scottk/nDPId
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/nDPId.git synced 2025-10-30 01:42:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Unified nDPId/nDPIsrvd command line argument storage.

Browse Source 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This commit is contained in:
Toni Uhlig
2022-11-18 11:26:05 +01:00
parent 77ee336cc9
commit 64f6abfdbe
8 changed files with 261 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/build.yml vendored
View File

@@ -70,6 +70,7 @@ jobs:
run: |
./build/nDPId-test || test $? -eq 1
./build/nDPId -h || test $? -eq 1
./build/nDPIsrvd -h || test $? -eq 1
- name: Test DIFF
if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.ndpid_gcrypt, '-DNDPI_WITH_GCRYPT=OFF')
run: |

1
.gitlab-ci.yml
View File

@@ -53,6 +53,7 @@ build_and_test:
- cd ..
- ./build/nDPId-test || test $? -eq 1
- ./build/nDPId -h || test $? -eq 1
- ./build/nDPIsrvd -h || test $? -eq 1
# dameon start/stop test
- NUSER=nobody make -C ./build daemon VERBOSE=1
- NUSER=nobody make -C ./build daemon VERBOSE=1

21
config.h
View File

@@ -2,6 +2,7 @@
#define CONFIG_H 1
/* macros shared across multiple executables */
#define DEFAULT_CHUSER "nobody"
#define COLLECTOR_UNIX_SOCKET "/tmp/ndpid-collector.sock"
#define DISTRIBUTOR_UNIX_SOCKET "/tmp/ndpid-distributor.sock"
#define DISTRIBUTOR_HOST "127.0.0.1"
@@ -23,17 +24,17 @@
#define nDPId_MAX_IDLE_FLOWS_PER_THREAD (nDPId_MAX_FLOWS_PER_THREAD / 32u)
#define nDPId_MAX_READER_THREADS 32u
#define nDPId_ERROR_EVENT_THRESHOLD_N 16u
#define nDPId_ERROR_EVENT_THRESHOLD_TIME TIME_S_TO_US(10u) /* 10 sec */
#define nDPId_DAEMON_STATUS_INTERVAL TIME_S_TO_US(600u) /* 600 sec */
#define nDPId_ERROR_EVENT_THRESHOLD_TIME TIME_S_TO_US(10u) /* 10 sec */
#define nDPId_DAEMON_STATUS_INTERVAL TIME_S_TO_US(600u) /* 600 sec */
#define nDPId_MEMORY_PROFILING_LOG_INTERVAL TIME_S_TO_US(5u) /* 5 sec */
#define nDPId_COMPRESSION_SCAN_INTERVAL TIME_S_TO_US(20u) /* 20 sec */
#define nDPId_COMPRESSION_FLOW_INACTIVITY TIME_S_TO_US(30u) /* 30 sec */
#define nDPId_FLOW_SCAN_INTERVAL TIME_S_TO_US(10u) /* 10 sec */
#define nDPId_GENERIC_IDLE_TIME TIME_S_TO_US(600u) /* 600 sec */
#define nDPId_ICMP_IDLE_TIME TIME_S_TO_US(120u) /* 120 sec */
#define nDPId_TCP_IDLE_TIME TIME_S_TO_US(7440u) /* 7440 sec */
#define nDPId_UDP_IDLE_TIME TIME_S_TO_US(180u) /* 180 sec */
#define nDPId_TCP_POST_END_FLOW_TIME TIME_S_TO_US(120u) /* 120 sec */
#define nDPId_COMPRESSION_SCAN_INTERVAL TIME_S_TO_US(20u) /* 20 sec */
#define nDPId_COMPRESSION_FLOW_INACTIVITY TIME_S_TO_US(30u) /* 30 sec */
#define nDPId_FLOW_SCAN_INTERVAL TIME_S_TO_US(10u) /* 10 sec */
#define nDPId_GENERIC_IDLE_TIME TIME_S_TO_US(600u) /* 600 sec */
#define nDPId_ICMP_IDLE_TIME TIME_S_TO_US(120u) /* 120 sec */
#define nDPId_TCP_IDLE_TIME TIME_S_TO_US(7440u) /* 7440 sec */
#define nDPId_UDP_IDLE_TIME TIME_S_TO_US(180u) /* 180 sec */
#define nDPId_TCP_POST_END_FLOW_TIME TIME_S_TO_US(120u) /* 120 sec */
#define nDPId_THREAD_DISTRIBUTION_SEED 0x03dd018b
#define nDPId_PACKETS_PER_FLOW_TO_SEND 15u
#define nDPId_PACKETS_PER_FLOW_TO_PROCESS NDPI_DEFAULT_MAX_NUM_PKTS_PER_FLOW_TO_DISSECT

4
nDPId-test.c
View File

@@ -1141,13 +1141,13 @@ int main(int argc, char ** argv)
nDPId_options.memory_profiling_log_interval = (unsigned long long int)-1;
nDPId_options.reader_thread_count = 1; /* Please do not change this! Generating meaningful pcap diff's relies on a
single reader thread! */
nDPId_options.instance_alias = strdup("nDPId-test");
set_cmdarg(&nDPId_options.instance_alias, "nDPId-test");
if (access(argv[1], R_OK) != 0)
{
logger(1, "%s: pcap file `%s' does not exist or is not readable", argv[0], argv[1]);
return 1;
}
nDPId_options.pcap_file_or_interface = strdup(argv[1]);
set_cmdarg(&nDPId_options.pcap_file_or_interface, argv[1]);
if (validate_options() != 0)
{
return 1;

