pax_global_header00006660000000000000000000000064141675354210014522gustar00rootroot0000000000000052 comment=fc231b7b98c256870c2af0b341a8a254501875b7 darkstat-3.0.721/000077500000000000000000000000001416753542100135115ustar00rootroot00000000000000darkstat-3.0.721/.gitignore000066400000000000000000000002751416753542100155050ustar00rootroot00000000000000*.o *.swp Makefile a.out autom4te.cache darkstat-* hex-ify c-ify config.h config.h.in config.log config.status configure configure.lineno darkstat darkstat.8 graphjs.h stylecss.h favicon.h darkstat-3.0.721/AUTHORS000066400000000000000000000024671416753542100145720ustar00rootroot00000000000000AUTHORS ------- - Emil Mikulic Primary maintainer. (please read the manpage before sending me an e-mail about how your graphs are all blank) Big thanks to everyone who helped out, in no particular order: - Ben Stewart Web interface design for v3, import/export code and file format design. - Chris Kuethe Security, cool patches, OpenBSD port maintainer. - Bartosz Kuzma DLT_PPP and DLT_PPP_SERIAL decoding, pkgsrc maintainer. - Claudio Leite - DLT_PPP_ETHER decoding. - Can Erkin Acar - BIOCSETWF patch. - Ingo Bressler - DLT_LINUX_SLL decoding. - Dennis Jansen Motivation for keeping memory use down, cool patches. - Anton S. Ustyuzhanin - DLT_RAW decoding. - Cristian Rodriguez - SUSE package maintainer. - Rene Mayorga - Debian package maintainer. - Cedric Delfosse - Debian package maintainer (retired). - Damian Lozinski - initial implementation of average KB/s on graphs. - Damien Clauzel - launchd config and Mac OS X instructions. - Mats Erik Andersson - for doing the IPv6 heavy lifting. Cyro W. Corte Real Filho, Jean-Edouard Babin, Leif Terrens, Moritz Grimm, Andreas Reimann, Colin Phipps, Cheng-Lung Sung, Martin Wilke, Piotr Kalina, Carlo Florendo, Malte S. Stretz, Dirk Koopman, and others. My apologies if I missed anyone - please mail any corrections to me (Emil) darkstat-3.0.721/COPYING.GPL000066400000000000000000000432541416753542100151750ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. darkstat-3.0.721/ChangeLog000066400000000000000000000205141416753542100152650ustar00rootroot00000000000000v3.0.720 (10 Jan 2022) - Improve graphs on mobile (thanks to Dallen Wilson). - Add favicon, improve CSS (thanks to Daniel Aleksandersen). - Export host statistics in Prometheus format on /metrics (thanks to flowblok). - Move to github. v3.0.719 (24 May 2015) - Implement tracking of remote ports: shows which ports the host is making outgoing connections to. Long time feature request. - Bugfix: when the capture interface goes down, exit instead of busy-looping forever. - Fix "clock error" due to machine reboot. - SIGUSR1 now resets the time and bytes reported on the graphs page. - Account for all IP protocols. - Change the default ports_max to only twice the default ports_keep. v3.0.718 (25 January 2014) - (SECURITY!) Don't chroot() by default. The user must specify a --chroot dir for this to happen now. - Bring back the "--base /path" functionality. - Add explicit warning about graphs being blank if we can't get local IPs on an interface. - Don't crash in timer_stop() if monotonic time stops or goes backwards. - Lots of internal cleanups. - Use time_t instead of "long" for time. This is more correct and should fix darkstat on OpenBSD 5.5 on 32-bit systems. v3.0.717 (14 August 2013) - (OS X only) Work around lack of clock_gettime(). - Fix crash due to str_appendf() not understanding %ld. v3.0.716 (8 August 2013) - Implement support for multiple capture interfaces. - Support multiple local IPs on an interface. - Only error out if we fail to create all HTTP sockets. In particular, this helps on IPv6-incapable platforms. - Use monotonic time over wall time where appropriate. - Portability fixes for NetBSD and OpenBSD. v3.0.715 (January 2012) - Compatibility fixes for Hurd and Solaris. - Use link-time optimization and automake-like silent rules. - Support systems without ifaddrs.h again. - Continuing fixes for IPv6 support. - Only update lastseen time for sender, not recipient. - Implement --local-only: accounting for hosts on the local net. - Make failure to bind() a socket non-fatal. - Make failure to get local IP non-fatal. - Fall back to gethostbyaddr() if getnameinfo() fails. - Fix detection of IPv4 multicast addresses. - Fix decoding on OpenBSD DLT_NULL interfaces (e.g. gif(4)) v3.0.714 (June 2011) - IPv6 support! Big ups to Mats Erik Andersson who did most of this work! - Allow sort on last-seen, thanks to Dirk Koopman. - Support multiple bind addresses. - Add --disable-debug configure flag, thanks to Malte S. Stretz. - Make it possible to export the database without resetting it: by sending SIGUSR2. - Web: Use relative URLs, so darkstat works properly behind mod_proxy, thanks to Malte S. Stretz. v3.0.713 (March 2010) - Don't require --verbose for pcap_stats. - Survive interface going down on Linux. - Support DLT_RAW, implemented by Anton S. Ustyuzhanin. - Skip accounting for hosts or ports if their max is set to zero. - Implement --hexdump for troubleshooting. - Web: Implement --no-lastseen - Implement --snaplen manual override. - Fix snaplen problem on recent (1-2 years?) Linux kernels. - Implement --syslog - Implement --wait as a NetworkManager workaround. (there were no releases made in 2009) v3.0.712 (November 2008) - Web: Add --no-macs option to hide mac addresses. Thanks Dennis! - Web: Make tables prettier. - Host detail view now triggers a DNS lookup. - Manpage tweaks, also move from section 1 to section 8. - Track and show how long ago a host was last seen. Suggested by: Prof A Olowofoyeku (The African Chief) - Show pcap_stats (like number of packets dropped) in the web interface and also upon exit. v3.0.711 (August 2008) - Split --debug into --verbose and --no-daemon - Include launchd config and instructions for running darkstat on Mac OS X. Contributed by Damien Clauzel. - Implement PPPoE decoding on ethernet iface. (--pppoe) - Web: Add automatic reload button. Thanks Dennis! - Web: Add a graph legend with min/avg/max. - Web: Remove hashtable stats pages. v3.0.708 (May 2008) - Implement limiting of number of ports tracked per host, configurable on the commandline (--ports-max) - Optionally don't track high ports (--highest-port) Thanks Dennis! - Fix rare use-after-free resulting from hosts table reduction. - Make hosts limit configurable (--hosts-max) - Option to read from capfile as alternative to live capture (really only useful for development, benchmarking) - Add the sniffed interface name to HTML reports. Thanks Chris! v3.0.707 (Sep 2007) - Fix silly bug in formatting hex. - Check for pcap.h in include/pcap/ for old RedHat-a-likes. - New commandline parser. - To stay in foreground, pass --debug instead of -d. - We can now reset all statistics at runtime (send SIGUSR1) - Make chroot dir configurable on cmdline (--chroot) - Make privdrop user configurable on cmdline (--user) - Implement daylog (brings back a v2 feature) - Import and export hosts and graphs, this brings back a fairly major v2 feature. Big ups to Ben for doing a lot of the design and implementation of this feature! Note that the v3 database format is, by design, incompatible with the v2 format. - Report average KB/s in and out on graphs. Thanks to Damian Lozinski for suggestion and first cut at the implementation. - Fix graph rotation when the delay between rotations is big enough to clear an entire graph. - Make ip_proto 8 bits wide, to match the IP header. - Implement pidfile functionality for people who prefer to handle daemons in this manner. v3.0.619 (Apr 2007) - Decode DLT_PPP and DLT_PPP_SERIAL on NetBSD, patch courtesy of Bartosz Kuzma. - Don't use pcap_setnonblock(), with help from Colin Phipps. - Reduce the number of syscalls made. - Answer FAQ about graph axes / labels / scale. - Fix build on OpenBSD (thanks Chris!) and Solaris. - Commandline arg (-n) to disable promiscuous mode when sniffing, thanks to Chris Kuethe for the implementation. - Commandline arg (-r) to disable DNS resolver. - Track and report per-host last seen MAC address. - Move FAQ into manpage. - Implement display of start time and running time. - Web: implement sorting the hosts table by in/out/total. - Web: implement paging through the hosts table. - Web: implement full view of hosts table. - Don't die if the capture interface loses its IP address. - Make daemonize (previously -d) the default, and make -D the argument to suppress it. - Commandline arg (-l) to graph traffic entering/leaving the local network as opposed to just the local IP. v2 had this. - Allow configure-time override of CHROOT_DIR and PRIVDROP_USER. - Web: new color scheme. v3.0.540 (Aug 2006) - Fix build against old libpcap (thanks Claudio) - Fix build on AIX (thanks Andreas) - Fix build warnings on NetBSD (thanks Bartosz) - Deny writes to BPF socket (thanks Can) - Reverse-resolve IPs less aggressively. - Free up the DNS queue as we process it. - Fix dns_reply silliness. - Web: tweak the look of the top bar. - Web: update total packets and bytes as part of graph update. - Decode DLT_LINUX_SLL (ippp0 on Linux), patch courtesy of Ingo Bressler v3.0.524 (Jul 2006) - Fix build on NetBSD. - Fix shutdown on Linux. - Performance improvements. - Free the mallocs. - Work around BPF being immediate on Linux. This improves performance. - Drop privileges when we don't need them. Chroot. Generally be more paranoid. Thanks to Chris Kuethe for patches and inspiration. - Daemonize. (run in the background) - Graphs: Make the entire bar have the same label (instead of different labels for in/out), add thousands separators for legibility, include the position/index (i.e. day 22) - Instead of reducing the hosts_db based on time, do it based on its size. - Implement somewhat