1 /*
2  * Copyright (c) 2008-2013 Patrick McHardy <kaber@trash.net>
3  */
4 
5 #include <stdbool.h>
6 #include <stdio.h>
7 #include <string.h>
8 #include <stdlib.h>
9 #include <stddef.h>
10 #include <getopt.h>
11 
12 #include <xtables.h>
13 #include <linux/netfilter/xt_rateest.h>
14 
rateest_help(void)15 static void rateest_help(void)
16 {
17 	printf(
18 "rateest match options:\n"
19 " --rateest1 name		Rate estimator name\n"
20 " --rateest2 name		Rate estimator name\n"
21 " --rateest-delta		Compare difference(s) to given rate(s)\n"
22 " --rateest-bps1 [bps]		Compare bps\n"
23 " --rateest-pps1 [pps]		Compare pps\n"
24 " --rateest-bps2 [bps]		Compare bps\n"
25 " --rateest-pps2 [pps]		Compare pps\n"
26 " [!] --rateest-lt		Match if rate is less than given rate/estimator\n"
27 " [!] --rateest-gt		Match if rate is greater than given rate/estimator\n"
28 " [!] --rateest-eq		Match if rate is equal to given rate/estimator\n");
29 }
30 
31 enum rateest_options {
32 	OPT_RATEEST1,
33 	OPT_RATEEST2,
34 	OPT_RATEEST_BPS1,
35 	OPT_RATEEST_PPS1,
36 	OPT_RATEEST_BPS2,
37 	OPT_RATEEST_PPS2,
38 	OPT_RATEEST_DELTA,
39 	OPT_RATEEST_LT,
40 	OPT_RATEEST_GT,
41 	OPT_RATEEST_EQ,
42 };
43 
44 static const struct option rateest_opts[] = {
45 	{.name = "rateest1",      .has_arg = true,  .val = OPT_RATEEST1},
46 	{.name = "rateest",       .has_arg = true,  .val = OPT_RATEEST1}, /* alias for absolute mode */
47 	{.name = "rateest2",      .has_arg = true,  .val = OPT_RATEEST2},
48 	{.name = "rateest-bps1",  .has_arg = false, .val = OPT_RATEEST_BPS1},
49 	{.name = "rateest-pps1",  .has_arg = false, .val = OPT_RATEEST_PPS1},
50 	{.name = "rateest-bps2",  .has_arg = false, .val = OPT_RATEEST_BPS2},
51 	{.name = "rateest-pps2",  .has_arg = false, .val = OPT_RATEEST_PPS2},
52 	{.name = "rateest-bps",   .has_arg = false, .val = OPT_RATEEST_BPS2}, /* alias for absolute mode */
53 	{.name = "rateest-pps",   .has_arg = false, .val = OPT_RATEEST_PPS2}, /* alias for absolute mode */
54 	{.name = "rateest-delta", .has_arg = false, .val = OPT_RATEEST_DELTA},
55 	{.name = "rateest-lt",    .has_arg = false, .val = OPT_RATEEST_LT},
56 	{.name = "rateest-gt",    .has_arg = false, .val = OPT_RATEEST_GT},
57 	{.name = "rateest-eq",    .has_arg = false, .val = OPT_RATEEST_EQ},
58 	XT_GETOPT_TABLEEND,
59 };
60 
61 /* Copied from iproute. See http://physics.nist.gov/cuu/Units/binary.html */
62 static const struct rate_suffix {
63 	const char *name;
64 	double scale;
65 } suffixes[] = {
66 	{ "bit",	1. },
67 	{ "Kibit",	1024. },
68 	{ "kbit",	1000. },
69 	{ "Mibit",	1024.*1024. },
70 	{ "mbit",	1000000. },
71 	{ "Gibit",	1024.*1024.*1024. },
72 	{ "gbit",	1000000000. },
73 	{ "Tibit",	1024.*1024.*1024.*1024. },
74 	{ "tbit",	1000000000000. },
75 	{ "Bps",	8. },
76 	{ "KiBps",	8.*1024. },
77 	{ "KBps",	8000. },
78 	{ "MiBps",	8.*1024*1024. },
79 	{ "MBps",	8000000. },
80 	{ "GiBps",	8.*1024.*1024.*1024. },
81 	{ "GBps",	8000000000. },
82 	{ "TiBps",	8.*1024.*1024.*1024.*1024. },
83 	{ "TBps",	8000000000000. },
84 	{NULL},
85 };
86 
87 static int
rateest_get_rate(uint32_t * rate,const char * str)88 rateest_get_rate(uint32_t *rate, const char *str)
89 {
90 	char *p;
91 	double bps = strtod(str, &p);
92 	const struct rate_suffix *s;
93 
94 	if (p == str)
95 		return -1;
96 
97 	if (*p == '\0') {
98 		*rate = bps / 8.;	/* assume bytes/sec */
99 		return 0;
100 	}
101 
102 	for (s = suffixes; s->name; ++s) {
103 		if (strcasecmp(s->name, p) == 0) {
104 			*rate = (bps * s->scale) / 8.;
105 			return 0;
106 		}
107 	}
108 