179
nDPId.c
View File

@@ -441,27 +441,27 @@ static MT_VALUE(zlib_compression_bytes, uint64_t) = MT_INIT(0);
static struct
{
/* opts */
char * pcap_file_or_interface;
struct cmdarg pcap_file_or_interface;
struct cmdarg bpf_str;
struct cmdarg pidfile;
struct cmdarg user;
struct cmdarg group;
struct cmdarg custom_protocols_file;
struct cmdarg custom_categories_file;
struct cmdarg custom_ja3_file;
struct cmdarg custom_sha1_file;
struct cmdarg collector_address;
struct cmdarg instance_alias;
union nDPId_ip pcap_dev_ip4, pcap_dev_ip6;
union nDPId_ip pcap_dev_netmask4, pcap_dev_netmask6;
union nDPId_ip pcap_dev_subnet4, pcap_dev_subnet6;
uint8_t process_internal_initial_direction;
uint8_t process_external_initial_direction;
char * bpf_str;
char pidfile[UNIX_PATH_MAX];
char * user;
char * group;
char * custom_protocols_file;
char * custom_categories_file;
char * custom_ja3_file;
char * custom_sha1_file;
char collector_address[UNIX_PATH_MAX];
#ifdef ENABLE_ZLIB
uint8_t enable_zlib_compression;
#endif
uint8_t enable_data_analysis;
/* subopts */
char * instance_alias;
unsigned long long int max_flows_per_thread;
unsigned long long int max_idle_flows_per_thread;
unsigned long long int reader_thread_count;
@@ -484,9 +484,17 @@ static struct
unsigned long long int max_packets_per_flow_to_analyse;
unsigned long long int error_event_threshold_n;
unsigned long long int error_event_threshold_time;
} nDPId_options = {.pidfile = nDPId_PIDFILE,
.user = "nobody",
.collector_address = COLLECTOR_UNIX_SOCKET,
} nDPId_options = {.pcap_file_or_interface = CMDARG(NULL),
.bpf_str = CMDARG(NULL),
.pidfile = CMDARG(nDPId_PIDFILE),
.user = CMDARG(DEFAULT_CHUSER),
.group = CMDARG(NULL),
.custom_protocols_file = CMDARG(NULL),
.custom_categories_file = CMDARG(NULL),
.custom_ja3_file = CMDARG(NULL),
.custom_sha1_file = CMDARG(NULL),
.collector_address = CMDARG(COLLECTOR_UNIX_SOCKET),
.instance_alias = CMDARG(NULL),
.max_flows_per_thread = nDPId_MAX_FLOWS_PER_THREAD / 2,
.max_idle_flows_per_thread = nDPId_MAX_IDLE_FLOWS_PER_THREAD / 2,
.reader_thread_count = nDPId_MAX_READER_THREADS / 2,
@@ -986,7 +994,7 @@ static int get_ip6_address_and_netmask(char const * const ifa_name, size_t ifnam
logger(0,
"%s IPv6 address/prefix netmask subnet: %s/%u %s %s",
nDPId_options.pcap_file_or_interface,
get_cmdarg(&nDPId_options.pcap_file_or_interface),
addr6,
plen,
netmask6,
@@ -1053,7 +1061,7 @@ static int get_ip4_address_and_netmask(char const * const ifa_name, size_t ifnam
void * ssubn = &nDPId_options.pcap_dev_subnet4.v4.ip;
logger(0,
"%s IPv4 address netmask subnet: %s %s %s",
nDPId_options.pcap_file_or_interface,
get_cmdarg(&nDPId_options.pcap_file_or_interface),
inet_ntop(AF_INET, saddr, addr, sizeof(addr)),
inet_ntop(AF_INET, snetm, netm, sizeof(netm)),
inet_ntop(AF_INET, ssubn, subn, sizeof(subn)));
@@ -1236,10 +1244,10 @@ static struct nDPId_workflow * init_workflow(char const * const file_or_device)
return NULL;
}
if (nDPId_options.bpf_str != NULL)
if (is_cmdarg_set(&nDPId_options.bpf_str) != 0)
{
struct bpf_program fp;
if (pcap_compile(workflow->pcap_handle, &fp, nDPId_options.bpf_str, 1, PCAP_NETMASK_UNKNOWN) != 0)
if (pcap_compile(workflow->pcap_handle, &fp, get_cmdarg(&nDPId_options.bpf_str), 1, PCAP_NETMASK_UNKNOWN) != 0)
{
logger_early(1, "pcap_compile: %s", pcap_geterr(workflow->pcap_handle));
free_workflow(&workflow);
@@ -1292,21 +1300,21 @@ static struct nDPId_workflow * init_workflow(char const * const file_or_device)
NDPI_PROTOCOL_BITMASK protos;
NDPI_BITMASK_SET_ALL(protos);
ndpi_set_protocol_detection_bitmask2(workflow->ndpi_struct, &protos);
if (nDPId_options.custom_protocols_file != NULL)
if (is_cmdarg_set(&nDPId_options.custom_protocols_file) != 0)
{
ndpi_load_protocols_file(workflow->ndpi_struct, nDPId_options.custom_protocols_file);
ndpi_load_protocols_file(workflow->ndpi_struct, get_cmdarg(&nDPId_options.custom_protocols_file));
}
if (nDPId_options.custom_categories_file != NULL)
if (is_cmdarg_set(&nDPId_options.custom_categories_file) != 0)
{
ndpi_load_categories_file(workflow->ndpi_struct, nDPId_options.custom_categories_file, NULL);
ndpi_load_categories_file(workflow->ndpi_struct, get_cmdarg(&nDPId_options.custom_categories_file), NULL);
}
if (nDPId_options.custom_ja3_file != NULL)
if (is_cmdarg_set(&nDPId_options.custom_ja3_file) != 0)
{
ndpi_load_malicious_ja3_file(workflow->ndpi_struct, nDPId_options.custom_ja3_file);
ndpi_load_malicious_ja3_file(workflow->ndpi_struct, get_cmdarg(&nDPId_options.custom_ja3_file));
}
if (nDPId_options.custom_sha1_file != NULL)
if (is_cmdarg_set(&nDPId_options.custom_sha1_file) != 0)
{
ndpi_load_malicious_sha1_file(workflow->ndpi_struct, nDPId_options.custom_sha1_file);
ndpi_load_malicious_sha1_file(workflow->ndpi_struct, get_cmdarg(&nDPId_options.custom_sha1_file));
}
ndpi_finalize_initialization(workflow->ndpi_struct);
@@ -1484,28 +1492,30 @@ static int setup_reader_threads(void)
return 1;
}
if (nDPId_options.pcap_file_or_interface == NULL)
if (is_cmdarg_set(&nDPId_options.pcap_file_or_interface) == 0)
{
nDPId_options.pcap_file_or_interface = get_default_pcapdev(pcap_error_buffer);
if (nDPId_options.pcap_file_or_interface == NULL)
char * const pcapdev = get_default_pcapdev(pcap_error_buffer);
set_cmdarg(&nDPId_options.pcap_file_or_interface, pcapdev);
free(pcapdev);
if (is_cmdarg_set(&nDPId_options.pcap_file_or_interface) == 0)
{