better handling of time moving backwards - we assume that real time is monotonic and just renumber the graph bars. (time is hard) - Greatly improve IPC with the DNS child, make it more efficient and much more robust. - Decode DLT_PPP_ETHER (pppoe0 on OpenBSD), patch courtesy of Claudio Leite. v3.0.471 (Jun 2006) First public release of darkstat 3. Almost a complete rewrite since v2.6. Architecture much improved, better portability and stability. Approximate feature parity with v2, missing loading/saving DB. v2.6 (Nov 2003) End of the line for darkstat 2. vim:set noet ts=8 sts=8 sw=8 tw=72: darkstat-3.0.721/INSTALL000066400000000000000000000017541416753542100145510ustar00rootroot00000000000000Installation instructions ------------------------- $ ./configure $ make $ make install Quickstart ---------- $ darkstat -i eth0 Slightly slower start --------------------- $ man darkstat Packaging --------- The install target respects DESTDIR. If you are packaging darkstat or installing into a chroot, you can: $ make install DESTDIR=/chroot/whatever Portability ----------- I, the darkstat maintainer, mostly develop darkstat on Debian GNU/Linux, but mostly run darkstat on FreeBSD. darkstat usually builds out-of-the-box on FreeBSD, although you should probably install it from ports. In the past, darkstat has also been reported to work on: - Solaris (with Sun C 5.8, and libpcap installed) - Fedora Core (with libpcap-devel installed) - OpenBSD - NetBSD - Mac OS X - AIX - Ubuntu (you need build-essential, zlib1g-dev, libpcap-dev) - Mandrake - OpenSUSE Sadly, darkstat doesn't run on GNU/Hurd 0.3 because the BPF there doesn't support non-blocking operation (FIONBIO). darkstat-3.0.721/LICENSE000066400000000000000000000010501416753542100145120ustar00rootroot00000000000000Parts of the darkstat source code are covered by a BSD license (actually closer to the ISC license template favored by the OpenBSD project). These are usually the more generalized, reusable parts of the code. Other parts of the darkstat code are covered by the GPL. These other parts are usually not generic code, but are specific to darkstat and its purpose. All of the source code is clearly annotated to show which license covers which parts. Due to the viral nature of the GPL, once linked, the entire darkstat binary is infected with the GPL. darkstat-3.0.721/Makefile.in000066400000000000000000000105741416753542100155650ustar00rootroot00000000000000# vim:set ts=8 sw=8 sts=8 noet: # # darkstat 3 # copyright (c) 2001-2016 Emil Mikulic. # # You may use, modify and redistribute this file under the terms of the # GNU General Public License version 2. (see COPYING.GPL) CC = @CC@ CFLAGS = @CFLAGS@ CPPFLAGS = @CPPFLAGS@ INSTALL = @INSTALL@ LDFLAGS = @LDFLAGS@ LIBS = @LIBS@ HOSTCC ?= $(CC) HOSTCFLAGS ?= $(CFLAGS) prefix = @prefix@ exec_prefix = @exec_prefix@ sbindir = @sbindir@ datarootdir = @datarootdir@ mandir = @mandir@ SRCS = \ acct.c \ addr.c \ bsd.c \ cap.c \ conv.c \ darkstat.c \ daylog.c \ db.c \ decode.c \ dns.c \ err.c \ graph_db.c \ hosts_db.c \ hosts_sort.c \ html.c \ http.c \ localip.c \ ncache.c \ now.c \ pidfile.c \ str.c OBJS = $(SRCS:%.c=%.o) STATICHS = \ favicon.h \ stylecss.h \ graphjs.h all: darkstat darkstat: $(OBJS) $(AM_V_LINK) $(AM_V_at)$(CC) $(CFLAGS) $(OBJS) $(LDFLAGS) $(LIBS) -o $@ .c.o: $(AM_V_CC) $(AM_V_at)$(CC) $(CPPFLAGS) $(CFLAGS) -c $< -o $@ clean: rm -f darkstat rm -f $(OBJS) rm -f $(STATICHS) rm -f hex-ify c-ify depend: config.status $(STATICHS) cp Makefile.in Makefile.in.old sed '/^# Automatically generated dependencies$$/,$$d' \ Makefile.in echo "# Automatically generated dependencies" >>Makefile.in $(CC) $(CPPFLAGS) -MM $(SRCS) >>Makefile.in ./config.status rm -f Makefile.in.old favicon.h: static/favicon.png hex-ify $(AM_V_HEXIFY) $(AM_V_at)./hex-ify favicon_png $@ graphjs.h: static/graph.js c-ify $(AM_V_CIFY) $(AM_V_at)./c-ify graph_js $@ stylecss.h: static/style.css c-ify $(AM_V_CIFY) $(AM_V_at)./c-ify style_css $@ hex-ify: static/hex-ify.c $(AM_V_HOSTCC) $(AM_V_at)$(HOSTCC) $(HOSTCFLAGS) static/hex-ify.c -o $@ c-ify: static/c-ify.c $(AM_V_HOSTCC) $(AM_V_at)$(HOSTCC) $(HOSTCFLAGS) static/c-ify.c -o $@ install: darkstat $(INSTALL) -d $(DESTDIR)$(sbindir) $(INSTALL) -m 555 darkstat $(DESTDIR)$(sbindir) $(INSTALL) -d $(DESTDIR)$(mandir)/man8 $(INSTALL) -m 444 darkstat.8 $(DESTDIR)$(mandir)/man8 .PHONY: all install clean depend # silent-rules AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AM_V_CC = $(am__v_CC_$(V)) am__v_CC_ = $(am__v_CC_$(AM_DEFAULT_VERBOSITY)) am__v_CC_0 = @echo " CC " $@; AM_V_LINK = $(am__v_LINK_$(V)) am__v_LINK_ = $(am__v_LINK_$(AM_DEFAULT_VERBOSITY)) am__v_LINK_0 = @echo " LINK " $@; AM_V_HOSTCC = $(am__v_HOSTCC_$(V)) am__v_HOSTCC_ = $(am__v_HOSTCC_$(AM_DEFAULT_VERBOSITY)) am__v_HOSTCC_0 = @echo " HOSTCC" $@; AM_V_CIFY = $(am__v_CIFY_$(V)) am__v_CIFY_ = $(am__v_CIFY_$(AM_DEFAULT_VERBOSITY)) am__v_CIFY_0 = @echo " C-IFY " $@; AM_V_HEXIFY = $(am__v_HEXIFY_$(V)) am__v_HEXIFY_ = $(am__v_HEXIFY_$(AM_DEFAULT_VERBOSITY)) am__v_HEXIFY_0 = @echo " HEX-IFY " $@; AM_V_at = $(am__v_at_$(V)) am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY)) am__v_at_0 = @ # Automatically generated dependencies acct.o: acct.c acct.h decode.h addr.h conv.h daylog.h graph_db.h err.h \ cdefs.h hosts_db.h localip.h now.h opt.h addr.o: addr.c addr.h bsd.o: bsd.c bsd.h config.h cdefs.h cap.o: cap.c acct.h cdefs.h cap.h config.h conv.h decode.h addr.h err.h \ hosts_db.h localip.h now.h opt.h queue.h str.h conv.o: conv.c conv.h err.h cdefs.h darkstat.o: darkstat.c acct.h cap.h cdefs.h config.h conv.h daylog.h \ graph_db.h db.h dns.h err.h hosts_db.h addr.h http.h localip.h ncache.h \ now.h pidfile.h str.h daylog.o: daylog.c cdefs.h err.h daylog.h graph_db.h str.h now.h db.o: db.c err.h cdefs.h hosts_db.h addr.h graph_db.h db.h decode.o: decode.c cdefs.h decode.h addr.h err.h opt.h dns.o: dns.c cdefs.h cap.h conv.h decode.h addr.h dns.h err.h hosts_db.h \ queue.h str.h tree.h bsd.h config.h err.o: err.c cdefs.h err.h opt.h pidfile.h bsd.h config.h graph_db.o: graph_db.c cap.h conv.h db.h acct.h err.h cdefs.h str.h \ html.h graph_db.h now.h opt.h hosts_db.o: hosts_db.c cdefs.h conv.h decode.h addr.h dns.h err.h \ hosts_db.h db.h html.h ncache.h now.h opt.h str.h hosts_sort.o: hosts_sort.c cdefs.h err.h hosts_db.h addr.h html.o: html.c config.h str.h cdefs.h html.h opt.h http.o: http.c cdefs.h config.h conv.h err.h graph_db.h hosts_db.h addr.h \ http.h now.h queue.h str.h stylecss.h graphjs.h favicon.h localip.o: localip.c addr.h bsd.h config.h conv.h err.h cdefs.h localip.h \ now.h ncache.o: ncache.c conv.h err.h cdefs.h ncache.h tree.h bsd.h config.h now.o: now.c err.h cdefs.h now.h str.h pidfile.o: pidfile.c err.h cdefs.h str.h pidfile.h str.o: str.c conv.h err.h cdefs.h str.h darkstat-3.0.721/NEWS000066400000000000000000000020341416753542100142070ustar00rootroot00000000000000Changes to defaults, most recent first: - After v3.0.717, the user must specify a --chroot dir for chroot() to happen. We don't set a default in the configure script anymore. - After v3.0.708, --debug was split into --verbose and --no-daemon. - Since v3.0.694, darkstat is able to save its internal database into a file and reload it on startup. The file format is, by design, incompatible with the format from darkstat v2. - After v3.0.626, daemonizing can be suppressed with the "--debug" commandline argument, to force darkstat to stay in the foreground for debugging purposes. The "-d" argument is no longer recognized, and will prevent darkstat from starting, so make sure you adjust any startup scripts you may have. - v3.0.540 and earlier defaulted to running in the foreground and had a "-d" commandline argument to get darkstat to daemonize, detach from the controlling terminal, and run in the background. After 540, the default has been inverted. darkstat will daemonize by default. vim:set noet ts=8 sw=8 tw=80: darkstat-3.0.721/README.git000066400000000000000000000016621416753542100151600ustar00rootroot00000000000000These instructions are for developers and other people building darkstat from git instead of a release tarball. This file shouldn't end up in a release tarball or a binary package (like *.deb) To build the latest version of darkstat from git, do: git clone https://github.com/emikulic/darkstat cd darkstat autoconf autoheader ./configure --enable-warnings make Test the binary without daemonizing it (running it in the background): sudo ./darkstat -i eth0 --no-daemon --verbose To view the manpage: nroff -man darkstat.8 | less To build with sanitizers: CFLAGS="-g -fsanitize=address -fsanitize=undefined" ./configure To see what make is doing: make V=1 Suggested valgrind invocation: (note that valgrind doesn't work with a -fsanitize=address build) sudo valgrind --leak-check=full --show-reachable=yes ./darkstat -i eth0 --no-daemon --verbose --chroot $PWD --export DB --import DB --daylog DAYLOG --user $USER darkstat-3.0.721/README.md000066400000000000000000000011331416753542100147660ustar00rootroot00000000000000# darkstat https://unix4lyfe.org/darkstat/ darkstat is a network statistics gatherer. It sniffs packets on a specified interface, accumulates statistics, and serves them up over HTTP. See the "AUTHORS" file for credits, and who to e-mail when things break. See the "LICENSE" file for an explanation of the source code licensing. See the "INSTALL" file for installation instructions. See the "darkstat.8" manual page for usage instructions. If your system doesn't have enough copies of the full text of the GNU General Public License already, we have provided another one in the "COPYING.GPL" file. darkstat-3.0.721/acct.c000066400000000000000000000215141416753542100145720ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * acct.c: traffic accounting * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "acct.h" #include "decode.h" #include "conv.h" #include "daylog.h" #include "err.h" #include "hosts_db.h" #include "localip.h" #include "now.h" #include "opt.h" #define __FAVOR_BSD #include #include #include #include /* for isdigit */ #include /* for gai_strerror */ #include /* for free */ #include /* for memcpy */ uint64_t acct_total_packets = 0, acct_total_bytes = 0; static int using_localnet4 = 0, using_localnet6 = 0; static struct addr localnet4, localmask4, localnet6, localmask6; /* Parse the net/mask specification into two IPs or die trying. */ void acct_init_localnet(const char *spec) { char **tokens; unsigned int num_tokens; int isnum, j, ret; int pfxlen, octets, remainder; struct addr localnet, localmask; tokens = split('/', spec, &num_tokens); if (num_tokens != 2) errx(1, "expecting network/netmask, got \"%s\"", spec); if ((ret = str_to_addr(tokens[0], &localnet)) != 0) errx(1, "couldn't parse \"%s\": %s", tokens[0], gai_strerror(ret)); /* Detect a purely numeric argument. */ isnum = 0; { const char *p = tokens[1]; while (*p != '\0') { if (isdigit(*p)) { isnum = 1; ++p; continue; } else { isnum = 0; break; } } } if (!isnum) { if ((ret = str_to_addr(tokens[1], &localmask)) != 0) errx(1, "couldn't parse \"%s\": %s", tokens[1], gai_strerror(ret)); if (localmask.family != localnet.family) errx(1, "family mismatch between net and mask"); } else { uint8_t frac, *p; char *endptr; localmask.family = localnet.family; /* Compute the prefix length. */ pfxlen = (unsigned int)strtol(tokens[1], &endptr, 10); if ((pfxlen < 0) || ((localnet.family == IPv6) && (pfxlen > 128)) || ((localnet.family == IPv4) && (pfxlen > 32)) || (tokens[1][0] == '\0') || (*endptr != '\0')) errx(1, "invalid network prefix length \"%s\"", tokens[1]); /* Construct the network mask. */ octets = pfxlen / 8; remainder = pfxlen % 8; p = (localnet.family == IPv6) ? (localmask.ip.v6.s6_addr) : ((uint8_t *) &(localmask.ip.v4)); if (localnet.family == IPv6) memset(p, 0, 16); else memset(p, 0, 4); for (j = 0; j < octets; ++j) p[j] = 0xff; frac = (uint8_t)(0xff << (8 - remainder)); if (frac) p[j] = frac; /* Have contribution for next position. */ } free(tokens[0]); free(tokens[1]); free(tokens); /* Register the correct netmask and calculate the correct net. */ addr_mask(&localnet, &localmask); if (localnet.family == IPv6) { using_localnet6 = 1; localnet6 = localnet; localmask6 = localmask; } else { using_localnet4 = 1; localnet4 = localnet; localmask4 = localmask; } verbosef("local network address: %s", addr_to_str(&localnet)); verbosef(" local network mask: %s", addr_to_str(&localmask)); } static int addr_is_local(const struct addr * const a, const struct local_ips *local_ips) { if (is_localip(a, local_ips)) return 1; if (a->family == IPv4 && using_localnet4) { if (addr_inside(a, &localnet4, &localmask4)) return 1; } else if (a->family == IPv6 && using_localnet6) { if (addr_inside(a, &localnet6, &localmask6)) return 1; } return 0; } /* Account for the given packet summary. */ void acct_for(const struct pktsummary * const sm, const struct local_ips * const local_ips) { struct bucket *hs = NULL; // Source host. struct bucket *hd = NULL; // Dest host. int dir_in, dir_out; #if 0 /* WANT_CHATTY? */ printf("%15s > ", addr_to_str(&sm->src)); printf("%15s ", addr_to_str(&sm->dst)); printf("len %4d proto %2d", sm->len, sm->proto); if (sm->proto == IPPROTO_TCP || sm->proto == IPPROTO_UDP) printf(" port %5d : %5d", sm->src_port, sm->dst_port); if (sm->proto == IPPROTO_TCP) printf(" %s%s%s%s%s%s", (sm->tcp_flags & TH_FIN)?"F":"", (sm->tcp_flags & TH_SYN)?"S":"", (sm->tcp_flags & TH_RST)?"R":"", (sm->tcp_flags & TH_PUSH)?"P":"", (sm->tcp_flags & TH_ACK)?"A":"", (sm->tcp_flags & TH_URG)?"U":"" ); printf("\n"); #endif /* Totals. */ acct_total_packets++; acct_total_bytes += sm->len; /* Graphs. */ dir_out = addr_is_local(&sm->src, local_ips); dir_in = addr_is_local(&sm->dst, local_ips); /* Traffic staying within the network isn't counted. */ if (dir_out && !dir_in) { daylog_acct((uint64_t)sm->len, GRAPH_OUT); graph_acct((uint64_t)sm->len, GRAPH_OUT); } if (dir_in && !dir_out) { daylog_acct((uint64_t)sm->len, GRAPH_IN); graph_acct((uint64_t)sm->len, GRAPH_IN); } if (opt_hosts_max == 0) return; /* skip per-host accounting */ /* Hosts. */ hosts_db_reduce(); if (!opt_want_local_only || dir_out) { hs = host_get(&(sm->src)); hs->out += sm->len; hs->total += sm->len; memcpy(hs->u.host.mac_addr, sm->src_mac, sizeof(sm->src_mac)); hs->u.host.last_seen_mono = now_mono(); } if (!opt_want_local_only || dir_in) { hd = host_get(&(sm->dst)); hd->in += sm->len; hd->total += sm->len; memcpy(hd->u.host.mac_addr, sm->dst_mac, sizeof(sm->dst_mac)); /* * Don't update recipient's last seen time, we don't know that * they received successfully. */ } /* Protocols. */ if (sm->proto != IPPROTO_INVALID) { if (hs) { struct bucket *ps = host_get_ip_proto(hs, sm->proto); ps->out += sm->len; ps->total += sm->len; } if (hd) { struct bucket *pd = host_get_ip_proto(hd, sm->proto); pd->in += sm->len; pd->total += sm->len; } } if (opt_ports_max == 0) return; /* skip ports accounting */ /* Ports. */ switch (sm->proto) { case IPPROTO_TCP: // Local ports on host. if ((sm->src_port <= opt_highest_port) && hs) { struct bucket *ps = host_get_port_tcp(hs, sm->src_port); ps->out += sm->len; ps->total += sm->len; } if ((sm->dst_port <= opt_highest_port) && hd) { struct bucket *pd = host_get_port_tcp(hd, sm->dst_port); pd->in += sm->len; pd->total += sm->len; if (sm->tcp_flags == TH_SYN) pd->u.port_tcp.syn++; } // Remote ports. if ((sm->src_port <= opt_highest_port) && hd) { struct bucket *pdr = host_get_port_tcp_remote(hd, sm->src_port); pdr->out += sm->len; pdr->total += sm->len; } if ((sm->dst_port <= opt_highest_port) && hs) { struct bucket *psr = host_get_port_tcp_remote(hs, sm->dst_port); psr->in += sm->len; psr->total += sm->len; if (sm->tcp_flags == TH_SYN) psr->u.port_tcp.syn++; } break; case IPPROTO_UDP: // Local ports on host. if ((sm->src_port <= opt_highest_port) && hs) { struct bucket *ps = host_get_port_udp(hs, sm->src_port); ps->out += sm->len; ps->total += sm->len; } if ((sm->dst_port <= opt_highest_port) && hd) { struct bucket *pd = host_get_port_udp(hd, sm->dst_port); pd->in += sm->len; pd->total += sm->len; } // Remote ports. if ((sm->src_port <= opt_highest_port) && hd) { struct bucket *pdr = host_get_port_udp_remote(hd, sm->src_port); pdr->out += sm->len; pdr->total += sm->len; } if ((sm->dst_port <= opt_highest_port) && hs) { struct bucket *psr = host_get_port_udp_remote(hs, sm->dst_port); psr->in += sm->len; psr->total += sm->len; } break; case IPPROTO_INVALID: /* proto decoding failed, don't complain in accounting */ break; } } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/acct.h000066400000000000000000000006171416753542100146000ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * acct.h: traffic accounting */ #include struct pktsummary; struct local_ips; extern uint64_t acct_total_packets, acct_total_bytes; void acct_init_localnet(const char *spec); void acct_for(const struct pktsummary * const sm, const struct local_ips * const local_ips); /* vim:set ts=3 sw=3 tw=80 expandtab: */ darkstat-3.0.721/addr.c000066400000000000000000000045631416753542100145770ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2011 Emil Mikulic. * * addr.c: compound IPv4/IPv6 address * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "addr.h" #include /* for inet_ntop */ #include #include /* for memcmp */ #include /* for getaddrinfo */ int addr_equal(const struct addr * const a, const struct addr * const b) { if (a->family != b->family) return 0; if (a->family == IPv4) return (a->ip.v4 == b->ip.v4); else { assert(a->family == IPv6); return (memcmp(&(a->ip.v6), &(b->ip.v6), sizeof(a->ip.v6)) == 0); } } static char _addrstrbuf[INET6_ADDRSTRLEN]; const char *addr_to_str(const struct addr * const a) { if (a->family == IPv4) { struct in_addr in; in.s_addr = a->ip.v4; return (inet_ntoa(in)); } else { assert(a->family == IPv6); inet_ntop(AF_INET6, &(a->ip.v6), _addrstrbuf, sizeof(_addrstrbuf)); return (_addrstrbuf); } } int str_to_addr(const char *s, struct addr *a) { struct addrinfo hints, *ai; int ret; memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_flags = AI_NUMERICHOST; if ((ret = getaddrinfo(s, NULL, &hints, &ai)) != 0) return (ret); if (ai->ai_family == AF_INET) { a->family = IPv4; a->ip.v4 = ((const struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr; } else if (ai->ai_family == AF_INET6) { a->family = IPv6; memcpy(&(a->ip.v6), ((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr.s6_addr, sizeof(a->ip.v6)); } else { ret = EAI_FAMILY; } freeaddrinfo(ai); return (ret); } void addr_mask(struct addr *a, const struct addr * const mask) { assert(a->family == mask->family); if (a->family == IPv4) a->ip.v4 &= mask->ip.v4; else { size_t i; assert(a->family == IPv6); for (i=0; iip.v6.s6_addr); i++) a->ip.v6.s6_addr[i] &= mask->ip.v6.s6_addr[i]; } } int addr_inside(const struct addr * const a, const struct addr * const net, const struct addr * const mask) { struct addr masked; assert(a->family == net->family); assert(a->family == mask->family); masked = *a; addr_mask(&masked, mask); return (addr_equal(&masked, net)); } /* vim:set ts=3 sw=3 tw=78 et: */ darkstat-3.0.721/addr.h000066400000000000000000000020501416753542100145710ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2011 Emil Mikulic. * * addr.h: compound IPv4/IPv6 address * (because struct sockaddr_storage stores too much) * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #ifndef __DARKSTAT_ADDR_H #define __DARKSTAT_ADDR_H #include /* for in_addr_t, at least on OpenBSD */ #include /* for AF_INET6 */ #include /* for in6_addr */ struct addr { union { in_addr_t v4; struct