109 	return -1;
110 }
111 
112 static int
rateest_parse(int c,char ** argv,int invert,unsigned int * flags,const void * entry,struct xt_entry_match ** match)113 rateest_parse(int c, char **argv, int invert, unsigned int *flags,
114 	      const void *entry, struct xt_entry_match **match)
115 {
116 	struct xt_rateest_match_info *info = (void *)(*match)->data;
117 	unsigned int val;
118 
119 	switch (c) {
120 	case OPT_RATEEST1:
121 		if (invert)
122 			xtables_error(PARAMETER_PROBLEM,
123 				   "rateest: rateest can't be inverted");
124 
125 		if (*flags & (1 << c))
126 			xtables_error(PARAMETER_PROBLEM,
127 				   "rateest: can't specify --rateest1 twice");
128 		*flags |= 1 << c;
129 
130 		strncpy(info->name1, optarg, sizeof(info->name1) - 1);
131 		break;
132 
133 	case OPT_RATEEST2:
134 		if (invert)
135 			xtables_error(PARAMETER_PROBLEM,
136 				   "rateest: rateest can't be inverted");
137 
138 		if (*flags & (1 << c))
139 			xtables_error(PARAMETER_PROBLEM,
140 				   "rateest: can't specify --rateest2 twice");
141 		*flags |= 1 << c;
142 
143 		strncpy(info->name2, optarg, sizeof(info->name2) - 1);
144 		info->flags |= XT_RATEEST_MATCH_REL;
145 		break;
146 
147 	case OPT_RATEEST_BPS1:
148 		if (invert)
149 			xtables_error(PARAMETER_PROBLEM,
150 				   "rateest: rateest-bps can't be inverted");
151 
152 		if (*flags & (1 << c))
153 			xtables_error(PARAMETER_PROBLEM,
154 				   "rateest: can't specify --rateest-bps1 twice");
155 		*flags |= 1 << c;
156 
157 		info->flags |= XT_RATEEST_MATCH_BPS;
158 
159 		/* The rate is optional and only required in absolute mode */
160 		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
161 			break;
162 
163 		if (rateest_get_rate(&info->bps1, argv[optind]) < 0)
164 			xtables_error(PARAMETER_PROBLEM,
165 				   "rateest: could not parse rate `%s'",
166 				   argv[optind]);
167 		optind++;
168 		break;
169 
170 	case OPT_RATEEST_PPS1:
171 		if (invert)
172 			xtables_error(PARAMETER_PROBLEM,
173 				   "rateest: rateest-pps can't be inverted");
174 
175 		if (*flags & (1 << c))
176 			xtables_error(PARAMETER_PROBLEM,
177 				   "rateest: can't specify --rateest-pps1 twice");
178 		*flags |= 1 << c;
179 
180 		info->flags |= XT_RATEEST_MATCH_PPS;
181 
182 		/* The rate is optional and only required in absolute mode */
183 		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
184 			break;
185 
186 		if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
187 			xtables_error(PARAMETER_PROBLEM,
188 				   "rateest: could not parse pps `%s'",
189 				   argv[optind]);
190 		info->pps1 = val;
191 		optind++;
192 		break;
193 
194 	case OPT_RATEEST_BPS2:
195 		if (invert)
196 			xtables_error(PARAMETER_PROBLEM,
197 				   "rateest: rateest-bps can't be inverted");
198 
199 		if (*flags & (1 << c))
200 			xtables_error(PARAMETER_PROBLEM,
201 				   "rateest: can't specify --rateest-bps2 twice");
202 		*flags |= 1 << c;
203 
204 		info->flags |= XT_RATEEST_MATCH_BPS;
205 
206 		/* The rate is optional and only required in absolute mode */
207 		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
208 			break;
209 
210 		if (rateest_get_rate(&info->bps2, argv[optind]) < 0)
211 			xtables_error(PARAMETER_PROBLEM,
212 				   "rateest: could not parse rate `%s'",
213 				   argv[optind]);
214 		optind++;
215 		break;
216 
217 	case OPT_RATEEST_PPS2:
218 		if (invert)
219 			xtables_error(PARAMETER_PROBLEM,
220 				   "rateest: rateest-pps can't be inverted");
221 
222 		if (*flags & (1 << c))
223 			xtables_error(PARAMETER_PROBLEM,
