![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sys / net
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.23 / (download) - annotate - [select for diffs], Sat Dec 16 22:16:02 2023 UTC (5 months, 3 weeks ago) by mvs
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.22: +2 -3 lines
Diff to previous 1.22 (colored)
Rework pflowioctl() lock dances. Release netlock and take `sc_lock' rwlock(9) just in the beginning of pflowioctl() and do corresponding operations in the end. Use `sc_lock' to protect `sc_dying'. We need to release netlock not only to keep locks order with `sc_lock' rwlock(9), but also because pflowioctl() calls some operations like socreate() or soclose() on udp(4) socket. Current implementation has many relocking places which breaks atomicy, so merge them into one. The `sc_lock' rwlock(9) is taken during all pflowioctl() call, so `sc_dying' atomicy is not broken. Not the ideal solution, but better then we have now. Tested by Hrvoje Popovski. Discussed with and ok from sashan
Revision 1.22 / (download) - annotate - [select for diffs], Tue Dec 12 00:03:31 2023 UTC (5 months, 4 weeks ago) by mvs
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
Turn `pflowstats' statistics counters into per-CPU counters to make them mpsafe. The weird interactions around `pflow_flows' and `sc_gcounter' replaced by simple `pflow_flows' increment. Since the flow sequence is the 32 bits integer, the `sc_gcounter' type replaced by the type of uint32_t. ok bluhm sashan
Revision 1.21 / (download) - annotate - [select for diffs], Mon Dec 11 14:25:09 2023 UTC (6 months ago) by mvs
Branch: MAIN
Changes since 1.20: +4 -2 lines
Diff to previous 1.20 (colored)
Turn `pflow_softc' list into SMR list. Since the revision 1.1182 of net/pf.c netlock is not taken while export_pflow() called from pf_purge_states(). Current locks order requires netlock to be taken before PF_LOCK(), so there is no reason to turn it back into this path only for optional export_pflow() call. The `pflowif_list' foreach loop has no context switch within, so SMR list is better than mutex(9). Tested by Hrvoje Popovski. ok sashan bluhm
Revision 1.20 / (download) - annotate - [select for diffs], Fri Dec 8 23:13:40 2023 UTC (6 months ago) by mvs
Branch: MAIN
Changes since 1.19: +21 -16 lines
Diff to previous 1.19 (colored)
Introduce `sc_mtx' mutex(9) to protect the most of pflow_softc structure. Protect the `send_nam', `sc_flowsrc' and `sc_flowdst' pflow_softc members by existing `sc_lock' rwlock(9). This partially fixes locking inconsistency of pflow_softc. The following work will be done with separate diffs. Also, pass `sc' instead of NULL to pflow_get_mbuf() while calling from pflow_sendout_ipfix_tmpl(). This fixes the NULL dereference. ok bluhm@
Revision 1.19 / (download) - annotate - [select for diffs], Wed Nov 23 15:12:27 2022 UTC (18 months, 2 weeks ago) by mvs
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.18: +11 -2 lines
Diff to previous 1.18 (colored)
Make `so' dereference safe within pflow_output_process(). sosend() has sleep points, so the kernel lock serialisation within pflow_output_process() doesn't work as expected. The pflow(4) interface associated socket `so' could be overwritten by concurrent pflowioctl() thread. Introduce pflow(4) interface's `sc_lock' rwlock(9) to make `so' dereference safe. Since the solock() of udp(4) sockets uses netlock as backend, the `sc_lock' should be taken first. This expands a little netlock relocking within pflowioctl(). pflow_sendout_mbuf() called by pflow_output_process(), now called without kernel lock held, so the mp safe counters_pkt(9) used instead of manual `if_opackets' increment. Since if_detach() does partial ifnet destruction, now it can't be called before we finish pflow_output_process() task, otherwise we introduce use after free for interface counters. In other hand, we need to deny pflowioctl() to reschedule pflow_output_process() task. The `sc_dyind' flag introduced for that. Tested by Hrvoje Popovski. ok bluhm@
Revision 1.18 / (download) - annotate - [select for diffs], Fri Aug 12 16:38:50 2022 UTC (21 months, 4 weeks ago) by mvs
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.17: +1 -3 lines
Diff to previous 1.17 (colored)
Remove unused fields from 'pflow_softc' structure. ok bluhm@
Revision 1.17 / (download) - annotate - [select for diffs], Wed May 31 13:05:43 2017 UTC (7 years ago) by visa
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
Use mbuf_queue to properly serialize access to pflow output queue. Input from mpi@, jmatthew@; OK mpi@, henning@, benno@
Revision 1.16 / (download) - annotate - [select for diffs], Sat May 27 21:06:06 2017 UTC (7 years ago) by benno
Branch: MAIN
Changes since 1.15: +3 -1 lines
Diff to previous 1.15 (colored)
move sending of pflow packet into a task, seperated from the data collection by a mbuf queue. with help from mpi@ ok florian@
Revision 1.15 / (download) - annotate - [select for diffs], Tue Jan 24 10:08:30 2017 UTC (7 years, 4 months ago) by krw
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
A space here, a space there. Soon we're talking real whitespace rectification.
