @@ static void __pcap_tcp_info(const u_char *packet) u_int16_t source = ntohs(tcp_h->source); u_int16_t dest = ntohs(tcp_h->dest); - STC_LOGD("Source[%u] Destination[%u] Sequence[%u] " - "Acknowledgment seq[%u] Window size[%u] ", - ntohs(tcp_h->source), ntohs(tcp_h->dest), - ntohl(tcp_h->seq), ntohl(tcp_h->ack_seq), - ntohs(tcp_h->window)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Source[%u] Destination[%u] Sequence[%u] " + "Acknowledgment seq[%u] Window size[%u] ", + ntohs(tcp_h->source), ntohs(tcp_h->dest), + ntohl(tcp_h->seq), ntohl(tcp_h->ack_seq), + ntohs(tcp_h->window)); - STC_LOGD("Checksum[0x%x] URG[%u] ACK[%u] PUSH[%u] " + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Checksum[0x%x] URG[%u] ACK[%u] PUSH[%u] " "RST[%u] SYN[%u] FIN[%u]", ntohs(tcp_h->check), tcp_h->urg, tcp_h->ack, tcp_h->psh, @@ -735,8 +765,9 @@ static void __pcap_udp_info(const u_char *packet) u_int16_t source = ntohs(udp_h->source); u_int16_t dest = ntohs(udp_h->dest); - STC_LOGD("Source[%u] Destination[%u] Len[%u] Checksum[0x%x]", - source, dest, ntohs(udp_h->len), ntohs(udp_h->check)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Source[%u] Destination[%u] Len[%u] Checksum[0x%x]", + source, dest, ntohs(udp_h->len), ntohs(udp_h->check)); if (IS_SRC_OR_DST_PORT(PORT_DNS)) __pcap_dns_info(packet); @@ -827,16 +858,18 @@ static void __pcap_arp_info(const u_char *packet) ar_pro = ntohs(arp_h->ar_pro); - STC_LOGD("HW type[%u] Protocol type[0x%04x:%s] " - "HW size[%u] Protocol size[%u] Opcode[%u:%s] ", - ntohs(arp_h->ar_hrd), ar_pro, - __pcap_eth_type_info(ar_pro), - arp_h->ar_hln, arp_h->ar_pln, - ar_op, __pcap_arp_opcode_info(ar_op)); - - STC_LOGD("Sender MAC[%s] Sender IP[%s] " - "Target MAC[%s] Target IP[%s]", - sma, sia, tma, tia); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("HW type[%u] Protocol type[0x%04x:%s] " + "HW size[%u] Protocol size[%u] Opcode[%u:%s] ", + ntohs(arp_h->ar_hrd), ar_pro, + __pcap_eth_type_info(ar_pro), + arp_h->ar_hln, arp_h->ar_pln, + ar_op, __pcap_arp_opcode_info(ar_op)); + + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Sender MAC[%s] Sender IP[%s] " + "Target MAC[%s] Target IP[%s]", + sma, sia, tma, tia); } static const char *__pcap_ip_protocol_info(u_int8_t p) @@ -882,11 +915,12 @@ static void __pcap_ipv6_info(const u_char *packet) inet_ntop(AF_INET6, &ip6_h->ip6_src, ip6_src, BUFF_SIZE_IP6); inet_ntop(AF_INET6, &ip6_h->ip6_dst, ip6_dst, BUFF_SIZE_IP6); - STC_LOGD("Flow[0x%08x] Payload len[%u] Next hdr[%u:%s] " - "Hop limit[%u] Source[%s] Destination[%s]", - ntohl(ip6_h->ip6_flow), ntohs(ip6_h->ip6_plen), - ip6_h->ip6_nxt, __pcap_ip_protocol_info(ip6_h->ip6_nxt), - ip6_h->ip6_hlim, ip6_src, ip6_dst); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Flow[0x%08x] Payload len[%u] Next hdr[%u:%s] " + "Hop limit[%u] Source[%s] Destination[%s]", + ntohl(ip6_h->ip6_flow), ntohs(ip6_h->ip6_plen), + ip6_h->ip6_nxt, __pcap_ip_protocol_info(ip6_h->ip6_nxt), + ip6_h->ip6_hlim, ip6_src, ip6_dst); switch (ip6_h->ip6_nxt) { case IPPROTO_IP: @@ -917,15 +951,16 @@ static void __pcap_ip_info(const u_char *packet) inet_ntop(AF_INET, &ip_h->ip_src, ip_src, BUFF_SIZE_IP); inet_ntop(AF_INET, &ip_h->ip_dst, ip_dst, BUFF_SIZE_IP); - STC_LOGD("Header len[%u] TOS[0x%02x] Total len[%u] " - "ID[0x%04x] Flags[0x%02x] TTL[%u] Protocol[%u:%s] " - "Checksum[0x%04x] Source[%s] Destination[%s]", - ip_h->ip_hl << 2, ip_h->ip_tos, - ntohs(ip_h->ip_len), ntohs(ip_h->ip_id), - (ntohs(ip_h->ip_off) & 0xe000) >> 13, - ip_h->ip_ttl, ip_h->ip_p, - __pcap_ip_protocol_info(ip_h->ip_p), - ntohs(ip_h->ip_sum), ip_src, ip_dst); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Header len[%u] TOS[0x%02x] Total len[%u] " + "ID[0x%04x] Flags[0x%02x] TTL[%u] Protocol[%u:%s] " + "Checksum[0x%04x] Source[%s] Destination[%s]", + ip_h->ip_hl << 2, ip_h->ip_tos, + ntohs(ip_h->ip_len), ntohs(ip_h->ip_id), + (ntohs(ip_h->ip_off) & 0xe000) >> 13, + ip_h->ip_ttl, ip_h->ip_p, + __pcap_ip_protocol_info(ip_h->ip_p), + ntohs(ip_h->ip_sum), ip_src, ip_dst); switch (ip_h->ip_p) { case IPPROTO_ICMP: @@ -961,8 +996,9 @@ static void __pcap_eth_info(const u_char *packet) ether_type = ntohs(eth_h->ether_type); - STC_LOGD("Source[%s] Destination[%s] Type[0x%04x:%s]", - shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Source[%s] Destination[%s] Type[0x%04x:%s]", + shost, dhost, ether_type, __pcap_eth_type_info(ether_type)); } static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) @@ -982,11 +1018,12 @@ static void __pcap_fm_info(const struct pcap_pkthdr *pkthdr) len = strlen(curr); curr[len - 1] = '\0'; - STC_LOGD("Arrival time[%s] Timeval[%.06f] " - "Frame len[%u] Capture len[%u]", curr, - (float)((tv_sec - g_pcap_tv.tv_sec) * 1000000 + - (tv_usec - g_pcap_tv.tv_usec)) / 1000000, - pkthdr->len, pkthdr->caplen); + if (STC_DEBUG_LOG && STC_PCAP_LOG) + STC_LOGD("Arrival time[%s] Timeval[%.06f] " + "Frame len[%u] Capture len[%u]", curr, + (float)((tv_sec - g_pcap_tv.tv_sec) * 1000000 + + (tv_usec - g_pcap_tv.tv_usec)) / 1000000, + pkthdr->len, pkthdr->caplen); } static void __pcap_handler(u_char *param, diff --git a/plugin/procfs/stc-plugin-procfs.c b/plugin/procfs/stc-plugin-procfs.c index 4aa36c6..5a323a4 100755 --- a/plugin/procfs/stc-plugin-procfs.c +++ b/plugin/procfs/stc-plugin-procfs.c @@ -135,7 +135,7 @@ static proc_value_s * __proc_tree_find_parent(proc_value_s *value) parent = lookup; } while (lookup); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { if (parent != NULL) STC_LOGD("\033[0;35mPARENT\033[0;m: tgid[\033[1;33m%s\033[0;m] " "pid[%s] ppid[%s] cmdline[\033[0;34m%s\033[0;m] name[%s]", @@ -158,7 +158,7 @@ static void __proc_tree_add(proc_key_s *key, proc_value_s *value) } if (key == NULL || value == NULL) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("invalid parameters"); return; } @@ -318,7 +318,7 @@ static void __process_event_fork(int tgid, int pid) g_strlcpy(value.status[i], status[i], sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;32mFORK\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid=[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -357,7 +357,7 @@ static void __process_event_exec(int tgid, int pid) sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;32mEXEC\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -379,7 +379,7 @@ static void __process_event_exit(int tgid, int pid, int exit_code) if (lookup == NULL) /* unmonitored process */ return; - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;31mEXIT\033[0;m: tgid[\033[1;33m%d\033[0;m] " "cmdline[\033[0;34m%s\033[0;m] pid[%d] exitcode[%d]", tgid, lookup->cmdline, pid, exit_code); @@ -591,7 +591,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, { stc_error_e ret = STC_ERROR_NONE; - if ((pkg_id && app_id) && STC_DEBUG_LOG) + if ((pkg_id && app_id) && STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cmd[%d] pkgid[%s] appid[%s] pid[%d] type[%d]", cmd, pkg_id, app_id, pid, app_type); diff --git a/src/database/tables/table-statistics.c b/src/database/tables/table-statistics.c old mode 100644 new mode 100755 index 5983ad7..f8db77b --- a/src/database/tables/table-statistics.c +++ b/src/database/tables/table-statistics.c @@ -621,7 +621,7 @@ stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, goto handle_error; //LCOV_EXCL_LINE } - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m] " "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd); diff --git a/src/helper/helper-cgroup.c b/src/helper/helper-cgroup.c old mode 100644 new mode 100755 index ee7c282..fbb0024 --- a/src/helper/helper-cgroup.c +++ b/src/helper/helper-cgroup.c @@ -119,7 +119,7 @@ int cgroup_write_node_uint32(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, value); //LCOV_EXCL_LINE return fwrite_uint(buf, value); @@ -131,7 +131,7 @@ int cgroup_write_node_str(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cgroup_buf %s, string %s\n", buf, string); //LCOV_EXCL_LINE return fwrite_str(buf, string); @@ -145,7 +145,7 @@ int cgroup_read_node_uint32(const char *cgroup_name, snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); ret = fread_uint(buf, value); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, *value); //LCOV_EXCL_LINE return ret; diff --git a/src/monitor/stc-monitor-app.c b/src/monitor/stc-monitor-app.c old mode 100644 new mode 100755 index 96d602a..ceeb0b4 --- a/src/monitor/stc-monitor-app.c +++ b/src/monitor/stc-monitor-app.c @@ -363,7 +363,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m:" "\033[0;32m%s\033[0;m]", classid, app_id); return STC_ERROR_NONE; @@ -371,7 +371,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, app_value = MALLOC0(stc_app_value_s, 1); if (!app_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -411,7 +411,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, stc_monitor_rstn_add_for_app(classid); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_app(GUINT_TO_POINTER(classid), app_value, NULL); STC_LOGD("\033[1;32mApplication added\033[0;m " "[\033[1;36m%d\033[0;m]", classid); @@ -570,7 +570,7 @@ API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_FAIL; } @@ -589,7 +589,7 @@ API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) /* remove ristrictions if any */ stc_monitor_rstn_remove_for_app(classid); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) __print_app(GUINT_TO_POINTER(classid), app_lookup, NULL); /* remove app_key from the stc-manager */ diff --git a/src/monitor/stc-monitor-proc.c b/src/monitor/stc-monitor-proc.c old mode 100644 new mode 100755 index e472421..be12dd1 --- a/src/monitor/stc-monitor-proc.c +++ b/src/monitor/stc-monitor-proc.c @@ -42,7 +42,7 @@ static void __proc_remove_pid(gpointer key, gpointer value, if (!g_hash_table_remove(app_value->processes, GUINT_TO_POINTER(context->pid))) return; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(app_value->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", context->pid); @@ -91,7 +91,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -99,7 +99,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (!proc_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", value.pid); return STC_ERROR_NO_DATA; } @@ -130,7 +130,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -138,14 +138,14 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (proc_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m]", value.pid); return STC_ERROR_NONE; } proc_value = MALLOC0(stc_proc_value_s, 1); if (!proc_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -160,7 +160,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, /* add pid to application cgroup */ place_pids_to_net_cgroup(proc_value->pid, app_id); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;32mProcess added\033[0;m " "[\033[1;33m%d\033[0;m]", proc_value->pid); @@ -193,21 +193,21 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, app_lookup = context.app_value; if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", pid); return STC_ERROR_NO_DATA; } } else { app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } if (g_hash_table_remove(app_lookup->processes, GUINT_TO_POINTER(pid))) { - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", pid); @@ -235,7 +235,7 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", classid); } @@ -259,14 +259,14 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, to != STC_UNKNOWN_CLASSID) { from_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(from)); if (!from_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", from); return STC_ERROR_NO_DATA; } to_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(to)); if (!to_lookup) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", to); return STC_ERROR_NO_DATA; } @@ -274,7 +274,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_foreach(from_lookup->processes, __proc_move_pid, to_lookup); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(to_lookup->processes); STC_LOGD("\033[1;34mProcesses moved\033[0;m " "[\033[1;36m%d\033[0;m] -> [\033[1;36m%d\033[0;m]", @@ -283,7 +283,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove_all(from_lookup->processes); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_STAT_LOG) { __print_proc_all(from_lookup->processes); STC_LOGD("\033[1;31mProcesses removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); @@ -303,7 +303,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove(apps, GUINT_TO_POINTER(from)); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); } diff --git a/src/monitor/stc-monitor-rstn.c b/src/monitor/stc-monitor-rstn.c old mode 100644 new mode 100755 index f28de3c..31a05ab --- a/src/monitor/stc-monitor-rstn.c +++ b/src/monitor/stc-monitor-rstn.c @@ -557,7 +557,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, rstn_data->counter[STC_RSTN_LIMIT_TYPE_WEEKLY] = info.weekly_counter + stat.weekly_stat; rstn_data->counter[STC_RSTN_LIMIT_TYPE_DAILY] = info.daily_counter + stat.daily_stat; - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Rstn counter data[%lld] warn[%lld] " "monthly[%lld] weekly[%lld] daily[%lld]", rstn_data->counter[STC_RSTN_LIMIT_TYPE_DATA], @@ -591,7 +591,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, rstn_data->rstn_state = STC_RSTN_STATE_ACTIVATED; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction activated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -606,7 +606,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, rstn_data->limit_exceeded = 0; rstn_data->limit_notified = 0; - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction activated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -633,7 +633,7 @@ static void __rstn_process(enum traffic_restriction_type rstn_type, __rstn_set_noti_state(STC_RSTN_STATE_UNSET); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction deactivated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -651,7 +651,7 @@ static void __rstn_add(gpointer data, gpointer user_data) /* rstn rule is activated */ if (rstn_data->rstn_state == STC_RSTN_STATE_ACTIVATED) { - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { STC_LOGD("Restriction already activated " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", rstn_data->classid, rstn_data->restriction_id); @@ -671,7 +671,7 @@ static void __rstn_add(gpointer data, gpointer user_data) rstn_data->app_id, rstn_data, user_data); } - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { __print_rstn(rstn_data); STC_LOGD("\033[1;32mRestriction added\033[0;m " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", @@ -703,7 +703,7 @@ static void __rstn_remove(gpointer data, gpointer user_data) __rstn_tethering_process(RST_UNSET, rstn_data->app_id, rstn_data, user_data); - if (STC_DEBUG_LOG) { + if (STC_DEBUG_LOG && STC_RSTN_LOG) { __print_rstn(rstn_data); STC_LOGD("\033[1;31mRestriction removed\033[0;m " "[\033[1;36m%d\033[0;m:\033[1;35m%d\033[0;m]", @@ -782,7 +782,7 @@ static stc_error_e __rstn_data_remove(stc_rstn_data_s *data) lookup_value = g_hash_table_lookup(rstns, GUINT_TO_POINTER(data->classid)); if (!lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Restriction not found [\033[1;36m%d\033[0;m]", data->classid); return STC_ERROR_NO_DATA; @@ -791,7 +791,7 @@ static stc_error_e __rstn_data_remove(stc_rstn_data_s *data) lookup_list = g_slist_find_custom(lookup_value->rules, data, __rstn_data_comp); if (!lookup_list) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Restriction not found [%d:%s:%s:%d]", data->iftype, data->ifname, data->subscriber_id, data->roaming); @@ -827,7 +827,7 @@ static stc_error_e __rstn_data_add(stc_rstn_data_s *data) rstn_data = MALLOC0(stc_rstn_data_s, 1); if (!rstn_data) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Rstn_data allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -836,7 +836,7 @@ static stc_error_e __rstn_data_add(stc_rstn_data_s *data) if (!lookup_value) { rstn_value = MALLOC0(stc_rstn_value_s, 1); if (!rstn_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGE("Rstn_value allocation failed"); FREE(rstn_data); return STC_ERROR_OUT_OF_MEMORY; @@ -1303,7 +1303,7 @@ void stc_monitor_rstn_action_when_limit_exceeded(stc_rstn_limit_type_e limit_typ stc_plugin_appstatus_send_message(net_popup_content, net_popup_type, rstn_data->app_id, iftype, byte); - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Limit exceeded [\033[0;31m%s\033[0;m:%d]", net_popup_content, limit_type); } @@ -1381,7 +1381,7 @@ void stc_monitor_rstn_add_for_app(uint32_t classid) lookup_value = g_hash_table_lookup(rstns, GUINT_TO_POINTER(classid)); if (!lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Restriction not found [\033[1;36m%d\033[0;m]", classid); return; @@ -1432,7 +1432,7 @@ void stc_monitor_rstn_remove_for_app(uint32_t classid) lookup_value = g_hash_table_lookup(rstns, GUINT_TO_POINTER(classid)); if (!lookup_value) { - if (STC_DEBUG_LOG) + if (STC_DEBUG_LOG && STC_RSTN_LOG) STC_LOGD("Restriction not found [\033[1;36m%d\033[0;m]", classid); return; diff --git a/src/stc-firewall.c b/src/stc-firewall.c old mode 100644 new mode 100755 index 2a1799c..f1adadb --- a/src/stc-firewall.c +++ b/src/stc-firewall.c @@ -207,8 +207,10 @@ static void __fw_rule_make_key(firewall_rule_s *rule, info->identifier = g_strdup(rule->identifier); info->key = rule->key; - STC_LOGD("Identifier [%s]", rule->identifier); - STC_LOGD("Key [%u]", rule->key); + if (STC_DEBUG_LOG && STC_FW_LOG) { + STC_LOGD("Identifier [%s]", rule->identifier); + STC_LOGD("Key [%u]", rule->key); + } } static void __fw_rule_free(void *data) @@ -257,13 +259,15 @@ static stc_error_e __fw_chain_add(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (lookup) { - STC_LOGD("chain already present"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("chain already present"); return STC_ERROR_ALREADY_DATA; } data = MALLOC0(stc_fw_data_s, 1); if (!data) { - STC_LOGE("data allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -286,12 +290,14 @@ static stc_error_e __fw_chain_remove(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } @@ -313,12 +319,14 @@ static stc_error_e __fw_chain_flush(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } @@ -338,7 +346,8 @@ static stc_error_e __fw_chain_set(const char *chain, stc_fw_data_s value) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } @@ -357,7 +366,8 @@ static stc_fw_data_s *__fw_chain_get(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return NULL; } @@ -375,7 +385,8 @@ static stc_error_e __fw_chain_unset(const char *chain) lookup = g_hash_table_lookup(g_firewalls, chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } @@ -747,7 +758,8 @@ stc_cb_ret_e __fw_table_chain_info_cb(const firewall_chain_s *info, data = MALLOC0(stc_fw_data_s, 1); if (!data) { - STC_LOGE("data allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); return STC_CONTINUE; } @@ -768,13 +780,15 @@ stc_cb_ret_e __fw_table_rule_info_cb(const firewall_rule_s *info, lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_CONTINUE; } rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_CONTINUE; } @@ -798,18 +812,21 @@ static stc_error_e __fw_rule_add(firewall_rule_s *info) lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -819,7 +836,8 @@ static stc_error_e __fw_rule_add(firewall_rule_s *info) comp = g_slist_find_custom(lookup->rules, rule, __fw_rule_comp); if (comp) { - STC_LOGD("rule already present"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); __fw_rule_free(rule); return STC_ERROR_ALREADY_DATA; } @@ -842,19 +860,22 @@ static stc_error_e __fw_rule_remove(const firewall_rule_s *info) lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } rule_list = lookup->rules; comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); if (!comp) { - STC_LOGD("rule not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); return STC_ERROR_NO_DATA; } @@ -879,19 +900,22 @@ static stc_error_e __fw_rule_update(firewall_rule_s *info) lookup = g_hash_table_lookup(g_firewalls, info->chain); if (!lookup) { - STC_LOGE("chain not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); return STC_ERROR_NO_DATA; } if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("can't be applied bcz chain is set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); return STC_ERROR_INVALID_PARAMETER; } rule_list = lookup->rules; comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); if (!comp) { - STC_LOGD("rule not found"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); return STC_ERROR_NO_DATA; } @@ -899,7 +923,8 @@ static stc_error_e __fw_rule_update(firewall_rule_s *info) update_rule = MALLOC0(firewall_rule_s, 1); if (!update_rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -909,7 +934,8 @@ static stc_error_e __fw_rule_update(firewall_rule_s *info) comp = g_slist_find_custom(lookup->rules, update_rule, __fw_rule_comp); if (comp) { - STC_LOGD("rule already present"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); __fw_rule_free(update_rule); return STC_ERROR_ALREADY_DATA; } @@ -1518,7 +1544,8 @@ gboolean handle_firewall_unset_chain(StcFirewall *object, } if (lookup->target == STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("chain is not set"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain is not set"); STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); __STC_LOG_FUNC_EXIT__; @@ -1575,7 +1602,8 @@ gboolean handle_firewall_add_rule(StcFirewall *object, rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -1627,7 +1655,8 @@ gboolean handle_firewall_remove_rule(StcFirewall *object, rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -1680,7 +1709,8 @@ gboolean handle_firewall_update_rule(StcFirewall *object, rule = MALLOC0(firewall_rule_s, 1); if (!rule) { - STC_LOGE("rule allocation failed"); + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } diff --git a/src/stc-manager-util.c b/src/stc-manager-util.c old mode 100644 new mode 100755 index 51dbd4f..1f25927 --- a/src/stc-manager-util.c +++ b/src/stc-manager-util.c @@ -16,7 +16,18 @@ #include "stc-manager-util.h" -static int g_debuglog = -1; +typedef struct { + int state; + char *key; +} log_info_s; + +log_info_s g_log_info[] = { + {-1, INFO_DEBUG_LOG}, + {-1, INFO_STAT_LOG}, + {-1, INFO_RSTN_LOG}, + {-1, INFO_FW_LOG}, + {-1, INFO_PCAP_LOG}, +}; static void __sync_file_to_disk(const char *path) { @@ -128,31 +139,46 @@ int stc_util_get_config_int(char *key) } //LCOV_EXCL_START -API void stc_util_set_debuglog(int debuglog) +API void stc_util_update_log_state(void) { - g_debuglog = debuglog; + int i; + + for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i) + g_log_info[i].state = stc_util_get_config_int(g_log_info[i].key); + + STC_LOGD("log info [%d:%d:%d:%d:%d]", + g_log_info[DEBUG_LOG_INFO].state, g_log_info[STAT_LOG_INFO].state, + g_log_info[RSTN_LOG_INFO].state, g_log_info[FW_LOG_INFO].state, + g_log_info[PCAP_LOG_INFO].state); +} + +API void stc_util_set_log_state(log_info_e info, int state) +{ + g_log_info[info].state = state; } //LCOV_EXCL_STOP -API int stc_util_get_debuglog(void) +API int stc_util_get_log_state(log_info_e info) { - if (g_debuglog == -1) - g_debuglog = stc_util_get_config_int(INFO_DEBUGLOG); + if (g_log_info[info].state == -1) + g_log_info[info].state = stc_util_get_config_int(g_log_info[info].key); - return g_debuglog; + return g_log_info[info].state; } void stc_util_initialize_config(void) { char path[MAX_PATH_LENGTH]; GKeyFile *keyfile; + int i; snprintf(path, sizeof(path), "%s/%s", INFO_STORAGE_DIR, INFO_CONFIG); keyfile = __load_key_file(path); if (!keyfile) { keyfile = g_key_file_new(); //LCOV_EXCL_LINE - g_key_file_set_integer(keyfile, path, INFO_DEBUGLOG, 0); + for (i = DEBUG_LOG_INFO; i < MAX_LOG_INFO; ++i) + g_key_file_set_integer(keyfile, path, g_log_info[i].key, 0); } __save_key_file(keyfile, path); diff --git a/src/stc-manager.c b/src/stc-manager.c index 46401fb..ba9356d 100755 --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -62,10 +62,8 @@ static void __stc_inotify_handler(struct inotify_event *event, const char *ident return; } - if (!g_strcmp0(ident, INFO_CONFIG)) { - int debug = stc_util_get_config_int(INFO_DEBUGLOG); - stc_util_set_debuglog(debug); - } + if (!g_strcmp0(ident, INFO_CONFIG)) + stc_util_update_log_state(); } static void __stc_manager_deinit(void) -- 2.7.4 From f8e88a87a33763dbd5a58a29f8876b7254e6864d Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Thu, 29 Nov 2018 16:49:41 +0900 Subject: [PATCH 14/16] Separate monitoring function plugin Change-Id: I9cab1ed4d30e78bd4489ea6a7f1083f7e5aa1326 Signed-off-by: hyunuktak --- include/stc-manager-plugin-monitor.h | 45 ++++ include/stc-manager-util.h | 4 +- packaging/stc-manager.spec | 12 +- plugin/CMakeLists.txt | 5 +- plugin/appstatus/stc-plugin-appstatus.c | 2 +- plugin/exception/stc-plugin-exception.c | 6 +- plugin/monitor/CMakeLists.txt | 48 ++++ .../monitor/include/stc-plugin-monitor-app.h | 37 +-- .../include/stc-plugin-monitor-connection.h | 12 +- .../monitor/include/stc-plugin-monitor-context.h | 6 +- .../monitor/include/stc-plugin-monitor-ipt.h | 6 +- .../monitor/include/stc-plugin-monitor-proc.h | 16 +- .../monitor/include/stc-plugin-monitor-rstn.h | 29 +-- .../monitor/include/stc-plugin-monitor-time.h | 6 +- .../monitor/include/stc-plugin-monitor.h | 72 +++--- .../monitor/stc-plugin-monitor-app.c | 281 +++++++++++---------- .../monitor/stc-plugin-monitor-connection.c | 8 +- .../monitor/stc-plugin-monitor-ipt.c | 4 +- .../monitor/stc-plugin-monitor-proc.c | 48 ++-- .../monitor/stc-plugin-monitor-rstn.c | 130 +++++----- .../monitor/stc-plugin-monitor-time.c | 6 + .../monitor/stc-plugin-monitor.c | 46 +++- plugin/pcap/stc-plugin-pcap.c | 27 +- plugin/procfs/CMakeLists.txt | 2 + plugin/procfs/include/stc-plugin-procfs.h | 1 - plugin/procfs/stc-plugin-procfs.c | 45 ++-- plugin/tether/CMakeLists.txt | 1 + plugin/tether/stc-plugin-tether.c | 8 +- src/CMakeLists.txt | 9 +- src/database/db-common.c | 4 - src/database/tables/table-counters.c | 10 +- src/database/tables/table-restrictions.c | 2 +- src/database/tables/table-statistics.c | 6 +- src/helper/helper-cgroup.c | 8 +- src/helper/helper-file.c | 18 +- src/helper/helper-iptables.c | 8 +- src/helper/helper-net-cls.c | 8 +- src/helper/helper-nfacct-rule.c | 8 +- src/helper/helper-nl.c | 2 +- src/stc-firewall.c | 14 +- src/stc-manager-gdbus.c | 17 +- src/stc-manager-plugin-appstatus.c | 35 +-- src/stc-manager-plugin-exception.c | 32 +-- src/stc-manager-plugin-monitor.c | 259 +++++++++++++++++++ src/stc-manager-plugin-pcap.c | 55 ++-- src/stc-manager-plugin-tether.c | 25 +- src/stc-manager.c | 19 +- src/stc-restriction.c | 6 +- 48 files changed, 888 insertions(+), 570 deletions(-) create mode 100755 include/stc-manager-plugin-monitor.h create mode 100644 plugin/monitor/CMakeLists.txt rename src/monitor/include/stc-monitor-app.h => plugin/monitor/include/stc-plugin-monitor-app.h (83%) mode change 100644 => 100755 rename src/monitor/include/stc-connection.h => plugin/monitor/include/stc-plugin-monitor-connection.h (86%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-context.h => plugin/monitor/include/stc-plugin-monitor-context.h (92%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-ipt.h => plugin/monitor/include/stc-plugin-monitor-ipt.h (93%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-proc.h => plugin/monitor/include/stc-plugin-monitor-proc.h (71%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor-rstn.h => plugin/monitor/include/stc-plugin-monitor-rstn.h (87%) mode change 100644 => 100755 rename src/monitor/include/stc-time.h => plugin/monitor/include/stc-plugin-monitor-time.h (86%) mode change 100644 => 100755 rename src/monitor/include/stc-monitor.h => plugin/monitor/include/stc-plugin-monitor.h (59%) mode change 100644 => 100755 rename src/monitor/stc-monitor-app.c => plugin/monitor/stc-plugin-monitor-app.c (97%) rename src/monitor/stc-connection.c => plugin/monitor/stc-plugin-monitor-connection.c (99%) mode change 100644 => 100755 rename src/monitor/stc-monitor-ipt.c => plugin/monitor/stc-plugin-monitor-ipt.c (98%) mode change 100644 => 100755 rename src/monitor/stc-monitor-proc.c => plugin/monitor/stc-plugin-monitor-proc.c (88%) rename src/monitor/stc-monitor-rstn.c => plugin/monitor/stc-plugin-monitor-rstn.c (99%) rename src/monitor/stc-time.c => plugin/monitor/stc-plugin-monitor-time.c (96%) mode change 100644 => 100755 rename src/monitor/stc-monitor.c => plugin/monitor/stc-plugin-monitor.c (92%) mode change 100644 => 100755 mode change 100644 => 100755 plugin/procfs/include/stc-plugin-procfs.h mode change 100644 => 100755 src/database/db-common.c mode change 100644 => 100755 src/database/tables/table-counters.c mode change 100644 => 100755 src/database/tables/table-restrictions.c mode change 100644 => 100755 src/helper/helper-iptables.c mode change 100644 => 100755 src/helper/helper-nl.c mode change 100644 => 100755 src/stc-manager-plugin-appstatus.c mode change 100644 => 100755 src/stc-manager-plugin-exception.c create mode 100755 src/stc-manager-plugin-monitor.c mode change 100644 => 100755 src/stc-manager-plugin-pcap.c mode change 100644 => 100755 src/stc-manager-plugin-tether.c mode change 100644 => 100755 src/stc-restriction.c diff --git a/include/stc-manager-plugin-monitor.h b/include/stc-manager-plugin-monitor.h new file mode 100755 index 0000000..3830608 --- /dev/null +++ b/include/stc-manager-plugin-monitor.