224 				   "rateest: can't specify --rateest-pps2 twice");
225 		*flags |= 1 << c;
226 
227 		info->flags |= XT_RATEEST_MATCH_PPS;
228 
229 		/* The rate is optional and only required in absolute mode */
230 		if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
231 			break;
232 
233 		if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
234 			xtables_error(PARAMETER_PROBLEM,
235 				   "rateest: could not parse pps `%s'",
236 				   argv[optind]);
237 		info->pps2 = val;
238 		optind++;
239 		break;
240 
241 	case OPT_RATEEST_DELTA:
242 		if (invert)
243 			xtables_error(PARAMETER_PROBLEM,
244 				   "rateest: rateest-delta can't be inverted");
245 
246 		if (*flags & (1 << c))
247 			xtables_error(PARAMETER_PROBLEM,
248 				   "rateest: can't specify --rateest-delta twice");
249 		*flags |= 1 << c;
250 
251 		info->flags |= XT_RATEEST_MATCH_DELTA;
252 		break;
253 
254 	case OPT_RATEEST_EQ:
255 		if (*flags & (1 << c))
256 			xtables_error(PARAMETER_PROBLEM,
257 				   "rateest: can't specify lt/gt/eq twice");
258 		*flags |= 1 << c;
259 
260 		info->mode = XT_RATEEST_MATCH_EQ;
261 		if (invert)
262 			info->flags |= XT_RATEEST_MATCH_INVERT;
263 		break;
264 
265 	case OPT_RATEEST_LT:
266 		if (*flags & (1 << c))
267 			xtables_error(PARAMETER_PROBLEM,
268 				   "rateest: can't specify lt/gt/eq twice");
269 		*flags |= 1 << c;
270 
271 		info->mode = XT_RATEEST_MATCH_LT;
272 		if (invert)
273 			info->flags |= XT_RATEEST_MATCH_INVERT;
274 		break;
275 
276 	case OPT_RATEEST_GT:
277 		if (*flags & (1 << c))
278 			xtables_error(PARAMETER_PROBLEM,
279 				   "rateest: can't specify lt/gt/eq twice");
280 		*flags |= 1 << c;
281 
282 		info->mode = XT_RATEEST_MATCH_GT;
283 		if (invert)
284 			info->flags |= XT_RATEEST_MATCH_INVERT;
285 		break;
286 	}
287 
288 	return 1;
289 }
290 
rateest_final_check(struct xt_fcheck_call * cb)291 static void rateest_final_check(struct xt_fcheck_call *cb)
292 {
293 	struct xt_rateest_match_info *info = cb->data;
294 
295 	if (info == NULL)
296 		xtables_error(PARAMETER_PROBLEM, "rateest match: "
297 		           "you need to specify some flags");
298 	if (!(info->flags & XT_RATEEST_MATCH_REL))
299 		info->flags |= XT_RATEEST_MATCH_ABS;
300 }
301 
302 static void
rateest_print_rate(uint32_t rate,int numeric)303 rateest_print_rate(uint32_t rate, int numeric)
304 {
305 	double tmp = (double)rate*8;
306 
307 	if (numeric)
308 		printf(" %u", rate);
309 	else if (tmp >= 1000.0*1000000.0)
310 		printf(" %.0fMbit", tmp/1000000.0);
311 	else if (tmp >= 1000.0 * 1000.0)
312 		printf(" %.0fKbit", tmp/1000.0);
313 	else
314 		printf(" %.0fbit", tmp);
315 }
316 
317 static void
rateest_print_mode(const struct xt_rateest_match_info * info,const char * prefix)318 rateest_print_mode(const struct xt_rateest_match_info *info,
319                    const char *prefix)
320 {
321 	if (info->flags & XT_RATEEST_MATCH_INVERT)
322 		printf(" !");
323 
324 	switch (info->mode) {
325 	case XT_RATEEST_MATCH_EQ:
326 		printf(" %seq", prefix);
327 		break;
328 	case XT_RATEEST_MATCH_LT:
329 		printf(" %slt", prefix);
330 		break;
331 	case XT_RATEEST_MATCH_GT:
332 		printf(" %sgt", prefix);
333 		break;
334 	default:
335 		exit(1);
336 	}
337 }
338 
339 static void
rateest_print(const void * ip,const struct xt_entry_match * match,int numeric)340 rateest_print(const void *ip, const struct xt_entry_match *match, int numeric)
341 {
342 	const struct xt_rateest_match_info *info = (const void *)match->data;
343 
344 	printf(" rateest match ");
345 