Revision 1.14 / (download) - annotate - [select for diffs], Sat Oct 3 10:44:23 2015 UTC (8 years, 8 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.13: +6 -9 lines
Diff to previous 1.13 (colored)
IPv6 transport for pflow data. Input deraadt@ Bug fix & OK benno@
Revision 1.13 / (download) - annotate - [select for diffs], Mon Jul 20 23:15:54 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)
Use the kernel socket interface (sosend(9) etc) instead of shoving packets directly into the network stack with ip_output(). The locking is intentionally left as is and will be improved in another commit. Input / OK bluhm@, OK benno@
Revision 1.12 / (download) - annotate - [select for diffs], Wed Aug 13 09:46:23 2014 UTC (9 years, 10 months ago) by blambert
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)
Bring IPFIX sequence numbers in line with the RFC; original diff from benno@. ok benno@, florian@
Revision 1.11 / (download) - annotate - [select for diffs], Sat Mar 29 11:26:03 2014 UTC (10 years, 2 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.10: +1 -94 lines
Diff to previous 1.10 (colored)
Kill pflowproto 9, it's unfixable post 2038, a better, standardized option is pflowproto 10. Also it duplicates a lot of code from pflowproto 10 and will get in the way in the future. OK benno@
Revision 1.10 / (download) - annotate - [select for diffs], Mon Jan 20 10:46:53 2014 UTC (10 years, 4 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.9: +1 -3 lines
Diff to previous 1.9 (colored)
tedu unused declaration. ok florian@
Revision 1.9 / (download) - annotate - [select for diffs], Tue Aug 13 08:44:05 2013 UTC (10 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.8: +99 -24 lines
Diff to previous 1.8 (colored)
Split pflow version 9 and version 10 to be able to send 64 bit time values for version 10. While there mark places which will blow up in 2038. OK benno@
Revision 1.8 / (download) - annotate - [select for diffs], Fri May 3 15:33:47 2013 UTC (11 years, 1 month ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.7: +15 -5 lines
Diff to previous 1.7 (colored)
Export ingress/egress interface index in pflow(4). Report that this is needed for some netflow collector and tests by Chris Ivancic & Colin Ligertwood. OK mikeb@, benno@
Revision 1.7 / (download) - annotate - [select for diffs], Tue Feb 5 11:58:39 2013 UTC (11 years, 4 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.6: +20 -15 lines
Diff to previous 1.6 (colored)
netflow v10 omitted the sysUpTime flow set header field from v9. Without it it's not possible to find out at what time a flow started/ended with only flowStartSysUpTime/flowEndSysUpTime. Fix this by using flowStartSeconds/flowEndSeconds for v10. Problem reported by Chris Ivancic and Colin Ligertwood, analyzed by benno@ Tested by benno@ against nprobe (which doesn't care that much one way or the other) Tested by Chris Ivancic against solarwinds collector. OK benno@
Revision 1.6 / (download) - annotate - [select for diffs], Thu Feb 2 12:34:37 2012 UTC (12 years, 4 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.5: +159 -2 lines
Diff to previous 1.5 (colored)
add netflow v9/ipfix support to pflow(4). large parts written by Florian Obser (florian -at- narrans -dot- de). feedback from sperreault@ gollo@ sthen@ ok from gollo@ dlg@ henning@
Revision 1.5 / (download) - annotate - [select for diffs], Fri Feb 27 11:09:36 2009 UTC (15 years, 3 months ago) by gollo
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.4: +1 -6 lines
Diff to previous 1.4 (colored)
fix mbuf problems and simplify code, well spotted and input by Alexander Sabourenkov. mbuf logic is based on claudio's recommendation Tested by Alexander Sabourenkov OK: henning@, claudio@ Theo: "In please..."
Revision 1.4 / (download) - annotate - [select for diffs], Sat Jan 3 21:47:32 2009 UTC (15 years, 5 months ago) by gollo
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
sync flow sequence ids on all used pflow interfaces. OK henning@
Revision 1.3 / (download) - annotate - [select for diffs], Tue Oct 28 15:51:27 2008 UTC (15 years, 7 months ago) by gollo
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
add support for multiple pflow(4) interfaces OK: claudio@ henning@
Revision 1.2 / (download) - annotate - [select for diffs], Tue Sep 16 15:48:12 2008 UTC (15 years, 8 months ago) by gollo
Branch: MAIN
Changes since 1.1: +2 -1 lines
Diff to previous 1.1 (colored)
netstat statistics for pflow(4) via pseudo family ok cluadio@ henning@
Revision 1.1 / (download) - annotate - [select for diffs], Tue Sep 9 13:56:39 2008 UTC (15 years, 9 months ago) by henning
Branch: MAIN
welcome pflow(4), a netflow v5 compatible flow export interface. flows export data gathered from pf states. initial implementation by Joerg Goltermann <jg@osn.de>, guidance and many changes by me. 'put it in' theo