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_MANAGER_PLUGIN_MONITOR_H__ +#define __STC_MANAGER_PLUGIN_MONITOR_H__ + +#define STC_PLUGIN_MONITOR_FILEPATH "/usr/lib/stc-plugin-monitor.so" + +#include "stc-plugin-monitor.h" + +int stc_plugin_monitor_init(void); +int stc_plugin_monitor_deinit(void); + +int stc_plugin_monitor_add_app(uint32_t classid, + const char *app_id, + const char *pkg_id, + const stc_app_value_s value); +int stc_plugin_monitor_remove_app(uint32_t classid, + const char *app_id); +int stc_plugin_monitor_lookup_app(uint32_t classid); +int stc_plugin_monitor_add_rstn(table_restrictions_info *info); +int stc_plugin_monitor_remove_rstn(table_restrictions_info *info); +int stc_plugin_monitor_init_connection(stc_s *stc); +int stc_plugin_monitor_deinit_connection(stc_s *stc); +int stc_plugin_monitor_add_proc(uint32_t classid, + const char *app_id, const stc_proc_value_s value); +int stc_plugin_monitor_remove_proc(uint32_t classid, pid_t pid); +int stc_plugin_monitor_move_proc(uint32_t from, uint32_t to); +int stc_plugin_monitor_update_proc_ground(uint32_t classid, + const char *app_id, const stc_proc_value_s value); + +#endif /* __STC_MANAGER_PLUGIN_MONITOR_H__ */ diff --git a/include/stc-manager-util.h b/include/stc-manager-util.h index 4b2eb94..7440534 100755 --- a/include/stc-manager-util.h +++ b/include/stc-manager-util.h @@ -260,14 +260,14 @@ static inline bool strstart_with(const char *str, const char *with) #define ret_value_if(expr, val) do { \ if (expr) { \ - STC_LOGE("(%s) -> %s():%d return", #expr, __FUNCTION__, __LINE__); \ return (val); \ } \ } while (0) #define ret_value_msg_if(expr, val, fmt, arg...) do { \ if (expr) { \ - STC_LOGE(fmt, ##arg); \ + if (STC_DEBUG_LOG) \ + STC_LOGE(fmt, ##arg); \ return val; \ } \ } while (0) diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index b14ee3f..0d98483 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.82 +Version: 0.0.83 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 @@ -70,6 +70,12 @@ Summary: Tethering plugin for data usage of tethering clients %description plugin-tether A smart traffic control manager extension for tethering client data usage plugin +%package plugin-monitor +Summary: Monitor plugin for data usage of clients + +%description plugin-monitor +A smart traffic control manager extension for monitoring client data usage plugin + %prep %setup -q chmod 644 %{SOURCE0} @@ -168,3 +174,7 @@ cp resources/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/st %files plugin-tether %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-tether.so + +%files plugin-monitor +%manifest %{name}.manifest +%attr(500,root,root) %{_libdir}/stc-plugin-monitor.so diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index 04c53b8..a56ee63 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -1,7 +1,6 @@ SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/src) SET(HELPER_SOURCE_DIR ${SOURCE_DIR}/helper) SET(DATABASE_SOURCE_DIR ${SOURCE_DIR}/database) -SET(MONITOR_SOURCE_DIR ${SOURCE_DIR}/monitor) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces) @@ -12,11 +11,9 @@ INCLUDE_DIRECTORIES(${HELPER_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}/include) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) - ADD_SUBDIRECTORY(appstatus) ADD_SUBDIRECTORY(exception) ADD_SUBDIRECTORY(procfs) ADD_SUBDIRECTORY(pcap) ADD_SUBDIRECTORY(tether) +ADD_SUBDIRECTORY(monitor) diff --git a/plugin/appstatus/stc-plugin-appstatus.c b/plugin/appstatus/stc-plugin-appstatus.c index 98fab81..5d5b653 100755 --- a/plugin/appstatus/stc-plugin-appstatus.c +++ b/plugin/appstatus/stc-plugin-appstatus.c @@ -87,7 +87,7 @@ static void __stc_gdbus_handle_aul_changestate(GDBusConnection *connection, else apptype = STC_APP_TYPE_GUI; - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { STC_LOGD("\033[1;34mAPP STATUS\033[0;m: PkgID[\033[0;34m%s\033[0;m] " "AppID[\033[0;32m%s\033[0;m] PID[\033[1;33m%d\033[0;m] Status[%s] Type[%s]", pkgid, appid, pid, statstr, pkgtype); diff --git a/plugin/exception/stc-plugin-exception.c b/plugin/exception/stc-plugin-exception.c index cdb47c4..ec4e2fd 100755 --- a/plugin/exception/stc-plugin-exception.c +++ b/plugin/exception/stc-plugin-exception.c @@ -99,7 +99,7 @@ static void __excn_hash_foreach_print(gpointer key, gpointer value, const char *process_name = key; const char *exe_type = value; - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGI("Process_name[%s] exe_type[%s]", process_name, exe_type); } @@ -258,7 +258,7 @@ int stc_plugin_exception_fill_list(void) table_exceptions_foreach(__insert_exception_cb, NULL); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) __excn_hash_printall(); g_excns_timer_id = g_timeout_add_seconds(EXCNS_TIMER_INTERVAL, @@ -273,7 +273,7 @@ int stc_plugin_exception_update_list(void) __remove_exception_appall(); pkginfo_exceptions_foreach(__insert_exception_cb, NULL); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) __excn_hash_printall(); return STC_ERROR_NONE; diff --git a/plugin/monitor/CMakeLists.txt b/plugin/monitor/CMakeLists.txt new file mode 100644 index 0000000..c1658b1 --- /dev/null +++ b/plugin/monitor/CMakeLists.txt @@ -0,0 +1,48 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) +PROJECT(stc-plugin-monitor C) + +# Set required packages +INCLUDE(FindPkgConfig) +PKG_CHECK_MODULES(monitor_plugin REQUIRED + dlog + gio-2.0 + gio-unix-2.0 + glib-2.0 + vconf + openssl + ) + +FOREACH(flag ${monitor_plugin_CFLAGS}) + SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") +ENDFOREACH(flag) + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/src/configure/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/tether/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/appstatus/include) + +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") +SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") +SET(CMAKE_C_FLAGS_RELEASE "-O2") + +ADD_DEFINITIONS("-DUSE_DLOG") + +SET(SRCS_PLUGIN + stc-plugin-monitor.c + stc-plugin-monitor-proc.c + stc-plugin-monitor-connection.c + stc-plugin-monitor-rstn.c + stc-plugin-monitor-app.c + stc-plugin-monitor-ipt.c + stc-plugin-monitor-time.c + ) + +# library build +ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS_PLUGIN}) +ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${monitor_plugin_LDFLAGS}) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "" OUTPUT_NAME ${PROJECT_NAME}) + +# install +INSTALL(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${LIBDIR}) diff --git a/src/monitor/include/stc-monitor-app.h b/plugin/monitor/include/stc-plugin-monitor-app.h old mode 100644 new mode 100755 similarity index 83% rename from src/monitor/include/stc-monitor-app.h rename to plugin/monitor/include/stc-plugin-monitor-app.h index 3a312fb..cfd623f --- a/src/monitor/include/stc-monitor-app.h +++ b/plugin/monitor/include/stc-plugin-monitor-app.h @@ -14,15 +14,15 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_APP_H__ -#define __STC_MONITOR_APP_H__ +#ifndef __STC_PLUGIN_MONITOR_APP_H__ +#define __STC_PLUGIN_MONITOR_APP_H__ #include #include "stc-error.h" #include "stc-manager.h" -#include "stc-monitor-context.h" -#include "stc-connection.h" +#include "stc-plugin-monitor-context.h" +#include "stc-plugin-monitor-connection.h" #define MAC_ADDRESS_LEN 18 #define SUBSCRIBERID_NONE "none_subid" @@ -39,40 +39,31 @@ typedef struct { char mac[MAC_ADDRESS_LEN+1]; /**< application mac address */ } stc_app_value_s; -void stc_monitor_app_update_counter(stc_app_value_s *value, - classid_bytes_context_s *context); - -void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context); - -gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data); -stc_error_e stc_monitor_app_add(uint32_t classid, +stc_error_e stc_plugin_monitor_app_add(uint32_t classid, const char *app_id, const char *pkg_id, const stc_app_value_s value); +stc_error_e stc_plugin_monitor_app_remove(uint32_t classid, + const char *app_id); +gboolean stc_plugin_monitor_app_lookup(uint32_t classid); -void stc_monitor_app_add_by_iface(const char *app_id); +void stc_monitor_app_update_counter(stc_app_value_s *value, + classid_bytes_context_s *context); +void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context); +gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data); +void stc_monitor_app_add_by_iface(const char *app_id); void stc_monitor_app_add_monitor(gpointer key, gpointer value, gpointer data); - void stc_monitor_app_add_by_connection(stc_connection_s *conn); - void stc_monitor_app_add_accept(gpointer key, gpointer value, gpointer data); - -stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id); - void stc_monitor_app_remove_monitor(gpointer key, gpointer value, gpointer data); - void stc_monitor_app_remove_by_connection(stc_connection_s *conn); - void stc_monitor_app_remove_accept(gpointer key, gpointer value, gpointer data); - -gboolean stc_monitor_app_lookup(uint32_t classid); - GHashTable *stc_monitor_apps_init(void); -#endif /* __STC_MONITOR_APP_H__ */ +#endif /* __STC_PLUGIN_MONITOR_APP_H__ */ diff --git a/src/monitor/include/stc-connection.h b/plugin/monitor/include/stc-plugin-monitor-connection.h old mode 100644 new mode 100755 similarity index 86% rename from src/monitor/include/stc-connection.h rename to plugin/monitor/include/stc-plugin-monitor-connection.h index 85d27de..6454b2d --- a/src/monitor/include/stc-connection.h +++ b/plugin/monitor/include/stc-plugin-monitor-connection.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_CONNECTION_H__ -#define __STC_CONNECTION_H__ +#ifndef __STC_PLUGIN_MONITOR_CONNECTION_H__ +#define __STC_PLUGIN_MONITOR_CONNECTION_H__ #include #include "stc-error.h" @@ -65,9 +65,11 @@ typedef struct { tether_iface_s tether_iface; } stc_connection_s; -stc_error_e stc_connection_monitor_init(stc_s *stc); -stc_error_e stc_connection_monitor_deinit(stc_s *stc); + +stc_error_e stc_plugin_monitor_connection_init(stc_s *stc); +stc_error_e stc_plugin_monitor_connection_deinit(stc_s *stc); + GSList *stc_get_connection_list(void); -#endif /* __STC_CONNECTION_H__ */ +#endif /* __STC_PLUGIN_MONITOR_CONNECTION_H__ */ diff --git a/src/monitor/include/stc-monitor-context.h b/plugin/monitor/include/stc-plugin-monitor-context.h old mode 100644 new mode 100755 similarity index 92% rename from src/monitor/include/stc-monitor-context.h rename to plugin/monitor/include/stc-plugin-monitor-context.h index 82d15f7..b0d0075 --- a/src/monitor/include/stc-monitor-context.h +++ b/plugin/monitor/include/stc-plugin-monitor-context.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_CONTEXT_H__ -#define __STC_MONITOR_CONTEXT_H__ +#ifndef __STC_PLUGIN_MONITOR_CONTEXT_H__ +#define __STC_PLUGIN_MONITOR_CONTEXT_H__ #include "stc-manager.h" @@ -52,4 +52,4 @@ typedef struct { int month_start_date; } stc_system_s; -#endif /* __STC_MONITOR_CONTEXT_H__ */ +#endif /* __STC_PLUGIN_MONITOR_CONTEXT_H__ */ diff --git a/src/monitor/include/stc-monitor-ipt.h b/plugin/monitor/include/stc-plugin-monitor-ipt.h old mode 100644 new mode 100755 similarity index 93% rename from src/monitor/include/stc-monitor-ipt.h rename to plugin/monitor/include/stc-plugin-monitor-ipt.h index ee38069..a104c10 --- a/src/monitor/include/stc-monitor-ipt.h +++ b/plugin/monitor/include/stc-plugin-monitor-ipt.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_IPT_H__ -#define __STC_MONITOR_IPT_H__ +#ifndef __STC_PLUGIN_MONITOR_IPT_H__ +#define __STC_PLUGIN_MONITOR_IPT_H__ #include "helper-nfacct-rule.h" @@ -38,4 +38,4 @@ stc_error_e stc_monitor_tether_del_in(struct nfacct_rule *counter, stc_error_e stc_monitor_tether_del_out(struct nfacct_rule *counter, const gchar *ipaddr); -#endif /* __STC_MONITOR_IPT_H__ */ +#endif /* __STC_PLUGIN_MONITOR_IPT_H__ */ diff --git a/src/monitor/include/stc-monitor-proc.h b/plugin/monitor/include/stc-plugin-monitor-proc.h old mode 100644 new mode 100755 similarity index 71% rename from src/monitor/include/stc-monitor-proc.h rename to plugin/monitor/include/stc-plugin-monitor-proc.h index 602912b..22bb06a --- a/src/monitor/include/stc-monitor-proc.h +++ b/plugin/monitor/include/stc-plugin-monitor-proc.h @@ -14,8 +14,8 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_PROC_H__ -#define __STC_MONITOR_PROC_H__ +#ifndef __STC_PLUGIN_MONITOR_PROC_H__ +#define __STC_PLUGIN_MONITOR_PROC_H__ #include @@ -33,18 +33,16 @@ typedef struct { gboolean entry_removed; } remove_pid_context_s; -stc_error_e stc_monitor_proc_update_ground(uint32_t classid, +stc_error_e stc_plugin_monitor_proc_update_ground(uint32_t classid, const char *app_id, const stc_proc_value_s value); -stc_error_e stc_monitor_proc_add(uint32_t classid, +stc_error_e stc_plugin_monitor_proc_add(uint32_t classid, const char *app_id, const stc_proc_value_s value); -stc_error_e stc_monitor_proc_remove(uint32_t classid, - pid_t pid); +stc_error_e stc_plugin_monitor_proc_remove(uint32_t classid, pid_t pid); -stc_error_e stc_monitor_proc_move(uint32_t from, - uint32_t to); +stc_error_e stc_plugin_monitor_proc_move(uint32_t from, uint32_t to); -#endif /* __STC_MONITOR_PROC_H__ */ +#endif /* __STC_PLUGIN_MONITOR_PROC_H__ */ diff --git a/src/monitor/include/stc-monitor-rstn.h b/plugin/monitor/include/stc-plugin-monitor-rstn.h old mode 100644 new mode 100755 similarity index 87% rename from src/monitor/include/stc-monitor-rstn.h rename to plugin/monitor/include/stc-plugin-monitor-rstn.h index ecf404d..0c690c7 --- a/src/monitor/include/stc-monitor-rstn.h +++ b/plugin/monitor/include/stc-plugin-monitor-rstn.h @@ -14,15 +14,15 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_RSTN_H__ -#define __STC_MONITOR_RSTN_H__ +#ifndef __STC_PLUGIN_MONITOR_RSTN_H__ +#define __STC_PLUGIN_MONITOR_RSTN_H__ #include #include "stc-error.h" #include "stc-manager.h" -#include "stc-monitor-context.h" -#include "stc-connection.h" +#include "stc-plugin-monitor-context.h" +#include "stc-plugin-monitor-connection.h" #include "stc-restriction.h" #include "table-restrictions.h" @@ -81,33 +81,24 @@ typedef struct { int64_t daily_stat; } stc_rstn_cumulative_data_s; -void stc_monitor_rstn_reset_time_counters_if_required(void); +stc_error_e stc_plugin_monitor_rstn_add(const table_restrictions_info *info); +stc_error_e stc_plugin_monitor_rstn_remove(const table_restrictions_info *info); + + +void stc_monitor_rstn_reset_time_counters_if_required(void); void stc_monitor_rstn_update_counter(gpointer data, gpointer user_data); - void stc_monitor_rstn_update_iface_counter(classid_bytes_context_s *context); - void stc_monitor_rstn_action_when_limit_exceeded(stc_rstn_limit_type_e limit_type, stc_rstn_data_s *rstn_data, classid_bytes_context_s *context); - gboolean stc_monitor_rstn_flush_contr_to_db(gpointer user_data); - -stc_error_e stc_monitor_rstn_add(const table_restrictions_info *info); - void stc_monitor_rstn_add_for_app(uint32_t classid); - void stc_monitor_rstn_add_by_connection(stc_connection_s *conn); - -stc_error_e stc_monitor_rstn_remove(const table_restrictions_info *info); - void stc_monitor_rstn_remove_for_app(uint32_t classid); - void stc_monitor_rstn_remove_by_connection(stc_connection_s *conn); - void stc_monitor_rstns_load(void); - GHashTable *stc_monitor_rstns_init(void); -#endif /* __STC_MONITOR_RSTN_H__ */ +#endif /* __STC_PLUGIN_MONITOR_RSTN_H__ */ diff --git a/src/monitor/include/stc-time.h b/plugin/monitor/include/stc-plugin-monitor-time.h old mode 100644 new mode 100755 similarity index 86% rename from src/monitor/include/stc-time.h rename to plugin/monitor/include/stc-plugin-monitor-time.h index d331bce..0a7ca6f --- a/src/monitor/include/stc-time.h +++ b/plugin/monitor/include/stc-plugin-monitor-time.h @@ -14,11 +14,11 @@ * limitations under the License. */ -#ifndef __STC_MANAGER_TIME_H__ -#define __STC_MANAGER_TIME_H__ +#ifndef __STC_PLUGIN_MANAGER_TIME_H__ +#define __STC_PLUGIN_MANAGER_TIME_H__ time_t stc_time_get_day_start(time_t now); time_t stc_time_get_week_start(time_t now); time_t stc_time_get_month_start(time_t now, int month_start_date); -#endif /* __STC_MANAGER_TIME_H__ */ +#endif /* __STC_PLUGIN_MANAGER_TIME_H__ */ diff --git a/src/monitor/include/stc-monitor.h b/plugin/monitor/include/stc-plugin-monitor.h old mode 100644 new mode 100755 similarity index 59% rename from src/monitor/include/stc-monitor.h rename to plugin/monitor/include/stc-plugin-monitor.h index 32404b0..35509c8 --- a/src/monitor/include/stc-monitor.h +++ b/plugin/monitor/include/stc-plugin-monitor.h @@ -14,17 +14,17 @@ * limitations under the License. */ -#ifndef __STC_MONITOR_H__ -#define __STC_MONITOR_H__ +#ifndef __STC_PLUGIN_MONITOR_H__ +#define __STC_PLUGIN_MONITOR_H__ #include #include "stc-error.h" #include "stc-manager.h" #include "stc-manager-util.h" -#include "stc-monitor-context.h" -#include "stc-monitor-app.h" -#include "stc-monitor-proc.h" -#include "stc-monitor-rstn.h" +#include "stc-plugin-monitor-context.h" +#include "stc-plugin-monitor-app.h" +#include "stc-plugin-monitor-proc.h" +#include "stc-plugin-monitor-rstn.h" #include "helper-nl.h" /* 1 seconds */ @@ -38,52 +38,56 @@ #define VCONFKEY_SETAPPL_DATA_RESTRICTION_INT "db/setting/data_restriction" #endif -/** - * @brief initializes stc monitor module - */ -stc_error_e stc_monitor_init(void); +typedef struct { + int (*initialize_plugin) (void); + int (*deinitialize_plugin) (void); -/** - * @brief deinitializes stc monitor module - */ -stc_error_e stc_monitor_deinit(void); + int (*add_application) (uint32_t classid, + const char *app_id, + const char *pkg_id, + const stc_app_value_s value); + int (*remove_application) (uint32_t classid, + const char *app_id); -GHashTable *stc_monitor_get_system_apps(void); + int (*add_restriction) (const table_restrictions_info *info); + int (*remove_restriction) (const table_restrictions_info *info); + int (*lookup_application) (uint32_t classid); -GHashTable *stc_monitor_get_system_rstns(void); + int (*init_connection) (stc_s *stc); + int (*deinit_connection) (stc_s *stc); -int stc_monitor_get_contr_sock(void); + int (*add_process) (uint32_t classid, + const char *app_id, + const stc_proc_value_s value); + int (*remove_process) (uint32_t classid, pid_t pid); + int (*move_process) (uint32_t from, uint32_t to); + int (*update_process_ground) (uint32_t classid, + const char *app_id, + const stc_proc_value_s value); -time_t stc_monitor_get_last_month_ts(void); + int (*check_excn_by_cmdline) (char *cmdline); +} stc_plugin_monitor_s; -void stc_monitor_set_last_month_ts(time_t time); +stc_error_e stc_plugin_monitor_initialize(void); +stc_error_e stc_plugin_monitor_deinitialize(void); +GHashTable *stc_monitor_get_system_apps(void); +GHashTable *stc_monitor_get_system_rstns(void); +int stc_monitor_get_contr_sock(void); +time_t stc_monitor_get_last_month_ts(void); +void stc_monitor_set_last_month_ts(time_t time); time_t stc_monitor_get_last_week_ts(void); - void stc_monitor_set_last_week_ts(time_t time); - time_t stc_monitor_get_last_day_ts(void); - void stc_monitor_set_last_day_ts(time_t time); - void stc_monitor_set_rstns_updated(gboolean value); - gboolean stc_monitor_get_rstns_updated(void); - void stc_monitor_set_apps_updated(gboolean value); - gboolean stc_monitor_get_apps_updated(void); - void stc_monitor_set_background_state(gboolean value); - gboolean stc_monitor_get_background_state(void); - void stc_monitor_update_by_connection(void *data); - void stc_monitor_add_by_connection(void *data); - void stc_monitor_remove_by_connection(void *data); -stc_error_e stc_monitor_check_excn_by_cmdline(char *cmdline); - -#endif /* __STC_MONITOR_H__ */ +#endif /* __STC_PLUGIN_MONITOR_H__ */ diff --git a/src/monitor/stc-monitor-app.c b/plugin/monitor/stc-plugin-monitor-app.c similarity index 97% rename from src/monitor/stc-monitor-app.c rename to plugin/monitor/stc-plugin-monitor-app.c index ceeb0b4..d7b3152 100755 --- a/src/monitor/stc-monitor-app.c +++ b/plugin/monitor/stc-plugin-monitor-app.c @@ -17,11 +17,11 @@ #include "stc-db.h" #include "counter.h" #include "stc-manager.h" -#include "stc-monitor.h" -#include "stc-monitor-app.h" -#include "stc-monitor-rstn.h" -#include "stc-monitor-proc.h" -#include "stc-monitor-ipt.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-app.h" +#include "stc-plugin-monitor-rstn.h" +#include "stc-plugin-monitor-proc.h" +#include "stc-plugin-monitor-ipt.h" #include "table-statistics.h" #include "helper-net-cls.h" #include "stc-manager-plugin-tether.h" @@ -274,77 +274,7 @@ static void __app_update_counter(classid_bytes_context_s *context, } } -void stc_monitor_app_update_counter(stc_app_value_s *value, - classid_bytes_context_s *context) -{ - switch (context->counter->iotype) { - case NFACCT_COUNTER_IN: - value->data_usage.in_bytes += context->bytes; - value->counter.in_bytes = context->bytes; - stc_monitor_set_apps_updated(TRUE); - - break; - case NFACCT_COUNTER_OUT: - value->data_usage.out_bytes += context->bytes; - value->counter.out_bytes = context->bytes; - stc_monitor_set_apps_updated(TRUE); - - break; - default: - STC_LOGE("Unknown iotype"); - } -} - -void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context) -{ - switch (context->counter->iftype) { - case STC_IFACE_DATACALL: - __app_update_counter(context, STC_TOTAL_DATACALL_CLASSID); - break; - case STC_IFACE_WIFI: - __app_update_counter(context, STC_TOTAL_WIFI_CLASSID); - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - case STC_IFACE_BLUETOOTH: - __app_update_counter(context, STC_TOTAL_BLUETOOTH_CLASSID); - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - case STC_IFACE_USB: - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - case STC_IFACE_P2P: - __app_update_counter(context, STC_TETHERING_APP_CLASSID); - break; - default: - break; - } -} - -gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data) -{ - time_t current_time = 0; - stc_s *stc = stc_get_manager(); - GHashTable *apps = stc_monitor_get_system_apps(); - gboolean apps_updated = stc_monitor_get_apps_updated(); - - if (stc && stc->carg) - current_time = stc->carg->last_run_time; - - if (apps_updated == FALSE) - return G_SOURCE_REMOVE; - - stc_monitor_set_apps_updated(FALSE); - - if (apps) - g_hash_table_foreach(apps, - __app_update_statistics, - ¤t_time); - - STC_LOGI("Flushed app stats to database"); - return G_SOURCE_REMOVE; -} - -API stc_error_e stc_monitor_app_add(uint32_t classid, +API stc_error_e stc_plugin_monitor_app_add(uint32_t classid, const char *app_id, const char *pkg_id, const stc_app_value_s value) @@ -363,7 +293,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (lookup_value) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m:" "\033[0;32m%s\033[0;m]", classid, app_id); return STC_ERROR_NONE; @@ -371,7 +301,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, app_value = MALLOC0(stc_app_value_s, 1); if (!app_value) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -411,7 +341,7 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, stc_monitor_rstn_add_for_app(classid); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_app(GUINT_TO_POINTER(classid), app_value, NULL); STC_LOGD("\033[1;32mApplication added\033[0;m " "[\033[1;36m%d\033[0;m]", classid); @@ -420,6 +350,137 @@ API stc_error_e stc_monitor_app_add(uint32_t classid, return STC_ERROR_NONE; } +API stc_error_e stc_plugin_monitor_app_remove(uint32_t classid, + const char *app_id) +{ + stc_app_value_s *app_lookup; + GHashTable *apps = stc_monitor_get_system_apps(); + GSList *conn_list = stc_get_connection_list(); + + if (!apps) + return STC_ERROR_NO_DATA; + + classid = get_classid_by_app_id(app_id, FALSE); + + app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); + if (!app_lookup) { + if (STC_STAT_LOG) + STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); + return STC_ERROR_FAIL; + } + + for (; conn_list != NULL; conn_list = conn_list->next) { + stc_connection_s *conn = conn_list->data; + /* remove nfacct rule for this classid */ + stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), + app_lookup, conn); + + if (app_lookup->state == STC_APP_STATE_FOREGROUND) + stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), + app_lookup, conn); + } + + /* remove ristrictions if any */ + stc_monitor_rstn_remove_for_app(classid); + + if (STC_STAT_LOG) + __print_app(GUINT_TO_POINTER(classid), app_lookup, NULL); + + /* remove app_key from the stc-manager */ + g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); + + return STC_ERROR_NONE; +} + +API gboolean stc_plugin_monitor_app_lookup(uint32_t classid) +{ + stc_app_value_s *lookup_value; + + GHashTable *apps = stc_monitor_get_system_apps(); + + if (!apps) + return FALSE; + + if (classid == STC_UNKNOWN_CLASSID) + return FALSE; + + lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); + if (lookup_value) + return TRUE; + + return FALSE; +} + +void stc_monitor_app_update_counter(stc_app_value_s *value, + classid_bytes_context_s *context) +{ + switch (context->counter->iotype) { + case NFACCT_COUNTER_IN: + value->data_usage.in_bytes += context->bytes; + value->counter.in_bytes = context->bytes; + stc_monitor_set_apps_updated(TRUE); + + break; + case NFACCT_COUNTER_OUT: + value->data_usage.out_bytes += context->bytes; + value->counter.out_bytes = context->bytes; + stc_monitor_set_apps_updated(TRUE); + + break; + default: + STC_LOGE("Unknown iotype"); + } +} + +void stc_monitor_app_update_iface_counter(classid_bytes_context_s *context) +{ + switch (context->counter->iftype) { + case STC_IFACE_DATACALL: + __app_update_counter(context, STC_TOTAL_DATACALL_CLASSID); + break; + case STC_IFACE_WIFI: + __app_update_counter(context, STC_TOTAL_WIFI_CLASSID); + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + case STC_IFACE_BLUETOOTH: + __app_update_counter(context, STC_TOTAL_BLUETOOTH_CLASSID); + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + case STC_IFACE_USB: + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + case STC_IFACE_P2P: + __app_update_counter(context, STC_TETHERING_APP_CLASSID); + break; + default: + break; + } +} + +gboolean stc_monitor_app_flush_stats_to_db(gpointer user_data) +{ + time_t current_time = 0; + stc_s *stc = stc_get_manager(); + GHashTable *apps = stc_monitor_get_system_apps(); + gboolean apps_updated = stc_monitor_get_apps_updated(); + + if (stc && stc->carg) + current_time = stc->carg->last_run_time; + + if (apps_updated == FALSE) + return G_SOURCE_REMOVE; + + stc_monitor_set_apps_updated(FALSE); + + if (apps) + g_hash_table_foreach(apps, + __app_update_statistics, + ¤t_time); + + STC_LOGI("Flushed app stats to database"); + return G_SOURCE_REMOVE; +} + void stc_monitor_app_add_by_iface(const char *ifname) { stc_app_value_s app_value; @@ -434,7 +495,7 @@ void stc_monitor_app_add_by_iface(const char *ifname) app_value.counter.in_bytes = 0; app_value.counter.out_bytes = 0; - stc_monitor_app_add(STC_UNKNOWN_CLASSID, ifname, ifname, app_value); + stc_plugin_monitor_app_add(STC_UNKNOWN_CLASSID, ifname, ifname, app_value); } void stc_monitor_app_add_monitor(gpointer key, @@ -557,47 +618,6 @@ void stc_monitor_app_add_accept(gpointer key, } } -API stc_error_e stc_monitor_app_remove(uint32_t classid, const char *app_id) -{ - stc_app_value_s *app_lookup; - GHashTable *apps = stc_monitor_get_system_apps(); - GSList *conn_list = stc_get_connection_list(); - - if (!apps) - return STC_ERROR_NO_DATA; - - classid = get_classid_by_app_id(app_id, FALSE); - - app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); - if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) - STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); - return STC_ERROR_FAIL; - } - - for (; conn_list != NULL; conn_list = conn_list->next) { - stc_connection_s *conn = conn_list->data; - /* remove nfacct rule for this classid */ - stc_monitor_app_remove_monitor(GUINT_TO_POINTER(classid), - app_lookup, conn); - - if (app_lookup->state == STC_APP_STATE_FOREGROUND) - stc_monitor_app_remove_accept(GUINT_TO_POINTER(classid), - app_lookup, conn); - } - - /* remove ristrictions if any */ - stc_monitor_rstn_remove_for_app(classid); - - if (STC_DEBUG_LOG && STC_STAT_LOG) - __print_app(GUINT_TO_POINTER(classid), app_lookup, NULL); - - /* remove app_key from the stc-manager */ - g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); - - return STC_ERROR_NONE; -} - void stc_monitor_app_remove_monitor(gpointer key, gpointer value, gpointer data) { @@ -718,25 +738,6 @@ void stc_monitor_app_remove_accept(gpointer key, return; } -API gboolean stc_monitor_app_lookup(uint32_t classid) -{ - stc_app_value_s *lookup_value; - - GHashTable *apps = stc_monitor_get_system_apps(); - - if (!apps) - return FALSE; - - if (classid == STC_UNKNOWN_CLASSID) - return FALSE; - - lookup_value = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); - if (lookup_value) - return TRUE; - - return FALSE; -} - GHashTable *stc_monitor_apps_init(void) { return g_hash_table_new_full(g_direct_hash, g_direct_equal, diff --git a/src/monitor/stc-connection.c b/plugin/monitor/stc-plugin-monitor-connection.c old mode 100644 new mode 100755 similarity index 99% rename from src/monitor/stc-connection.c rename to plugin/monitor/stc-plugin-monitor-connection.c index fb16297..06c4c30 --- a/src/monitor/stc-connection.c +++ b/plugin/monitor/stc-plugin-monitor-connection.c @@ -17,10 +17,10 @@ #include #include -#include "stc-monitor.h" #include "stc-firewall.h" #include "stc-manager-gdbus.h" -#include "stc-connection.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-connection.h" /* connman service dbus details */ #define CONNMAN_SERVICE "net.connman" @@ -695,7 +695,7 @@ done: return; } -stc_error_e stc_connection_monitor_init(stc_s *stc) +stc_error_e stc_plugin_monitor_connection_init(stc_s *stc) { int ret; ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); @@ -719,7 +719,7 @@ stc_error_e stc_connection_monitor_init(stc_s *stc) return STC_ERROR_NONE; } -stc_error_e stc_connection_monitor_deinit(stc_s *stc) +stc_error_e stc_plugin_monitor_connection_deinit(stc_s *stc) { ret_value_msg_if(stc == NULL, STC_ERROR_INVALID_PARAMETER, "failed to get stc data"); diff --git a/src/monitor/stc-monitor-ipt.c b/plugin/monitor/stc-plugin-monitor-ipt.c old mode 100644 new mode 100755 similarity index 98% rename from src/monitor/stc-monitor-ipt.c rename to plugin/monitor/stc-plugin-monitor-ipt.c index 016ae04..c8fa882 --- a/src/monitor/stc-monitor-ipt.c +++ b/plugin/monitor/stc-plugin-monitor-ipt.c @@ -14,8 +14,8 @@ * limitations under the License. */ -#include "stc-monitor-ipt.h" -#include "stc-monitor-context.h" +#include "stc-plugin-monitor-ipt.h" +#include "stc-plugin-monitor-context.h" static nfacct_rule_jump __get_jump_by_intend(struct nfacct_rule *counter) { diff --git a/src/monitor/stc-monitor-proc.c b/plugin/monitor/stc-plugin-monitor-proc.c similarity index 88% rename from src/monitor/stc-monitor-proc.c rename to plugin/monitor/stc-plugin-monitor-proc.c index be12dd1..12cfe65 100755 --- a/src/monitor/stc-monitor-proc.c +++ b/plugin/monitor/stc-plugin-monitor-proc.c @@ -14,9 +14,9 @@ * limitations under the License. */ -#include "stc-monitor.h" -#include "stc-monitor-proc.h" -#include "stc-connection.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-proc.h" +#include "stc-plugin-monitor-connection.h" #include "helper-net-cls.h" static void __print_proc(gpointer key, gpointer value, @@ -42,7 +42,7 @@ static void __proc_remove_pid(gpointer key, gpointer value, if (!g_hash_table_remove(app_value->processes, GUINT_TO_POINTER(context->pid))) return; - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(app_value->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", context->pid); @@ -74,7 +74,7 @@ static void __proc_move_pid(gpointer key, gpointer value, place_pids_to_net_cgroup(to_value->pid, to_app_value->app_id); } -API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, +API stc_error_e stc_plugin_monitor_proc_update_ground(uint32_t classid, const char *app_id, const stc_proc_value_s value) { @@ -91,7 +91,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -99,7 +99,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (!proc_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", value.pid); return STC_ERROR_NO_DATA; } @@ -112,7 +112,7 @@ API stc_error_e stc_monitor_proc_update_ground(uint32_t classid, return ret; } -API stc_error_e stc_monitor_proc_add(uint32_t classid, +API stc_error_e stc_plugin_monitor_proc_add(uint32_t classid, const char *app_id, const stc_proc_value_s value) { @@ -130,7 +130,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } @@ -138,14 +138,14 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, proc_lookup = g_hash_table_lookup(app_lookup->processes, GUINT_TO_POINTER(value.pid)); if (proc_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Already exists [\033[1;36m%d\033[0;m]", value.pid); return STC_ERROR_NONE; } proc_value = MALLOC0(stc_proc_value_s, 1); if (!proc_value) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("Value allocation failed"); return STC_ERROR_OUT_OF_MEMORY; } @@ -160,7 +160,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, /* add pid to application cgroup */ place_pids_to_net_cgroup(proc_value->pid, app_id); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;32mProcess added\033[0;m " "[\033[1;33m%d\033[0;m]", proc_value->pid); @@ -169,8 +169,7 @@ API stc_error_e stc_monitor_proc_add(uint32_t classid, return ret; } -API stc_error_e stc_monitor_proc_remove(uint32_t classid, - pid_t pid) +API stc_error_e stc_plugin_monitor_proc_remove(uint32_t classid, pid_t pid) { stc_error_e ret = STC_ERROR_NONE; stc_app_value_s *app_lookup = NULL; @@ -193,21 +192,21 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, app_lookup = context.app_value; if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Process not found [\033[1;33m%d\033[0;m]", pid); return STC_ERROR_NO_DATA; } } else { app_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(classid)); if (!app_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", classid); return STC_ERROR_NO_DATA; } if (g_hash_table_remove(app_lookup->processes, GUINT_TO_POINTER(pid))) { - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(app_lookup->processes); STC_LOGD("\033[1;31mProcess removed\033[0;m " "[\033[1;33m%d\033[0;m]", pid); @@ -235,7 +234,7 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, g_hash_table_remove(apps, GUINT_TO_POINTER(classid)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", classid); } @@ -243,8 +242,7 @@ API stc_error_e stc_monitor_proc_remove(uint32_t classid, return ret; } -API stc_error_e stc_monitor_proc_move(uint32_t from, - uint32_t to) +API stc_error_e stc_plugin_monitor_proc_move(uint32_t from, uint32_t to) { stc_error_e ret = STC_ERROR_NONE; stc_app_value_s *from_lookup = NULL; @@ -259,14 +257,14 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, to != STC_UNKNOWN_CLASSID) { from_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(from)); if (!from_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", from); return STC_ERROR_NO_DATA; } to_lookup = g_hash_table_lookup(apps, GUINT_TO_POINTER(to)); if (!to_lookup) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("Application not found [\033[1;36m%d\033[0;m]", to); return STC_ERROR_NO_DATA; } @@ -274,7 +272,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_foreach(from_lookup->processes, __proc_move_pid, to_lookup); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(to_lookup->processes); STC_LOGD("\033[1;34mProcesses moved\033[0;m " "[\033[1;36m%d\033[0;m] -> [\033[1;36m%d\033[0;m]", @@ -283,7 +281,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove_all(from_lookup->processes); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { __print_proc_all(from_lookup->processes); STC_LOGD("\033[1;31mProcesses removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); @@ -303,7 +301,7 @@ API stc_error_e stc_monitor_proc_move(uint32_t from, g_hash_table_remove(apps, GUINT_TO_POINTER(from)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;31mApplication removed\033[0;m " "[\033[1;36m%d\033[0;m]", from); } diff --git a/src/monitor/stc-monitor-rstn.c b/plugin/monitor/stc-plugin-monitor-rstn.c similarity index 99% rename from src/monitor/stc-monitor-rstn.c rename to plugin/monitor/stc-plugin-monitor-rstn.c index 31a05ab..75bc4e5 100755 --- a/src/monitor/stc-monitor-rstn.c +++ b/plugin/monitor/stc-plugin-monitor-rstn.c @@ -18,10 +18,10 @@ #include #include "counter.h" -#include "stc-monitor.h" -#include "stc-monitor-rstn.h" -#include "stc-monitor-ipt.h" -#include "stc-time.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-rstn.h" +#include "stc-plugin-monitor-ipt.h" +#include "stc-plugin-monitor-time.h" #include "table-counters.h" #include "table-restrictions.h" #include "table-statistics.h" @@ -1079,6 +1079,67 @@ static void __reset_time_counter_foreach_rstn_value(gpointer key, __reset_time_counter_foreach_rstn_data, data); } +API stc_error_e stc_plugin_monitor_rstn_add(const table_restrictions_info *info) +{ + stc_rstn_data_s data; + + memset(&data, 0, sizeof(stc_rstn_data_s)); + + if (info->app_id) { + data.classid = get_classid_by_app_id(info->app_id, TRUE); + data.app_id = info->app_id; + } else + data.classid = STC_UNKNOWN_CLASSID; + + if (data.classid == STC_BACKGROUND_APP_CLASSID) { + stc_monitor_set_background_state(TRUE); + __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, TRUE); + } + + data.iftype = info->iftype; + data.ifname = info->ifname; + data.subscriber_id = info->subscriber_id; + data.roaming = info->roaming; + data.mac = info->mac; + + data.rstn_type = info->rstn_type; + data.rstn_state = STC_RSTN_STATE_UNKNOWN; + data.restriction_id = info->restriction_id; + + data.limit[STC_RSTN_LIMIT_TYPE_DATA] = info->data_limit; + data.limit[STC_RSTN_LIMIT_TYPE_DATA_WARN] = info->data_warn_limit; + data.limit[STC_RSTN_LIMIT_TYPE_MONTHLY] = info->monthly_limit; + data.limit[STC_RSTN_LIMIT_TYPE_WEEKLY] = info->weekly_limit; + data.limit[STC_RSTN_LIMIT_TYPE_DAILY] = info->daily_limit; + data.month_start_date = info->month_start_date; + data.month_start_ts = stc_time_get_month_start(time(NULL), + info->month_start_date); + + return __rstn_data_add(&data); +} + +API stc_error_e stc_plugin_monitor_rstn_remove(const table_restrictions_info *info) +{ + stc_rstn_data_s data; + + memset(&data, 0, sizeof(stc_rstn_data_s)); + + data.classid = get_classid_by_app_id(info->app_id, TRUE); + data.app_id = info->app_id; + + data.iftype = info->iftype; + data.ifname = info->ifname; + data.subscriber_id = info->subscriber_id; + data.roaming = info->roaming; + + if (g_strcmp0(info->app_id, STC_TOTAL_BACKGROUND) == 0) { + stc_monitor_set_background_state(FALSE); + __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, FALSE); + } + + return __rstn_data_remove(&data); +} + void stc_monitor_rstn_reset_time_counters_if_required(void) { reset_time_limits_context_s context; @@ -1332,45 +1393,6 @@ gboolean stc_monitor_rstn_flush_contr_to_db(gpointer user_data) return G_SOURCE_REMOVE; } -stc_error_e stc_monitor_rstn_add(const table_restrictions_info *info) -{ - stc_rstn_data_s data; - - memset(&data, 0, sizeof(stc_rstn_data_s)); - - if (info->app_id) { - data.classid = get_classid_by_app_id(info->app_id, TRUE); - data.app_id = info->app_id; - } else - data.classid = STC_UNKNOWN_CLASSID; - - if (data.classid == STC_BACKGROUND_APP_CLASSID) { - stc_monitor_set_background_state(TRUE); - __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, TRUE); - } - - data.iftype = info->iftype; - data.ifname = info->ifname; - data.subscriber_id = info->subscriber_id; - data.roaming = info->roaming; - data.mac = info->mac; - - data.rstn_type = info->rstn_type; - data.rstn_state = STC_RSTN_STATE_UNKNOWN; - data.restriction_id = info->restriction_id; - - data.limit[STC_RSTN_LIMIT_TYPE_DATA] = info->data_limit; - data.limit[STC_RSTN_LIMIT_TYPE_DATA_WARN] = info->data_warn_limit; - data.limit[STC_RSTN_LIMIT_TYPE_MONTHLY] = info->monthly_limit; - data.limit[STC_RSTN_LIMIT_TYPE_WEEKLY] = info->weekly_limit; - data.limit[STC_RSTN_LIMIT_TYPE_DAILY] = info->daily_limit; - data.month_start_date = info->month_start_date; - data.month_start_ts = stc_time_get_month_start(time(NULL), - info->month_start_date); - - return __rstn_data_add(&data); -} - void stc_monitor_rstn_add_for_app(uint32_t classid) { stc_rstn_value_s *lookup_value; @@ -1400,28 +1422,6 @@ void stc_monitor_rstn_add_by_connection(stc_connection_s *conn) g_hash_table_foreach(rstns, __rstn_add_by_connection, conn); } -stc_error_e stc_monitor_rstn_remove(const table_restrictions_info *info) -{ - stc_rstn_data_s data; - - memset(&data, 0, sizeof(stc_rstn_data_s)); - - data.classid = get_classid_by_app_id(info->app_id, TRUE); - data.app_id = info->app_id; - - data.iftype = info->iftype; - data.ifname = info->ifname; - data.subscriber_id = info->subscriber_id; - data.roaming = info->roaming; - - if (g_strcmp0(info->app_id, STC_TOTAL_BACKGROUND) == 0) { - stc_monitor_set_background_state(FALSE); - __vconf_set_int(VCONFKEY_STC_BACKGROUND_STATE, FALSE); - } - - return __rstn_data_remove(&data); -} - void stc_monitor_rstn_remove_for_app(uint32_t classid) { stc_rstn_value_s *lookup_value; diff --git a/src/monitor/stc-time.c b/plugin/monitor/stc-plugin-monitor-time.c old mode 100644 new mode 100755 similarity index 96% rename from src/monitor/stc-time.c rename to plugin/monitor/stc-plugin-monitor-time.c index e0f86e0..f3a17cc --- a/src/monitor/stc-time.c +++ b/plugin/monitor/stc-plugin-monitor-time.c @@ -26,6 +26,8 @@ time_t stc_time_get_day_start(time_t now) struct tm *res; res = localtime_r(&now, &curr); + if (!res) + return 0; curr.tm_sec = 0; curr.tm_min = 0; @@ -41,6 +43,8 @@ time_t stc_time_get_week_start(time_t now) int days; res = localtime_r(&now, &curr); + if (!res) + return 0; curr.tm_sec = 0; curr.tm_min = 0; @@ -61,6 +65,8 @@ time_t stc_time_get_month_start(time_t now, int month_start_date) bool is_leap_year; res = localtime_r(&now, &curr); + if (!res) + return 0; curr.tm_sec = 0; curr.tm_min = 0; diff --git a/src/monitor/stc-monitor.c b/plugin/monitor/stc-plugin-monitor.c old mode 100644 new mode 100755 similarity index 92% rename from src/monitor/stc-monitor.c rename to plugin/monitor/stc-plugin-monitor.c index 0bfc5a5..117036e --- a/src/monitor/stc-monitor.c +++ b/plugin/monitor/stc-plugin-monitor.c @@ -18,7 +18,6 @@ #include #include -#include "stc-connection.h" #include "helper-nl.h" #include "helper-nfacct-rule.h" #include "helper-net-cls.h" @@ -27,9 +26,10 @@ #include "counter.h" #include "table-statistics.h" #include "table-counters.h" -#include "stc-monitor.h" +#include "stc-plugin-monitor.h" +#include "stc-plugin-monitor-connection.h" +#include "stc-plugin-monitor-rstn.h" #include "stc-manager-plugin-exception.h" -#include "stc-manager-plugin-tether.h" static stc_system_s *g_system = NULL; @@ -325,8 +325,10 @@ static void __fill_exceptions_list(void) stc_plugin_fill_exception_list(); } -stc_error_e stc_monitor_init(void) +stc_error_e stc_plugin_monitor_initialize(void) { + __STC_LOG_FUNC_ENTER__; + stc_system_s *system = MALLOC0(stc_system_s, 1); GIOChannel *gio = NULL; @@ -365,7 +367,6 @@ stc_error_e stc_monitor_init(void) stc_monitor_app_add_by_iface(STC_TOTAL_BLUETOOTH); stc_monitor_app_add_by_iface(STC_TOTAL_IPV4); stc_monitor_app_add_by_iface(STC_TOTAL_IPV6); - /* stc_monitor_app_add_by_iface(STC_TOTAL_TETHERING); */ __update_contr_cb(NULL); @@ -385,10 +386,11 @@ stc_error_e stc_monitor_init(void) __fill_exceptions_list(); stc_monitor_rstns_load(); + __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } -stc_error_e stc_monitor_deinit(void) +stc_error_e stc_plugin_monitor_deinitialize(void) { ret_value_msg_if(g_system == NULL, STC_ERROR_FAIL, "stc monitor not initialized!"); @@ -569,7 +571,31 @@ void stc_monitor_remove_by_connection(void *data) } } -API stc_error_e stc_monitor_check_excn_by_cmdline(char *cmdline) -{ - return stc_plugin_check_exception_by_cmdline(cmdline); -} +API stc_plugin_monitor_s stc_plugin_monitor = { + .initialize_plugin = + stc_plugin_monitor_initialize, + .deinitialize_plugin = + stc_plugin_monitor_deinitialize, + .add_application = + stc_plugin_monitor_app_add, + .remove_application = + stc_plugin_monitor_app_remove, + .lookup_application = + stc_plugin_monitor_app_lookup, + .add_restriction = + stc_plugin_monitor_rstn_add, + .remove_restriction = + stc_plugin_monitor_rstn_remove, + .init_connection = + stc_plugin_monitor_connection_init, + .deinit_connection = + stc_plugin_monitor_connection_deinit, + .add_process = + stc_plugin_monitor_proc_add, + .remove_process = + stc_plugin_monitor_proc_remove, + .move_process = + stc_plugin_monitor_proc_move, + .update_process_ground = + stc_plugin_monitor_proc_update_ground +}; diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index 22dddb7..fd03c4a 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -49,7 +49,7 @@ static void __pcap_data_info(const u_char *packet, int len) static void __pcap_ntp_time_info(uint32_t s, char *time) { - time_t seconds; + time_t seconds; char *curr = NULL; int len = 0; uint32_t sec = ntohl(s); @@ -775,7 +775,7 @@ static void __pcap_udp_info(const u_char *packet) IS_SRC_OR_DST_PORT(PORT_BOOTP_S)) __pcap_bootp_info(packet); else if (IS_SRC_OR_DST_PORT(PORT_NTP)) - __pcap_ntp_info(packet); + __pcap_ntp_info(packet); } static const char *__pcap_eth_type_info(u_int16_t type) @@ -1142,7 +1142,7 @@ thread_exit: g_source_attach(source, context); g_source_unref(source); - + __STC_LOG_FUNC_EXIT__; return NULL; } @@ -1173,28 +1173,22 @@ int stc_plugin_pcap_deinitialize(void) int stc_plugin_pcap_lookup_dev(void) { - __STC_LOG_FUNC_ENTER__; - char *dev = NULL; char errbuf[PCAP_ERRBUF_SIZE]; dev = pcap_lookupdev(errbuf); if (dev == NULL) { STC_LOGE("Failed to look up dev [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } STC_LOGD("Dev [%s]", dev); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_lookup_net(void) { - __STC_LOG_FUNC_ENTER__; - char *dev = NULL; char net[BUFF_SIZE_IP]; char mask[BUFF_SIZE_IP]; @@ -1206,7 +1200,6 @@ int stc_plugin_pcap_lookup_net(void) dev = pcap_lookupdev(errbuf); if (dev == NULL) { STC_LOGE("Failed to look up dev [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } @@ -1215,7 +1208,6 @@ int stc_plugin_pcap_lookup_net(void) ret = pcap_lookupnet(dev, &netp, &maskp, errbuf); if (ret == -1) { STC_LOGE("Failed to look up net [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } @@ -1225,14 +1217,11 @@ int stc_plugin_pcap_lookup_net(void) inet_ntop(AF_INET, &maskp, mask, BUFF_SIZE_IP); STC_LOGD("Mask [%s]", mask); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_find_alldevs(void) { - __STC_LOG_FUNC_ENTER__; - char net[BUFF_SIZE_IP]; char mask[BUFF_SIZE_IP]; char errbuf[PCAP_ERRBUF_SIZE]; @@ -1244,7 +1233,6 @@ int stc_plugin_pcap_find_alldevs(void) if (pcap_findalldevs(&alldevs, errbuf) < 0 || alldevs == NULL) { STC_LOGE("Failed to find all devs [%s]", errbuf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_FAIL; } @@ -1268,15 +1256,12 @@ int stc_plugin_pcap_find_alldevs(void) pcap_freealldevs(alldevs); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_register_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - stc_pcap_data_s *data; stc_pcap_data_s *lookup; char buf[MAX_IFACE_LENGTH]; @@ -1294,14 +1279,12 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, lookup = g_hash_table_lookup(g_pcap_tables, buf); if (lookup) { STC_LOGD("pcap loop already present"); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_ALREADY_DATA; } data = MALLOC0(stc_pcap_data_s, 1); if (!data) { STC_LOGE("data allocation failed"); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_OUT_OF_MEMORY; } @@ -1312,15 +1295,12 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, g_hash_table_insert(g_pcap_tables, g_strdup(buf), data); STC_LOGD("Successfully added pcap loop [%s]", buf); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - stc_pcap_data_s *lookup; char buf[MAX_IFACE_LENGTH]; @@ -1343,7 +1323,6 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, pcap_breakloop(lookup->handle); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } diff --git a/plugin/procfs/CMakeLists.txt b/plugin/procfs/CMakeLists.txt index dc04ca8..17ab7f2 100644 --- a/plugin/procfs/CMakeLists.txt +++ b/plugin/procfs/CMakeLists.txt @@ -15,6 +15,8 @@ FOREACH(flag ${procfs_plugin_CFLAGS}) ENDFOREACH(flag) INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include) SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") diff --git a/plugin/procfs/include/stc-plugin-procfs.h b/plugin/procfs/include/stc-plugin-procfs.h old mode 100644 new mode 100755 index d548c1f..53635ca --- a/plugin/procfs/include/stc-plugin-procfs.h +++ b/plugin/procfs/include/stc-plugin-procfs.h @@ -20,7 +20,6 @@ #include #include "stc-error.h" #include "stc-manager.h" -#include "stc-monitor.h" typedef struct { int (*initialize_plugin) (void); diff --git a/plugin/procfs/stc-plugin-procfs.c b/plugin/procfs/stc-plugin-procfs.c index 5a323a4..668f15c 100755 --- a/plugin/procfs/stc-plugin-procfs.c +++ b/plugin/procfs/stc-plugin-procfs.c @@ -28,9 +28,10 @@ #include #include "stc-plugin-procfs.h" -#include "stc-monitor.h" #include "helper-net-cls.h" #include "helper-procfs.h" +#include "stc-manager-plugin-monitor.h" +#include "stc-manager-plugin-exception.h" //LCOV_EXCL_START typedef struct { @@ -135,7 +136,7 @@ static proc_value_s * __proc_tree_find_parent(proc_value_s *value) parent = lookup; } while (lookup); - if (STC_DEBUG_LOG && STC_STAT_LOG) { + if (STC_STAT_LOG) { if (parent != NULL) STC_LOGD("\033[0;35mPARENT\033[0;m: tgid[\033[1;33m%s\033[0;m] " "pid[%s] ppid[%s] cmdline[\033[0;34m%s\033[0;m] name[%s]", @@ -158,7 +159,7 @@ static void __proc_tree_add(proc_key_s *key, proc_value_s *value) } if (key == NULL || value == NULL) { - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGE("invalid parameters"); return; } @@ -223,7 +224,7 @@ static gboolean __check_excn(char *cmdline) if (cmdline[0] == '(') return TRUE; - ret = stc_monitor_check_excn_by_cmdline(cmdline); + ret = stc_plugin_check_exception_by_cmdline(cmdline); if (ret == STC_ERROR_UNINITIALIZED || ret == STC_ERROR_NO_DATA) return FALSE; @@ -318,7 +319,7 @@ static void __process_event_fork(int tgid, int pid) g_strlcpy(value.status[i], status[i], sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;32mFORK\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid=[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -357,7 +358,7 @@ static void __process_event_exec(int tgid, int pid) sizeof(value.status[i])); g_strlcpy(value.cmdline, cmdline, sizeof(value.cmdline)); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;32mEXEC\033[0;m: tgid[\033[1;33m%d\033[0;m] " "ppid[%s] cmdline[\033[0;34m%s\033[0;m] pid[%d]", tgid, status[PROC_STATUS_PPID], cmdline, pid); @@ -379,7 +380,7 @@ static void __process_event_exit(int tgid, int pid, int exit_code) if (lookup == NULL) /* unmonitored process */ return; - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("\033[1;31mEXIT\033[0;m: tgid[\033[1;33m%d\033[0;m] " "cmdline[\033[0;34m%s\033[0;m] pid[%d] exitcode[%d]", tgid, lookup->cmdline, pid, exit_code); @@ -591,7 +592,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, { stc_error_e ret = STC_ERROR_NONE; - if ((pkg_id && app_id) && STC_DEBUG_LOG && STC_STAT_LOG) + if ((pkg_id && app_id) && STC_STAT_LOG) STC_LOGD("cmd[%d] pkgid[%s] appid[%s] pid[%d] type[%d]", cmd, pkg_id, app_id, pid, app_type); @@ -619,12 +620,12 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, bg_classid = get_classid_by_app_id(bg_app_id, FALSE); fg_classid = get_classid_by_app_id(app_id, TRUE); - stc_monitor_app_add(fg_classid, app_id, pkg_id, app_value); + stc_plugin_monitor_add_app(fg_classid, app_id, pkg_id, app_value); - stc_monitor_proc_move(bg_classid, fg_classid); + stc_plugin_monitor_move_proc(bg_classid, fg_classid); - stc_monitor_proc_add(fg_classid, app_id, proc_value); - stc_monitor_proc_update_ground(fg_classid, app_id, proc_value); + stc_plugin_monitor_add_proc(fg_classid, app_id, proc_value); + stc_plugin_monitor_update_proc_ground(fg_classid, app_id, proc_value); FREE(bg_app_id); break; @@ -652,12 +653,12 