logger_early(1, "pcap_lookupdev: %.*s", (int)PCAP_ERRBUF_SIZE, pcap_error_buffer);
return 1;
}
logger_early(0, "Capturing packets from default device: %s", nDPId_options.pcap_file_or_interface);
logger_early(0, "Capturing packets from default device: %s", get_cmdarg(&nDPId_options.pcap_file_or_interface));
}
errno = 0;
if (access(nDPId_options.pcap_file_or_interface, R_OK) != 0 && errno == ENOENT)
if (access(get_cmdarg(&nDPId_options.pcap_file_or_interface), R_OK) != 0 && errno == ENOENT)
{
errno = 0;
if (get_ip_netmask_from_pcap_dev(nDPId_options.pcap_file_or_interface) != 0)
if (get_ip_netmask_from_pcap_dev(get_cmdarg(&nDPId_options.pcap_file_or_interface)) != 0)
{
if (errno != 0)
{
logger_early(1,
"Could not get netmask for pcap device %s: %s",
nDPId_options.pcap_file_or_interface,
get_cmdarg(&nDPId_options.pcap_file_or_interface),
strerror(errno));
}
return 1;
@@ -1527,7 +1537,7 @@ static int setup_reader_threads(void)
for (unsigned long long int i = 0; i < nDPId_options.reader_thread_count; ++i)
{
reader_threads[i].workflow = init_workflow(nDPId_options.pcap_file_or_interface);
reader_threads[i].workflow = init_workflow(get_cmdarg(&nDPId_options.pcap_file_or_interface));
if (reader_threads[i].workflow == NULL)
{
return 1;
@@ -1981,8 +1991,10 @@ static void jsonize_basic(struct nDPId_reader_thread * const reader_thread, int
ndpi_serialize_string_int32(&workflow->ndpi_serializer, "thread_id", reader_thread->array_index);
}
ndpi_serialize_string_uint32(&workflow->ndpi_serializer, "packet_id", workflow->packets_captured);
ndpi_serialize_string_string(&workflow->ndpi_serializer, "source", nDPId_options.pcap_file_or_interface);
ndpi_serialize_string_string(&workflow->ndpi_serializer, "alias", nDPId_options.instance_alias);
ndpi_serialize_string_string(&workflow->ndpi_serializer,
"source",
get_cmdarg(&nDPId_options.pcap_file_or_interface));
ndpi_serialize_string_string(&workflow->ndpi_serializer, "alias", get_cmdarg(&nDPId_options.instance_alias));
}
static void jsonize_daemon(struct nDPId_reader_thread * const reader_thread, enum daemon_event event)
@@ -2232,7 +2244,7 @@ static void send_to_collector(struct nDPId_reader_thread * const reader_thread,
"[%8llu, %zu] Reconnected to nDPIsrvd Collector at %s",
workflow->packets_captured,
reader_thread->array_index,
nDPId_options.collector_address);
get_cmdarg(&nDPId_options.collector_address));
jsonize_daemon(reader_thread, DAEMON_EVENT_RECONNECT);
}
}
@@ -2244,7 +2256,7 @@ static void send_to_collector(struct nDPId_reader_thread * const reader_thread,
"[%8llu, %zu] Could not connect to nDPIsrvd Collector at %s, will try again later. Error: %s",
workflow->packets_captured,
reader_thread->array_index,
nDPId_options.collector_address,
get_cmdarg(&nDPId_options.collector_address),
(reader_thread->collector_sock_last_errno != 0
? strerror(reader_thread->collector_sock_last_errno)
: "Internal Error."));
@@ -2275,7 +2287,7 @@ static void send_to_collector(struct nDPId_reader_thread * const reader_thread,
workflow->packets_captured,
reader_thread->array_index,
(collector_address.raw.sa_family == AF_UNIX ? "Connection" : "Datagram"),
nDPId_options.collector_address);
get_cmdarg(&nDPId_options.collector_address));
}
reader_thread->collector_sock_last_errno = saved_errno;
}
@@ -2302,7 +2314,7 @@ static void send_to_collector(struct nDPId_reader_thread * const reader_thread,
"[%8llu, %zu] Send data (blocking I/O) to nDPIsrvd Collector at %s failed: %s",
workflow->packets_captured,
reader_thread->array_index,
nDPId_options.collector_address,
get_cmdarg(&nDPId_options.collector_address),
strerror(saved_errno));
reader_thread->collector_sock_last_errno = saved_errno;
break;
@@ -4476,7 +4488,7 @@ static void * processing_thread(void * const ndpi_thread_arg)
logger(1,
"Thread %zu: Could not connect to nDPIsrvd Collector at %s, will try again later. Error: %s",
reader_thread->array_index,
nDPId_options.collector_address,
get_cmdarg(&nDPId_options.collector_address),
(reader_thread->collector_sock_last_errno != 0 ? strerror(reader_thread->collector_sock_last_errno)
: "Internal Error."));
}
@@ -4516,30 +4528,33 @@ static int start_reader_threads(void)
return 1;
}
if (daemonize_with_pidfile(nDPId_options.pidfile) != 0)
if (daemonize_with_pidfile(get_cmdarg(&nDPId_options.pidfile)) != 0)
{
return 1;
}
errno = 0;
if (nDPId_options.user != NULL &&
change_user_group(nDPId_options.user, nDPId_options.group, nDPId_options.pidfile, NULL, NULL) != 0 &&
if (change_user_group(get_cmdarg(&nDPId_options.user),
get_cmdarg(&nDPId_options.group),
get_cmdarg(&nDPId_options.pidfile),
NULL,
NULL) != 0 &&
errno != EPERM)
{
if (errno != 0)
{
logger(1,
"Change user/group to %s/%s failed: %s",
(nDPId_options.user != NULL ? nDPId_options.user : "-"),
(nDPId_options.group != NULL ? nDPId_options.group : "-"),
get_cmdarg(&nDPId_options.user),
get_cmdarg(&nDPId_options.group),
strerror(errno));
}
else
{
logger(1,
"Change user/group to %s/%s failed.",
(nDPId_options.user != NULL ? nDPId_options.user : "-"),
(nDPId_options.group != NULL ? nDPId_options.group : "-"));
get_cmdarg(&nDPId_options.user),
get_cmdarg(&nDPId_options.group));
}
return 1;
}
@@ -4816,10 +4831,8 @@ static void print_subopt_usage(void)
} while (1);
}
static int nDPId_parse_options(int argc, char ** argv)
static void print_usage(char const * const arg0)
{
int opt;
static char const usage[] =
"Usage: %s "