in6_addr v6; } ip; enum { IPv4 = 4, IPv6 = 6 } family; }; int addr_equal(const struct addr * const a, const struct addr * const b); const char *addr_to_str(const struct addr * const a); void addr_mask(struct addr *a, const struct addr * const mask); int addr_inside(const struct addr * const a, const struct addr * const net, const struct addr * const mask); /* Returns 0 on success, gai_strerror() code otherwise. */ int str_to_addr(const char *s, struct addr *a); #endif /* vim:set ts=3 sw=3 tw=78 et: */ darkstat-3.0.721/bsd.c000066400000000000000000000111071416753542100144250ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2011 Emil Mikulic. * * bsd.c: *BSD compatibility. * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "bsd.h" #include "cdefs.h" #include "config.h" #include /* for strlen */ /* strlcpy() and strlcat() are derived from: * * $OpenBSD: strlcpy.c,v 1.4 * $FreeBSD: src/lib/libc/string/strlcpy.c,v 1.8 * * $OpenBSD: strlcat.c,v 1.2 * $FreeBSD: src/lib/libc/string/strlcat.c,v 1.10 * * under the following license: * * Copyright (c) 1998 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef HAVE_STRLCPY /* * Copy src to string dst of size siz. At most siz-1 characters * will be copied. Always NUL terminates (unless siz == 0). * Returns strlen(src); if retval >= siz, truncation occurred. */ size_t strlcpy(char * restrict dst, const char * restrict src, const size_t siz) { char *d = dst; const char *s = src; size_t n = siz; /* Copy as many bytes as will fit */ if (n != 0 && --n != 0) { do { if ((*d++ = *s++) == 0) break; } while (--n != 0); } /* Not enough room in dst, add NUL and traverse rest of src */ if (n == 0) { if (siz != 0) *d = '\0'; /* NUL-terminate dst */ while (*s++) ; } return (size_t)(s - src - 1); /* count does not include NUL */ } #endif #ifndef HAVE_STRLCAT /* * Appends src to string dst of size siz (unlike strncat, siz is the * full size of dst, not space left). At most siz-1 characters * will be copied. Always NUL terminates (unless siz <= strlen(dst)). * Returns strlen(src) + MIN(siz, strlen(initial dst)). * If retval >= siz, truncation occurred. */ size_t strlcat(char * restrict dst, const char * restrict src, const size_t siz) { char *d = dst; const char *s = src; size_t n = siz; size_t dlen; /* Find the end of dst and adjust bytes left but don't go past end */ while (n-- != 0 && *d != '\0') d++; dlen = (size_t)(d - dst); n = siz - dlen; if (n == 0) return(dlen + strlen(s)); while (*s != '\0') { if (n != 1) { *d++ = *s; n--; } s++; } *d = '\0'; return (dlen + (size_t)(s - src)); /* count does not include NUL */ } #endif /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/bsd.h000066400000000000000000000010261416753542100144310ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2011-2014 Emil Mikulic. * * bsd.h: *BSD compatibility. */ #include #include "config.h" #ifdef HAVE_BSD_STRING_H # include #endif #ifdef HAVE_BSD_UNISTD_H # include #endif #ifndef HAVE_STRLCPY size_t strlcpy(char *dst, const char *src, size_t siz); #endif #ifndef HAVE_STRLCAT size_t strlcat(char *dst, const char *src, size_t siz); #endif #ifndef HAVE_SETPROCTITLE #define setproctitle(fmt) /* no-op */ #endif /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/cap.c000066400000000000000000000354241416753542100144300ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * cap.c: capture packets, and hand them off to decode and acct. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "acct.h" #include "cdefs.h" #include "cap.h" #include "config.h" #include "conv.h" #include "decode.h" #include "err.h" #include "hosts_db.h" #include "localip.h" #include "now.h" #include "opt.h" #include "queue.h" #include "str.h" #include #include #include #include #ifdef HAVE_SYS_FILIO_H # include /* Solaris' FIONBIO hides here */ #endif #include #include #include #include #include #include char *title_interfaces = NULL; /* for html.c */ /* The cap process life-cycle: * - cap_add_ifname() one or more times * - cap_add_filter() zero or more times * - cap_start() once to start listening * Once per main loop: * - cap_fd_set() to update the select() set * - cap_poll() to read from ready pcap fds * Shutdown: * - cap_stop() */ struct strnode { STAILQ_ENTRY(strnode) entries; const char *str; }; struct cap_iface { STAILQ_ENTRY(cap_iface) entries; const char *name; const char *filter; pcap_t *pcap; int fd; const struct linkhdr *linkhdr; struct local_ips local_ips; }; static STAILQ_HEAD(cli_ifnames_head, strnode) cli_ifnames = STAILQ_HEAD_INITIALIZER(cli_ifnames); static STAILQ_HEAD(cli_filters_head, strnode) cli_filters = STAILQ_HEAD_INITIALIZER(cli_filters); static STAILQ_HEAD(cap_ifs_head, cap_iface) cap_ifs = STAILQ_HEAD_INITIALIZER(cap_ifs); /* The read timeout passed to pcap_open_live() */ #define CAP_TIMEOUT_MSEC 500 void cap_add_ifname(const char *ifname) { struct strnode *n = xmalloc(sizeof(*n)); n->str = ifname; STAILQ_INSERT_TAIL(&cli_ifnames, n, entries); } void cap_add_filter(const char *filter) { struct strnode *n = xmalloc(sizeof(*n)); n->str = filter; STAILQ_INSERT_TAIL(&cli_filters, n, entries); } static void cap_set_filter(pcap_t *pcap, const char *filter) { struct bpf_program prog; char *tmp_filter; if (filter == NULL) return; tmp_filter = xstrdup(filter); if (pcap_compile( pcap, &prog, tmp_filter, 1, /* optimize */ 0) /* netmask */ == -1) errx(1, "pcap_compile(): %s", pcap_geterr(pcap)); if (pcap_setfilter(pcap, &prog) == -1) errx(1, "pcap_setfilter(): %s", pcap_geterr(pcap)); pcap_freecode(&prog); free(tmp_filter); } /* Start capturing on just one interface. Called from cap_start(). */ static void cap_start_one(struct cap_iface *iface, const int promisc) { char errbuf[PCAP_ERRBUF_SIZE], *tmp_device; int linktype, snaplen, waited; /* pcap wants a non-const interface name string */ tmp_device = xstrdup(iface->name); if (iface->filter) verbosef("capturing on interface '%s' with filter '%s'", tmp_device, iface->filter); else verbosef("capturing on interface '%s' with no filter", tmp_device); /* Open packet capture descriptor. */ waited = 0; for (;;) { errbuf[0] = '\0'; /* zero length string */ iface->pcap = pcap_open_live( tmp_device, 1, /* snaplen, irrelevant at this point */ 0, /* promisc, also irrelevant */ CAP_TIMEOUT_MSEC, errbuf); if (iface->pcap != NULL) break; /* success! */ if ((opt_wait_secs != -1) && strstr(errbuf, "device is not up")) { if ((opt_wait_secs > 0) && (waited >= opt_wait_secs)) errx(1, "waited %d secs, giving up: pcap_open_live(): %s", waited, errbuf); verbosef("waited %d secs, interface is not up", waited); sleep(1); waited++; } else errx(1, "pcap_open_live(): %s", errbuf); } /* Work out the linktype and what snaplen we need. */ linktype = pcap_datalink(iface->pcap); verbosef("linktype is %d", linktype); if ((linktype == DLT_EN10MB) && opt_want_macs) hosts_db_show_macs = 1; iface->linkhdr = getlinkhdr(linktype); if (iface->linkhdr == NULL) errx(1, "unknown linktype %d", linktype); if (iface->linkhdr->decoder == NULL) errx(1, "no decoder for linktype %d", linktype); snaplen = getsnaplen(iface->linkhdr); if (opt_want_pppoe) { snaplen += PPPOE_HDR_LEN; if (linktype != DLT_EN10MB) errx(1, "can't do PPPoE decoding on a non-Ethernet linktype"); } verbosef("calculated snaplen minimum %d", snaplen); #ifdef linux /* FIXME: actually due to libpcap moving to mmap (!!!) * work out which version and fix the way we do capture * on linux: */ /* Ubuntu 9.04 has a problem where requesting snaplen <= 60 will * give us 42 bytes, and we need at least 54 for TCP headers. * * Hack to set minimum snaplen to tcpdump's default: */ snaplen = MAX(snaplen, 96); #endif if (opt_want_snaplen > -1) snaplen = opt_want_snaplen; verbosef("using snaplen %d", snaplen); /* Close and re-open pcap to use the new snaplen. */ pcap_close(iface->pcap); errbuf[0] = '\0'; /* zero length string */ iface->pcap = pcap_open_live( tmp_device, snaplen, promisc, CAP_TIMEOUT_MSEC, errbuf); if (iface->pcap == NULL) errx(1, "pcap_open_live(): %s", errbuf); if (errbuf[0] != '\0') /* not zero length anymore -> warning */ warnx("pcap_open_live() warning: %s", errbuf); free(tmp_device); if (promisc) verbosef("capturing in promiscuous mode"); else verbosef("capturing in non-promiscuous mode"); cap_set_filter(iface->pcap, iface->filter); iface->fd = pcap_fileno(iface->pcap); /* set non-blocking */ #ifdef linux if (pcap_setnonblock(iface->pcap, 1, errbuf) == -1) errx(1, "pcap_setnonblock(): %s", errbuf); #else { int one = 1; if (ioctl(iface->fd, FIONBIO, &one) == -1) err(1, "ioctl(iface->fd, FIONBIO)"); } #endif #ifdef BIOCSETWF { /* Deny all writes to the socket */ struct bpf_insn bpf_wfilter[] = { BPF_STMT(BPF_RET+BPF_K, 0) }; int wf_len = sizeof(bpf_wfilter) / sizeof(struct bpf_insn); struct bpf_program pr; pr.bf_len = wf_len; pr.bf_insns = bpf_wfilter; if (ioctl(iface->fd, BIOCSETWF, &pr) == -1) err(1, "ioctl(iface->fd, BIOCSETFW)"); verbosef("filtered out BPF writes"); } #endif #ifdef BIOCLOCK /* set "locked" flag (no reset) */ if (ioctl(iface->fd, BIOCLOCK) == -1) err(1, "ioctl(iface->fd, BIOCLOCK)"); verbosef("locked down BPF for security"); #endif } void cap_start(const int promisc) { struct str *ifs = str_make(); assert(STAILQ_EMPTY(&cap_ifs)); if (STAILQ_EMPTY(&cli_ifnames)) errx(1, "no interfaces specified"); /* For each ifname */ while (!STAILQ_EMPTY(&cli_ifnames)) { struct strnode *ifname, *filter = NULL; struct cap_iface *iface = xmalloc(sizeof(*iface)); ifname = STAILQ_FIRST(&cli_ifnames); STAILQ_REMOVE_HEAD(&cli_ifnames, entries); if (!STAILQ_EMPTY(&cli_filters)) { filter = STAILQ_FIRST(&cli_filters); STAILQ_REMOVE_HEAD(&cli_filters, entries); } iface->name = ifname->str; iface->filter = (filter == NULL) ? NULL : filter->str; iface->pcap = NULL; iface->fd = -1; iface->linkhdr = NULL; localip_init(&iface->local_ips); STAILQ_INSERT_TAIL(&cap_ifs, iface, entries); cap_start_one(iface, promisc); free(ifname); if (filter) free(filter); if (str_len(ifs) == 0) str_append(ifs, iface->name); else str_appendf(ifs, ", %s", iface->name); } verbosef("all capture interfaces prepared"); /* Deallocate extra filters, if any. */ while (!STAILQ_EMPTY(&cli_filters)) { struct strnode *filter = STAILQ_FIRST(&cli_filters); verbosef("ignoring extraneous filter '%s'", filter->str); STAILQ_REMOVE_HEAD(&cli_filters, entries); free(filter); } str_appendn(ifs, "", 1); /* NUL terminate */ { size_t _; str_extract(ifs, &_, &title_interfaces); } } #ifdef linux # define _unused_on_linux_ _unused_ # define _unused_otherwise_ #else # define _unused_on_linux_ # define _unused_otherwise_ _unused_ #endif /* * Set pcap_fd in the given fd_set. */ void cap_fd_set(fd_set *read_set _unused_on_linux_, int *max_fd _unused_on_linux_, struct timeval *timeout _unused_otherwise_, int *need_timeout) { assert(*need_timeout == 0); /* we're first to get a shot at the fd_set */ #ifdef linux /* * Linux's BPF is immediate, so don't select() as it will lead to horrible * performance. Instead, use a timeout for buffering. */ *need_timeout = 1; timeout->tv_sec = 0; timeout->tv_usec = CAP_TIMEOUT_MSEC * 1000; #else { struct cap_iface *iface; STAILQ_FOREACH(iface, &cap_ifs, entries) { /* We have a BSD-like BPF, we can select() on it. */ FD_SET(iface->fd, read_set); *max_fd = MAX(*max_fd, iface->fd); } } #endif } unsigned int cap_pkts_recv = 0, cap_pkts_drop = 0; static void cap_stats_update(void) { struct cap_iface *iface; cap_pkts_recv = 0; cap_pkts_drop = 0; STAILQ_FOREACH(iface, &cap_ifs, entries) { struct pcap_stat ps; if (pcap_stats(iface->pcap, &ps) != 0) { warnx("pcap_stats('%s'): %s", iface->name, pcap_geterr(iface->pcap)); return; } cap_pkts_recv += ps.ps_recv; cap_pkts_drop += ps.ps_drop; } } /* Print hexdump of received packet to stdout, for debugging. */ static void hexdump(const u_char *buf, const uint32_t len, const struct linkhdr *linkhdr) { uint32_t i, col; printf("packet of %u bytes:\n", len); for (i=0, col=0; ihdrlen) printf("|"); /* marks end of link headers (e.g. ethernet) */ else printf(" "); col += 3; if (col >= 72) { printf("\n"); col = 0; } } if (col != 0) printf("\n"); printf("\n"); } /* Callback function for pcap_dispatch() which chains to the decoder specified * in the linkhdr struct. */ static void callback(u_char *user, const struct pcap_pkthdr *pheader, const u_char *pdata) { const struct cap_iface * const iface = (struct cap_iface *)user; struct pktsummary sm; if (opt_want_hexdump) hexdump(pdata, pheader->caplen, iface->linkhdr); memset(&sm, 0, sizeof(sm)); if (iface->linkhdr->decoder(pheader, pdata, &sm)) acct_for(&sm, &iface->local_ips); } /* Process any packets currently in the capture buffer. * Returns 0 on error (usually means the interface went down). */ int cap_poll(fd_set *read_set _unused_on_linux_) { struct cap_iface *iface; static int told = 0; STAILQ_FOREACH(iface, &cap_ifs, entries) { /* Once per capture poll, check our IP address. It's used in accounting * for traffic graphs. */ localip_update(iface->name, &iface->local_ips); if (!told && iface->local_ips.num_addrs == 0) { verbosef("interface '%s' has no addresses, " "your graphs will be blank", iface->name); verbosef("please read the darkstat manpage, " "and consider using the -l option"); told = 1; } for (;;) { struct timespec t; int ret; timer_start(&t); ret = pcap_dispatch( iface->pcap, -1, /* count = entire buffer */ callback, (u_char*)iface); /* user = struct to pass to callback */ timer_stop(&t, 2 * CAP_TIMEOUT_MSEC * 1000000, "pcap_dispatch took too long"); if (ret < 0) { warnx("pcap_dispatch('%s'): %s", iface->name, pcap_geterr(iface->pcap)); return 0; } #if 0 /* debugging */ verbosef("iface '%s' got %d pkts", iface->name, ret); #endif #ifdef linux /* keep looping until we've dispatched all the outstanding packets */ if (ret == 0) break; #else /* we get them all on the first shot */ break; #endif } } cap_stats_update(); return 1; } void cap_stop(void) { while (!STAILQ_EMPTY(&cap_ifs)) { struct cap_iface *iface = STAILQ_FIRST(&cap_ifs); STAILQ_REMOVE_HEAD(&cap_ifs, entries); pcap_close(iface->pcap); localip_free(&iface->local_ips); free(iface); } free(title_interfaces); title_interfaces = NULL; } /* This is only needed by the DNS child. In the main process, the deallocation * happens in cap_start(). */ void cap_free_args(void) { while (!STAILQ_EMPTY(&cli_ifnames)) { struct strnode *ifname = STAILQ_FIRST(&cli_ifnames); STAILQ_REMOVE_HEAD(&cli_ifnames, entries); free(ifname); } while (!STAILQ_EMPTY(&cli_filters)) { struct strnode *filter = STAILQ_FIRST(&cli_filters); STAILQ_REMOVE_HEAD(&cli_filters, entries); free(filter); } } /* Run through entire capfile. */ void cap_from_file(const char *capfile) { char errbuf[PCAP_ERRBUF_SIZE]; int linktype, ret; struct cap_iface iface; iface.name = NULL; iface.filter = NULL; iface.pcap = NULL; iface.fd = -1; iface.linkhdr = NULL; localip_init(&iface.local_ips); /* Process cmdline filters. */ if (!STAILQ_EMPTY(&cli_filters)) iface.filter = STAILQ_FIRST(&cli_filters)->str; while (!STAILQ_EMPTY(&cli_filters)) { struct strnode *n = STAILQ_FIRST(&cli_filters); STAILQ_REMOVE_HEAD(&cli_filters, entries); free(n); } /* Open packet capture descriptor. */ errbuf[0] = '\0'; /* zero length string */ iface.pcap = pcap_open_offline(capfile, errbuf); if (iface.pcap == NULL) errx(1, "pcap_open_offline(): %s", errbuf); if (errbuf[0] != '\0') /* not zero length anymore -> warning */ warnx("pcap_open_offline() warning: %s", errbuf); /* Work out the linktype. */ linktype = pcap_datalink(iface.pcap); iface.linkhdr = getlinkhdr(linktype); if (iface.linkhdr == NULL) errx(1, "unknown linktype %d", linktype); if (iface.linkhdr->decoder == NULL) errx(1, "no decoder for linktype %d", linktype); cap_set_filter(iface.pcap, iface.filter); /* Process file. */ ret = pcap_dispatch( iface.pcap, -1, /* count, -1 = entire buffer */ callback, (u_char*)&iface); /* user */ if (ret < 0) errx(1, "pcap_dispatch(): %s", pcap_geterr(iface.pcap)); localip_free(&iface.local_ips); pcap_close(iface.pcap); } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/cap.h000066400000000000000000000013371416753542100144310ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * cap.h: interface to libpcap. */ #include /* OpenBSD needs this before select */ #include /* FreeBSD 4 needs this for struct timeval */ #include extern unsigned int cap_pkts_recv, cap_pkts_drop; void cap_add_ifname(const char *ifname); /* call one or more times */ void cap_add_filter(const char *filter); /* call zero or more times */ void cap_start(const int promisc); void cap_fd_set(fd_set *read_set, int *max_fd, struct timeval *timeout, int *need_timeout); int cap_poll(fd_set *read_set); void cap_stop(void); void cap_free_args(void); void cap_from_file(const char *capfile); /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/cdefs.h000066400000000000000000000017471416753542100147570ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * cdefs.h: compiler-specific defines * * This file borrows from FreeBSD's sys/cdefs.h */ #ifdef __GNUC__ # define _unused_ __attribute__((__unused__)) # define _noreturn_ __attribute__((__noreturn__)) # define _printflike_(fmtarg, firstvararg) \ __attribute__((__format__ (__printf__, fmtarg, firstvararg) )) #else # define _unused_ # define _noreturn_ # define _printflike_(fmtarg, firstvararg) #endif #ifndef MAX # define MAX(a,b) ((a) > (b) ? (a) : (b)) #endif #ifndef MIN # define MIN(a,b) ((a) < (b) ? (a) : (b)) #endif #if !defined(__STDC_VERSION__) || __STDC_VERSION__ < 201112L # ifdef __COUNTER__ # define _Static_assert(x, y) __Static_assert(x, __COUNTER__) # else # define _Static_assert(x, y) __Static_assert(x, __LINE__) # endif # define __Static_assert(x, y) ___Static_assert(x, y) # define ___Static_assert(x, y) typedef char __assert_ ## y[(x) ? 1 : -1] #endif /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/configure.ac000066400000000000000000000130441416753542100160010ustar00rootroot00000000000000AC_PREREQ([2.69]) AC_INIT([darkstat],[3.0.721],[],[],[https://unix4lyfe.org/darkstat/]) AC_CONFIG_SRCDIR([darkstat.c]) AC_CONFIG_HEADERS([config.h]) RULE="------------------------------------------------------------" # Allow configure-time override of PRIVDROP_USER. AC_ARG_WITH(privdrop-user, AS_HELP_STRING([--with-privdrop-user], [specify which user to drop privileges to (default: nobody)]), [_pdu="$withval"], [_pdu="nobody"]) AC_DEFINE_UNQUOTED(PRIVDROP_USER, "$_pdu", [User to privdrop to.]) # Checks for programs. AC_PROG_INSTALL AC_PROG_CC # Compiler's language features. AC_C_RESTRICT m4_pattern_allow([^AM_DEFAULT_VERBOSITY$]) AC_ARG_ENABLE([silent-rules], [ --enable-silent-rules less verbose build output (undo: 'make V=1') --disable-silent-rules verbose build output (undo: 'make V=0')]) case $enable_silent_rules in no) AM_DEFAULT_VERBOSITY=1;; *) AM_DEFAULT_VERBOSITY=0;; esac AC_SUBST([AM_DEFAULT_VERBOSITY]) # Let user disable debugging symbols so we create smaller binaries. AC_MSG_CHECKING(if we want debug code) AC_ARG_ENABLE(debug, AS_HELP_STRING([--disable-debug], [turn off debugging code and asserts]), [if test "x$enableval" = "xno" ; then CFLAGS="$CFLAGS -DNDEBUG -g0" AC_MSG_RESULT(nope) elif test "x$enableval" = "xyes" ; then AC_MSG_RESULT(sure) else CFLAGS="$CFLAGS -g$enableval" AC_MSG_RESULT(sure ($enableval)) fi], [AC_MSG_RESULT(sure)]) # Augment CFLAGS for fun. echo "int main(void){return 1;}" > conftest.