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, fg_classid = get_classid_by_app_id(app_id, FALSE); bg_classid = get_classid_by_app_id(bg_app_id, TRUE); - stc_monitor_app_add(bg_classid, bg_app_id, pkg_id, app_value); + stc_plugin_monitor_add_app(bg_classid, bg_app_id, pkg_id, app_value); - stc_monitor_proc_move(fg_classid, bg_classid); + stc_plugin_monitor_move_proc(fg_classid, bg_classid); - stc_monitor_proc_add(bg_classid, bg_app_id, proc_value); - stc_monitor_proc_update_ground(bg_classid, bg_app_id, proc_value); + stc_plugin_monitor_add_proc(bg_classid, bg_app_id, proc_value); + stc_plugin_monitor_update_proc_ground(bg_classid, bg_app_id, proc_value); FREE(bg_app_id); break; @@ -674,7 +675,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, memset(&proc_value, 0, sizeof(stc_proc_value_s)); classid = get_classid_by_app_id(app_id, FALSE); - is_exist = stc_monitor_app_lookup(classid); + is_exist = stc_plugin_monitor_lookup_app(classid); if (is_exist) { app_value.type = app_type; app_value.state = STC_APP_STATE_FOREGROUND; @@ -683,8 +684,8 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, proc_value.pid = pid; proc_value.ground = STC_APP_STATE_FOREGROUND; - stc_monitor_app_add(classid, app_id, pkg_id, app_value); - stc_monitor_proc_add(classid, app_id, proc_value); + stc_plugin_monitor_add_app(classid, app_id, pkg_id, app_value); + stc_plugin_monitor_add_proc(classid, app_id, proc_value); } else { bg_app_id = g_strconcat(app_id, STC_BACKGROUND_APP_SUFFIX, NULL); classid = get_classid_by_app_id(bg_app_id, TRUE); @@ -696,8 +697,8 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, proc_value.pid = pid; proc_value.ground = STC_APP_STATE_BACKGROUND; - stc_monitor_app_add(classid, bg_app_id, pkg_id, app_value); - stc_monitor_proc_add(classid, bg_app_id, proc_value); + stc_plugin_monitor_add_app(classid, bg_app_id, pkg_id, app_value); + stc_plugin_monitor_add_proc(classid, bg_app_id, proc_value); FREE(bg_app_id); } @@ -714,7 +715,7 @@ stc_error_e stc_plugin_procfs_status_changed(stc_cmd_type_e cmd, if (classid == STC_UNKNOWN_CLASSID) classid = get_classid_by_app_id(app_id, FALSE); - stc_monitor_proc_remove(classid, pid); + stc_plugin_monitor_remove_proc(classid, pid); FREE(bg_app_id); break; diff --git a/plugin/tether/CMakeLists.txt b/plugin/tether/CMakeLists.txt index 889f44a..b64cfbd 100644 --- a/plugin/tether/CMakeLists.txt +++ b/plugin/tether/CMakeLists.txt @@ -15,6 +15,7 @@ FOREACH(flag ${tether_plugin_CFLAGS}) ENDFOREACH(flag) INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/monitor/include) SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") diff --git a/plugin/tether/stc-plugin-tether.c b/plugin/tether/stc-plugin-tether.c index 5270aed..4b1e0b8 100755 --- a/plugin/tether/stc-plugin-tether.c +++ b/plugin/tether/stc-plugin-tether.c @@ -23,8 +23,8 @@ #include #include -#include "stc-monitor.h" #include "stc-plugin-tether.h" +#include "stc-manager-plugin-monitor.h" static GSList *station_list = NULL; static GDBusConnection *connection = NULL; @@ -49,7 +49,7 @@ static stc_error_e add_station_monitor(gchar *pkg_id, gchar *app_id, app_value.processes = NULL; g_strlcpy(app_value.mac, mac, STATION_MAC_STR_LEN); - ret = stc_monitor_app_add(STC_UNKNOWN_CLASSID, app_id, pkg_id, app_value); + ret = stc_plugin_monitor_add_app(STC_UNKNOWN_CLASSID, app_id, pkg_id, app_value); FREE(app_value.pkg_id); FREE(app_value.app_id); return ret; @@ -67,7 +67,7 @@ static stc_error_e remove_station_monitor(gchar *pkg_id, gchar *app_id) sta_app_id = g_strconcat(app_id, STC_TETHERING_APP_SUFFIX, NULL); - ret = stc_monitor_app_remove(STC_UNKNOWN_CLASSID, sta_app_id); + ret = stc_plugin_monitor_remove_app(STC_UNKNOWN_CLASSID, sta_app_id); FREE(sta_app_id); return ret; @@ -281,7 +281,7 @@ int tether_plugin_init(void) _mobileap_signal_cb, NULL, NULL); - STC_LOGI("tether plugin initialised"); + STC_LOGI("tether plugin initialized"); return 0; } diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 2ec0178..d23adde 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -24,7 +24,6 @@ ENDFOREACH(flag) SET(SOURCE_DIR ${CMAKE_SOURCE_DIR}/src) SET(HELPER_SOURCE_DIR ${SOURCE_DIR}/helper) SET(DATABASE_SOURCE_DIR ${SOURCE_DIR}/database) -SET(MONITOR_SOURCE_DIR ${SOURCE_DIR}/monitor) SET(CONFIGURE_SOURCE_DIR ${SOURCE_DIR}/configure) SET(LIMITATION_SOURCE_DIR ${SOURCE_DIR}/limitation) SET(PLUGIN_DIR ${CMAKE_SOURCE_DIR}/plugin) @@ -33,6 +32,7 @@ SET(EXCEPTION_SOURCE_DIR ${PLUGIN_DIR}/exception) SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs) SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap) SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether) +SET(MONITOR_SOURCE_DIR ${PLUGIN_DIR}/monitor) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces) @@ -43,9 +43,6 @@ INCLUDE_DIRECTORIES(${HELPER_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}) INCLUDE_DIRECTORIES(${DATABASE_SOURCE_DIR}/include) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}) -INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) - INCLUDE_DIRECTORIES(${CONFIGURE_SOURCE_DIR}) INCLUDE_DIRECTORIES(${CONFIGURE_SOURCE_DIR}/include) @@ -57,14 +54,14 @@ INCLUDE_DIRECTORIES(${EXCEPTION_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c) FILE(GLOB HELPER_SRCS ${HELPER_SOURCE_DIR}/*.c) -FILE(GLOB MONITOR_SRCS ${MONITOR_SOURCE_DIR}/*.c) FILE(GLOB CONFIGURE_SRCS ${CONFIGURE_SOURCE_DIR}/*.c) FILE(GLOB LIMITATION_SRCS ${LIMITATION_SOURCE_DIR}/*.c) -SET(SRCS ${SRCS} ${SOURCE_SRCS} ${HELPER_SRCS} ${MONITOR_SRCS} ${CONFIGURE_SRCS} ${LIMITATION_SRCS}) +SET(SRCS ${SRCS} ${SOURCE_SRCS} ${HELPER_SRCS} ${CONFIGURE_SRCS} ${LIMITATION_SRCS}) IF("${ENABLE_DATABASE}" STREQUAL "YES") FILE(GLOB DATABASE_SRCS ${DATABASE_SOURCE_DIR}/*.c) diff --git a/src/database/db-common.c b/src/database/db-common.c old mode 100644 new mode 100755 index 372eb03..a4c2a3d --- a/src/database/db-common.c +++ b/src/database/db-common.c @@ -109,11 +109,9 @@ stc_error_e stc_db_initialize(void) stc_db_initialize_once(); -#ifndef TIZEN_TV_EXT EXEC(STC_ERROR_NONE, table_statistics_prepare(database)); EXEC(STC_ERROR_NONE, table_restrictions_prepare(database)); EXEC(STC_ERROR_NONE, table_counters_prepare(database)); -#endif EXEC(STC_ERROR_NONE, table_firewall_prepare(database)); EXEC(STC_ERROR_NONE, stc_init_db_guard()); @@ -134,11 +132,9 @@ gboolean stc_db_deinitialize(void) return TRUE; //LCOV_EXCL_LINE } -#ifndef TIZEN_TV_EXT table_statistics_finalize(); table_restrictions_finalize(); table_counters_finalize(); -#endif table_firewall_finalize(); sqlite3_close(database); diff --git a/src/database/tables/table-counters.c b/src/database/tables/table-counters.c old mode 100644 new mode 100755 index 9bd49a2..96c15c5 --- a/src/database/tables/table-counters.c +++ b/src/database/tables/table-counters.c @@ -271,7 +271,7 @@ handle_error: return ret; } -stc_error_e table_counters_get(uint64_t restriction_id, +API stc_error_e table_counters_get(uint64_t restriction_id, table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; @@ -322,7 +322,7 @@ handle_error: } //LCOV_EXCL_START -stc_error_e table_counters_update_counters(const table_counters_info *info) +API stc_error_e table_counters_update_counters(const table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_counter; @@ -359,7 +359,7 @@ handle_error: } //LCOV_EXCL_STOP -stc_error_e table_counters_get_timestamps(uint64_t restriction_id, +API stc_error_e table_counters_get_timestamps(uint64_t restriction_id, table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; @@ -411,7 +411,7 @@ handle_error: } //LCOV_EXCL_START -stc_error_e table_counters_update_timestamps(const table_counters_info *info) +API stc_error_e table_counters_update_timestamps(const table_counters_info *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_timestamp; @@ -443,7 +443,7 @@ handle_error: //LCOV_EXCL_STOP -stc_error_e table_counters_delete(uint64_t restriction_id) +API stc_error_e table_counters_delete(uint64_t restriction_id) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_counter; diff --git a/src/database/tables/table-restrictions.c b/src/database/tables/table-restrictions.c old mode 100644 new mode 100755 index 929449d..debb04d --- a/src/database/tables/table-restrictions.c +++ b/src/database/tables/table-restrictions.c @@ -320,7 +320,7 @@ handle_error: return error_code; } -stc_error_e table_restrictions_foreach(const table_restrictions_info_cb restriction_cb, +API stc_error_e table_restrictions_foreach(const table_restrictions_info_cb restriction_cb, void *user_data) { __STC_LOG_FUNC_ENTER__; diff --git a/src/database/tables/table-statistics.c b/src/database/tables/table-statistics.c index f8db77b..ffb4b97 100755 --- a/src/database/tables/table-statistics.c +++ b/src/database/tables/table-statistics.c @@ -500,7 +500,7 @@ handle_error: return error_code; } -stc_error_e table_statistics_per_app(const char *app_id, +API stc_error_e table_statistics_per_app(const char *app_id, table_statistics_select_rule *rule, table_statistics_info_cb info_cb, void *user_data) @@ -578,7 +578,7 @@ handle_error: return error_code; } -stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, +API stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, stc_db_app_stats *stat, time_t last_touch_time) { @@ -621,7 +621,7 @@ stc_error_e table_statistics_insert(stc_db_classid_iftype_key *stat_key, goto handle_error; //LCOV_EXCL_LINE } - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("App stat recorded [\033[0;34m%s\033[0;m] " "rcv[%lld] snd[%lld]", stat->app_id, rcv, snd); diff --git a/src/helper/helper-cgroup.c b/src/helper/helper-cgroup.c index fbb0024..1d5ba2b 100755 --- a/src/helper/helper-cgroup.c +++ b/src/helper/helper-cgroup.c @@ -119,7 +119,7 @@ int cgroup_write_node_uint32(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, value); //LCOV_EXCL_LINE return fwrite_uint(buf, value); @@ -131,7 +131,7 @@ int cgroup_write_node_str(const char *cgroup_name, char buf[MAX_PATH_LENGTH]; snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("cgroup_buf %s, string %s\n", buf, string); //LCOV_EXCL_LINE return fwrite_str(buf, string); @@ -145,7 +145,7 @@ int cgroup_read_node_uint32(const char *cgroup_name, snprintf(buf, sizeof(buf), "%s/%s", cgroup_name, file_name); ret = fread_uint(buf, value); - if (STC_DEBUG_LOG && STC_STAT_LOG) + if (STC_STAT_LOG) STC_LOGD("cgroup_buf %s, value %d\n", buf, *value); //LCOV_EXCL_LINE return ret; @@ -222,7 +222,7 @@ int cgroup_set_release_agent(const char *cgroup_subsys, return cgroup_write_node_str(buf, NOTIFY_ON_RELEASE, "1"); } -void cgroup_init(void) +API void cgroup_init(void) { /* create stc cgroup directory */ cgroup_make_subdir(CGROUP_NETWORK, STC_CGROUP_NAME, NULL); diff --git a/src/helper/helper-file.c b/src/helper/helper-file.c index 636ef5d..53dcad0 100755 --- a/src/helper/helper-file.c +++ b/src/helper/helper-file.c @@ -29,17 +29,14 @@ int fwrite_str(const char *path, const char *str) assert(str); t = realpath(path, NULL); - ret_value_errno_msg_if(!t, -errno, - "Fail to get realpath %s", path); + ret_value_if(!t, -errno); free(t); f = fopen(path, "w"); - ret_value_errno_msg_if(!f, -errno, - "Fail to open file %s", path); + ret_value_if(!f, -errno); ret = fputs(str, f); - ret_value_errno_msg_if(ret == EOF, errno ? -errno : -EIO, - "Fail to write file"); + ret_value_if(ret == EOF, errno ? -errno : -EIO); return STC_ERROR_NONE; } @@ -50,8 +47,7 @@ int fwrite_uint(const char *path, const uint32_t number) int ret; ret = asprintf(&digit_buf, "%d", number); - ret_value_errno_msg_if(ret < 0, -ENOMEM, - "sprintf failed\n"); + ret_value_if(ret < 0, -ENOMEM); return fwrite_str(path, digit_buf); } @@ -62,12 +58,10 @@ int fread_uint(const char *path, uint32_t *number) int ret; f = fopen(path, "r"); - ret_value_errno_msg_if(!f, -errno, - "Fail to open %s file.", path); + ret_value_if(!f, -errno); ret = fscanf(f, "%u", number); - ret_value_errno_msg_if(ret == EOF, -errno, - "Fail to read file\n"); + ret_value_if(ret == EOF, -errno); return STC_ERROR_NONE; } diff --git a/src/helper/helper-iptables.c b/src/helper/helper-iptables.c old mode 100644 new mode 100755 index 9a2cde8..1e140b7 --- a/src/helper/helper-iptables.c +++ b/src/helper/helper-iptables.c @@ -891,7 +891,7 @@ done: return ret; } -stc_error_e iptables_flush_chains(void) +API stc_error_e iptables_flush_chains(void) { stc_error_e ret = STC_ERROR_NONE; stc_s *stc = stc_get_manager(); @@ -982,6 +982,12 @@ stc_error_e iptables_init(void) goto done; //LCOV_EXCL_LINE } + ret = __ip6tables_add_chain(stc->connection, STC_TETHER_CHAIN); + if (ret != STC_ERROR_NONE) { + __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE + goto done; //LCOV_EXCL_LINE + } + ret = _iptables_add_in_chain_jump_rule(); if (ret != STC_ERROR_NONE) { __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE diff --git a/src/helper/helper-net-cls.c b/src/helper/helper-net-cls.c index 3f460f7..350dfb6 100755 --- a/src/helper/helper-net-cls.c +++ b/src/helper/helper-net-cls.c @@ -87,7 +87,7 @@ static stc_error_e __get_classid_from_cgroup(const char *cgroup, return STC_ERROR_NONE; } -stc_error_e init_current_classid(void) +API stc_error_e init_current_classid(void) { int ret = 0; struct stat stat_buf; @@ -172,12 +172,12 @@ API uint32_t get_classid_by_app_id(const char *app_id, int create) return classid; handle_error: - - STC_LOGE("error_code: [%d]", ret); //LCOV_EXCL_LINE + if (STC_DEBUG_LOG) + STC_LOGE("error_code: [%d]", ret); //LCOV_EXCL_LINE return STC_UNKNOWN_CLASSID; //LCOV_EXCL_LINE } -stc_error_e place_pids_to_net_cgroup(const int pid, const char *app_id) +API stc_error_e place_pids_to_net_cgroup(const int pid, const char *app_id) { char child_buf[21 + MAX_DEC_SIZE(int) + MAX_DEC_SIZE(int) + 1]; const char *path_to_net_cgroup_dir = NULL; diff --git a/src/helper/helper-nfacct-rule.c b/src/helper/helper-nfacct-rule.c index fbe17ca..1d6d0c6 100755 --- a/src/helper/helper-nfacct-rule.c +++ b/src/helper/helper-nfacct-rule.c @@ -223,7 +223,7 @@ stc_error_e nfacct_send_get_quotas(struct counter_arg *carg, const char *name) NFACCT_F_QUOTA_BYTES); } -stc_error_e nfacct_send_get_all(struct counter_arg *carg) +API stc_error_e nfacct_send_get_all(struct counter_arg *carg) { /* get and reset everything, used when quiting */ return internal_nfacct_send_get(carg, NFNL_MSG_ACCT_GET_CTRZERO, NULL, @@ -252,7 +252,7 @@ static stc_iface_type_e convert_to_iftype(int type) type > STC_IFACE_UNKNOWN) ? type : STC_IFACE_UNKNOWN; } -bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt) +API bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *cnt) { char *iftype_part; char *classid_part; @@ -396,7 +396,7 @@ next: params->post_eval_attr(carg); } -netlink_serialization_command * +API netlink_serialization_command * netlink_create_command(struct netlink_serialization_params *params) { static netlink_serialization_command command = {0,}; @@ -803,7 +803,7 @@ static stc_error_e produce_iface_rule(nfacct_rule_s *rule) return STC_ERROR_NONE; } -stc_error_e produce_net_rule(nfacct_rule_s *rule) +API stc_error_e produce_net_rule(nfacct_rule_s *rule) { stc_error_e ret = STC_ERROR_NONE; diff --git a/src/helper/helper-nl.c b/src/helper/helper-nl.c old mode 100644 new mode 100755 index 2c3c8f9..ff9d1af --- a/src/helper/helper-nl.c +++ b/src/helper/helper-nl.c @@ -67,7 +67,7 @@ void fill_attribute_list(struct rtattr **atb, const int max_len, /* read netlink message from socket * return opaque pointer to genl structure */ -int read_netlink(int sock, void *buf, size_t len) +API int read_netlink(int sock, void *buf, size_t len) { ssize_t ret; struct sockaddr_nl addr; diff --git a/src/stc-firewall.c b/src/stc-firewall.c index f1adadb..64e7abb 100755 --- a/src/stc-firewall.c +++ b/src/stc-firewall.c @@ -1216,6 +1216,8 @@ gboolean __validate_fw_rule(firewall_rule_s *rule) void stc_firewall_init(void) { + __STC_LOG_FUNC_ENTER__; + int ret = STC_ERROR_NONE; g_firewalls = g_hash_table_new_full(g_str_hash, @@ -1230,21 +1232,31 @@ void stc_firewall_init(void) table_firewall_foreach_chain(__fw_table_chain_info_cb, NULL); table_firewall_foreach_rule(__fw_table_rule_info_cb, NULL); + + __STC_LOG_FUNC_EXIT__; } -void stc_firewall_update(void) +API void stc_firewall_update(void) { + __STC_LOG_FUNC_ENTER__; + __fw_chain_foreach(__fw_foreach_to_add_chain, NULL); __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, NULL); __fw_chain_foreach(__fw_foreach_to_set_chain, NULL); + + __STC_LOG_FUNC_EXIT__; } void stc_firewall_deinit(void) { + __STC_LOG_FUNC_ENTER__; + if (g_firewalls) { g_hash_table_destroy(g_firewalls); g_firewalls = NULL; } + + __STC_LOG_FUNC_EXIT__; } gboolean handle_firewall_lock(StcFirewall *object, diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index ef74b17..22d0375 100755 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -20,10 +20,10 @@ #include "stc-restriction.h" #include "stc-firewall.h" #include "stc-pcap.h" -#include "stc-connection.h" #include "stc-manager-util.h" #include "stc-manager-plugin-appstatus.h" #include "stc-manager-plugin-procfs.h" +#include "stc-manager-plugin-monitor.h" #include "helper-iptables.h" #define MANAGER_DBUS_ERROR_NAME "net.stc.manager.Error.Failed" @@ -351,12 +351,11 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, stc->connection); iptables_init(); -#ifndef TIZEN_TV_EXT - stc_connection_monitor_init(stc); + stc_firewall_update(); + stc_plugin_monitor_init_connection(stc); stc_plugin_appstatus_register_state_changed_cb(stc, stc_plugin_procfs_app_status_changed, NULL); -#endif __STC_LOG_FUNC_EXIT__; } @@ -400,7 +399,7 @@ void stc_manager_gdbus_deinit(gpointer stc_data) stc_s *stc = (stc_s *)stc_data; stc_plugin_appstatus_deregister_state_changed_cb(stc); - stc_connection_monitor_deinit(stc); + stc_plugin_monitor_deinit_connection(stc); g_bus_unown_name(stc->gdbus_owner_id); @@ -412,7 +411,7 @@ void stc_manager_gdbus_deinit(gpointer stc_data) __STC_LOG_FUNC_EXIT__; } -GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection, +API GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection, const char *dest, const char *path, const char *interface_name, const char *method, GVariant *params) @@ -452,7 +451,7 @@ GVariant *stc_manager_gdbus_call_sync(GDBusConnection *connection, return reply; } -guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection, +API guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection, const gchar *sender, const gchar *interface_name, const gchar *member, @@ -480,7 +479,7 @@ guint stc_manager_gdbus_subscribe_signal(GDBusConnection *connection, user_data_free_func); } -void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection, +API void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection, guint subscription_id) { if (connection == NULL) { @@ -513,7 +512,7 @@ void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb, __STC_LOG_FUNC_EXIT__; } -gboolean stc_manager_dbus_emit_signal(GDBusConnection *connection, +API gboolean stc_manager_dbus_emit_signal(GDBusConnection *connection, const gchar *object_path, const gchar *interface_name, const gchar *signal_name, diff --git a/src/stc-manager-plugin-appstatus.c b/src/stc-manager-plugin-appstatus.c old mode 100644 new mode 100755 index cab52ad..a79bc93 --- a/src/stc-manager-plugin-appstatus.c +++ b/src/stc-manager-plugin-appstatus.c @@ -64,24 +64,21 @@ int stc_plugin_appstatus_deinit(void) return STC_ERROR_NONE; } -int stc_plugin_appstatus_send_message(const char *content, +API int stc_plugin_appstatus_send_message(const char *content, const char *type, const char *app_id, const char *iftype, const char *limit) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->send_message_to_net_popup(content, type, app_id, iftype, limit); } @@ -89,41 +86,35 @@ int stc_plugin_appstatus_send_message(const char *content, int stc_plugin_appstatus_register_state_changed_cb(stc_s *stc, stc_plugin_app_state_changed_cb cb, void *data) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->register_state_changed_cb(stc, cb, data); } int stc_plugin_appstatus_deregister_state_changed_cb(stc_s *stc) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->deregister_state_changed_cb(stc); } //LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-exception.c b/src/stc-manager-plugin-exception.c old mode 100644 new mode 100755 index bc0078d..ad1c092 --- a/src/stc-manager-plugin-exception.c +++ b/src/stc-manager-plugin-exception.c @@ -24,7 +24,7 @@ static void *handle_plugin; static stc_plugin_exception_s *stc_plugin; //LCOV_EXCL_START -int stc_plugin_exception_init(void) +API int stc_plugin_exception_init(void) { __STC_LOG_FUNC_ENTER__; @@ -50,7 +50,7 @@ int stc_plugin_exception_init(void) return STC_ERROR_NONE; } -int stc_plugin_exception_deinit(void) +API int stc_plugin_exception_deinit(void) { __STC_LOG_FUNC_ENTER__; @@ -67,47 +67,41 @@ int stc_plugin_exception_deinit(void) return STC_ERROR_NONE; } -int stc_plugin_fill_exception_list(void) +API int stc_plugin_fill_exception_list(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->fill_exception_list(); } -int stc_plugin_update_exception_list(void) +API int stc_plugin_update_exception_list(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->update_exception_list(); } -int stc_plugin_check_exception_by_cmdline(char *cmdline) +API int stc_plugin_check_exception_by_cmdline(char *cmdline) { if (!stc_plugin_enabled) return STC_ERROR_UNINITIALIZED; diff --git a/src/stc-manager-plugin-monitor.c b/src/stc-manager-plugin-monitor.c new file mode 100755 index 0000000..209b1a1 --- /dev/null +++ b/src/stc-manager-plugin-monitor.c @@ -0,0 +1,259 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "stc-manager.h" +#include "stc-manager-plugin-monitor.h" + +static gboolean stc_plugin_enabled = FALSE; +static void *handle_plugin; +static stc_plugin_monitor_s *stc_plugin; + +//LCOV_EXCL_START +API int stc_plugin_monitor_init(void) +{ + __STC_LOG_FUNC_ENTER__; + + handle_plugin = dlopen(STC_PLUGIN_MONITOR_FILEPATH, RTLD_NOW); + if (!handle_plugin) { + STC_LOGE("Can't load %s: %s", STC_PLUGIN_MONITOR_FILEPATH, dlerror()); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin = dlsym(handle_plugin, "stc_plugin_monitor"); + if (!stc_plugin) { + STC_LOGE("Can't load symbol: %s", dlerror()); + dlclose(handle_plugin); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->initialize_plugin(); + stc_plugin_enabled = TRUE; + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +API int stc_plugin_monitor_deinit(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) + return STC_ERROR_UNINITIALIZED; + + stc_plugin->deinitialize_plugin(); + stc_plugin_enabled = FALSE; + dlclose(handle_plugin); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +API int stc_plugin_monitor_add_app(uint32_t classid, + const char *app_id, + const char *pkg_id, + const stc_app_value_s value) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_application(classid, app_id, pkg_id, value); +} + +API int stc_plugin_monitor_remove_app(uint32_t classid, + const char *app_id) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_application(classid, app_id); +} + +API int stc_plugin_monitor_lookup_app(uint32_t classid) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->lookup_application(classid); +} + +API int stc_plugin_monitor_add_rstn(table_restrictions_info *info) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_restriction(info); +} + +API int stc_plugin_monitor_remove_rstn(table_restrictions_info *info) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_restriction(info); +} + +API int stc_plugin_monitor_init_connection(stc_s *stc) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->init_connection(stc); +} + +API int stc_plugin_monitor_deinit_connection(stc_s *stc) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->deinit_connection(stc); +} + +API int stc_plugin_monitor_add_proc(uint32_t classid, + const char *app_id, const stc_proc_value_s value) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_process(classid, app_id, value); +} + +API int stc_plugin_monitor_remove_proc(uint32_t classid, pid_t pid) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_process(classid, pid); +} + +API int stc_plugin_monitor_move_proc(uint32_t from, uint32_t to) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->move_process(from, to); +} + +API int stc_plugin_monitor_update_proc_ground(uint32_t classid, + const char *app_id, const stc_proc_value_s value) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->update_process_ground(classid, app_id, value); +} +//LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-pcap.c b/src/stc-manager-plugin-pcap.c old mode 100644 new mode 100755 index c9432a2..395031c --- a/src/stc-manager-plugin-pcap.c +++ b/src/stc-manager-plugin-pcap.c @@ -69,103 +69,88 @@ int stc_plugin_pcap_deinit(void) int stc_plugin_pcap_lookup_dev(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->lookup_dev(); } int stc_plugin_pcap_lookup_net(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->lookup_net(); } int stc_plugin_pcap_find_alldevs(void) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->find_alldevs(); } int stc_plugin_pcap_register_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->register_loop_pcap(ifname, group); } int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, int group) { - __STC_LOG_FUNC_ENTER__; - if (!stc_plugin_enabled) { - STC_LOGE("Plugin wasn't enabled"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); return STC_ERROR_UNINITIALIZED; } if (!stc_plugin) { - STC_LOGE("Plugin wasn't loaded"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); return STC_ERROR_UNINITIALIZED; } - __STC_LOG_FUNC_EXIT__; return stc_plugin->unregister_loop_pcap(ifname, group); } //LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-tether.c b/src/stc-manager-plugin-tether.c old mode 100644 new mode 100755 index afb170d..4c5e528 --- a/src/stc-manager-plugin-tether.c +++ b/src/stc-manager-plugin-tether.c @@ -66,15 +66,14 @@ int stc_plugin_tether_deinit(void) return STC_ERROR_NONE; } -int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr) +API int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr) { - __STC_LOG_FUNC_ENTER__; char ip[INET_ADDRSTRLEN+1]; if (!stc_tether_plugin_enabled || - mac == NULL || ipaddr == NULL) { - STC_LOGE("invalid args"); - __STC_LOG_FUNC_EXIT__; + mac == NULL || ipaddr == NULL) { + if (STC_DEBUG_LOG) + STC_LOGE("invalid args"); return STC_ERROR_INVALID_PARAMETER; } @@ -86,18 +85,17 @@ int stc_plugin_tether_get_station_ip(const char *mac, char **ipaddr) *ipaddr = g_strdup(ip); STC_LOGI("station ip(%s)", *ipaddr); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } -int stc_plugin_tether_get_station_by_classid(const int classid, char **mac) +API int stc_plugin_tether_get_station_by_classid(const int classid, char **mac) { __STC_LOG_FUNC_ENTER__; char mac_addr[STATION_MAC_STR_LEN+1]; if (!stc_tether_plugin_enabled || mac == NULL) { - STC_LOGE("invalid args"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("invalid args"); return STC_ERROR_INVALID_PARAMETER; } @@ -109,17 +107,16 @@ int stc_plugin_tether_get_station_by_classid(const int classid, char **mac) *mac = g_strdup(mac_addr); STC_LOGI("station