"[-i pcap-file/interface] [-I] [-E] [-B bpf-filter]\n"
@@ -4844,9 +4857,12 @@ static int nDPId_parse_options(int argc, char ** argv)
"\t-l\tLog all messages to stderr.\n"
"\t-L\tLog all messages to a log file.\n"
"\t-c\tPath to a UNIX socket (nDPIsrvd Collector) or a custom UDP endpoint.\n"
"\t-d\tForking into background after initialization.\n"
"\t \tDefault: %s\n"
"\t-d\tFork into background after initialization.\n"
"\t-p\tWrite the daemon PID to the given file path.\n"
"\t \tDefault: %s\n"
"\t-u\tChange UID to the numeric value of user.\n"
"\t \tDefault: %s\n"
"\t-g\tChange GID to the numeric value of group.\n"
"\t-P\tLoad a nDPI custom protocols file.\n"
"\t-C\tLoad a nDPI custom categories file.\n"
@@ -4867,13 +4883,24 @@ static int nDPId_parse_options(int argc, char ** argv)
"\t-o\t(Carefully) Tune some daemon options. See subopts below.\n"
"\t-v\tversion\n"
"\t-h\tthis\n\n";
fprintf(stderr,
usage,
arg0,
get_cmdarg(&nDPId_options.collector_address),
get_cmdarg(&nDPId_options.pidfile),
get_cmdarg(&nDPId_options.user));
}
static int nDPId_parse_options(int argc, char ** argv)
{
int opt;
while ((opt = getopt(argc, argv, "i:IEB:lL:c:dp:u:g:P:C:J:S:a:Azo:vh")) != -1)
{
switch (opt)
{
case 'i':
nDPId_options.pcap_file_or_interface = strdup(optarg);
set_cmdarg(&nDPId_options.pcap_file_or_interface, optarg);
break;
case 'I':
nDPId_options.process_internal_initial_direction = 1;
@@ -4882,7 +4909,7 @@ static int nDPId_parse_options(int argc, char ** argv)
nDPId_options.process_external_initial_direction = 1;
break;
case 'B':
nDPId_options.bpf_str = strdup(optarg);
set_cmdarg(&nDPId_options.bpf_str, optarg);
break;
case 'l':
enable_console_logger();
@@ -4894,36 +4921,34 @@ static int nDPId_parse_options(int argc, char ** argv)
}
break;
case 'c':
strncpy(nDPId_options.collector_address, optarg, sizeof(nDPId_options.collector_address) - 1);
nDPId_options.collector_address[sizeof(nDPId_options.collector_address) - 1] = '\0';
set_cmdarg(&nDPId_options.collector_address, optarg);
break;
case 'd':
daemonize_enable();
break;
case 'p':
strncpy(nDPId_options.pidfile, optarg, sizeof(nDPId_options.pidfile) - 1);
nDPId_options.pidfile[sizeof(nDPId_options.pidfile) - 1] = '\0';
set_cmdarg(&nDPId_options.pidfile, optarg);
break;
case 'u':
nDPId_options.user = strdup(optarg);
set_cmdarg(&nDPId_options.user, optarg);
break;
case 'g':
nDPId_options.group = strdup(optarg);
set_cmdarg(&nDPId_options.group, optarg);
break;
case 'P':
nDPId_options.custom_protocols_file = strdup(optarg);
set_cmdarg(&nDPId_options.custom_protocols_file, optarg);
break;
case 'C':
nDPId_options.custom_categories_file = strdup(optarg);
set_cmdarg(&nDPId_options.custom_categories_file, optarg);
break;
case 'J':
nDPId_options.custom_ja3_file = strdup(optarg);
set_cmdarg(&nDPId_options.custom_ja3_file, optarg);
break;
case 'S':
nDPId_options.custom_sha1_file = strdup(optarg);
set_cmdarg(&nDPId_options.custom_sha1_file, optarg);
break;
case 'a':
nDPId_options.instance_alias = strdup(optarg);
set_cmdarg(&nDPId_options.instance_alias, optarg);
break;
case 'A':
nDPId_options.enable_data_analysis = 1;
@@ -4950,7 +4975,7 @@ static int nDPId_parse_options(int argc, char ** argv)
{
logger_early(1, "Missing value for `%s'", subopt_token[subopt]);
fprintf(stderr, "%s", "\n");
fprintf(stderr, usage, argv[0]);
print_usage(argv[0]);
print_subopt_usage();
return 1;
}
@@ -4958,7 +4983,7 @@ static int nDPId_parse_options(int argc, char ** argv)
{
logger_early(1, "Invalid subopt: %s", value);
fprintf(stderr, "%s", "\n");
fprintf(stderr, usage, argv[0]);
print_usage(argv[0]);
print_subopt_usage();
return 1;
}
@@ -5045,7 +5070,7 @@ static int nDPId_parse_options(int argc, char ** argv)
case 'h':
default:
fprintf(stderr, "%s\n", get_nDPId_version());
fprintf(stderr, usage, argv[0]);
print_usage(argv[0]);
print_subopt_usage();
return 1;
}
@@ -5055,7 +5080,7 @@ static int nDPId_parse_options(int argc, char ** argv)
{
logger_early(1, "%s", "Unexpected argument after options");
fprintf(stderr, "%s", "\n");
fprintf(stderr, usage, argv[0]);
print_usage(argv[0]);
print_subopt_usage();
return 1;
}
@@ -5090,12 +5115,12 @@ static int validate_options(void)
}
}
#endif
if (nDPIsrvd_setup_address(&collector_address, nDPId_options.collector_address) != 0)
if (nDPIsrvd_setup_address(&collector_address, get_cmdarg(&nDPId_options.collector_address)) != 0)
{
retval = 1;
logger_early(1, "Collector socket invalid address: %s.", nDPId_options.collector_address);
logger_early(1, "Collector socket invalid address: %s.", get_cmdarg(&nDPId_options.collector_address));
}
if (nDPId_options.instance_alias == NULL)
if (is_cmdarg_set(&nDPId_options.instance_alias) == 0)
{
char hname[256];
@@ -5107,9 +5132,11 @@ static int validate_options(void)
}
else
{
nDPId_options.instance_alias = strdup(hname);
logger_early(1, "No instance alias given, using your hostname '%s'", nDPId_options.instance_alias);
if (nDPId_options.instance_alias == NULL)
set_cmdarg(&nDPId_options.instance_alias, hname);
logger_early(1,
"No instance alias given, using your hostname '%s'",
get_cmdarg(&nDPId_options.instance_alias));
if (is_cmdarg_set(&nDPId_options.instance_alias) == 0)
{
retval = 1;
}
@@ -5285,7 +5312,7 @@ int main(int argc, char ** argv)
}
free_reader_threads();
daemonize_shutdown(nDPId_options.pidfile);
daemonize_shutdown(get_cmdarg(&nDPId_options.pidfile));
logger(0, "%s", "Bye.");
shutdown_logging();