$ac_ext AC_MSG_CHECKING(if your C compiler wants a hit off the pipe) save_cflags="$CFLAGS" CFLAGS="-pipe $CFLAGS" if (eval $ac_link) 2>/dev/null; then AC_MSG_RESULT(sure does) else AC_MSG_RESULT(no) CFLAGS="$save_cflags" fi AC_MSG_CHECKING(if your C compiler has a link-time optimizer) if test x$GCC = xyes; then save_cflags="$CFLAGS" CFLAGS="-flto $CFLAGS" if (eval $ac_link) 2>/dev/null; then AC_MSG_RESULT(sure does) else AC_MSG_RESULT(no) CFLAGS="$save_cflags" fi else AC_MSG_RESULT(skipped) fi AC_ARG_ENABLE(warnings, AS_HELP_STRING([--enable-warnings], [turn on lots of compile-time warnings, these are only useful for development]), [if test "x$enableval" = "xyes" ; then AC_MSG_CHECKING(if your C compiler has gcc-like --extra-warnings) save_cflags="$CFLAGS" CFLAGS="$CFLAGS -fdiagnostics-show-option --all-warnings --extra-warnings" if (eval $ac_link) 2>/dev/null; then AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) CFLAGS="$save_cflags" fi AC_MSG_CHECKING(if your C compiler has clang-like -Weverything) save_cflags="$CFLAGS" CFLAGS="$CFLAGS -Weverything" if (eval $ac_link) 2>/dev/null; then AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) CFLAGS="$save_cflags" fi fi]) rm -f conftest.$ac_objext conftest.$ac_ext # Check for zlib. AC_CHECK_LIB(z, deflate,, [ cat < UserName root GroupName wheel KeepAlive Label cx.ath.darkstat Nice 1 ProgramArguments --no-daemon -i en0 -b 127.0.0.1 RunAtLoad darkstat-3.0.721/contrib/darkproxy.php000066400000000000000000000016131416753542100177060ustar00rootroot00000000000000 0) print reason if (terminate != 0) { # Any remaining bytes in the file shall be dumped. for (i=ai; i<=addr; i++) print i, hex[i], ascii[i] exit(retval) } } function readIPsection() { ip_protos_data=read_bytes(ascii, ai, 1) if (ip_protos_data != "P") quit("expected ip_protos_data P, found " ip_protos_data, 1, 1) ai += 1 ip_proto_count=read_number(ai, 1) ai += 1 for (pi=0; pi 1) { last_seen=read_number(ai, 4) # This value is always 0 in our files. ai += 4 } mac_address=hex[ai+0] ":" hex[ai+1] ":" hex[ai+2] ":" hex[ai+3] ":" hex[ai+4] ":" hex[ai+5] ai += 6 # Weird stuff: the host name should be read. # But there are only 5 bytes of nonsense. # The first byte should be the length counter, but it isnt. # The last byte is in fact a 0 byte. # Probably caused by the missing DNS server. # ignore 5 bytes with nonsense nonsense=read_text(ai, 5) ai += 5 host_bytes_in=read_number(ai, 8) ai += 8 host_bytes_out=read_number(ai, 8) ai += 8 readIPsection() readTCPsection() readUDPsection() } else { quit("host format supported only in version 02: " host_version, 1, 1) #address_familiy=read_bytes(hex, ai, 1) #print "address familiy = " address_familiy } printf("\"%s\";\"%s\";%d;%d;%s;%d;%d;%d;%d;%d;%d;%d;%d;%d;%d;%d;%d;%s;%s\n", ip_address, mac_address, host_bytes_in, host_bytes_out, IPprotos, ip_proto_in, ip_proto_out, tcp_proto_count, tcp_proto_in, tcp_proto_out, udp_proto_count, udp_proto_in, udp_proto_out, ssh_in, ssh_out, rdp_in, rdp_out, TCPports, UDPports) } section_header=read_bytes(hex, ai, 3) if (section_header != "da4752") quit("section header da4752 expected: " section_header, 1, 1) ai += 3 db_version=read_bytes(hex, ai, 1) if (db_version != "01") quit("file format supported only in version 01", 1, 1) ai += 1 last_time=read_number(ai, 8) ai += 8 readGraphsection("60 seconds") readGraphsection("60 minutes") readGraphsection("24 hours") readGraphsection("31 days") # The complete file has been parsed, no bytes should be left over. # Terminate with return value 0 if the byte numbers match. quit("", (addr != ai+1) ?0:1, addr != ai+1) } ' > ${CSVFILENAME} darkstat-3.0.721/conv.c000066400000000000000000000222121416753542100146210ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * conv.c: convenience functions. * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "conv.h" #include #include #include #include "err.h" #include #include #include #include #include #include #include #include #include #include #define PATH_DEVNULL "/dev/null" /* malloc() that exits on failure. */ void * xmalloc(const size_t size) { void *ptr = malloc(size); if (ptr == NULL) errx(1, "malloc(): out of memory"); return (ptr); } /* calloc() that exits on failure. */ void * xcalloc(const size_t num, const size_t size) { void *ptr = calloc(num, size); if (ptr == NULL) errx(1, "calloc(): out of memory"); return (ptr); } /* realloc() that exits on failure. */ void * xrealloc(void *original, const size_t size) { void *ptr = realloc(original, size); if (ptr == NULL) errx(1, "realloc(): out of memory"); return (ptr); } /* strdup() that exits on failure. */ char * xstrdup(const char *s) { char *tmp = strdup(s); if (tmp == NULL) errx(1, "strdup(): out of memory"); return (tmp); } /* --------------------------------------------------------------------------- * Split string out of src with range [left:right-1] */ char * split_string(const char *src, const size_t left, const size_t right) { char *dest; assert(left <= right); assert(left < strlen(src)); /* [left means must be smaller */ assert(right <= strlen(src)); /* right) means can be equal or smaller */ dest = xmalloc(right - left + 1); memcpy(dest, src+left, right-left); dest[right-left] = '\0'; return (dest); } /* --------------------------------------------------------------------------- * Uppercasify all characters in a string of given length. */ void strntoupper(char *str, const size_t length) { size_t i; for (i=0; i 2) close(fd_null); } /* * For security, chroot (optionally) and drop privileges. * Pass a NULL chroot_dir to disable chroot() behaviour. */ void privdrop(const char *chroot_dir, const char *privdrop_user) { struct passwd *pw; errno = 0; pw = getpwnam(privdrop_user); if (pw == NULL) { if (errno == 0) errx(1, "getpwnam(\"%s\") failed: no such user", privdrop_user); else err(1, "getpwnam(\"%s\") failed", privdrop_user); } if (chroot_dir == NULL) { verbosef("no --chroot dir specified, darkstat will not chroot()"); } else { /* Read /etc/localtime before we chroot. This works on FreeBSD but not * on Linux / with glibc (as of 2.22) */ tzset(); if (chroot(chroot_dir) == -1) err(1, "chroot(\"%s\") failed", chroot_dir); if (chdir("/") == -1) err(1, "chdir(\"/\") failed"); verbosef("chrooted into: %s", chroot_dir); } { gid_t list[1]; list[0] = pw->pw_gid; if (setgroups(1, list) == -1) err(1, "setgroups"); } if (setgid(pw->pw_gid) == -1) err(1, "setgid"); if (setuid(pw->pw_uid) == -1) err(1, "setuid"); verbosef("set uid/gid to %d/%d", (int)pw->pw_uid, (int)pw->pw_gid); } /* Make the specified file descriptor non-blocking. */ void fd_set_nonblock(const int fd) { int flags; if ((flags = fcntl(fd, F_GETFL, 0)) == -1) err(1, "fcntl(fd %d) to get flags", fd); flags |= O_NONBLOCK; if (fcntl(fd, F_SETFL, flags) == -1) err(1, "fcntl(fd %d) to set O_NONBLOCK", fd); assert( (fcntl(fd, F_GETFL, 0) & O_NONBLOCK ) == O_NONBLOCK ); } /* Make the specified file descriptor blocking. */ void fd_set_block(const int fd) { int flags; if ((flags = fcntl(fd, F_GETFL, 0)) == -1) err(1, "fcntl(fd %d) to get flags", fd); flags &= ~O_NONBLOCK; if (fcntl(fd, F_SETFL, flags) == -1) err(1, "fcntl(fd %d) to unset O_NONBLOCK", fd); assert( (fcntl(fd, F_GETFL, 0) & O_NONBLOCK ) == 0 ); } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/conv.h000066400000000000000000000015151416753542100146310ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2011 Emil Mikulic. * * conv.h: convenience functions. */ #include void *xmalloc(const size_t size); void *xcalloc(const size_t num, const size_t size); void *xrealloc(void *original, const size_t size); char *xstrdup(const char *s); char *split_string(const char *src, const size_t left, const size_t right); void strntoupper(char *str, const size_t length); int str_starts_with(const char *haystack, const char *needle); char**split(const char delimiter, const char *str, unsigned int *num_chunks); char *qs_get(const char *qs, const char *key); void daemonize_start(void); void daemonize_finish(void); void privdrop(const char *chroot_dir, const char *privdrop_user); void fd_set_nonblock(const int fd); void fd_set_block(const int fd); /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/darkstat.8.in000066400000000000000000000300631416753542100160260ustar00rootroot00000000000000.\" .\" darkstat 3 .\" Copyright 2001-2014, Emil Mikulic. .\" .\" You may use, modify and redistribute this file under the terms of the .\" GNU General Public License version 2. (see COPYING.GPL) .\" .TH darkstat 8 "June 2011" "@PACKAGE_STRING@" .SH NAME darkstat \- network statistics gatherer .\" .SH SYNOPSIS .B darkstat [ .BI \-i " interface" ] [ .BI \-r " file" ] [ .BI \-\-snaplen " bytes" ] [ .BI \-\-pppoe ] [ .BI \-\-syslog ] [ .BI \-\-verbose ] [ .BI \-\-no\-daemon ] [ .BI \-\-no\-promisc ] [ .BI \-\-no\-dns ] [ .BI \-\-no\-macs ] [ .BI \-\-no\-lastseen ] [ .BI \-p " port" ] [ .BI \-b " bindaddr" ] [ .BI \-\-base " path" ] [ .BI \-f " filter" ] [ .BI \-l " network/netmask" ] [ .BI \-\-local\-only ] [ .BI \-\-chroot " dir" ] [ .BI \-\-user " username" ] [ .BI \-\-daylog " filename" ] [ .BI \-\-import " filename" ] [ .BI \-\-export " filename" ] [ .BI \-\-pidfile " filename" ] [ .BI \-\-hosts\-max " count" ] [ .BI \-\-hosts\-keep " count" ] [ .BI \-\-ports\-max " count" ] [ .BI \-\-ports\-keep " count" ] [ .BI \-\-highest\-port " port" ] [ .BI \-\-wait " secs" ] [ .BI \-\-hexdump ] .\" .SH DESCRIPTION .I darkstat is a packet sniffer that runs as a background process, gathers all sorts of statistics about network usage, and serves them over HTTP. All settings are passed on the commandline. .\" .SH OPTIONS .\" .TP .BI \-i " interface" Capture traffic on the specified network interface. This is the only mandatory commandline argument. .\" .TP .BI \-r " file" Instead of capturing live traffic, read it from a .BR pcap (3) capture file. This is only useful for development and benchmarking. The .BI \-r and .BI \-i arguments are mutually exclusive. .\" .TP .BI \-\-snaplen " bytes" How many bytes to capture from the start of each packet. You should not need to specify this; \fIdarkstat\fR will calculate it automatically. .