mac(%s)", *mac); - __STC_LOG_FUNC_EXIT__; return STC_ERROR_NONE; } -int stc_plugin_tether_set_station_classid(const char *mac, int classid) +API int stc_plugin_tether_set_station_classid(const char *mac, int classid) { __STC_LOG_FUNC_ENTER__; if (!stc_tether_plugin_enabled || mac == NULL) { - STC_LOGE("invalid args"); - __STC_LOG_FUNC_EXIT__; + if (STC_DEBUG_LOG) + STC_LOGE("invalid args"); return STC_ERROR_INVALID_PARAMETER; } @@ -128,6 +125,6 @@ int stc_plugin_tether_set_station_classid(const char *mac, int classid) STC_LOGI("classid(%d) for station mac(%s) is set successfully", classid, mac); - __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; } diff --git a/src/stc-manager.c b/src/stc-manager.c index ba9356d..11fa7bb 100755 --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -26,13 +26,13 @@ #include "helper-nfacct-rule.h" #include "helper-iptables.h" #include "helper-inotify.h" -#include "stc-monitor.h" #include "stc-firewall.h" #include "stc-manager-plugin-appstatus.h" #include "stc-manager-plugin-exception.h" #include "stc-manager-plugin-procfs.h" #include "stc-manager-plugin-tether.h" #include "stc-manager-plugin-pcap.h" +#include "stc-manager-plugin-monitor.h" #define BUF_SIZE_FOR_ERR 100 @@ -75,7 +75,7 @@ static void __stc_manager_deinit(void) return; } - stc_monitor_deinit(); + stc_plugin_monitor_deinit(); stc_deinit_db_guard(); stc_db_deinitialize(); @@ -118,9 +118,7 @@ static stc_s *__stc_manager_init(void) inotify_initialize(); inotify_register(INFO_STORAGE_DIR, __stc_inotify_handler); -#ifndef TIZEN_TV_EXT cgroup_set_release_agent(NET_CLS_SUBSYS, NET_RELEASE_AGENT); -#endif err = stc_db_initialize(); if (err != STC_ERROR_NONE) { @@ -128,25 +126,16 @@ static stc_s *__stc_manager_init(void) return NULL; //LCOV_EXCL_LINE } -#ifndef TIZEN_TV_EXT stc_plugin_appstatus_init(); stc_plugin_exception_init(); stc_plugin_procfs_init(); stc_plugin_tether_init(); stc_plugin_pcap_init(); -#endif + stc_plugin_monitor_init(); stc_firewall_init(); -#ifndef TIZEN_TV_EXT - err = stc_monitor_init(); - if (err != STC_ERROR_NONE) { - STC_LOGD("Failed to initialize stc manager"); //LCOV_EXCL_LINE - return NULL; //LCOV_EXCL_LINE - } - stc_plugin_procfs_load_pid(); -#endif stc_manager_gdbus_init((gpointer)stc); @@ -155,7 +144,7 @@ static stc_s *__stc_manager_init(void) return stc; } -stc_s *stc_get_manager(void) +API stc_s *stc_get_manager(void) { return g_stc; } diff --git a/src/stc-restriction.c b/src/stc-restriction.c old mode 100644 new mode 100755 index 6b207a5..ffe1a85 --- a/src/stc-restriction.c +++ b/src/stc-restriction.c @@ -18,7 +18,7 @@ #include "table-restrictions.h" #include "stc-restriction.h" #include "stc-manager-gdbus.h" -#include "stc-monitor.h" +#include "stc-manager-plugin-monitor.h" #define RESTRICTION_DBUS_ERROR_NAME "net.stc.restriction.Error.Failed" @@ -295,7 +295,7 @@ gboolean handle_restriction_set(StcRestriction *object, return TRUE; } - stc_monitor_rstn_add(&rule); + stc_plugin_monitor_add_rstn(&rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -338,7 +338,7 @@ gboolean handle_restriction_unset(StcRestriction *object, return TRUE; } - stc_monitor_rstn_remove(&rule); + stc_plugin_monitor_remove_rstn(&rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; -- 2.7.4 From 96b16847665efc4abd200aada4c46ba42c73a232 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 3 Dec 2018 15:03:47 +0900 Subject: [PATCH 15/16] Separate firewall function plugin Change-Id: I9df5a225ac7772b2985e2b9d24e6682b7fd60a2d Signed-off-by: hyunuktak --- include/stc-error.h | 0 include/stc-firewall.h | 10 - include/stc-manager-plugin-appstatus.h | 0 include/stc-manager-plugin-exception.h | 0 include/stc-manager-plugin-firewall.h | 44 + include/stc-manager-plugin-procfs.h | 0 include/stc-manager-plugin-tether.h | 0 include/stc-restriction.h | 0 include/stc-statistics.h | 0 include/transmission.h | 0 packaging/stc-manager.spec | 12 +- plugin/CMakeLists.txt | 1 + plugin/firewall/CMakeLists.txt | 36 + plugin/firewall/include/stc-plugin-firewall.h | 61 + plugin/firewall/stc-plugin-firewall.c | 1608 ++++++++++++++++++++++++ plugin/monitor/CMakeLists.txt | 1 + plugin/monitor/stc-plugin-monitor-connection.c | 7 +- src/CMakeLists.txt | 2 + src/database/tables/table-firewall.c | 24 +- src/helper/helper-firewall.c | 10 +- src/stc-firewall.c | 1507 +--------------------- src/stc-manager-gdbus.c | 5 +- src/stc-manager-plugin-firewall.c | 306 +++++ src/stc-manager-plugin-procfs.c | 0 src/stc-manager.c | 9 +- src/stc-statistics.c | 0 26 files changed, 2120 insertions(+), 1523 deletions(-) mode change 100644 => 100755 include/stc-error.h mode change 100644 => 100755 include/stc-firewall.h mode change 100644 => 100755 include/stc-manager-plugin-appstatus.h mode change 100644 => 100755 include/stc-manager-plugin-exception.h create mode 100755 include/stc-manager-plugin-firewall.h mode change 100644 => 100755 include/stc-manager-plugin-procfs.h mode change 100644 => 100755 include/stc-manager-plugin-tether.h mode change 100644 => 100755 include/stc-restriction.h mode change 100644 => 100755 include/stc-statistics.h mode change 100644 => 100755 include/transmission.h create mode 100644 plugin/firewall/CMakeLists.txt create mode 100755 plugin/firewall/include/stc-plugin-firewall.h create mode 100755 plugin/firewall/stc-plugin-firewall.c mode change 100644 => 100755 src/database/tables/table-firewall.c mode change 100644 => 100755 src/helper/helper-firewall.c create mode 100755 src/stc-manager-plugin-firewall.c mode change 100644 => 100755 src/stc-manager-plugin-procfs.c mode change 100644 => 100755 src/stc-statistics.c diff --git a/include/stc-error.h b/include/stc-error.h old mode 100644 new mode 100755 diff --git a/include/stc-firewall.h b/include/stc-firewall.h old mode 100644 new mode 100755 index c857f9b..861dede --- a/include/stc-firewall.h +++ b/include/stc-firewall.h @@ -26,20 +26,10 @@ * Macros and Typedefs *****************************************************************************/ -typedef struct { - stc_fw_chain_target_e target; - uint64_t priority; - GSList *rules; -} stc_fw_data_s; - /***************************************************************************** * Functions Declaration *****************************************************************************/ -void stc_firewall_init(void); -void stc_firewall_update(void); -void stc_firewall_deinit(void); - gboolean handle_firewall_lock(StcFirewall *object, GDBusMethodInvocation *invocation, void *user_data); diff --git a/include/stc-manager-plugin-appstatus.h b/include/stc-manager-plugin-appstatus.h old mode 100644 new mode 100755 diff --git a/include/stc-manager-plugin-exception.h b/include/stc-manager-plugin-exception.h old mode 100644 new mode 100755 diff --git a/include/stc-manager-plugin-firewall.h b/include/stc-manager-plugin-firewall.h new file mode 100755 index 0000000..258abc5 --- /dev/null +++ b/include/stc-manager-plugin-firewall.h @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_MANAGER_PLUGIN_FIREWALL_H__ +#define __STC_MANAGER_PLUGIN_FIREWALL_H__ + +#define STC_PLUGIN_FIREWALL_FILEPATH "/usr/lib/stc-plugin-firewall.so" + +#include "stc-plugin-firewall.h" + +int stc_plugin_firewall_init(void); +int stc_plugin_firewall_deinit(void); + +int stc_plugin_firewall_lock(void); +int stc_plugin_firewall_unlock(void); +int stc_plugin_firewall_get_lock(int *state); +int stc_plugin_firewall_update(void); + +int stc_plugin_firewall_add_chain(char *chain); +int stc_plugin_firewall_remove_chain(char *chain); +int stc_plugin_firewall_flush_chain(char *chain); +int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder); +int stc_plugin_firewall_set_chain(char *chain, uint target); +int stc_plugin_firewall_unset_chain(char *chain); + +int stc_plugin_firewall_add_rule(GVariant *params); +int stc_plugin_firewall_remove_rule(GVariant *params); +int stc_plugin_firewall_update_rule(GVariant *params); +int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder); + +#endif /* __STC_MANAGER_PLUGIN_FIREWALL_H__ */ diff --git a/include/stc-manager-plugin-procfs.h b/include/stc-manager-plugin-procfs.h old mode 100644 new mode 100755 diff --git a/include/stc-manager-plugin-tether.h b/include/stc-manager-plugin-tether.h old mode 100644 new mode 100755 diff --git a/include/stc-restriction.h b/include/stc-restriction.h old mode 100644 new mode 100755 diff --git a/include/stc-statistics.h b/include/stc-statistics.h old mode 100644 new mode 100755 diff --git a/include/transmission.h b/include/transmission.h old mode 100644 new mode 100755 diff --git a/packaging/stc-manager.spec b/packaging/stc-manager.spec index 0d98483..d8dc5c4 100644 --- a/packaging/stc-manager.spec +++ b/packaging/stc-manager.spec @@ -1,6 +1,6 @@ Name: stc-manager Summary: STC(Smart Traffic Control) manager -Version: 0.0.83 +Version: 0.0.84 Release: 0 Group: Network & Connectivity/Other License: Apache-2.0 @@ -76,6 +76,12 @@ Summary: Monitor plugin for data usage of clients %description plugin-monitor A smart traffic control manager extension for monitoring client data usage plugin +%package plugin-firewall +Summary: Firewall plugin for managing firewall rules + +%description plugin-firewall +A smart traffic control manager extension for firewall plugin + %prep %setup -q chmod 644 %{SOURCE0} @@ -178,3 +184,7 @@ cp resources/dbus/stc-manager.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/st %files plugin-monitor %manifest %{name}.manifest %attr(500,root,root) %{_libdir}/stc-plugin-monitor.so + +%files plugin-firewall +%manifest %{name}.manifest +%attr(500,root,root) %{_libdir}/stc-plugin-firewall.so diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index a56ee63..98f28b7 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -17,3 +17,4 @@ ADD_SUBDIRECTORY(procfs) ADD_SUBDIRECTORY(pcap) ADD_SUBDIRECTORY(tether) ADD_SUBDIRECTORY(monitor) +ADD_SUBDIRECTORY(firewall) diff --git a/plugin/firewall/CMakeLists.txt b/plugin/firewall/CMakeLists.txt new file mode 100644 index 0000000..1b8404b --- /dev/null +++ b/plugin/firewall/CMakeLists.txt @@ -0,0 +1,36 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) +PROJECT(stc-plugin-firewall C) + +# Set required packages +INCLUDE(FindPkgConfig) +PKG_CHECK_MODULES(firewall_plugin REQUIRED + dlog + gio-2.0 + gio-unix-2.0 + glib-2.0 + ) + +FOREACH(flag ${pcap_plugin_CFLAGS}) + SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") +ENDFOREACH(flag) + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) + +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") +SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") +SET(CMAKE_C_FLAGS_RELEASE "-O2") + +ADD_DEFINITIONS("-DUSE_DLOG") + +SET(SRCS_PLUGIN + stc-plugin-firewall.c + ) + +# library build +ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS_PLUGIN}) +ADD_DEPENDENCIES(${PROJECT_NAME} GENERATED_DBUS_CODE) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${firewall_plugin_LDFLAGS}) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "" OUTPUT_NAME ${PROJECT_NAME}) + +# install +INSTALL(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${LIBDIR}) diff --git a/plugin/firewall/include/stc-plugin-firewall.h b/plugin/firewall/include/stc-plugin-firewall.h new file mode 100755 index 0000000..bf36d58 --- /dev/null +++ b/plugin/firewall/include/stc-plugin-firewall.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __STC_PLUGIN_FIREWALL_H__ +#define __STC_PLUGIN_FIREWALL_H__ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "stc-error.h" +#include "stc-manager.h" +#include "stc-manager-gdbus.h" + +typedef struct { + stc_fw_chain_target_e target; + uint64_t priority; + GSList *rules; +} stc_fw_data_s; + +typedef struct { + int (*initialize_plugin) (void); + int (*deinitialize_plugin) (void); + + int (*lock_firewall) (void); + int (*unlock_firewall) (void); + int (*get_lock_firewall) (int *state); + int (*update_firewall) (void); + + int (*add_chain) (char *chain); + int (*remove_chain) (char *chain); + int (*flush_chain) (char *chain); + int (*get_all_chain) (GVariantBuilder *builder); + int (*set_chain) (char *chain, uint target); + int (*unset_chain) (char *chain); + + int (*add_rule) (GVariant *params); + int (*remove_rule) (GVariant *params); + int (*update_rule) (GVariant *params); + int (*get_all_rule) (GVariantBuilder *builder); +} stc_plugin_firewall_s; + +#endif /* __STC_PLUGIN_FIREWALL_H__ */ diff --git a/plugin/firewall/stc-plugin-firewall.c b/plugin/firewall/stc-plugin-firewall.c new file mode 100755 index 0000000..3e5fdd6 --- /dev/null +++ b/plugin/firewall/stc-plugin-firewall.c @@ -0,0 +1,1608 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "stc-plugin-firewall.h" +#include "table-firewall.h" +#include "helper-firewall.h" + +#define LOCK_NAME "admin" + +#define IDENTIFIER_LEN 512 + +#define CHAIN_NAME "chain" +#define CHAIN_TARGET "target" +#define CHAIN_PRIORITY "priority" + +#define RULE_IDENTIFIER "identifier" +#define RULE_KEY "key" + +#define STC_FIREWALL_CHECK_LOCK_STATE() do { \ + if (g_lock_state == FIREWALL_LOCKED) { \ + if (STC_FW_LOG) \ + STC_LOGD("Firewall is locked"); \ + return STC_ERROR_PERMISSION_DENIED; \ + } \ +} while (0) + +static GHashTable *g_firewalls = NULL; +static int g_lock_state = FIREWALL_UNKONWN; +static int g_chain_priority = 0; + +static void __fw_rule_copy(firewall_rule_s *rule, + const firewall_rule_s *info) +{ + if (info->chain) { + FREE(rule->chain); + rule->chain = g_strdup(info->chain); + } + + rule->direction = info->direction; + rule->s_ip_type = info->s_ip_type; + rule->d_ip_type = info->d_ip_type; + rule->s_port_type = info->s_port_type; + rule->d_port_type = info->d_port_type; + rule->protocol = info->protocol; + rule->family = info->family; + + rule->s_ip1 = info->s_ip1; + rule->s_ip2 = info->s_ip2; + rule->d_ip1 = info->d_ip1; + rule->d_ip2 = info->d_ip2; + + rule->s_port1 = info->s_port1; + rule->s_port2 = info->s_port2; + rule->d_port1 = info->d_port1; + rule->d_port2 = info->d_port2; + + if (info->ifname) { + FREE(rule->ifname); + rule->ifname = g_strdup(info->ifname); + } + + rule->target = info->target; + + if (info->target_str) { + FREE(rule->target_str); + rule->target_str = g_strdup(info->target_str); + } + + rule->log_level = info->log_level; + + if (info->log_prefix) { + FREE(rule->log_prefix); + rule->log_prefix = g_strdup(info->log_prefix); + } + + rule->nflog_group = info->nflog_group; + rule->nflog_range = info->nflog_range; + rule->nflog_threshold = info->nflog_threshold; + + if (info->nflog_prefix) { + FREE(rule->nflog_prefix); + rule->nflog_prefix = g_strdup(info->nflog_prefix); + } + + if (info->identifier) { + FREE(rule->identifier); + rule->identifier = g_strdup(info->identifier); + } + + rule->key = info->key; +} + +static void __fw_rule_make_key(firewall_rule_s *rule, + firewall_rule_s *info) +{ + GString *str; + + if (!rule->chain) + return; + + str = g_string_sized_new(IDENTIFIER_LEN); + if (!str) + return; + + g_string_append_printf(str, "%s", rule->chain); + + g_string_append_printf(str, "_%u%u%u%u%u%u%u", rule->direction, + rule->s_ip_type, rule->d_ip_type, rule->s_port_type, + rule->d_port_type, rule->protocol, rule->family); + + if (rule->family == STC_FW_FAMILY_V4) { + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv4.s_addr); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv4.s_addr); + + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv4.s_addr); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[3]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[3]); + + g_string_append_printf(str, "_"); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[3]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[0]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[1]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[2]); + g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[3]); + } + + g_string_append_printf(str, "_%04x", rule->s_port1); + g_string_append_printf(str, "%04x", rule->s_port2); + + g_string_append_printf(str, "_%04x", rule->d_port1); + g_string_append_printf(str, "%04x", rule->d_port2); + + g_string_append_printf(str, "_%s", (rule->ifname) ? rule->ifname : ""); + g_string_append_printf(str, "_%u", rule->target); + + switch (rule->target) { + case STC_FW_RULE_TARGET_LOG: + g_string_append_printf(str, "_%u", rule->log_level); + g_string_append_printf(str, "_%s", rule->log_prefix); + break; + case STC_FW_RULE_TARGET_NFLOG: + g_string_append_printf(str, "_%u", rule->nflog_group); + g_string_append_printf(str, "_%s", rule->nflog_prefix); + g_string_append_printf(str, "_%u", rule->nflog_range); + g_string_append_printf(str, "_%u", rule->nflog_threshold); + break; + default: + break; + } + + FREE(rule->identifier); + rule->identifier = g_string_free(str, FALSE); + rule->key = g_str_hash(rule->identifier); + + FREE(info->identifier); + info->identifier = g_strdup(rule->identifier); + info->key = rule->key; + + if (STC_DEBUG_LOG && STC_FW_LOG) { + STC_LOGD("Identifier [%s]", rule->identifier); + STC_LOGD("Key [%u]", rule->key); + } +} + +static void __fw_rule_free(void *data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + + FREE(rule->chain); + FREE(rule->ifname); + FREE(rule->target_str); + FREE(rule->log_prefix); + FREE(rule->nflog_prefix); + FREE(rule->identifier); + FREE(rule); +} + +static void __fw_data_free(gpointer value) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + + g_slist_free_full(data->rules, __fw_rule_free); + data->rules = NULL; + + FREE(data); +} + +static gint __fw_rule_comp(gconstpointer a, gconstpointer b) +{ + firewall_rule_s *data = (firewall_rule_s *)a; + firewall_rule_s *rule = (firewall_rule_s *)b; + + if ((data->key == rule->key) && + (g_strcmp0(data->identifier, rule->identifier) == 0)) + return 0; + + return -1; +} + +static stc_error_e __fw_chain_add(const char *chain) +{ + stc_fw_data_s *data; + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("chain already present"); + return STC_ERROR_ALREADY_DATA; + } + + data = MALLOC0(stc_fw_data_s, 1); + if (!data) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); + return STC_ERROR_OUT_OF_MEMORY; + } + + data->target = STC_FW_CHAIN_TARGET_NONE; + data->priority = 0; + data->rules = NULL; + + g_hash_table_insert(g_firewalls, g_strdup(chain), data); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_chain_remove(const char *chain) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + g_slist_free_full(lookup->rules, __fw_rule_free); + lookup->rules = NULL; + + g_hash_table_remove(g_firewalls, chain); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_chain_flush(const char *chain) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + g_slist_free_full(lookup->rules, __fw_rule_free); + lookup->rules = NULL; + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_chain_set(const char *chain, stc_fw_data_s value) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + lookup->target = value.target; + lookup->priority = value.priority; + + return STC_ERROR_NONE; +} + +static stc_fw_data_s *__fw_chain_get(const char *chain) +{ + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, NULL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return NULL; + } + + return lookup; +} + +static stc_error_e __fw_chain_unset(const char *chain) +{ + stc_error_e ret = STC_ERROR_NONE; + stc_fw_data_s *lookup; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + lookup->target = STC_FW_CHAIN_TARGET_NONE; + lookup->priority = 0; + + return ret; +} + +static void __fw_chain_make_params(gpointer key, gpointer value, + gpointer user_data) +{ + char *chain = (char *)key; + stc_fw_data_s *data = (stc_fw_data_s *)value; + GVariantBuilder *builder = (GVariantBuilder *)user_data; + GVariantBuilder sub_builder; + + g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); + + g_variant_builder_add(&sub_builder, "{sv}", CHAIN_NAME, + g_variant_new_string(chain)); + + g_variant_builder_add(&sub_builder, "{sv}", CHAIN_PRIORITY, + g_variant_new_uint32(data->priority)); + + g_variant_builder_add(&sub_builder, "{sv}", CHAIN_TARGET, + g_variant_new_uint16(data->target)); + + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); +} + +static void __fw_rule_make_params(gpointer data, gpointer user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + GVariantBuilder *builder = (GVariantBuilder *)user_data; + GVariantBuilder sub_builder; + + g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_CHAIN, + g_variant_new_string(rule->chain)); + + if (rule->direction != STC_FW_DIRECTION_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIRECTION, + g_variant_new_uint16(rule->direction)); + + if (rule->s_ip_type != STC_FW_IP_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIPTYPE, + g_variant_new_uint16(rule->s_ip_type)); + + if (rule->d_ip_type != STC_FW_IP_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIPTYPE, + g_variant_new_uint16(rule->d_ip_type)); + + if (rule->s_port_type != STC_FW_PORT_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORTTYPE, + g_variant_new_uint16(rule->s_port_type)); + + if (rule->d_port_type != STC_FW_PORT_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORTTYPE, + g_variant_new_uint16(rule->d_port_type)); + + if (rule->protocol != STC_FW_PROTOCOL_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_PROTOCOL, + g_variant_new_uint16(rule->protocol)); + + if (rule->family != STC_FW_FAMILY_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_FAMILY, + g_variant_new_uint16(rule->family)); + + if (rule->family == STC_FW_FAMILY_V4) { + char *addr = NULL; + + switch (rule->s_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->s_ip2.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->s_ip1.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + + switch (rule->d_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->d_ip2.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET, &(rule->d_ip1.Ipv4), addr, INET_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + } else if (rule->family == STC_FW_FAMILY_V6) { + char *addr = NULL; + + switch (rule->s_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->s_ip2.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->s_ip1.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + + switch (rule->d_ip_type) { + case STC_FW_IP_RANGE: + /* fall through */ + case STC_FW_IP_MASK: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->d_ip2.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, + g_variant_new_string(addr)); + FREE(addr); + } + /* fall through */ + case STC_FW_IP_SINGLE: + addr = g_try_malloc0(INET6_ADDRSTRLEN); + if (addr) { + inet_ntop(AF_INET6, &(rule->d_ip1.Ipv6), addr, INET6_ADDRSTRLEN); + g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, + g_variant_new_string(addr)); + FREE(addr); + } + break; + default: + break; + } + } + + g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT1, + g_variant_new_uint32(rule->s_port1)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT2, + g_variant_new_uint32(rule->s_port2)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT1, + g_variant_new_uint32(rule->d_port1)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT2, + g_variant_new_uint32(rule->d_port2)); + + if (rule->ifname) + g_variant_builder_add(&sub_builder, "{sv}", RULE_IFNAME, + g_variant_new_string(rule->ifname)); + + if (rule->target != STC_FW_RULE_TARGET_NONE) + g_variant_builder_add(&sub_builder, "{sv}", RULE_TARGET, + g_variant_new_uint16(rule->target)); + + switch (rule->target) { + case STC_FW_RULE_TARGET_LOG: + g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_LEVEL, + g_variant_new_uint16(rule->log_level)); + + if (rule->log_prefix) + g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_PREFIX, + g_variant_new_string(rule->log_prefix)); + break; + case STC_FW_RULE_TARGET_NFLOG: + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_GROUP, + g_variant_new_uint16(rule->nflog_group)); + + if (rule->nflog_prefix) + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_PREFIX, + g_variant_new_string(rule->nflog_prefix)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_RANGE, + g_variant_new_uint16(rule->nflog_range)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_THRESHOLD, + g_variant_new_uint16(rule->nflog_threshold)); + break; + default: + break; + } + + g_variant_builder_add(&sub_builder, "{sv}", RULE_IDENTIFIER, + g_variant_new_string(rule->identifier)); + + g_variant_builder_add(&sub_builder, "{sv}", RULE_KEY, + g_variant_new_uint32(rule->key)); + + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); +} + +static void __fw_rule_set_to_chain(gpointer data, gpointer user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + char *chain = (char *)user_data; + + if (chain && (g_strcmp0(rule->chain, chain) != 0)) + return; + + switch (rule->target) { + case STC_FW_RULE_TARGET_ACCEPT: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_ACCEPT); + break; + case STC_FW_RULE_TARGET_DROP: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_DROP); + break; + case STC_FW_RULE_TARGET_LOG: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_LOG); + break; + case STC_FW_RULE_TARGET_NFLOG: + FREE(rule->target_str); + rule->target_str = g_strdup(FIREWALL_RULE_TARGET_NFLOG); + break; + default: + break; + } + + firewall_rule_append(rule); +} + +static void __fw_rule_print_rules(gpointer data, gpointer user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)data; + + STC_LOGD("[%s][%d][%s][%d][%d][%04x][%04x]" + "[%d][%04x][%04x][%d][%s][%d][%s][%d][%d]", + rule->chain, rule->direction, rule->ifname, + rule->protocol, + rule->s_port_type, rule->s_port1, rule->s_port2, + rule->d_port_type, rule->d_port1, rule->d_port2, + rule->target, rule->target_str, + rule->nflog_group, rule->nflog_prefix, + rule->nflog_range, rule->nflog_threshold); + + switch (rule->family) { + case STC_FW_FAMILY_V4: + STC_LOGD("[%d][%d][%08x][%08x][%d][%08x][%08x]", + rule->family, + rule->s_ip_type, rule->s_ip1.Ipv4.s_addr, rule->s_ip2.Ipv4.s_addr, + rule->d_ip_type, rule->d_ip1.Ipv4.s_addr, rule->d_ip2.Ipv4.s_addr); + break; + case STC_FW_FAMILY_V6: + STC_LOGD("[%d][%d][%08x:%08x:%08x:%08x]" + "[%d][%08x:%08x:%08x:%08x]", + rule->family, + rule->s_ip_type, + rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], + rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3], + rule->d_ip_type, + rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], + rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); + break; + default: + break; + } +} + +static void __fw_foreach_to_print_rule(gpointer key, gpointer value, + gpointer user_data) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + + g_slist_foreach(data->rules, __fw_rule_print_rules, user_data); +} + +static void __fw_foreach_to_make_rule_param(gpointer key, gpointer value, + gpointer user_data) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + + g_slist_foreach(data->rules, __fw_rule_make_params, user_data); +} + +static void __fw_foreach_to_set_rule_to_chain(gpointer key, gpointer value, + gpointer user_data) +{ + stc_fw_data_s *data = (stc_fw_data_s *)value; + char *chain = (char *)user_data; + + if (chain || (data->target != STC_FW_CHAIN_TARGET_NONE)) + g_slist_foreach(data->rules, __fw_rule_set_to_chain, user_data); +} + +static void __fw_foreach_to_set_chain(gpointer key, gpointer value, + gpointer user_data) +{ + char *chain = (char *)key; + stc_fw_data_s *data = (stc_fw_data_s *)value; + + if (data->target != STC_FW_CHAIN_TARGET_NONE) { + firewall_chain_s info; + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = data->target; + info.priority = data->priority; + firewall_chain_set(&info); + } +} + +static void __fw_foreach_to_add_chain(gpointer key, gpointer value, + gpointer user_data) +{ + char *chain = (char *)key; + stc_fw_data_s *data = (stc_fw_data_s *)value; + + if (data->target != STC_FW_CHAIN_TARGET_NONE) { + firewall_chain_s info; + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = data->target; + info.priority = data->priority; + firewall_chain_add(&info); + } +} + +static void __fw_chain_foreach(GHFunc func, void *user_data) +{ + g_hash_table_foreach(g_firewalls, func, user_data); +} + +stc_cb_ret_e __fw_table_chain_info_cb(const firewall_chain_s *info, + void *user_data) +{ + stc_fw_data_s *data; + + data = MALLOC0(stc_fw_data_s, 1); + if (!data) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("data allocation failed"); + return STC_CONTINUE; + } + + data->target = info->target; + data->priority = info->priority; + data->rules = NULL; + + g_hash_table_insert(g_firewalls, g_strdup(info->chain), data); + + return STC_CONTINUE; +} + +stc_cb_ret_e __fw_table_rule_info_cb(const firewall_rule_s *info, + void *user_data) +{ + stc_fw_data_s *lookup; + firewall_rule_s *rule; + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_CONTINUE; + } + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); + return STC_CONTINUE; + } + + memset(rule, 0, sizeof(firewall_rule_s)); + __fw_rule_copy(rule, info); + + lookup->rules = g_slist_append(lookup->rules, rule); + + return STC_CONTINUE; +} + +static stc_error_e __fw_rule_add(firewall_rule_s *info) +{ + stc_fw_data_s *lookup; + firewall_rule_s *rule; + GSList *comp; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); + return STC_ERROR_OUT_OF_MEMORY; + } + + memset(rule, 0, sizeof(firewall_rule_s)); + __fw_rule_copy(rule, info); + __fw_rule_make_key(rule, info); + + comp = g_slist_find_custom(lookup->rules, rule, __fw_rule_comp); + if (comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); + __fw_rule_free(rule); + return STC_ERROR_ALREADY_DATA; + } + + lookup->rules = g_slist_append(lookup->rules, rule); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_rule_remove(const firewall_rule_s *info) +{ + stc_fw_data_s *lookup; + GSList *rule_list; + GSList *comp; + firewall_rule_s *rule; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + rule_list = lookup->rules; + comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); + if (!comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); + return STC_ERROR_NO_DATA; + } + + rule = comp->data; + lookup->rules = g_slist_remove(lookup->rules, rule); + __fw_rule_free(rule); + + return STC_ERROR_NONE; +} + +static stc_error_e __fw_rule_update(firewall_rule_s *info) +{ + stc_fw_data_s *lookup; + GSList *rule_list; + GSList *comp; + firewall_rule_s *origin_rule; + firewall_rule_s *update_rule; + + ret_value_msg_if(g_firewalls == NULL, + STC_ERROR_FAIL, + "firewall is not initialized!"); + + lookup = g_hash_table_lookup(g_firewalls, info->chain); + if (!lookup) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("chain not found"); + return STC_ERROR_NO_DATA; + } + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("can't be applied bcz chain is set"); + return STC_ERROR_INVALID_PARAMETER; + } + + rule_list = lookup->rules; + comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); + if (!comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule not found"); + return STC_ERROR_NO_DATA; + } + + origin_rule = comp->data; + + update_rule = MALLOC0(firewall_rule_s, 1); + if (!update_rule) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGE("rule allocation failed"); + return STC_ERROR_OUT_OF_MEMORY; + } + + memset(update_rule, 0, sizeof(firewall_rule_s)); + __fw_rule_copy(update_rule, info); + __fw_rule_make_key(update_rule, info); + + comp = g_slist_find_custom(lookup->rules, update_rule, __fw_rule_comp); + if (comp) { + if (STC_DEBUG_LOG && STC_FW_LOG) + STC_LOGD("rule already present"); + __fw_rule_free(update_rule); + return STC_ERROR_ALREADY_DATA; + } + + lookup->rules = g_slist_remove(lookup->rules, origin_rule); + __fw_rule_free(origin_rule); + + lookup->rules = g_slist_append(lookup->rules, update_rule); + + return STC_ERROR_NONE; +} + +static void __fw_rule_extract(const char *key, GVariant *value, + void *user_data) +{ + firewall_rule_s *rule = (firewall_rule_s *)user_data; + if (rule == NULL) { + __STC_LOG_FUNC_EXIT__; + return; + } + + if (g_strcmp0(key, RULE_CHAIN) == 0) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->chain = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain); + + } else if (g_strcmp0(key, RULE_DIRECTION) == 0) { + rule->direction = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction); + + } else if (g_strcmp0(key, RULE_SIPTYPE) == 0) { + rule->s_ip_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type); + + } else if (g_strcmp0(key, RULE_DIPTYPE) == 0) { + rule->d_ip_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type); + + } else if (g_strcmp0(key, RULE_SPORTTYPE) == 0) { + rule->s_port_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type); + + } else if (g_strcmp0(key, RULE_DPORTTYPE) == 0) { + rule->d_port_type = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type); + + } else if (g_strcmp0(key, RULE_PROTOCOL) == 0) { + rule->protocol = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol); + + } else if (g_strcmp0(key, RULE_FAMILY) == 0) { + rule->family = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_FAMILY, rule->family); + + } else if (g_strcmp0(key, RULE_SIP1) == 0) { + if (rule->s_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->s_ip1.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_SIP1, rule->s_ip1.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->s_ip1.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP1, + rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], + rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_SIP2) == 0) { + if (rule->s_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->s_ip2.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_SIP2, rule->s_ip2.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->s_ip2.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP2, + rule->s_ip2.Ipv6.s6_addr32[0], rule->s_ip2.Ipv6.s6_addr32[1], + rule->s_ip2.Ipv6.s6_addr32[2], rule->s_ip2.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_DIP1) == 0) { + if (rule->d_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->d_ip1.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_DIP1, rule->d_ip1.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->d_ip1.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP1, + rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], + rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_DIP2) == 0) { + if (rule->d_ip_type != STC_FW_IP_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + if (rule->family == STC_FW_FAMILY_V4) { + inet_pton(AF_INET, str, &(rule->d_ip2.Ipv4)); + STC_LOGD("%s: [%08x]", RULE_DIP2, rule->d_ip2.Ipv4.s_addr); + } else if (rule->family == STC_FW_FAMILY_V6) { + inet_pton(AF_INET6, str, &(rule->d_ip2.Ipv6)); + STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP2, + rule->d_ip2.Ipv6.s6_addr32[0], rule->d_ip2.Ipv6.s6_addr32[1], + rule->d_ip2.Ipv6.s6_addr32[2], rule->d_ip2.Ipv6.s6_addr32[3]); + } + } + + } else if (g_strcmp0(key, RULE_SPORT1) == 0) { + if (rule->s_port_type != STC_FW_PORT_NONE) { + rule->s_port1 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1); + } + + } else if (g_strcmp0(key, RULE_SPORT2) == 0) { + if (rule->s_port_type != STC_FW_PORT_NONE) { + rule->s_port2 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2); + } + + } else if (g_strcmp0(key, RULE_DPORT1) == 0) { + if (rule->d_port_type != STC_FW_PORT_NONE) { + rule->d_port1 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1); + } + + } else if (g_strcmp0(key, RULE_DPORT2) == 0) { + if (rule->d_port_type != STC_FW_PORT_NONE) { + rule->d_port2 = g_variant_get_uint32(value); + STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2); + } + + } else if (g_strcmp0(key, RULE_IFNAME) == 0) { + if (rule->direction != STC_FW_DIRECTION_NONE) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->ifname = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname); + } + + } else if (g_strcmp0(key, RULE_TARGET) == 0) { + rule->target = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_TARGET, rule->target); + + } else if (g_strcmp0(key, RULE_LOG_LEVEL) == 0) { + if (rule->target == STC_FW_RULE_TARGET_LOG) { + rule->log_level = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level); + } + + } else if (g_strcmp0(key, RULE_LOG_PREFIX) == 0) { + if (rule->target == STC_FW_RULE_TARGET_LOG) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->log_prefix = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix); + } + + } else if (g_strcmp0(key, RULE_NFLOG_GROUP) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + rule->nflog_group = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group); + } + + } else if (g_strcmp0(key, RULE_NFLOG_PREFIX) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->nflog_prefix = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix); + } + + } else if (g_strcmp0(key, RULE_NFLOG_RANGE) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + rule->nflog_range = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range); + } + + } else if (g_strcmp0(key, RULE_NFLOG_THRESHOLD) == 0) { + if (rule->target == STC_FW_RULE_TARGET_NFLOG) { + rule->nflog_threshold = g_variant_get_uint16(value); + STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold); + } + + } else if (g_strcmp0(key, RULE_IDENTIFIER) == 0) { + guint str_length; + const gchar *str = g_variant_get_string(value, &str_length); + rule->identifier = g_strdup(str); + STC_LOGD("%s: [%s]", RULE_IDENTIFIER, rule->identifier); + + } else if (g_strcmp0(key, RULE_KEY) == 0) { + rule->key = g_variant_get_uint32(value); + STC_LOGD("%s: [%u]", RULE_KEY, rule->key); + + } else { + STC_LOGD("Unknown rule [%s]", key); + } +} + +gboolean __validate_fw_rule(firewall_rule_s *rule) +{ + __STC_LOG_FUNC_ENTER__; + + if (rule == NULL) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->chain == NULL) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->direction > STC_FW_DIRECTION_OUT) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->s_ip_type > STC_FW_IP_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->d_ip_type > STC_FW_IP_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->s_port_type > STC_FW_PORT_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->d_port_type > STC_FW_PORT_RANGE) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->protocol > STC_FW_PROTOCOL_ALL) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->family > STC_FW_FAMILY_V6) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->target >= STC_FW_RULE_TARGET_MAX) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->target == STC_FW_RULE_TARGET_LOG && + (rule->log_prefix == NULL || + rule->log_prefix[0] == '\0')) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + if (rule->target == STC_FW_RULE_TARGET_NFLOG && + (rule->nflog_prefix == NULL || + rule->nflog_prefix[0] == '\0')) { + __STC_LOG_FUNC_EXIT__; + return FALSE; + } + + __STC_LOG_FUNC_EXIT__; + return TRUE; +} + +//LCOV_EXCL_START +int stc_plugin_firewall_initialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + int ret = STC_ERROR_NONE; + + g_firewalls = g_hash_table_new_full(g_str_hash, + g_str_equal, g_free, __fw_data_free); + + ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + + if (g_lock_state == FIREWALL_UNKONWN) + g_lock_state = FIREWALL_UNLOCKED; + + table_firewall_foreach_chain(__fw_table_chain_info_cb, NULL); + table_firewall_foreach_rule(__fw_table_rule_info_cb, NULL); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_deinitialize(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (g_firewalls) { + g_hash_table_destroy(g_firewalls); + g_firewalls = NULL; + } + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_lock(void) +{ + int ret = STC_ERROR_NONE; + + ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_LOCKED); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_LOCKED); + + g_lock_state = FIREWALL_LOCKED; + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_unlock(void) +{ + int ret = STC_ERROR_NONE; + + ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_UNLOCKED); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + + g_lock_state = FIREWALL_UNLOCKED; + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_get_lock(int *state) +{ + int ret = STC_ERROR_NONE; + + if (g_lock_state == FIREWALL_UNKONWN) { + ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); + if (ret != STC_ERROR_NONE) + table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + + if (g_lock_state == FIREWALL_UNKONWN) + g_lock_state = FIREWALL_UNLOCKED; + } + + *state = g_lock_state; + + return STC_ERROR_NONE; +} + +API int stc_plugin_firewall_update(void) +{ + __fw_chain_foreach(__fw_foreach_to_add_chain, NULL); + __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, NULL); + __fw_chain_foreach(__fw_foreach_to_set_chain, NULL); + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_add_chain(char *chain) +{ + int ret = STC_ERROR_NONE; + firewall_chain_s info; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + ret = __fw_chain_add(chain); + if (ret == STC_ERROR_NONE) { + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.priority = 0; + info.target = STC_FW_CHAIN_TARGET_NONE; + table_firewall_insert_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_remove_chain(char *chain) +{ + firewall_chain_s info; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + ret = __fw_chain_remove(chain); + if (ret == STC_ERROR_NONE) { + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + table_firewall_flush_chain(&info); + table_firewall_delete_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_flush_chain(char *chain) +{ + firewall_chain_s info; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + ret = __fw_chain_flush(chain); + if (ret == STC_ERROR_NONE) { + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + table_firewall_flush_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder) +{ + STC_FIREWALL_CHECK_LOCK_STATE(); + + __fw_chain_foreach(__fw_chain_make_params, builder); + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_set_chain(char *chain, uint target) +{ + stc_fw_data_s *lookup = NULL; + stc_fw_data_s data; + firewall_chain_s info; + uint priority; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + lookup = __fw_chain_get(chain); + if (lookup == NULL) + return STC_ERROR_NO_DATA; + + if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { + if (STC_FW_LOG) + STC_LOGE("chain is already set"); + return STC_ERROR_INVALID_PARAMETER; + } + + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = target; + + ret = firewall_chain_add(&info); + if (ret != STC_ERROR_NONE) + return ret; + + __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, chain); + ret = firewall_chain_set(&info); + if (ret != STC_ERROR_NONE) + return ret; + + priority = g_chain_priority + 1; + + memset(&data, 0, sizeof(stc_fw_data_s)); + data.target = target; + data.priority = priority; + + ret = __fw_chain_set(chain, data); + if (ret == STC_ERROR_NONE) { + info.priority = priority; + table_firewall_update_chain(&info); + g_chain_priority = priority; + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_unset_chain(char *chain) +{ + stc_fw_data_s *lookup = NULL; + firewall_chain_s info; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + lookup = __fw_chain_get(chain); + if (lookup == NULL) + return STC_ERROR_NO_DATA; + + if (lookup->target == STC_FW_CHAIN_TARGET_NONE) { + if (STC_FW_LOG) + STC_LOGE("chain is not set"); + return STC_ERROR_INVALID_PARAMETER; + } + + memset(&info, 0, sizeof(firewall_chain_s)); + info.chain = chain; + info.target = lookup->target; + + ret = firewall_chain_unset(&info); + if (ret != STC_ERROR_NONE) + return ret; + + ret = firewall_chain_remove(&info); + if (ret != STC_ERROR_NONE) + return ret; + + ret = __fw_chain_unset(chain); + if (ret == STC_ERROR_NONE) { + info.target = STC_FW_CHAIN_TARGET_NONE; + info.priority = 0; + table_firewall_update_chain(&info); + } else { + return STC_ERROR_FAIL; + } + + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_add_rule(GVariant *params) +{ + GVariantIter *iter = NULL; + firewall_rule_s *rule; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) + return STC_ERROR_OUT_OF_MEMORY; + + memset(rule, 0, sizeof(firewall_rule_s)); + + g_variant_get(params, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __fw_rule_extract, + rule); + g_variant_iter_free(iter); + } + + if (__validate_fw_rule(rule) == FALSE) { + __fw_rule_free(rule); + return STC_ERROR_INVALID_PARAMETER; + } + + ret = __fw_rule_add(rule); + if (ret == STC_ERROR_NONE) { + table_firewall_insert_rule(rule); + } else { + __fw_rule_free(rule); + return ret; + } + + __fw_rule_free(rule); + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_remove_rule(GVariant *params) +{ + GVariantIter *iter = NULL; + firewall_rule_s *rule; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) + return STC_ERROR_OUT_OF_MEMORY; + + memset(rule, 0, sizeof(firewall_rule_s)); + + g_variant_get(params, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __fw_rule_extract, + rule); + g_variant_iter_free(iter); + } + + if (__validate_fw_rule(rule) == FALSE) { + __fw_rule_free(rule); + return STC_ERROR_INVALID_PARAMETER; + } + + ret = __fw_rule_remove(rule); + if (ret == STC_ERROR_NONE) { + table_firewall_delete_rule(rule); + } else { + __fw_rule_free(rule); + return ret; + } + + __fw_rule_free(rule); + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_update_rule(GVariant *params) +{ + GVariantIter *iter = NULL; + firewall_rule_s *rule; + guint key; + int ret = STC_ERROR_NONE; + + STC_FIREWALL_CHECK_LOCK_STATE(); + + rule = MALLOC0(firewall_rule_s, 1); + if (!rule) + return STC_ERROR_OUT_OF_MEMORY; + + memset(rule, 0, sizeof(firewall_rule_s)); + + g_variant_get(params, "a{sv}", &iter); + if (iter != NULL) { + stc_manager_gdbus_dict_foreach(iter, + __fw_rule_extract, + rule); + g_variant_iter_free(iter); + } + + if (__validate_fw_rule(rule) == FALSE) { + __fw_rule_free(rule); + return STC_ERROR_INVALID_PARAMETER; + } + + key = rule->key; + ret = __fw_rule_update(rule); + if (ret == STC_ERROR_NONE) { + table_firewall_update_rule(rule, key); + } else { + __fw_rule_free(rule); + return ret; + } + + __fw_rule_free(rule); + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder) +{ + STC_FIREWALL_CHECK_LOCK_STATE(); + + __fw_chain_foreach(__fw_foreach_to_make_rule_param, builder); + __fw_chain_foreach(__fw_foreach_to_print_rule, NULL); + + return STC_ERROR_NONE; +} + +API stc_plugin_firewall_s stc_plugin_firewall = { + .initialize_plugin = + stc_plugin_firewall_initialize, + .deinitialize_plugin = + stc_plugin_firewall_deinitialize, + .lock_firewall = + stc_plugin_firewall_lock, + .unlock_firewall = + stc_plugin_firewall_unlock, + .get_lock_firewall = + stc_plugin_firewall_get_lock, + .update_firewall = + stc_plugin_firewall_update, + .add_chain = + stc_plugin_firewall_add_chain, + .remove_chain = + stc_plugin_firewall_remove_chain, + .flush_chain = + stc_plugin_firewall_flush_chain, + .get_all_chain = + stc_plugin_firewall_get_all_chain, + .set_chain = + stc_plugin_firewall_set_chain, + .unset_chain = + stc_plugin_firewall_unset_chain, + .add_rule = + stc_plugin_firewall_add_rule, + .remove_rule = + stc_plugin_firewall_remove_rule, + .update_rule = + stc_plugin_firewall_update_rule, + .get_all_rule = + stc_plugin_firewall_get_all_rule +}; +//LCOV_EXCL_STOP diff --git a/plugin/monitor/CMakeLists.txt b/plugin/monitor/CMakeLists.txt index c1658b1..d093f06 100644 --- a/plugin/monitor/CMakeLists.txt +++ b/plugin/monitor/CMakeLists.txt @@ -21,6 +21,7 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/src/configure/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/tether/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/exception/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/appstatus/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/plugin/firewall/include) SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -g -Werror -fvisibility=hidden") SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") diff --git a/plugin/monitor/stc-plugin-monitor-connection.c b/plugin/monitor/stc-plugin-monitor-connection.c index 06c4c30..010a6f2 100755 --- a/plugin/monitor/stc-plugin-monitor-connection.c +++ b/plugin/monitor/stc-plugin-monitor-connection.c @@ -21,6 +21,7 @@ #include "stc-manager-gdbus.h" #include "stc-plugin-monitor.h" #include "stc-plugin-monitor-connection.h" +#include "stc-manager-plugin-firewall.h" /* connman service dbus details */ #define CONNMAN_SERVICE "net.connman" @@ -455,7 +456,7 @@ static stc_error_e __get_connected_profiles(GDBusConnection *connection) g_variant_unref(message); g_slist_foreach(g_connection_list, __update_monitor_by_conn, NULL); - stc_firewall_update(); + stc_plugin_firewall_update(); return STC_ERROR_NONE; } @@ -533,7 +534,7 @@ static void __append_connected_profile(GDBusConnection *connection, g_connection_list = g_slist_append(g_connection_list, conn); stc_monitor_add_by_connection(conn); - stc_firewall_update(); + stc_plugin_firewall_update(); __get_default_connection(connection); } @@ -613,7 +614,7 @@ static void __vconf_key_callback(keynode_t *node, void *user_data) if (g_default_connection->tether_state == TRUE && g_default_connection->tether_iface.ifname) { __print_tether_connection_info(); stc_monitor_update_by_connection(&g_default_connection); - stc_firewall_update(); + stc_plugin_firewall_update(); STC_LOGI("Data monitoring started for tethering iface !"); return; } diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index d23adde..fb6a283 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -33,6 +33,7 @@ SET(PROCFS_SOURCE_DIR ${PLUGIN_DIR}/procfs) SET(PCAP_SOURCE_DIR ${PLUGIN_DIR}/pcap) SET(TETHER_SOURCE_DIR ${PLUGIN_DIR}/tether) SET(MONITOR_SOURCE_DIR ${PLUGIN_DIR}/monitor) +SET(FIREWALL_SOURCE_DIR ${PLUGIN_DIR}/firewall) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/interfaces) @@ -55,6 +56,7 @@ INCLUDE_DIRECTORIES(${PROCFS_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${PCAP_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${TETHER_SOURCE_DIR}/include) INCLUDE_DIRECTORIES(${MONITOR_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${FIREWALL_SOURCE_DIR}/include) FILE(GLOB SOURCE_SRCS ${SOURCE_DIR}/*.c) FILE(GLOB HELPER_SRCS ${HELPER_SOURCE_DIR}/*.c) diff --git a/src/database/tables/table-firewall.c b/src/database/tables/table-firewall.c old mode 100644 new mode 100755 index 3df1f52..c80161c --- a/src/database/tables/table-firewall.c +++ b/src/database/tables/table-firewall.c @@ -304,7 +304,7 @@ static void __finalize_insert(void) __STC_LOG_FUNC_EXIT__; } -stc_error_e table_firewall_insert_lock(char *name, int state) +API stc_error_e table_firewall_insert_lock(char *name, int state) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = insert_fw_lock; @@ -328,7 +328,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_update_lock(char *name, int state) +API stc_error_e table_firewall_update_lock(char *name, int state) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_fw_lock; @@ -352,7 +352,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_get_lock(char *name, int *state) +API stc_error_e table_firewall_get_lock(char *name, int *state) { int rc; stc_error_e error_code = STC_ERROR_NONE; @@ -390,7 +390,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_insert_chain(firewall_chain_s *info) +API stc_error_e table_firewall_insert_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = insert_fw_chain; @@ -419,7 +419,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_delete_chain(firewall_chain_s *info) +API stc_error_e table_firewall_delete_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_fw_chain; @@ -447,7 +447,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_flush_chain(firewall_chain_s *info) +API stc_error_e table_firewall_flush_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_fw_rule_per_chain; @@ -475,7 +475,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_update_chain(firewall_chain_s *info) +API stc_error_e table_firewall_update_chain(firewall_chain_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = update_fw_chain; @@ -504,7 +504,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb, +API stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb, void *user_data) { firewall_chain_s info; @@ -541,7 +541,7 @@ stc_error_e table_firewall_foreach_chain(firewall_chain_cb info_cb, return error_code; } -stc_error_e table_firewall_insert_rule(firewall_rule_s *info) +API stc_error_e table_firewall_insert_rule(firewall_rule_s *info) { stc_error_e error_code = STC_ERROR_NONE; char buf[BUF_SIZE_FOR_IP]; @@ -640,7 +640,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_delete_rule(firewall_rule_s *info) +API stc_error_e table_firewall_delete_rule(firewall_rule_s *info) { stc_error_e error_code = STC_ERROR_NONE; sqlite3_stmt *stmt = delete_fw_rule; @@ -667,7 +667,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key) +API stc_error_e table_firewall_update_rule(firewall_rule_s *info, guint key) { stc_error_e error_code = STC_ERROR_NONE; char buf[BUF_SIZE_FOR_IP]; @@ -768,7 +768,7 @@ handle_error: return error_code; } -stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb, +API stc_error_e table_firewall_foreach_rule(firewall_rule_cb info_cb, void *user_data) { firewall_rule_s info; diff --git a/src/helper/helper-firewall.c b/src/helper/helper-firewall.c old mode 100644 new mode 100755 index 644ab75..a9b0817 --- a/src/helper/helper-firewall.c +++ b/src/helper/helper-firewall.c @@ -613,7 +613,7 @@ static int __fw6_remove_rule(GDBusConnection *connection, return STC_ERROR_NONE; } -stc_error_e firewall_chain_add(firewall_chain_s *chain) +API stc_error_e firewall_chain_add(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -641,7 +641,7 @@ stc_error_e firewall_chain_add(firewall_chain_s *chain) return ret; } -stc_error_e firewall_chain_remove(firewall_chain_s *chain) +API stc_error_e firewall_chain_remove(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -697,7 +697,7 @@ stc_error_e firewall_chain_flush(firewall_chain_s *chain) return ret; } -stc_error_e firewall_chain_set(firewall_chain_s *chain) +API stc_error_e firewall_chain_set(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -708,7 +708,7 @@ stc_error_e firewall_chain_set(firewall_chain_s *chain) return ret; } -stc_error_e firewall_chain_unset(firewall_chain_s *chain) +API stc_error_e firewall_chain_unset(firewall_chain_s *chain) { __STC_LOG_FUNC_ENTER__; @@ -719,7 +719,7 @@ stc_error_e firewall_chain_unset(firewall_chain_s *chain) return ret; } -stc_error_e firewall_rule_append(firewall_rule_s *rule) +API stc_error_e firewall_rule_append(firewall_rule_s *rule) { stc_error_e ret = STC_ERROR_NONE; stc_s *stc = stc_get_manager(); diff --git a/src/stc-firewall.c b/src/stc-firewall.c index 64e7abb..bc71cc9 100755 --- a/src/stc-firewall.c +++ b/src/stc-firewall.c @@ -19,17 +19,7 @@ #include "helper-firewall.h" #include "stc-firewall.h" #include "stc-manager-gdbus.h" - -#define IDENTIFIER_LEN 512 - -#define LOCK_NAME "admin" - -#define CHAIN_NAME "chain" -#define CHAIN_TARGET "target" -#define CHAIN_PRIORITY "priority" - -#define RULE_IDENTIFIER "identifier" -#define RULE_KEY "key" +#include "stc-manager-plugin-firewall.h" #define FIREWALL_DBUS_ERROR_NAME "net.stc.firewall.Error.Failed" @@ -38,16 +28,6 @@ FIREWALL_DBUS_ERROR_NAME, \ stc_err_strs[-(err_num)]) -#define STC_FIREWALL_CHECK_LOCK_STATE(invocation) do { \ - if (g_lock_state == FIREWALL_LOCKED) { \ - STC_LOGD("Firewall is locked"); \ - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, \ - STC_ERROR_PERMISSION_DENIED); \ - __STC_LOG_FUNC_EXIT__; \ - return TRUE; \ - } \ -} while (0) - static const gchar *stc_err_strs[] = { "ERROR_NONE", "FAIL", @@ -61,1216 +41,13 @@ static const gchar *stc_err_strs[] = { "NOTIMPL" }; -static GHashTable *g_firewalls = NULL; -static int g_lock_state = FIREWALL_UNKONWN; -static uint g_chain_priority = 0; - -static void __fw_rule_copy(firewall_rule_s *rule, - const firewall_rule_s *info) -{ - if (info->chain) { - FREE(rule->chain); - rule->chain = g_strdup(info->chain); - } - - rule->direction = info->direction; - rule->s_ip_type = info->s_ip_type; - rule->d_ip_type = info->d_ip_type; - rule->s_port_type = info->s_port_type; - rule->d_port_type = info->d_port_type; - rule->protocol = info->protocol; - rule->family = info->family; - - rule->s_ip1 = info->s_ip1; - rule->s_ip2 = info->s_ip2; - rule->d_ip1 = info->d_ip1; - rule->d_ip2 = info->d_ip2; - - rule->s_port1 = info->s_port1; - rule->s_port2 = info->s_port2; - rule->d_port1 = info->d_port1; - rule->d_port2 = info->d_port2; - - if (info->ifname) { - FREE(rule->ifname); - rule->ifname = g_strdup(info->ifname); - } - - rule->target = info->target; - - if (info->target_str) { - FREE(rule->target_str); - rule->target_str = g_strdup(info->target_str); - } - - rule->log_level = info->log_level; - - if (info->log_prefix) { - FREE(rule->log_prefix); - rule->log_prefix = g_strdup(info->log_prefix); - } - - rule->nflog_group = info->nflog_group; - rule->nflog_range = info->nflog_range; - rule->nflog_threshold = info->nflog_threshold; - - if (info->nflog_prefix) { - FREE(rule->nflog_prefix); - rule->nflog_prefix = g_strdup(info->nflog_prefix); - } - - if (info->identifier) { - FREE(rule->identifier); - rule->identifier = g_strdup(info->identifier); - } - - rule->key = info->key; -} - -static void __fw_rule_make_key(firewall_rule_s *rule, - firewall_rule_s *info) -{ - GString *str; - - if (!rule->chain) - return; - - str = g_string_sized_new(IDENTIFIER_LEN); - if (!str) - return; - - g_string_append_printf(str, "%s", rule->chain); - - g_string_append_printf(str, "_%u%u%u%u%u%u%u", rule->direction, - rule->s_ip_type, rule->d_ip_type, rule->s_port_type, - rule->d_port_type, rule->protocol, rule->family); - - if (rule->family == STC_FW_FAMILY_V4) { - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv4.s_addr); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv4.s_addr); - - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv4.s_addr); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->s_ip1.Ipv6.s6_addr32[3]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->s_ip2.Ipv6.s6_addr32[3]); - - g_string_append_printf(str, "_"); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->d_ip1.Ipv6.s6_addr32[3]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[0]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[1]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[2]); - g_string_append_printf(str, "%08x", rule->d_ip2.Ipv6.s6_addr32[3]); - } - - g_string_append_printf(str, "_%04x", rule->s_port1); - g_string_append_printf(str, "%04x", rule->s_port2); - - g_string_append_printf(str, "_%04x", rule->d_port1); - g_string_append_printf(str, "%04x", rule->d_port2); - - g_string_append_printf(str, "_%s", (rule->ifname) ? rule->ifname : ""); - g_string_append_printf(str, "_%u", rule->target); - - switch (rule->target) { - case STC_FW_RULE_TARGET_LOG: - g_string_append_printf(str, "_%u", rule->log_level); - g_string_append_printf(str, "_%s", rule->log_prefix); - break; - case STC_FW_RULE_TARGET_NFLOG: - g_string_append_printf(str, "_%u", rule->nflog_group); - g_string_append_printf(str, "_%s", rule->nflog_prefix); - g_string_append_printf(str, "_%u", rule->nflog_range); - g_string_append_printf(str, "_%u", rule->nflog_threshold); - break; - default: - break; - } - - FREE(rule->identifier); - rule->identifier = g_string_free(str, FALSE); - rule->key = g_str_hash(rule->identifier); - - FREE(info->identifier); - info->identifier = g_strdup(rule->identifier); - info->key = rule->key; - - if (STC_DEBUG_LOG && STC_FW_LOG) { - STC_LOGD("Identifier [%s]", rule->identifier); - STC_LOGD("Key [%u]", rule->key); - } -} - -static void __fw_rule_free(void *data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - - FREE(rule->chain); - FREE(rule->ifname); - FREE(rule->target_str); - FREE(rule->log_prefix); - FREE(rule->nflog_prefix); - FREE(rule->identifier); - FREE(rule); -} - -static void __fw_data_free(gpointer value) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - - g_slist_free_full(data->rules, __fw_rule_free); - data->rules = NULL; - - FREE(data); -} - -static gint __fw_rule_comp(gconstpointer a, gconstpointer b) -{ - firewall_rule_s *data = (firewall_rule_s *)a; - firewall_rule_s *rule = (firewall_rule_s *)b; - - if ((data->key == rule->key) && - (g_strcmp0(data->identifier, rule->identifier) == 0)) - return 0; - - return -1; -} - -static stc_error_e __fw_chain_add(const char *chain) -{ - stc_fw_data_s *data; - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("chain already present"); - return STC_ERROR_ALREADY_DATA; - } - - data = MALLOC0(stc_fw_data_s, 1); - if (!data) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("data allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - data->target = STC_FW_CHAIN_TARGET_NONE; - data->priority = 0; - data->rules = NULL; - - g_hash_table_insert(g_firewalls, g_strdup(chain), data); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_chain_remove(const char *chain) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - g_slist_free_full(lookup->rules, __fw_rule_free); - lookup->rules = NULL; - - g_hash_table_remove(g_firewalls, chain); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_chain_flush(const char *chain) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - g_slist_free_full(lookup->rules, __fw_rule_free); - lookup->rules = NULL; - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_chain_set(const char *chain, stc_fw_data_s value) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - lookup->target = value.target; - lookup->priority = value.priority; - - return STC_ERROR_NONE; -} - -static stc_fw_data_s *__fw_chain_get(const char *chain) -{ - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, NULL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return NULL; - } - - return lookup; -} - -static stc_error_e __fw_chain_unset(const char *chain) -{ - stc_error_e ret = STC_ERROR_NONE; - stc_fw_data_s *lookup; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - lookup->target = STC_FW_CHAIN_TARGET_NONE; - lookup->priority = 0; - - return ret; -} - -static void __fw_chain_make_params(gpointer key, gpointer value, - gpointer user_data) -{ - char *chain = (char *)key; - stc_fw_data_s *data = (stc_fw_data_s *)value; - GVariantBuilder *builder = (GVariantBuilder *)user_data; - GVariantBuilder sub_builder; - - g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); - - g_variant_builder_add(&sub_builder, "{sv}", CHAIN_NAME, - g_variant_new_string(chain)); - - g_variant_builder_add(&sub_builder, "{sv}", CHAIN_PRIORITY, - g_variant_new_uint32(data->priority)); - - g_variant_builder_add(&sub_builder, "{sv}", CHAIN_TARGET, - g_variant_new_uint16(data->target)); - - g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); -} - -static void __fw_rule_make_params(gpointer data, gpointer user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - GVariantBuilder *builder = (GVariantBuilder *)user_data; - GVariantBuilder sub_builder; - - g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_CHAIN, - g_variant_new_string(rule->chain)); - - if (rule->direction != STC_FW_DIRECTION_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIRECTION, - g_variant_new_uint16(rule->direction)); - - if (rule->s_ip_type != STC_FW_IP_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIPTYPE, - g_variant_new_uint16(rule->s_ip_type)); - - if (rule->d_ip_type != STC_FW_IP_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIPTYPE, - g_variant_new_uint16(rule->d_ip_type)); - - if (rule->s_port_type != STC_FW_PORT_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORTTYPE, - g_variant_new_uint16(rule->s_port_type)); - - if (rule->d_port_type != STC_FW_PORT_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORTTYPE, - g_variant_new_uint16(rule->d_port_type)); - - if (rule->protocol != STC_FW_PROTOCOL_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_PROTOCOL, - g_variant_new_uint16(rule->protocol)); - - if (rule->family != STC_FW_FAMILY_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_FAMILY, - g_variant_new_uint16(rule->family)); - - if (rule->family == STC_FW_FAMILY_V4) { - char *addr = NULL; - - switch (rule->s_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->s_ip2.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->s_ip1.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - - switch (rule->d_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->d_ip2.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET, &(rule->d_ip1.Ipv4), addr, INET_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - } else if (rule->family == STC_FW_FAMILY_V6) { - char *addr = NULL; - - switch (rule->s_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->s_ip2.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->s_ip1.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_SIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - - switch (rule->d_ip_type) { - case STC_FW_IP_RANGE: - /* fall through */ - case STC_FW_IP_MASK: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->d_ip2.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP2, - g_variant_new_string(addr)); - FREE(addr); - } - /* fall through */ - case STC_FW_IP_SINGLE: - addr = g_try_malloc0(INET6_ADDRSTRLEN); - if (addr) { - inet_ntop(AF_INET6, &(rule->d_ip1.Ipv6), addr, INET6_ADDRSTRLEN); - g_variant_builder_add(&sub_builder, "{sv}", RULE_DIP1, - g_variant_new_string(addr)); - FREE(addr); - } - break; - default: - break; - } - } - - g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT1, - g_variant_new_uint32(rule->s_port1)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_SPORT2, - g_variant_new_uint32(rule->s_port2)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT1, - g_variant_new_uint32(rule->d_port1)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_DPORT2, - g_variant_new_uint32(rule->d_port2)); - - if (rule->ifname) - g_variant_builder_add(&sub_builder, "{sv}", RULE_IFNAME, - g_variant_new_string(rule->ifname)); - - if (rule->target != STC_FW_RULE_TARGET_NONE) - g_variant_builder_add(&sub_builder, "{sv}", RULE_TARGET, - g_variant_new_uint16(rule->target)); - - switch (rule->target) { - case STC_FW_RULE_TARGET_LOG: - g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_LEVEL, - g_variant_new_uint16(rule->log_level)); - - if (rule->log_prefix) - g_variant_builder_add(&sub_builder, "{sv}", RULE_LOG_PREFIX, - g_variant_new_string(rule->log_prefix)); - break; - case STC_FW_RULE_TARGET_NFLOG: - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_GROUP, - g_variant_new_uint16(rule->nflog_group)); - - if (rule->nflog_prefix) - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_PREFIX, - g_variant_new_string(rule->nflog_prefix)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_RANGE, - g_variant_new_uint16(rule->nflog_range)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_NFLOG_THRESHOLD, - g_variant_new_uint16(rule->nflog_threshold)); - break; - default: - break; - } - - g_variant_builder_add(&sub_builder, "{sv}", RULE_IDENTIFIER, - g_variant_new_string(rule->identifier)); - - g_variant_builder_add(&sub_builder, "{sv}", RULE_KEY, - g_variant_new_uint32(rule->key)); - - g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); -} - -static void __fw_rule_set_to_chain(gpointer data, gpointer user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - char *chain = (char *)user_data; - - if (chain && (g_strcmp0(rule->chain, chain) != 0)) - return; - - switch (rule->target) { - case STC_FW_RULE_TARGET_ACCEPT: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_ACCEPT); - break; - case STC_FW_RULE_TARGET_DROP: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_DROP); - break; - case STC_FW_RULE_TARGET_LOG: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_LOG); - break; - case STC_FW_RULE_TARGET_NFLOG: - FREE(rule->target_str); - rule->target_str = g_strdup(FIREWALL_RULE_TARGET_NFLOG); - break; - default: - break; - } - - firewall_rule_append(rule); -} - -static void __fw_rule_print_rules(gpointer data, gpointer user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)data; - - STC_LOGD("[%s][%d][%s][%d][%d][%04x][%04x]" - "[%d][%04x][%04x][%d][%s][%d][%s][%d][%d]", - rule->chain, rule->direction, rule->ifname, - rule->protocol, - rule->s_port_type, rule->s_port1, rule->s_port2, - rule->d_port_type, rule->d_port1, rule->d_port2, - rule->target, rule->target_str, - rule->nflog_group, rule->nflog_prefix, - rule->nflog_range, rule->nflog_threshold); - - switch (rule->family) { - case STC_FW_FAMILY_V4: - STC_LOGD("[%d][%d][%08x][%08x][%d][%08x][%08x]", - rule->family, - rule->s_ip_type, rule->s_ip1.Ipv4.s_addr, rule->s_ip2.Ipv4.s_addr, - rule->d_ip_type, rule->d_ip1.Ipv4.s_addr, rule->d_ip2.Ipv4.s_addr); - break; - case STC_FW_FAMILY_V6: - STC_LOGD("[%d][%d][%08x:%08x:%08x:%08x]" - "[%d][%08x:%08x:%08x:%08x]", - rule->family, - rule->s_ip_type, - rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], - rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3], - rule->d_ip_type, - rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], - rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); - break; - default: - break; - } -} - -static void __fw_foreach_to_print_rule(gpointer key, gpointer value, - gpointer user_data) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - - g_slist_foreach(data->rules, __fw_rule_print_rules, user_data); -} - -static void __fw_foreach_to_make_rule_param(gpointer key, gpointer value, - gpointer user_data) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - - g_slist_foreach(data->rules, __fw_rule_make_params, user_data); -} - -static void __fw_foreach_to_set_rule_to_chain(gpointer key, gpointer value, - gpointer user_data) -{ - stc_fw_data_s *data = (stc_fw_data_s *)value; - char *chain = (char *)user_data; - - if (chain || (data->target != STC_FW_CHAIN_TARGET_NONE)) - g_slist_foreach(data->rules, __fw_rule_set_to_chain, user_data); -} - -static void __fw_foreach_to_set_chain(gpointer key, gpointer value, - gpointer user_data) -{ - char *chain = (char *)key; - stc_fw_data_s *data = (stc_fw_data_s *)value; - - if (data->target != STC_FW_CHAIN_TARGET_NONE) { - firewall_chain_s info; - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = data->target; - info.priority = data->priority; - firewall_chain_set(&info); - } -} - -static void __fw_foreach_to_add_chain(gpointer key, gpointer value, - gpointer user_data) -{ - char *chain = (char *)key; - stc_fw_data_s *data = (stc_fw_data_s *)value; - - if (data->target != STC_FW_CHAIN_TARGET_NONE) { - firewall_chain_s info; - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = data->target; - info.priority = data->priority; - firewall_chain_add(&info); - } -} - -static void __fw_chain_foreach(GHFunc func, void *user_data) -{ - g_hash_table_foreach(g_firewalls, func, user_data); -} - -stc_cb_ret_e __fw_table_chain_info_cb(const firewall_chain_s *info, - void *user_data) -{ - stc_fw_data_s *data; - - data = MALLOC0(stc_fw_data_s, 1); - if (!data) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("data allocation failed"); - return STC_CONTINUE; - } - - data->target = info->target; - data->priority = info->priority; - data->rules = NULL; - - g_hash_table_insert(g_firewalls, g_strdup(info->chain), data); - - return STC_CONTINUE; -} - -stc_cb_ret_e __fw_table_rule_info_cb(const firewall_rule_s *info, - void *user_data) -{ - stc_fw_data_s *lookup; - firewall_rule_s *rule; - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_CONTINUE; - } - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_CONTINUE; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - __fw_rule_copy(rule, info); - - lookup->rules = g_slist_append(lookup->rules, rule); - - return STC_CONTINUE; -} - -static stc_error_e __fw_rule_add(firewall_rule_s *info) -{ - stc_fw_data_s *lookup; - firewall_rule_s *rule; - GSList *comp; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - __fw_rule_copy(rule, info); - __fw_rule_make_key(rule, info); - - comp = g_slist_find_custom(lookup->rules, rule, __fw_rule_comp); - if (comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule already present"); - __fw_rule_free(rule); - return STC_ERROR_ALREADY_DATA; - } - - lookup->rules = g_slist_append(lookup->rules, rule); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_rule_remove(const firewall_rule_s *info) -{ - stc_fw_data_s *lookup; - GSList *rule_list; - GSList *comp; - firewall_rule_s *rule; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - rule_list = lookup->rules; - comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); - if (!comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule not found"); - return STC_ERROR_NO_DATA; - } - - rule = comp->data; - lookup->rules = g_slist_remove(lookup->rules, rule); - __fw_rule_free(rule); - - return STC_ERROR_NONE; -} - -static stc_error_e __fw_rule_update(firewall_rule_s *info) -{ - stc_fw_data_s *lookup; - GSList *rule_list; - GSList *comp; - firewall_rule_s *origin_rule; - firewall_rule_s *update_rule; - - ret_value_msg_if(g_firewalls == NULL, - STC_ERROR_FAIL, - "firewall is not initialized!"); - - lookup = g_hash_table_lookup(g_firewalls, info->chain); - if (!lookup) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain not found"); - return STC_ERROR_NO_DATA; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("can't be applied bcz chain is set"); - return STC_ERROR_INVALID_PARAMETER; - } - - rule_list = lookup->rules; - comp = g_slist_find_custom(rule_list, info, __fw_rule_comp); - if (!comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule not found"); - return STC_ERROR_NO_DATA; - } - - origin_rule = comp->data; - - update_rule = MALLOC0(firewall_rule_s, 1); - if (!update_rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(update_rule, 0, sizeof(firewall_rule_s)); - __fw_rule_copy(update_rule, info); - __fw_rule_make_key(update_rule, info); - - comp = g_slist_find_custom(lookup->rules, update_rule, __fw_rule_comp); - if (comp) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGD("rule already present"); - __fw_rule_free(update_rule); - return STC_ERROR_ALREADY_DATA; - } - - lookup->rules = g_slist_remove(lookup->rules, origin_rule); - __fw_rule_free(origin_rule); - - lookup->rules = g_slist_append(lookup->rules, update_rule); - - return STC_ERROR_NONE; -} - -static void __fw_rule_extract(const char *key, GVariant *value, - void *user_data) -{ - firewall_rule_s *rule = (firewall_rule_s *)user_data; - if (rule == NULL) { - __STC_LOG_FUNC_EXIT__; - return; - } - - if (g_strcmp0(key, RULE_CHAIN) == 0) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->chain = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain); - - } else if (g_strcmp0(key, RULE_DIRECTION) == 0) { - rule->direction = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction); - - } else if (g_strcmp0(key, RULE_SIPTYPE) == 0) { - rule->s_ip_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type); - - } else if (g_strcmp0(key, RULE_DIPTYPE) == 0) { - rule->d_ip_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type); - - } else if (g_strcmp0(key, RULE_SPORTTYPE) == 0) { - rule->s_port_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type); - - } else if (g_strcmp0(key, RULE_DPORTTYPE) == 0) { - rule->d_port_type = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type); - - } else if (g_strcmp0(key, RULE_PROTOCOL) == 0) { - rule->protocol = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol); - - } else if (g_strcmp0(key, RULE_FAMILY) == 0) { - rule->family = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_FAMILY, rule->family); - - } else if (g_strcmp0(key, RULE_SIP1) == 0) { - if (rule->s_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->s_ip1.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_SIP1, rule->s_ip1.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->s_ip1.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP1, - rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1], - rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_SIP2) == 0) { - if (rule->s_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->s_ip2.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_SIP2, rule->s_ip2.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->s_ip2.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP2, - rule->s_ip2.Ipv6.s6_addr32[0], rule->s_ip2.Ipv6.s6_addr32[1], - rule->s_ip2.Ipv6.s6_addr32[2], rule->s_ip2.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_DIP1) == 0) { - if (rule->d_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->d_ip1.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_DIP1, rule->d_ip1.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->d_ip1.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP1, - rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1], - rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_DIP2) == 0) { - if (rule->d_ip_type != STC_FW_IP_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - if (rule->family == STC_FW_FAMILY_V4) { - inet_pton(AF_INET, str, &(rule->d_ip2.Ipv4)); - STC_LOGD("%s: [%08x]", RULE_DIP2, rule->d_ip2.Ipv4.s_addr); - } else if (rule->family == STC_FW_FAMILY_V6) { - inet_pton(AF_INET6, str, &(rule->d_ip2.Ipv6)); - STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP2, - rule->d_ip2.Ipv6.s6_addr32[0], rule->d_ip2.Ipv6.s6_addr32[1], - rule->d_ip2.Ipv6.s6_addr32[2], rule->d_ip2.Ipv6.s6_addr32[3]); - } - } - - } else if (g_strcmp0(key, RULE_SPORT1) == 0) { - if (rule->s_port_type != STC_FW_PORT_NONE) { - rule->s_port1 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1); - } - - } else if (g_strcmp0(key, RULE_SPORT2) == 0) { - if (rule->s_port_type != STC_FW_PORT_NONE) { - rule->s_port2 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2); - } - - } else if (g_strcmp0(key, RULE_DPORT1) == 0) { - if (rule->d_port_type != STC_FW_PORT_NONE) { - rule->d_port1 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1); - } - - } else if (g_strcmp0(key, RULE_DPORT2) == 0) { - if (rule->d_port_type != STC_FW_PORT_NONE) { - rule->d_port2 = g_variant_get_uint32(value); - STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2); - } - - } else if (g_strcmp0(key, RULE_IFNAME) == 0) { - if (rule->direction != STC_FW_DIRECTION_NONE) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->ifname = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname); - } - - } else if (g_strcmp0(key, RULE_TARGET) == 0) { - rule->target = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_TARGET, rule->target); - - } else if (g_strcmp0(key, RULE_LOG_LEVEL) == 0) { - if (rule->target == STC_FW_RULE_TARGET_LOG) { - rule->log_level = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level); - } - - } else if (g_strcmp0(key, RULE_LOG_PREFIX) == 0) { - if (rule->target == STC_FW_RULE_TARGET_LOG) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->log_prefix = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix); - } - - } else if (g_strcmp0(key, RULE_NFLOG_GROUP) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - rule->nflog_group = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group); - } - - } else if (g_strcmp0(key, RULE_NFLOG_PREFIX) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->nflog_prefix = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix); - } - - } else if (g_strcmp0(key, RULE_NFLOG_RANGE) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - rule->nflog_range = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range); - } - - } else if (g_strcmp0(key, RULE_NFLOG_THRESHOLD) == 0) { - if (rule->target == STC_FW_RULE_TARGET_NFLOG) { - rule->nflog_threshold = g_variant_get_uint16(value); - STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold); - } - - } else if (g_strcmp0(key, RULE_IDENTIFIER) == 0) { - guint str_length; - const gchar *str = g_variant_get_string(value, &str_length); - rule->identifier = g_strdup(str); - STC_LOGD("%s: [%s]", RULE_IDENTIFIER, rule->identifier); - - } else if (g_strcmp0(key, RULE_KEY) == 0) { - rule->key = g_variant_get_uint32(value); - STC_LOGD("%s: [%u]", RULE_KEY, rule->key); - - } else { - STC_LOGD("Unknown rule [%s]", key); - } -} - -gboolean __validate_fw_rule(firewall_rule_s *rule) -{ - __STC_LOG_FUNC_ENTER__; - - if (rule == NULL) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->chain == NULL) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->direction > STC_FW_DIRECTION_OUT) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->s_ip_type > STC_FW_IP_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->d_ip_type > STC_FW_IP_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->s_port_type > STC_FW_PORT_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->d_port_type > STC_FW_PORT_RANGE) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->protocol > STC_FW_PROTOCOL_ALL) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->family > STC_FW_FAMILY_V6) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->target >= STC_FW_RULE_TARGET_MAX) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->target == STC_FW_RULE_TARGET_LOG && - (rule->log_prefix == NULL || - rule->log_prefix[0] == '\0')) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - if (rule->target == STC_FW_RULE_TARGET_NFLOG && - (rule->nflog_prefix == NULL || - rule->nflog_prefix[0] == '\0')) { - __STC_LOG_FUNC_EXIT__; - return