164
nDPIsrvd.c
View File

@@ -84,19 +84,24 @@ static struct nDPIsrvd_address distributor_in_address = {
static struct
{
char * pidfile;
char * collector_un_sockpath;
char * distributor_un_sockpath;
char * distributor_in_address;
struct cmdarg pidfile;
struct cmdarg collector_un_sockpath;
struct cmdarg distributor_un_sockpath;
struct cmdarg distributor_in_address;
struct cmdarg user;
struct cmdarg group;
nDPIsrvd_ull max_remote_descriptors;
char * user;
char * group;
nDPIsrvd_ull max_write_buffers;
int bufferbloat_fallback_to_blocking;
} nDPIsrvd_options = {.max_remote_descriptors = nDPIsrvd_MAX_REMOTE_DESCRIPTORS,
} nDPIsrvd_options = {.pidfile = CMDARG(nDPIsrvd_PIDFILE),
.collector_un_sockpath = CMDARG(COLLECTOR_UNIX_SOCKET),
.distributor_un_sockpath = CMDARG(DISTRIBUTOR_UNIX_SOCKET),
.distributor_in_address = CMDARG(NULL),
.user = CMDARG(DEFAULT_CHUSER),
.group = CMDARG(NULL),
.max_remote_descriptors = nDPIsrvd_MAX_REMOTE_DESCRIPTORS,
.max_write_buffers = nDPIsrvd_MAX_WRITE_BUFFERS,
.bufferbloat_fallback_to_blocking = 1,
.user = "nobody"};
.bufferbloat_fallback_to_blocking = 1};
static void logger_nDPIsrvd(struct remote_desc const * const remote,
char const * const prefix,
@@ -457,7 +462,7 @@ static int create_listen_sockets(void)
return 1;
}
if (nDPIsrvd_options.distributor_in_address != NULL)
if (is_cmdarg_set(&nDPIsrvd_options.distributor_in_address) != 0)
{
distributor_in_sockfd = socket(distributor_in_address.raw.sa_family, SOCK_STREAM, 0);
if (distributor_in_sockfd < 0)
@@ -487,7 +492,7 @@ static int create_listen_sockets(void)
int written = snprintf(collector_addr.sun_path,
sizeof(collector_addr.sun_path),
"%s",
nDPIsrvd_options.collector_un_sockpath);
get_cmdarg(&nDPIsrvd_options.collector_un_sockpath));
if (written < 0)
{
logger(1, "snprintf failed: %s", strerror(errno));
@@ -497,7 +502,7 @@ static int create_listen_sockets(void)
{
logger(1,
"Collector UNIX socket path too long, current/max: %zu/%zu",
strlen(nDPIsrvd_options.collector_un_sockpath),
strlen(get_cmdarg(&nDPIsrvd_options.collector_un_sockpath)),
sizeof(collector_addr.sun_path) - 1);
return 1;
}
@@ -506,7 +511,7 @@ static int create_listen_sockets(void)
{
logger(1,
"Error binding Collector UNIX socket to `%s': %s",
nDPIsrvd_options.collector_un_sockpath,
get_cmdarg(&nDPIsrvd_options.collector_un_sockpath),
strerror(errno));
return 1;
}
@@ -518,7 +523,7 @@ static int create_listen_sockets(void)
int written = snprintf(distributor_addr.sun_path,
sizeof(distributor_addr.sun_path),
"%s",
nDPIsrvd_options.distributor_un_sockpath);
get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath));
if (written < 0)
{
logger(1, "snprintf failed: %s", strerror(errno));
@@ -528,7 +533,7 @@ static int create_listen_sockets(void)
{
logger(1,
"Distributor UNIX socket path too long, current/max: %zu/%zu",
strlen(nDPIsrvd_options.distributor_un_sockpath),
strlen(get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath)),
sizeof(distributor_addr.sun_path) - 1);
return 2;
}
@@ -537,19 +542,19 @@ static int create_listen_sockets(void)
{
logger(1,
"Error binding Distributor socket to `%s': %s",
nDPIsrvd_options.distributor_un_sockpath,
get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath),
strerror(errno));
return 2;
}
}
if (nDPIsrvd_options.distributor_in_address != NULL)
if (is_cmdarg_set(&nDPIsrvd_options.distributor_in_address) != 0)
{
if (bind(distributor_in_sockfd, &distributor_in_address.raw, distributor_in_address.size) < 0)
{
logger(1,
"Error binding Distributor TCP/IP socket to %s: %s",
nDPIsrvd_options.distributor_in_address,
get_cmdarg(&nDPIsrvd_options.distributor_in_address),
strerror(errno));
return 3;
}
@@ -557,7 +562,7 @@ static int create_listen_sockets(void)
{
logger(1,
"Error listening Distributor TCP/IP socket to %s: %s",
nDPIsrvd_options.distributor_in_address,
get_cmdarg(&nDPIsrvd_options.distributor_in_address),
strerror(errno));
return 3;
}
@@ -565,7 +570,7 @@ static int create_listen_sockets(void)
{
logger(1,
"Error setting Distributor TCP/IP socket %s to non-blocking mode: %s",
nDPIsrvd_options.distributor_in_address,
get_cmdarg(&nDPIsrvd_options.distributor_in_address),
strerror(errno));
return 3;
}
@@ -581,7 +586,7 @@ static int create_listen_sockets(void)
{
logger(1,
"Error setting Collector UNIX socket `%s' to non-blocking mode: %s",