\" .TP .BI \-\-pppoe Don't use this. Instead, capture on the tunnel interface that your PPPoE software provides, for example \fBtun0\fR on \fIFreeBSD\fR, \fBpppoe0\fR on \fIOpenBSD\fR or \fINetBSD\fR. If you really must, you can capture on an Ethernet interface and pass this argument to have \fIdarkstat\fR decode PPPoE frames and ignore everything else. Make sure you also specify your local address with the \fB\-l\fR argument! .\" .TP .BI \-\-syslog Errors, warnings, and verbose messages will go to \fBsyslog\fR (facility daemon, priority debug) instead of \fBstderr\fR. On some systems, these messages end up in \fB/var/log/debug\fR by default. .\" .TP .BI \-\-verbose Produce more verbose debugging messages. .\" .TP .BI \-\-no\-daemon Do not detach from the controlling terminal; stay in the foreground. .\" .TP .BI \-\-no\-promisc Do not use promiscuous mode to capture. Note that an interface may already be in promiscuous mode, or may later enter promiscuous mode, due to circumstances beyond \fIdarkstat\fR's control. If this is a problem, use \fB\-f\fR to specify an appropriate .BR bpf (4) filter. .\" .TP .BI \-\-no\-dns Do not resolve IPs to host names. This can significantly reduce memory footprint on small systems as an extra process is created for DNS resolution. .\" .TP .BI \-\-no\-macs Do not display MAC addresses in the hosts table. .\" .TP .BI \-\-no\-lastseen Do not display the last seen time in the hosts table. .\" .TP .BI \-p " port" Bind the web interface to the specified port. The default is 667. .\" .TP .BI \-b " bindaddr" Bind the web interface to the specified address. The default is to listen on all interfaces. .\" .TP .BI \-\-base " path" .RS Specify the path of the base URL. This can be useful if \fIdarkstat\fR is accessed via a reverse proxy. For example, if you use Apache's \fImod_proxy\fR and want to avoid a complicated setup with \fImod_proxy_html\fR (and \fImod_header\fR to unset the \fIAccept-Encoding\fR header), just set the base path to something like \fIstats\fR and use a config similar to the following snippet: .IP ProxyPass /stats/ http://localhost:667/stats/ ProxyPassReverse /stats/ http://localhost:667/stats/ .PP The default is \fI/\fR (i.e. the root). .RE .\" .TP .BI \-f " filter" Use the specified filter expression when capturing traffic. The filter syntax is beyond the scope of this manual page; please refer to the .BR tcpdump (1) documentation. .\" .TP .BI \-l " network/netmask" Define a "local network" according to the network and netmask addresses. All traffic entering or leaving this network will be graphed, as opposed to the default behaviour of only graphing traffic to and from the local host. .RS The rule is that if \fBip_addr & netmask == network\fR, then that address is considered local. See the usage example below. .RE .\" .TP .BI \-\-local\-only Make the web interface only display hosts on the "local network." This is intended to be used together with the \fB\-l\fR argument. .\" .TP .BI \-\-chroot " dir" Force \fIdarkstat\fR to \fBchroot()\fR into the specified directory. Without this argument, a default directory will be used, which is determined at build time. Usually \fI/var/empty\fR or \fI/var/lib/empty\fR. .RS For security reasons, this directory should be empty, and the user that \fIdarkstat\fR is running as should not have write access to it. However, if you wish to use \fB\-\-daylog\fR or \fB\-\-export\fR, \fIdarkstat\fR will need write access to the chroot. If you are uncomfortable with the security implications, don't use any functionality that requires write access. .RE .\" .TP .BI \-\-user " username" Force \fIdarkstat\fR to drop privileges to the \fBuid\fR and \fBgid\fR of the specified user. Without this argument, a default value will be used, which is set at build time. Usually \fBnobody\fR. .RS For security reasons, this should not be \fBroot\fR. .RE .\" .TP .BI \-\-daylog " filename" .RS Log daily traffic statistics into the named file, relative to the chroot directory. If you wish to use \fB\-\-daylog\fR, you must first specify a \fB\-\-chroot\fR directory, and it must be writeable by the \fIdarkstat\fR user. A writeable chroot has security implications; if you are uncomfortable with this, do not use the \fB\-\-daylog\fR functionality. If the daylog argument is not specified, no logging is performed. The daylog format is: localtime|time_t|bytes_in|bytes_out|pkts_in|pkts_outs Lines starting with a # are comments stating when logging started and stopped. .RE .\" .TP .BI \-\-import " filename" Upon starting, import a \fIdarkstat\fR database from the named file, relative to the chroot directory. If you wish to use \fB\-\-import\fR, you must first specify a \fB\-\-chroot\fR directory. If the import is unsuccessful, \fIdarkstat\fR will start with an empty database. .\" .TP .BI \-\-export " filename" On shutdown, or upon receiving SIGUSR1 or SIGUSR2, export the in-memory database to the named file, relative to the chroot directory. If you wish to use \fB\-\-export\fR, you must first specify a \fB\-\-chroot\fR directory, and it must be writeable by the \fIdarkstat\fR user. A writeable chroot has security implications - if you are uncomfortable with this, do not use the \fB\-\-export\fR functionality. .\" .TP .BI \-\-pidfile " filename" .RS Creates a file containing the process ID of \fIdarkstat\fR. This file will be unlinked upon clean shutdown. As with all pidfiles, if \fIdarkstat\fR dies uncleanly, a stale pidfile can be left over. For example, start \fIdarkstat\fR with: .IP darkstat \-i fxp0 \-\-chroot /var/run/darkstat \-\-pidfile darkstat.pid .PP And stop with: .IP kill `cat /var/run/darkstat/darkstat.pid` .PP By default, .BR kill (1) will send SIGTERM, which will cause \fIdarkstat\fR to shut down cleanly. .RE .\" .TP .BI \-\-hosts\-max " count" The maximum number of hosts that will be kept in the hosts table. This is used to limit how much accounting data will be kept in memory. The number of .BI \-\-hosts\-max must be greater than .BI \-\-hosts\-keep .\" .TP .BI \-\-hosts\-keep " count" When the hosts table hits .BI \-\-hosts\-max and traffic is seen from a new host, we clean out the hosts table, keeping only the top .BI \-\-hosts\-keep number of hosts, sorted by total traffic. .\" .TP .BI \-\-ports\-max " count" The maximum number of ports that will be tracked for each host. This is used to limit how much accounting data will be kept in memory. The number of .BI \-\-ports\-max must be greater than .BI \-\-ports\-keep .\" .TP .BI \-\-ports\-keep " count" When a ports table fills up, this many ports are kept and the rest are discarded. .\" .TP .BI \-\-highest\-port " port" Ports that are numerically higher than this will not appear in the per-host ports tables, although their traffic will still be accounted for. This can be used to hide ephemeral ports. By default, all ports are tracked. .\" .TP .BI \-\-wait " secs" Don't use this. It's a hack to help victims of \fINetworkManager\fR and similar systems. .RS You should start \fIdarkstat\fR after the capture interface has come up. If you can't, specifying the \fB\-\-wait\fR option will make \fIdarkstat\fR sleep up to the specified number of seconds for the interface to become ready. Zero means wait indefinitely. .RE .\" .TP .BI \-\-hexdump Show hex dumps of received traffic. This is only for debugging, and implies \fB\-\-verbose\fR and \fB\-\-no\-daemon\fR. .\" .\" -------------------------------------------------------------------- .SH USAGE EXAMPLES To gather statistics on the .I fxp0 interface: .IP darkstat \-i fxp0 .PP .\" We want to account for traffic on the Internet-facing interface, but only serve web pages to our private local network where we have the IP address 192.168.0.1: .IP darkstat \-i fxp0 \-b 192.168.0.1 .PP .\" We want to serve web pages on the standard HTTP port: .IP darkstat \-i fxp0 \-p 80 .PP .\" We are on Optus (cable) and don't want to account for the constant ARP traffic we are receiving: .IP darkstat \-i fxp0 \-f "not arp" .PP .\" We only want to account for SSH traffic: .IP darkstat \-i fxp0 \-f "port 22" .PP .\" We don't want to account for traffic between internal IPs: .IP darkstat \-i fxp0 \-f "not (src net 192.168.0 and dst net 192.168.0)" .PP .\" (For a full reference on filter syntax, refer to the .BR tcpdump (1) manpage) .PP .\" We have a network consisting of a gateway server (192.168.1.1) and a few workstations (192.168.1.2, 192.168.1.3, etc.) and we want to graph all traffic entering and leaving the local network, not just the gateway server (which is running \fIdarkstat\fR): .IP darkstat \-i fxp0 \-l 192.168.1.0/255.255.255.0 .PP .\" On some systems, we can't capture on a "decoded" interface but only on \fInas0\fR which returns PPPoE encapsulated packets. Do PPPoE decoding, and override the local IP manually since it cannot be automatically detected. Note the /32 netmask: .IP darkstat \-i nas0 \-\-pppoe \-l 192.168.1.1/255.255.255.255 .\" .SH SIGNALS To shut .I darkstat down cleanly, send a SIGTERM or SIGINT signal to the .I darkstat parent process. .PP Sending the SIGUSR1 signal will cause \fIdarkstat\fR to empty out its in-memory database. If an \fB\-\-export\fR file was set, it will first save the database to file. Sending SIGUSR2 will save the database without emptying it. .PP .\" .SH FREQUENTLY ASKED QUESTIONS .SS How many bytes does each bar on the graph represent? Hover your mouse cursor over a bar and you should get a tooltip saying exactly how many bytes in and out the bar represents. .\" .SS Why aren't there labels / tics / a scale on the graphs? Because implementing them is hard. And doing so \fIcorrectly\fR, and in a way that works across all browsers, looks pretty much impossible. I might attempt it some day. In the meantime, patches would be gladly accepted. .