FALSE; - } - - __STC_LOG_FUNC_EXIT__; - return TRUE; -} - -void stc_firewall_init(void) -{ - __STC_LOG_FUNC_ENTER__; - - int ret = STC_ERROR_NONE; - - g_firewalls = g_hash_table_new_full(g_str_hash, - g_str_equal, g_free, __fw_data_free); - - ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); - - if (g_lock_state == FIREWALL_UNKONWN) - g_lock_state = FIREWALL_UNLOCKED; - - table_firewall_foreach_chain(__fw_table_chain_info_cb, NULL); - table_firewall_foreach_rule(__fw_table_rule_info_cb, NULL); - - __STC_LOG_FUNC_EXIT__; -} - -API void stc_firewall_update(void) -{ - __STC_LOG_FUNC_ENTER__; - - __fw_chain_foreach(__fw_foreach_to_add_chain, NULL); - __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, NULL); - __fw_chain_foreach(__fw_foreach_to_set_chain, NULL); - - __STC_LOG_FUNC_EXIT__; -} - -void stc_firewall_deinit(void) -{ - __STC_LOG_FUNC_ENTER__; - - if (g_firewalls) { - g_hash_table_destroy(g_firewalls); - g_firewalls = NULL; - } - - __STC_LOG_FUNC_EXIT__; -} - gboolean handle_firewall_lock(StcFirewall *object, GDBusMethodInvocation *invocation, void *user_data) { __STC_LOG_FUNC_ENTER__; - int ret = STC_ERROR_NONE; - ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_LOCKED); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_LOCKED); - - g_lock_state = FIREWALL_LOCKED; + stc_plugin_firewall_lock(); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; @@ -1282,13 +59,8 @@ gboolean handle_firewall_unlock(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - int ret = STC_ERROR_NONE; - ret = table_firewall_update_lock(LOCK_NAME, FIREWALL_UNLOCKED); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); - - g_lock_state = FIREWALL_UNLOCKED; + stc_plugin_firewall_unlock(); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; @@ -1300,19 +72,12 @@ gboolean handle_firewall_get_lock(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - int ret = STC_ERROR_NONE; GVariant *return_parameters = NULL; + int state = 0; - if (g_lock_state == FIREWALL_UNKONWN) { - ret = table_firewall_get_lock(LOCK_NAME, &g_lock_state); - if (ret != STC_ERROR_NONE) - table_firewall_insert_lock(LOCK_NAME, FIREWALL_UNLOCKED); + stc_plugin_firewall_get_lock(&state); - if (g_lock_state == FIREWALL_UNKONWN) - g_lock_state = FIREWALL_UNLOCKED; - } - - return_parameters = g_variant_new("(i)", g_lock_state); + return_parameters = g_variant_new("(i)", state); STC_DBUS_REPLY(invocation, return_parameters); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1324,11 +89,8 @@ gboolean handle_firewall_add_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1336,14 +98,8 @@ gboolean handle_firewall_add_chain(StcFirewall *object, return TRUE; } - ret = __fw_chain_add(chain); - if (ret == STC_ERROR_NONE) { - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.priority = 0; - info.target = STC_FW_CHAIN_TARGET_NONE; - table_firewall_insert_chain(&info); - } else { + ret = stc_plugin_firewall_add_chain(chain); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1360,11 +116,8 @@ gboolean handle_firewall_remove_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1372,13 +125,8 @@ gboolean handle_firewall_remove_chain(StcFirewall *object, return TRUE; } - ret = __fw_chain_remove(chain); - if (ret == STC_ERROR_NONE) { - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - table_firewall_flush_chain(&info); - table_firewall_delete_chain(&info); - } else { + ret = stc_plugin_firewall_remove_chain(chain); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1395,11 +143,8 @@ gboolean handle_firewall_flush_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1407,12 +152,8 @@ gboolean handle_firewall_flush_chain(StcFirewall *object, return TRUE; } - ret = __fw_chain_flush(chain); - if (ret == STC_ERROR_NONE) { - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - table_firewall_flush_chain(&info); - } else { + ret = stc_plugin_firewall_flush_chain(chain); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1431,11 +172,9 @@ gboolean handle_firewall_get_all_chain(StcFirewall *object, GVariantBuilder *builder = NULL; GVariant *return_parameters = NULL; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}")); - __fw_chain_foreach(__fw_chain_make_params, builder); + stc_plugin_firewall_get_all_chain(builder); return_parameters = g_variant_new("(aa{sv})", builder); g_variant_builder_unref(builder); @@ -1453,14 +192,8 @@ gboolean handle_firewall_set_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - stc_fw_data_s *lookup = NULL; - stc_fw_data_s data; - firewall_chain_s info; - uint priority; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL || target >= STC_FW_CHAIN_TARGET_MAX) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, @@ -1469,60 +202,13 @@ gboolean handle_firewall_set_chain(StcFirewall *object, return TRUE; } - lookup = __fw_chain_get(chain); - if (lookup == NULL) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_NO_DATA); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - if (lookup->target != STC_FW_CHAIN_TARGET_NONE) { - STC_LOGE("chain is already set"); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - /* stc-iptables */ - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = target; - - ret = firewall_chain_add(&info); + ret = stc_plugin_firewall_set_chain(chain, target); if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, chain); - ret = firewall_chain_set(&info); - if (ret != STC_ERROR_NONE) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - /* stc-iptables */ - - priority = g_chain_priority + 1; - - memset(&data, 0, sizeof(stc_fw_data_s)); - data.target = target; - data.priority = priority; - - ret = __fw_chain_set(chain, data); - if (ret == STC_ERROR_NONE) { - info.priority = priority; - table_firewall_update_chain(&info); - g_chain_priority = priority; - } else { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1534,12 +220,8 @@ gboolean handle_firewall_unset_chain(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - stc_fw_data_s *lookup = NULL; - firewall_chain_s info; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - if (chain == NULL) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, STC_ERROR_INVALID_PARAMETER); @@ -1547,53 +229,12 @@ gboolean handle_firewall_unset_chain(StcFirewall *object, return TRUE; } - lookup = __fw_chain_get(chain); - if (lookup == NULL) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_NO_DATA); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - if (lookup->target == STC_FW_CHAIN_TARGET_NONE) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("chain is not set"); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - /* stc-iptables */ - memset(&info, 0, sizeof(firewall_chain_s)); - info.chain = chain; - info.target = lookup->target; - - ret = firewall_chain_unset(&info); - if (ret != STC_ERROR_NONE) { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - ret = firewall_chain_remove(&info); + ret = stc_plugin_firewall_unset_chain(chain); if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - /* stc-iptables */ - - ret = __fw_chain_unset(chain); - if (ret == STC_ERROR_NONE) { - info.target = STC_FW_CHAIN_TARGET_NONE; - info.priority = 0; - table_firewall_update_chain(&info); - } else { - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; @@ -1606,48 +247,15 @@ gboolean handle_firewall_add_rule(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - GVariantIter *iter = NULL; - firewall_rule_s *rule; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - - g_variant_get(parameters, "a{sv}", &iter); - if (iter != NULL) { - stc_manager_gdbus_dict_foreach(iter, - __fw_rule_extract, - rule); - g_variant_iter_free(iter); - } - - if (__validate_fw_rule(rule) == FALSE) { - __fw_rule_free(rule); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - ret = __fw_rule_add(rule); - if (ret == STC_ERROR_NONE) { - table_firewall_insert_rule(rule); - } else { - __fw_rule_free(rule); + ret = stc_plugin_firewall_add_rule(parameters); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_rule_free(rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1659,48 +267,15 @@ gboolean handle_firewall_remove_rule(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - GVariantIter *iter = NULL; - firewall_rule_s *rule; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - - g_variant_get(parameters, "a{sv}", &iter); - if (iter != NULL) { - stc_manager_gdbus_dict_foreach(iter, - __fw_rule_extract, - rule); - g_variant_iter_free(iter); - } - - if (__validate_fw_rule(rule) == FALSE) { - __fw_rule_free(rule); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - ret = __fw_rule_remove(rule); - if (ret == STC_ERROR_NONE) { - table_firewall_delete_rule(rule); - } else { - __fw_rule_free(rule); + ret = stc_plugin_firewall_remove_rule(parameters); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_rule_free(rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1712,50 +287,15 @@ gboolean handle_firewall_update_rule(StcFirewall *object, void *user_data) { __STC_LOG_FUNC_ENTER__; - GVariantIter *iter = NULL; - firewall_rule_s *rule; - guint key; int ret = STC_ERROR_NONE; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - - rule = MALLOC0(firewall_rule_s, 1); - if (!rule) { - if (STC_DEBUG_LOG && STC_FW_LOG) - STC_LOGE("rule allocation failed"); - return STC_ERROR_OUT_OF_MEMORY; - } - - memset(rule, 0, sizeof(firewall_rule_s)); - - g_variant_get(parameters, "a{sv}", &iter); - if (iter != NULL) { - stc_manager_gdbus_dict_foreach(iter, - __fw_rule_extract, - rule); - g_variant_iter_free(iter); - } - - if (__validate_fw_rule(rule) == FALSE) { - __fw_rule_free(rule); - STC_FIREWALL_DBUS_REPLY_ERROR(invocation, - STC_ERROR_INVALID_PARAMETER); - __STC_LOG_FUNC_EXIT__; - return TRUE; - } - - key = rule->key; - ret = __fw_rule_update(rule); - if (ret == STC_ERROR_NONE) { - table_firewall_update_rule(rule, key); - } else { - __fw_rule_free(rule); + ret = stc_plugin_firewall_update_rule(parameters); + if (ret != STC_ERROR_NONE) { STC_FIREWALL_DBUS_REPLY_ERROR(invocation, ret); __STC_LOG_FUNC_EXIT__; return TRUE; } - __fw_rule_free(rule); STC_DBUS_REPLY_ERROR_NONE(invocation); __STC_LOG_FUNC_EXIT__; return TRUE; @@ -1769,12 +309,9 @@ gboolean handle_firewall_get_all_rule(StcFirewall *object, GVariantBuilder *builder = NULL; GVariant *return_parameters = NULL; - STC_FIREWALL_CHECK_LOCK_STATE(invocation); - builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}")); - __fw_chain_foreach(__fw_foreach_to_make_rule_param, builder); - __fw_chain_foreach(__fw_foreach_to_print_rule, NULL); + stc_plugin_firewall_get_all_rule(builder); return_parameters = g_variant_new("(aa{sv})", builder); g_variant_builder_unref(builder); diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 22d0375..0268eef 100755 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -24,6 +24,7 @@ #include "stc-manager-plugin-appstatus.h" #include "stc-manager-plugin-procfs.h" #include "stc-manager-plugin-monitor.h" +#include "stc-manager-plugin-firewall.h" #include "helper-iptables.h" #define MANAGER_DBUS_ERROR_NAME "net.stc.manager.Error.Failed" @@ -351,7 +352,7 @@ static void __stc_manager_gdbus_on_bus_acquired(GDBusConnection *connection, stc->connection); iptables_init(); - stc_firewall_update(); + stc_plugin_firewall_update(); stc_plugin_monitor_init_connection(stc); stc_plugin_appstatus_register_state_changed_cb(stc, @@ -490,7 +491,7 @@ API void stc_manager_gdbus_unsubscribe_signal(GDBusConnection *connection, g_dbus_connection_signal_unsubscribe(connection, subscription_id); } -void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb, +API void stc_manager_gdbus_dict_foreach(GVariantIter *iter, dbus_dict_cb cb, void *user_data) { __STC_LOG_FUNC_ENTER__; diff --git a/src/stc-manager-plugin-firewall.c b/src/stc-manager-plugin-firewall.c new file mode 100755 index 0000000..cc423f5 --- /dev/null +++ b/src/stc-manager-plugin-firewall.c @@ -0,0 +1,306 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "stc-manager.h" +#include "stc-manager-plugin-firewall.h" + +static gboolean stc_plugin_enabled = FALSE; +static void *handle_plugin; +static stc_plugin_firewall_s *stc_plugin; + +//LCOV_EXCL_START +int stc_plugin_firewall_init(void) +{ + __STC_LOG_FUNC_ENTER__; + + handle_plugin = dlopen(STC_PLUGIN_FIREWALL_FILEPATH, RTLD_NOW); + if (!handle_plugin) { + STC_LOGE("Can't load %s: %s", STC_PLUGIN_FIREWALL_FILEPATH, dlerror()); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin = dlsym(handle_plugin, "stc_plugin_firewall"); + if (!stc_plugin) { + STC_LOGE("Can't load symbol: %s", dlerror()); + dlclose(handle_plugin); + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_UNINITIALIZED; + } + + stc_plugin->initialize_plugin(); + stc_plugin_enabled = TRUE; + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_deinit(void) +{ + __STC_LOG_FUNC_ENTER__; + + if (!stc_plugin_enabled) + return STC_ERROR_UNINITIALIZED; + + stc_plugin->deinitialize_plugin(); + stc_plugin_enabled = FALSE; + dlclose(handle_plugin); + + __STC_LOG_FUNC_EXIT__; + return STC_ERROR_NONE; +} + +int stc_plugin_firewall_lock(void) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->lock_firewall(); +} + +int stc_plugin_firewall_unlock(void) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->unlock_firewall(); +} + + +int stc_plugin_firewall_get_lock(int *state) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_lock_firewall(state); +} + +int stc_plugin_firewall_update(void) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->update_firewall(); +} + +int stc_plugin_firewall_add_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_chain(chain); +} + +int stc_plugin_firewall_remove_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_chain(chain); +} + +int stc_plugin_firewall_flush_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->flush_chain(chain); +} + +int stc_plugin_firewall_get_all_chain(GVariantBuilder *builder) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_all_chain(builder); +} + +int stc_plugin_firewall_set_chain(char *chain, uint target) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->set_chain(chain, target); +} + +int stc_plugin_firewall_unset_chain(char *chain) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->unset_chain(chain); +} + +int stc_plugin_firewall_add_rule(GVariant *params) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->add_rule(params); +} + +int stc_plugin_firewall_remove_rule(GVariant *params) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->remove_rule(params); +} + +int stc_plugin_firewall_update_rule(GVariant *params) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->update_rule(params); +} + +int stc_plugin_firewall_get_all_rule(GVariantBuilder *builder) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_all_rule(builder); +} +//LCOV_EXCL_STOP diff --git a/src/stc-manager-plugin-procfs.c b/src/stc-manager-plugin-procfs.c old mode 100644 new mode 100755 diff --git a/src/stc-manager.c b/src/stc-manager.c index 11fa7bb..5e5bcef 100755 --- a/src/stc-manager.c +++ b/src/stc-manager.c @@ -33,6 +33,7 @@ #include "stc-manager-plugin-tether.h" #include "stc-manager-plugin-pcap.h" #include "stc-manager-plugin-monitor.h" +#include "stc-manager-plugin-firewall.h" #define BUF_SIZE_FOR_ERR 100 @@ -75,7 +76,6 @@ static void __stc_manager_deinit(void) return; } - stc_plugin_monitor_deinit(); stc_deinit_db_guard(); stc_db_deinitialize(); @@ -84,13 +84,13 @@ static void __stc_manager_deinit(void) stc_manager_gdbus_deinit((gpointer)g_stc); - stc_firewall_deinit(); - stc_plugin_appstatus_deinit(); stc_plugin_exception_deinit(); stc_plugin_procfs_deinit(); stc_plugin_tether_deinit(); stc_plugin_pcap_deinit(); + stc_plugin_monitor_deinit(); + stc_plugin_firewall_deinit(); inotify_deregister(INFO_STORAGE_DIR); inotify_deinitialize(); @@ -132,8 +132,7 @@ static stc_s *__stc_manager_init(void) stc_plugin_tether_init(); stc_plugin_pcap_init(); stc_plugin_monitor_init(); - - stc_firewall_init(); + stc_plugin_firewall_init(); stc_plugin_procfs_load_pid(); diff --git a/src/stc-statistics.c b/src/stc-statistics.c old mode 100644 new mode 100755 -- 2.7.4 From 4e4d373d5fea54a24881d1b726e3bd955eb30e54 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Wed, 5 Dec 2018 13:49:46 +0900 Subject: [PATCH 16/16] Add a function to get all pcap loop Change-Id: I92fa7de5a45e758a96f3ae98a31683d81aabe66d Signed-off-by: hyunuktak --- include/stc-manager-plugin-pcap.h | 9 +++-- include/stc-pcap.h | 4 ++ interfaces/stcmanager-iface-pcap.xml | 3 ++ plugin/pcap/include/stc-plugin-pcap.h | 9 +++-- plugin/pcap/stc-plugin-pcap.c | 70 +++++++++++++++++++++++++++-------- src/stc-manager-gdbus.c | 4 ++ src/stc-manager-plugin-pcap.c | 29 ++++++++++++--- src/stc-pcap.c | 25 ++++++++++++- 8 files changed, 121 insertions(+), 32 deletions(-) diff --git a/include/stc-manager-plugin-pcap.h b/include/stc-manager-plugin-pcap.h index 728004f..620f8d7 100755 --- a/include/stc-manager-plugin-pcap.h +++ b/include/stc-manager-plugin-pcap.h @@ -27,9 +27,10 @@ int stc_plugin_pcap_deinit(void); int stc_plugin_pcap_lookup_dev(void); int stc_plugin_pcap_lookup_net(void); int stc_plugin_pcap_find_alldevs(void); -int stc_plugin_pcap_register_loop_pcap(const char *ifname, - int group); -int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, - int group); +int stc_plugin_pcap_register_loop(const char *ifname, + int nflog_group); +int stc_plugin_pcap_unregister_loop(const char *ifname, + int nflog_group); +int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder); #endif /* __STC_MANAGER_PLUGIN_PROCFS_H__ */ diff --git a/include/stc-pcap.h b/include/stc-pcap.h index d99d450..49c310a 100755 --- a/include/stc-pcap.h +++ b/include/stc-pcap.h @@ -47,4 +47,8 @@ gboolean handle_pcap_stop(StcPcap *object, GVariant *parameters, void *user_data); +gboolean handle_pcap_get_all(StcPcap *object, + GDBusMethodInvocation *invocation, + void *user_data); + #endif /* __STC_PCAP_H__ */ diff --git a/interfaces/stcmanager-iface-pcap.xml b/interfaces/stcmanager-iface-pcap.xml index 4320ab6..01c10b6 100644 --- a/interfaces/stcmanager-iface-pcap.xml +++ b/interfaces/stcmanager-iface-pcap.xml @@ -8,5 +8,8 @@ + + + diff --git a/plugin/pcap/include/stc-plugin-pcap.h b/plugin/pcap/include/stc-plugin-pcap.h index a2b8c34..f545445 100755 --- a/plugin/pcap/include/stc-plugin-pcap.h +++ b/plugin/pcap/include/stc-plugin-pcap.h @@ -123,8 +123,8 @@ #define DNS_QCLASS_ANY 255 typedef struct { - char *name; - int group; + char *ifname; + int nflog_group; GThread *thread; pcap_t *handle; } stc_pcap_data_s; @@ -218,8 +218,9 @@ typedef struct { int (*lookup_dev) (void); int (*lookup_net) (void); int (*find_alldevs) (void); - int (*register_loop_pcap) (const char *ifname, int group); - int (*unregister_loop_pcap) (const char *ifname, int group); + int (*register_loop) (const char *ifname, int group); + int (*unregister_loop) (const char *ifname, int group); + int (*get_all_loop) (GVariantBuilder *builder); } stc_plugin_pcap_s; #endif /* __STC_PLUGIN_PCAP_H__ */ diff --git a/plugin/pcap/stc-plugin-pcap.c b/plugin/pcap/stc-plugin-pcap.c index fd03c4a..15f9ed8 100755 --- a/plugin/pcap/stc-plugin-pcap.c +++ b/plugin/pcap/stc-plugin-pcap.c @@ -16,6 +16,9 @@ #include "stc-plugin-pcap.h" +#define PCAP_IFNAME "ifname" +#define PCAP_NFLOG_GROUP "nflog_group" + //LCOV_EXCL_START static GHashTable *g_pcap_tables = NULL; static bool g_pcap_start_fm = false; @@ -27,7 +30,7 @@ static void __pcap_data_free(gpointer value) g_thread_unref(data->thread); - FREE(data->name); + FREE(data->ifname); FREE(data); } @@ -1072,7 +1075,7 @@ static gboolean __pcap_thread_source_func(gpointer data) return false; snprintf(buf, sizeof(buf), "%s_%d", - pcap_data->name, pcap_data->group); + pcap_data->ifname, pcap_data->nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (!lookup) { @@ -1105,7 +1108,7 @@ static gpointer __pcap_thread_func(gpointer data) } for (dev = alldevs; dev; dev = dev->next) { - if (g_strcmp0(dev->name, pcap_data->name) == 0) { + if (g_strcmp0(dev->name, pcap_data->ifname) == 0) { name = g_strdup(dev->name); break; } @@ -1114,7 +1117,7 @@ static gpointer __pcap_thread_func(gpointer data) pcap_freealldevs(alldevs); if (name == NULL) { - STC_LOGE("Failed to find dev [%s]", pcap_data->name); + STC_LOGE("Failed to find dev [%s]", pcap_data->ifname); goto thread_exit; } @@ -1126,9 +1129,12 @@ static gpointer __pcap_thread_func(gpointer data) goto thread_exit; } + STC_LOGD("Pcap loop start [%s]", name); pcap_loop(pcap_data->handle, 0, __pcap_handler, NULL); + STC_LOGD("Pcap loop end [%s]", name); pcap_close(pcap_data->handle); + STC_LOGD("Pcap closed [%s]", name); thread_exit: FREE(name); @@ -1147,6 +1153,24 @@ thread_exit: return NULL; } +static void __pcap_make_params(gpointer key, gpointer value, + gpointer user_data) +{ + stc_pcap_data_s *data = (stc_pcap_data_s *)value; + GVariantBuilder *builder = (GVariantBuilder *)user_data; + GVariantBuilder sub_builder; + + g_variant_builder_init(&sub_builder, G_VARIANT_TYPE("a{sv}")); + + g_variant_builder_add(&sub_builder, "{sv}", PCAP_IFNAME, + g_variant_new_string(data->ifname)); + + g_variant_builder_add(&sub_builder, "{sv}", PCAP_NFLOG_GROUP, + g_variant_new_uint32(data->nflog_group)); + + g_variant_builder_add_value(builder, g_variant_builder_end(&sub_builder)); +} + int stc_plugin_pcap_initialize(void) { __STC_LOG_FUNC_ENTER__; @@ -1259,8 +1283,8 @@ int stc_plugin_pcap_find_alldevs(void) return STC_ERROR_NONE; } -int stc_plugin_pcap_register_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_register_loop(const char *ifname, + int nflog_group) { stc_pcap_data_s *data; stc_pcap_data_s *lookup; @@ -1274,7 +1298,7 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, STC_ERROR_FAIL, "Invalid parameter [ifname]"); - snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + snprintf(buf, sizeof(buf), "%s_%d", ifname, nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (lookup) { @@ -1288,8 +1312,8 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, return STC_ERROR_OUT_OF_MEMORY; } - data->name = g_strdup(ifname); - data->group = group; + data->ifname = g_strdup(ifname); + data->nflog_group = nflog_group; data->thread = g_thread_new(buf, __pcap_thread_func, data); g_hash_table_insert(g_pcap_tables, g_strdup(buf), data); @@ -1298,8 +1322,8 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, return STC_ERROR_NONE; } -int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_unregister_loop(const char *ifname, + int nflog_group) { stc_pcap_data_s *lookup; char buf[MAX_IFACE_LENGTH]; @@ -1312,7 +1336,7 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, STC_ERROR_FAIL, "Invalid parameter [ifname]"); - snprintf(buf, sizeof(buf), "%s_%d", ifname, group); + snprintf(buf, sizeof(buf), "%s_%d", ifname, nflog_group); lookup = g_hash_table_lookup(g_pcap_tables, buf); if (!lookup) { @@ -1322,6 +1346,18 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, } pcap_breakloop(lookup->handle); + STC_LOGD("Successfully removed pcap loop [%s]", buf); + + return STC_ERROR_NONE; +} + +int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder) +{ + ret_value_msg_if(g_pcap_tables == NULL, + STC_ERROR_FAIL, + "pcap tables is not initialized!"); + + g_hash_table_foreach(g_pcap_tables, __pcap_make_params, builder); return STC_ERROR_NONE; } @@ -1337,9 +1373,11 @@ API stc_plugin_pcap_s stc_plugin_pcap = { stc_plugin_pcap_lookup_net, .find_alldevs = stc_plugin_pcap_find_alldevs, - .register_loop_pcap = - stc_plugin_pcap_register_loop_pcap, - .unregister_loop_pcap = - stc_plugin_pcap_unregister_loop_pcap + .register_loop = + stc_plugin_pcap_register_loop, + .unregister_loop = + stc_plugin_pcap_unregister_loop, + .get_all_loop = + stc_plugin_pcap_get_all_loop }; //LCOV_EXCL_STOP diff --git a/src/stc-manager-gdbus.c b/src/stc-manager-gdbus.c index 0268eef..14cf127 100755 --- a/src/stc-manager-gdbus.c +++ b/src/stc-manager-gdbus.c @@ -262,6 +262,10 @@ static gboolean __stc_manager_gdbus_pcap_init(stc_s *stc) G_CALLBACK(handle_pcap_stop), stc); + g_signal_connect(pcap, "handle-get-all", + G_CALLBACK(handle_pcap_get_all), + stc); + /* Export the object (@manager takes its own reference to @object) */ g_dbus_object_manager_server_export(stc->obj_mgr, G_DBUS_OBJECT_SKELETON(object)); diff --git a/src/stc-manager-plugin-pcap.c b/src/stc-manager-plugin-pcap.c index 395031c..dc96424 100755 --- a/src/stc-manager-plugin-pcap.c +++ b/src/stc-manager-plugin-pcap.c @@ -118,8 +118,8 @@ int stc_plugin_pcap_find_alldevs(void) return stc_plugin->find_alldevs(); } -int stc_plugin_pcap_register_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_register_loop(const char *ifname, + int nflog_group) { if (!stc_plugin_enabled) { if (STC_DEBUG_LOG) @@ -133,11 +133,11 @@ int stc_plugin_pcap_register_loop_pcap(const char *ifname, return STC_ERROR_UNINITIALIZED; } - return stc_plugin->register_loop_pcap(ifname, group); + return stc_plugin->register_loop(ifname, nflog_group); } -int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, - int group) +int stc_plugin_pcap_unregister_loop(const char *ifname, + int nflog_group) { if (!stc_plugin_enabled) { if (STC_DEBUG_LOG) @@ -151,6 +151,23 @@ int stc_plugin_pcap_unregister_loop_pcap(const char *ifname, return STC_ERROR_UNINITIALIZED; } - return stc_plugin->unregister_loop_pcap(ifname, group); + return stc_plugin->unregister_loop(ifname, nflog_group); +} + +int stc_plugin_pcap_get_all_loop(GVariantBuilder *builder) +{ + if (!stc_plugin_enabled) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't enabled"); + return STC_ERROR_UNINITIALIZED; + } + + if (!stc_plugin) { + if (STC_DEBUG_LOG) + STC_LOGE("Plugin wasn't loaded"); + return STC_ERROR_UNINITIALIZED; + } + + return stc_plugin->get_all_loop(builder); } //LCOV_EXCL_STOP diff --git a/src/stc-pcap.c b/src/stc-pcap.c index 368971e..c24e34b 100755 --- a/src/stc-pcap.c +++ b/src/stc-pcap.c @@ -108,7 +108,7 @@ gboolean handle_pcap_start(StcPcap *object, return TRUE; } - ret = stc_plugin_pcap_register_loop_pcap(pcap.ifname, pcap.nflog_group); + ret = stc_plugin_pcap_register_loop(pcap.ifname, pcap.nflog_group); if (ret != STC_ERROR_NONE) { STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE @@ -147,7 +147,7 @@ gboolean handle_pcap_stop(StcPcap *object, return TRUE; } - ret = stc_plugin_pcap_unregister_loop_pcap(pcap.ifname, pcap.nflog_group); + ret = stc_plugin_pcap_unregister_loop(pcap.ifname, pcap.nflog_group); if (ret != STC_ERROR_NONE) { STC_PCAP_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE @@ -158,3 +158,24 @@ gboolean handle_pcap_stop(StcPcap *object, __STC_LOG_FUNC_EXIT__; return TRUE; } + +gboolean handle_pcap_get_all(StcPcap *object, + GDBusMethodInvocation *invocation, + void *user_data) +{ + __STC_LOG_FUNC_ENTER__; + GVariantBuilder *builder = NULL; + GVariant *return_parameters = NULL; + + builder = g_variant_builder_new(G_VARIANT_TYPE("aa{sv}")); + + stc_plugin_pcap_get_all_loop(builder); + + return_parameters = g_variant_new("(aa{sv})", builder); + g_variant_builder_unref(builder); + + DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters); + STC_DBUS_REPLY(invocation, return_parameters); + __STC_LOG_FUNC_EXIT__; + return TRUE; +} -- 2.7.4