nDPIsrvd_options.collector_un_sockpath,
get_cmdarg(&nDPIsrvd_options.collector_un_sockpath),
strerror(errno));
return 3;
}
@@ -590,7 +595,7 @@ static int create_listen_sockets(void)
{
logger(1,
"Error setting Distributor UNIX socket `%s' to non-blocking mode: %s",
nDPIsrvd_options.distributor_un_sockpath,
get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath),
strerror(errno));
return 3;
}
@@ -800,23 +805,19 @@ static int nDPIsrvd_parse_options(int argc, char ** argv)
}
break;
case 'c':
free(nDPIsrvd_options.collector_un_sockpath);
nDPIsrvd_options.collector_un_sockpath = strdup(optarg);
set_cmdarg(&nDPIsrvd_options.collector_un_sockpath, optarg);
break;
case 'd':
daemonize_enable();
break;
case 'p':
free(nDPIsrvd_options.pidfile);
nDPIsrvd_options.pidfile = strdup(optarg);
set_cmdarg(&nDPIsrvd_options.pidfile, optarg);
break;
case 's':
free(nDPIsrvd_options.distributor_un_sockpath);
nDPIsrvd_options.distributor_un_sockpath = strdup(optarg);
set_cmdarg(&nDPIsrvd_options.distributor_un_sockpath, optarg);
break;
case 'S':
free(nDPIsrvd_options.distributor_in_address);
nDPIsrvd_options.distributor_in_address = strdup(optarg);
set_cmdarg(&nDPIsrvd_options.distributor_in_address, optarg);
break;
case 'm':
if (str_value_to_ull(optarg, &nDPIsrvd_options.max_remote_descriptors) != CONVERSION_OK)
@@ -826,11 +827,10 @@ static int nDPIsrvd_parse_options(int argc, char ** argv)
}
break;
case 'u':
nDPIsrvd_options.user = strdup(optarg);
set_cmdarg(&nDPIsrvd_options.user, optarg);
break;
case 'g':
free(nDPIsrvd_options.group);
nDPIsrvd_options.group = strdup(optarg);
set_cmdarg(&nDPIsrvd_options.group, optarg);
break;
case 'C':
if (str_value_to_ull(optarg, &nDPIsrvd_options.max_write_buffers) != CONVERSION_OK)
@@ -853,44 +853,57 @@ static int nDPIsrvd_parse_options(int argc, char ** argv)
"\t[-s path-to-distributor-unix-socket] [-S distributor-host:port]\n"
"\t[-m max-remote-descriptors] [-u user] [-g group]\n"
"\t[-C max-buffered-json-lines] [-D]\n"
"\t[-v] [-h]\n",
argv[0]);
"\t[-v] [-h]\n\n"
"\t-l\tLog all messages to stderr.\n"
"\t-L\tLog all messages to a log file.\n"
"\t-c\tPath to a listening UNIX socket (nDPIsrvd Collector).\n"
"\t \tDefault: %s\n"
"\t-d\tFork into background after initialization.\n"
"\t-p\tWrite the daemon PID to the given file path.\n"
"\t \tDefault: %s\n"
"\t-m\tMax accepted (Collector and Distributor) clients.\n"
"\t-u\tChange UID to the numeric value of user.\n"
"\t \tDefault: %s\n"
"\t-g\tChange GID to the numeric value of group.\n"
"\t-C\tMax buffered JSON lines before nDPIsrvd disconnects/blocking-IO a client.\n"
"\t-D\tDisconnect a slow client instead of falling back to blocking-IO.\n"
"\t-s\tPath to a listening UNIX socket (nDPIsrvd Distributor).\n"
"\t \tDefault: %s\n"
"\t-S\tAddress:Port of the listening TCP/IP socket (nDPIsrvd Distributor).\n"
"\t-v\tversion\n"
"\t-h\tthis\n\n",
argv[0],
get_cmdarg(&nDPIsrvd_options.collector_un_sockpath),
get_cmdarg(&nDPIsrvd_options.pidfile),
get_cmdarg(&nDPIsrvd_options.user),
get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath));
return 1;
}
}
if (nDPIsrvd_options.pidfile == NULL)
{
nDPIsrvd_options.pidfile = strdup(nDPIsrvd_PIDFILE);
}
if (is_path_absolute("Pidfile", nDPIsrvd_options.pidfile) != 0)
if (is_path_absolute("Pidfile", get_cmdarg(&nDPIsrvd_options.pidfile)) != 0)
{
return 1;
}
if (nDPIsrvd_options.collector_un_sockpath == NULL)
{
nDPIsrvd_options.collector_un_sockpath = strdup(COLLECTOR_UNIX_SOCKET);
}
if (is_path_absolute("Collector UNIX socket", nDPIsrvd_options.collector_un_sockpath) != 0)
if (is_path_absolute("Collector UNIX socket", get_cmdarg(&nDPIsrvd_options.collector_un_sockpath)) != 0)
{
return 1;
}
if (nDPIsrvd_options.distributor_un_sockpath == NULL)
{
nDPIsrvd_options.distributor_un_sockpath = strdup(DISTRIBUTOR_UNIX_SOCKET);
}
if (is_path_absolute("Distributor UNIX socket", nDPIsrvd_options.distributor_un_sockpath) != 0)
if (is_path_absolute("Distributor UNIX socket", get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath)) != 0)
{
return 1;
}
if (nDPIsrvd_options.distributor_in_address != NULL)
if (is_cmdarg_set(&nDPIsrvd_options.distributor_in_address) != 0)
{
if (nDPIsrvd_setup_address(&distributor_in_address, nDPIsrvd_options.distributor_in_address) != 0)