346 	printf("%s", info->name1);
347 	if (info->flags & XT_RATEEST_MATCH_DELTA)
348 		printf(" delta");
349 
350 	if (info->flags & XT_RATEEST_MATCH_BPS) {
351 		printf(" bps");
352 		if (info->flags & XT_RATEEST_MATCH_DELTA)
353 			rateest_print_rate(info->bps1, numeric);
354 		if (info->flags & XT_RATEEST_MATCH_ABS) {
355 			rateest_print_rate(info->bps2, numeric);
356 			rateest_print_mode(info, "");
357 		}
358 	}
359 	if (info->flags & XT_RATEEST_MATCH_PPS) {
360 		printf(" pps");
361 		if (info->flags & XT_RATEEST_MATCH_DELTA)
362 			printf(" %u", info->pps1);
363 		if (info->flags & XT_RATEEST_MATCH_ABS) {
364 			rateest_print_mode(info, "");
365 			printf(" %u", info->pps2);
366 		}
367 	}
368 
369 	if (info->flags & XT_RATEEST_MATCH_REL) {
370 		rateest_print_mode(info, "");
371 
372 		printf(" %s", info->name2);
373 
374 		if (info->flags & XT_RATEEST_MATCH_BPS) {
375 			printf(" bps");
376 			if (info->flags & XT_RATEEST_MATCH_DELTA)
377 				rateest_print_rate(info->bps2, numeric);
378 		}
379 		if (info->flags & XT_RATEEST_MATCH_PPS) {
380 			printf(" pps");
381 			if (info->flags & XT_RATEEST_MATCH_DELTA)
382 				printf(" %u", info->pps2);
383 		}
384 	}
385 }
386 
__rateest_save_rate(const struct xt_rateest_match_info * info,const char * name,uint32_t r1,uint32_t r2,int numeric)387 static void __rateest_save_rate(const struct xt_rateest_match_info *info,
388                                 const char *name, uint32_t r1, uint32_t r2,
389                                 int numeric)
390 {
391 	if (info->flags & XT_RATEEST_MATCH_DELTA) {
392 		printf(" --rateest-%s1", name);
393 		rateest_print_rate(r1, numeric);
394 		rateest_print_mode(info, "--rateest-");
395 		printf(" --rateest-%s2", name);
396 	} else {
397 		rateest_print_mode(info, "--rateest-");
398 		printf(" --rateest-%s", name);
399 	}
400 
401 	if (info->flags & (XT_RATEEST_MATCH_ABS|XT_RATEEST_MATCH_DELTA))
402 		rateest_print_rate(r2, numeric);
403 }
404 
rateest_save_rates(const struct xt_rateest_match_info * info)405 static void rateest_save_rates(const struct xt_rateest_match_info *info)
406 {
407 	if (info->flags & XT_RATEEST_MATCH_BPS)
408 		__rateest_save_rate(info, "bps", info->bps1, info->bps2, 0);
409 	if (info->flags & XT_RATEEST_MATCH_PPS)
410 		__rateest_save_rate(info, "pps", info->pps1, info->pps2, 1);
411 }
412 
413 
414 static void
rateest_save(const void * ip,const struct xt_entry_match * match)415 rateest_save(const void *ip, const struct xt_entry_match *match)
416 {
417 	const struct xt_rateest_match_info *info = (const void *)match->data;
418 
419 	if (info->flags & XT_RATEEST_MATCH_DELTA)
420 		printf(" --rateest-delta");
421 
422 	if (info->flags & XT_RATEEST_MATCH_REL) {
423 		printf(" --rateest1 %s", info->name1);
424 		rateest_save_rates(info);
425 		printf(" --rateest2 %s", info->name2);
426 	} else { /* XT_RATEEST_MATCH_ABS */
427 		printf(" --rateest %s", info->name1);
428 		rateest_save_rates(info);
429 	}
430 }
431 
432 static struct xtables_match rateest_mt_reg = {
433 	.family		= NFPROTO_UNSPEC,
434 	.name		= "rateest",
435 	.version	= XTABLES_VERSION,
436 	.size		= XT_ALIGN(sizeof(struct xt_rateest_match_info)),
437 	.userspacesize	= XT_ALIGN(offsetof(struct xt_rateest_match_info, est1)),
438 	.help		= rateest_help,
439 	.parse		= rateest_parse,
440 	.x6_fcheck	= rateest_final_check,
441 	.print		= rateest_print,
442 	.save		= rateest_save,
443 	.extra_opts	= rateest_opts,
444 };
445 
_init(void)446 void _init(void)
447 {
448 	xtables_register_match(&rateest_mt_reg);
449 }
450