if (nDPIsrvd_setup_address(&distributor_in_address, get_cmdarg(&nDPIsrvd_options.distributor_in_address)) != 0)
{
logger_early(1, "%s: Could not parse address %s", argv[0], nDPIsrvd_options.distributor_in_address);
logger_early(1,
"%s: Could not parse address %s",
argv[0],
get_cmdarg(&nDPIsrvd_options.distributor_in_address));
return 1;
}
if (distributor_in_address.raw.sa_family == AF_UNIX)
@@ -898,8 +911,8 @@ static int nDPIsrvd_parse_options(int argc, char ** argv)
logger_early(1,
"%s: You've requested to setup another UNIX socket `%s', but there is already one at `%s'",
argv[0],
nDPIsrvd_options.distributor_in_address,
nDPIsrvd_options.distributor_un_sockpath);
get_cmdarg(&nDPIsrvd_options.distributor_in_address),
get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath));
return 1;
}
}
@@ -1536,27 +1549,27 @@ int main(int argc, char ** argv)
return 1;
}
if (access(nDPIsrvd_options.collector_un_sockpath, F_OK) == 0)
if (access(get_cmdarg(&nDPIsrvd_options.collector_un_sockpath), F_OK) == 0)
{
logger_early(1,
"UNIX socket `%s' exists; nDPIsrvd already running? "
"Please remove the socket manually or change socket path.",
nDPIsrvd_options.collector_un_sockpath);
get_cmdarg(&nDPIsrvd_options.collector_un_sockpath));
return 1;
}
if (access(nDPIsrvd_options.distributor_un_sockpath, F_OK) == 0)
if (access(get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath), F_OK) == 0)
{
logger_early(1,
"UNIX socket `%s' exists; nDPIsrvd already running? "
"Please remove the socket manually or change socket path.",
nDPIsrvd_options.distributor_un_sockpath);
get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath));
return 1;
}
log_app_info();
if (daemonize_with_pidfile(nDPIsrvd_options.pidfile) != 0)
if (daemonize_with_pidfile(get_cmdarg(&nDPIsrvd_options.pidfile)) != 0)
{
goto error;
}
@@ -1573,7 +1586,7 @@ int main(int argc, char ** argv)
case 1:
goto error;
case 2:
unlink(nDPIsrvd_options.collector_un_sockpath);
unlink(get_cmdarg(&nDPIsrvd_options.collector_un_sockpath));
goto error;
case 3:
goto error_unlink_sockets;
@@ -1581,8 +1594,8 @@ int main(int argc, char ** argv)
goto error;
}
logger(0, "collector UNIX socket listen on `%s'", nDPIsrvd_options.collector_un_sockpath);
logger(0, "distributor UNIX listen on `%s'", nDPIsrvd_options.distributor_un_sockpath);
logger(0, "collector UNIX socket listen on `%s'", get_cmdarg(&nDPIsrvd_options.collector_un_sockpath));
logger(0, "distributor UNIX listen on `%s'", get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath));
switch (distributor_in_address.raw.sa_family)
{
default:
@@ -1599,28 +1612,27 @@ int main(int argc, char ** argv)
}
errno = 0;
if (nDPIsrvd_options.user != NULL &&
change_user_group(nDPIsrvd_options.user,
nDPIsrvd_options.group,
nDPIsrvd_options.pidfile,
nDPIsrvd_options.collector_un_sockpath,
nDPIsrvd_options.distributor_un_sockpath) != 0 &&
if (change_user_group(get_cmdarg(&nDPIsrvd_options.user),
get_cmdarg(&nDPIsrvd_options.group),
get_cmdarg(&nDPIsrvd_options.pidfile),
get_cmdarg(&nDPIsrvd_options.collector_un_sockpath),
get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath)) != 0 &&
errno != EPERM)
{
if (errno != 0)
{
logger(1,
"Change user/group to %s/%s failed: %s",
nDPIsrvd_options.user,
(nDPIsrvd_options.group != NULL ? nDPIsrvd_options.group : "-"),
get_cmdarg(&nDPIsrvd_options.user),
(is_cmdarg_set(&nDPIsrvd_options.group) != 0 ? get_cmdarg(&nDPIsrvd_options.group) : "-"),
strerror(errno));
}
else
{
logger(1,
"Change user/group to %s/%s failed.",
nDPIsrvd_options.user,
(nDPIsrvd_options.group != NULL ? nDPIsrvd_options.group : "-"));
get_cmdarg(&nDPIsrvd_options.user),
(is_cmdarg_set(&nDPIsrvd_options.group) != 0 ? get_cmdarg(&nDPIsrvd_options.group) : "-"));
}
goto error_unlink_sockets;
}
@@ -1640,14 +1652,14 @@ int main(int argc, char ** argv)
close_event_queue(epollfd);
error_unlink_sockets:
unlink(nDPIsrvd_options.collector_un_sockpath);
unlink(nDPIsrvd_options.distributor_un_sockpath);
unlink(get_cmdarg(&nDPIsrvd_options.collector_un_sockpath));
unlink(get_cmdarg(&nDPIsrvd_options.distributor_un_sockpath));
error:
close(collector_un_sockfd);
close(distributor_un_sockfd);
close(distributor_in_sockfd);
daemonize_shutdown(nDPIsrvd_options.pidfile);
daemonize_shutdown(get_cmdarg(&nDPIsrvd_options.pidfile));
logger(0, "Bye.");
shutdown_logging();

40
utils.c
View File

@@ -6,6 +6,7 @@
#include <pwd.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifndef NO_MAIN
#include <syslog.h>
@@ -21,6 +22,42 @@ static int daemonize = 0;
static int log_to_console = 0;
static int log_to_file_fd = -1;
void set_cmdarg(struct cmdarg * const ca, char const * const val)
{
if (ca == NULL || val == NULL)
{
return;
}
free(ca->value);
ca->value = strdup(val);
}
char const * get_cmdarg(struct cmdarg const * const ca)
{
if (ca == NULL)
{
return NULL;
}
if (ca->value != NULL)
{
return ca->value;
}
return ca->default_value;
}
int is_cmdarg_set(struct cmdarg const * const ca)
{
if (ca == NULL)
{
return 0;
}
return ca->value != NULL;
}
void daemonize_enable(void)
{
daemonize = 1;
@@ -182,8 +219,7 @@ int change_user_group(char const * const user,
if (uds_collector_path != NULL)
{
errno = 0;
if (chmod(uds_collector_path, S_IRUSR | S_IWUSR) != 0 ||
chown(uds_collector_path, pwd->pw_uid, gid) != 0)
if (chmod(uds_collector_path, S_IRUSR | S_IWUSR) != 0 || chown(uds_collector_path, pwd->pw_uid, gid) != 0)
{
return -errno;
}

17
utils.h
View File

@@ -3,6 +3,23 @@
#include <stdarg.h>
#define CMDARG(_default_value) \
{ \
.value = NULL, .default_value = (_default_value) \
}
struct cmdarg
{
char * value;
char const * const default_value;
};
void set_cmdarg(struct cmdarg * const ca, char const * const val);
char const * get_cmdarg(struct cmdarg const * const ca);
int is_cmdarg_set(struct cmdarg const * const ca);
int is_path_absolute(char const * const prefix, char const * const path);
void daemonize_enable(void);