\" .SS Why are the graphs blank? All the bars are zero. The graphs only show traffic in/out of the local host, which is determined by getting the IP address of the interface you're sniffing on. You can use the \fB\-l\fR argument to override the local address for accounting purposes. You can also use it to do accounting for a whole subnet by specifying an appropriate netmask. .\" .SH SEE ALSO .BR tcpdump (1) .\" .SH HISTORY .I darkstat was written in 2001, largely as a result of a certain Australian cable Internet provider introducing a 3GB monthly traffic limit. .\" .SH AUTHORS Emil Mikulic and others. (see the AUTHORS file) .\" .SH WEBSITE @PACKAGE_URL@ darkstat-3.0.721/darkstat.c000066400000000000000000000344071416753542100155020ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * darkstat.c: signals, cmdline parsing, program body. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "acct.h" #include "cap.h" #include "cdefs.h" #include "config.h" #include "conv.h" #include "daylog.h" #include "db.h" #include "dns.h" #include "err.h" #include "hosts_db.h" #include "http.h" #include "localip.h" #include "ncache.h" #include "now.h" #include "pidfile.h" #include "str.h" #include #include #include #include #include #include #include #include #include #include #ifndef INADDR_NONE # define INADDR_NONE (-1) /* Solaris */ #endif /* --- Signal handling --- */ static volatile int running = 1; static void sig_shutdown(int signum _unused_) { running = 0; } static volatile int reset_pending = 0, export_pending = 0; static void sig_reset(int signum _unused_) { reset_pending = 1; export_pending = 1; } static void sig_export(int signum _unused_) { export_pending = 1; } /* --- Commandline parsing --- */ static unsigned long parsenum(const char *str, unsigned long max /* 0 for no max */) { unsigned long n; char *end; errno = 0; n = strtoul(str, &end, 10); if (*end != '\0') errx(1, "\"%s\" is not a valid number", str); if (errno == ERANGE) errx(1, "\"%s\" is out of range", str); if ((max != 0) && (n > max)) errx(1, "\"%s\" is out of range (max %lu)", str, max); return n; } static int opt_iface_seen = 0; static void cb_interface(const char *arg) { cap_add_ifname(arg); opt_iface_seen = 1; } static void cb_filter(const char *arg) { cap_add_filter(arg); } static const char *opt_capfile = NULL; static void cb_capfile(const char *arg) { opt_capfile = arg; } int opt_want_snaplen = -1; static void cb_snaplen(const char *arg) { opt_want_snaplen = (int)parsenum(arg, 0); } int opt_want_pppoe = 0; static void cb_pppoe(const char *arg _unused_) { opt_want_pppoe = 1; } int opt_want_syslog = 0; static void cb_syslog(const char *arg _unused_) { opt_want_syslog = 1; } int opt_want_verbose = 0; static void cb_verbose(const char *arg _unused_) { opt_want_verbose = 1; } static int opt_want_daemonize = 1; static void cb_no_daemon(const char *arg _unused_) { opt_want_daemonize = 0; } static int opt_want_promisc = 1; static void cb_no_promisc(const char *arg _unused_) { opt_want_promisc = 0; } static int opt_want_dns = 1; static void cb_no_dns(const char *arg _unused_) { opt_want_dns = 0; } int opt_want_macs = 1; static void cb_no_macs(const char *arg _unused_) { opt_want_macs = 0; } int opt_want_lastseen = 1; static void cb_no_lastseen(const char *arg _unused_) { opt_want_lastseen = 0; } static unsigned short opt_bindport = 667; static void cb_port(const char *arg) { opt_bindport = (unsigned short)parsenum(arg, 65536); } static void cb_bindaddr(const char *arg) { http_add_bindaddr(arg); } static int is_localnet_specified = 0; static void cb_local(const char *arg) { acct_init_localnet(arg); is_localnet_specified = 1; } int opt_want_local_only = 0; static void cb_local_only(const char *arg _unused_) { opt_want_local_only = 1; } static const char *opt_chroot_dir = NULL; static void cb_chroot(const char *arg) { opt_chroot_dir = arg; } static const char *opt_base = NULL; static void cb_base(const char *arg) { opt_base = arg; } static const char *opt_privdrop_user = NULL; static void cb_user(const char *arg) { opt_privdrop_user = arg; } static const char *opt_daylog_fn = NULL; static void cb_daylog(const char *arg) { opt_daylog_fn = arg; } static const char *import_fn = NULL; static void cb_import(const char *arg) { import_fn = arg; } static const char *export_fn = NULL; static void cb_export(const char *arg) { export_fn = arg; } static const char *pid_fn = NULL; static void cb_pidfile(const char *arg) { pid_fn = arg; } unsigned int opt_hosts_max = 1000; static void cb_hosts_max(const char *arg) { opt_hosts_max = parsenum(arg, 0); } unsigned int opt_hosts_keep = 500; static void cb_hosts_keep(const char *arg) { opt_hosts_keep = parsenum(arg, 0); } unsigned int opt_ports_max = 60; static void cb_ports_max(const char *arg) { opt_ports_max = parsenum(arg, 65536); } unsigned int opt_ports_keep = 30; static void cb_ports_keep(const char *arg) { opt_ports_keep = parsenum(arg, 65536); } unsigned int opt_highest_port = 65535; static void cb_highest_port(const char *arg) { opt_highest_port = parsenum(arg, 65535); } int opt_wait_secs = -1; static void cb_wait_secs(const char *arg) { opt_wait_secs = (int)parsenum(arg, 0); } int opt_want_hexdump = 0; static void cb_hexdump(const char *arg _unused_) { opt_want_hexdump = 1; } static int opt_want_help = 0; static void cb_help(const char *arg _unused_) { opt_want_help = 1; } static void cb_version(const char *arg _unused_) { opt_want_help = -1; } /* --- */ struct cmdline_arg { const char *name, *arg_name; /* NULL arg_name means unary */ void (*callback)(const char *arg); int num_seen; }; static struct cmdline_arg cmdline_args[] = { {"-i", "interface", cb_interface, -1}, {"-f", "filter", cb_filter, -1}, {"-r", "capfile", cb_capfile, 0}, {"-p", "port", cb_port, 0}, {"-b", "bindaddr", cb_bindaddr, -1}, {"-l", "network/netmask", cb_local, 0}, {"--base", "path", cb_base, 0}, {"--local-only", NULL, cb_local_only, 0}, {"--snaplen", "bytes", cb_snaplen, 0}, {"--pppoe", NULL, cb_pppoe, 0}, {"--syslog", NULL, cb_syslog, 0}, {"--verbose", NULL, cb_verbose, 0}, {"--no-daemon", NULL, cb_no_daemon, 0}, {"--no-promisc", NULL, cb_no_promisc, 0}, {"--no-dns", NULL, cb_no_dns, 0}, {"--no-macs", NULL, cb_no_macs, 0}, {"--no-lastseen", NULL, cb_no_lastseen, 0}, {"--chroot", "dir", cb_chroot, 0}, {"--user", "username", cb_user, 0}, {"--daylog", "filename", cb_daylog, 0}, {"--import", "filename", cb_import, 0}, {"--export", "filename", cb_export, 0}, {"--pidfile", "filename", cb_pidfile, 0}, {"--hosts-max", "count", cb_hosts_max, 0}, {"--hosts-keep", "count", cb_hosts_keep, 0}, {"--ports-max", "count", cb_ports_max, 0}, {"--ports-keep", "count", cb_ports_keep, 0}, {"--highest-port", "port", cb_highest_port, 0}, {"--wait", "secs", cb_wait_secs, 0}, {"--hexdump", NULL, cb_hexdump, 0}, {"--version", NULL, cb_version, 0}, {"--help", NULL, cb_help, 0}, {NULL, NULL, NULL, 0} }; /* We autogenerate the usage statement from the cmdline_args data structure. */ static void usage(void) { static char intro[] = "usage: darkstat "; char indent[sizeof(intro)]; struct cmdline_arg *arg; printf(PACKAGE_STRING " (using %s)\n", pcap_lib_version()); if (opt_want_help == -1) return; memset(indent, ' ', sizeof(indent)); indent[0] = indent[sizeof(indent) - 1] = 0; printf("\n%s", intro); for (arg = cmdline_args; arg->name != NULL; arg++) { printf("%s[ %s%s%s ]\n", indent, arg->name, arg->arg_name != NULL ? " " : "", arg->arg_name != NULL ? arg->arg_name : ""); indent[0] = ' '; } printf("\n" "Please refer to the darkstat(8) manual page for further\n" "documentation and usage examples.\n"); } static void parse_sub_cmdline(const int argc, char * const *argv) { struct cmdline_arg *arg; if (argc == 0) return; for (arg = cmdline_args; arg->name != NULL; arg++) if (strcmp(argv[0], arg->name) == 0) { if ((arg->arg_name != NULL) && (argc == 1)) { fprintf(stderr, "error: argument \"%s\" requires parameter \"%s\"\n", arg->name, arg->arg_name); usage(); exit(EXIT_FAILURE); } if (arg->num_seen > 0) { fprintf(stderr, "error: already specified argument \"%s\"\n", arg->name); usage(); exit(EXIT_FAILURE); } if (arg->num_seen != -1) /* accept more than one */ arg->num_seen++; if (arg->arg_name == NULL) { arg->callback(NULL); parse_sub_cmdline(argc-1, argv+1); } else { arg->callback(argv[1]); parse_sub_cmdline(argc-2, argv+2); } return; } fprintf(stderr, "error: illegal argument: \"%s\"\n", argv[0]); usage(); exit(EXIT_FAILURE); } static void parse_cmdline(const int argc, char * const *argv) { if (argc < 1) { /* Not enough args. */ usage(); exit(EXIT_FAILURE); } parse_sub_cmdline(argc, argv); if (opt_want_help) { usage(); exit(EXIT_SUCCESS); } /* start syslogging as early as possible */ if (opt_want_syslog) openlog("darkstat", LOG_NDELAY | LOG_PID, LOG_DAEMON); /* default value */ if (opt_privdrop_user == NULL) opt_privdrop_user = PRIVDROP_USER; /* sanity check args */ if (!opt_iface_seen && opt_capfile == NULL) errx(1, "must specify either interface (-i) or capture file (-r)"); if (opt_iface_seen && opt_capfile != NULL) errx(1, "can't specify both interface (-i) and capture file (-r)"); if ((opt_hosts_max != 0) && (opt_hosts_keep >= opt_hosts_max)) { opt_hosts_keep = opt_hosts_max / 2; warnx("reducing --hosts-keep to %u, to be under --hosts-max (%u)", opt_hosts_keep, opt_hosts_max); } verbosef("max %u hosts, cutting down to %u when exceeded", opt_hosts_max, opt_hosts_keep); if ((opt_ports_max != 0) && (opt_ports_keep >= opt_ports_max)) { opt_ports_keep = opt_ports_max / 2; warnx("reducing --ports-keep to %u, to be under --ports-max (%u)", opt_ports_keep, opt_ports_max); } verbosef("max %u ports per host, cutting down to %u when exceeded", opt_ports_max, opt_ports_keep); if (opt_want_hexdump && !opt_want_verbose) { opt_want_verbose = 1; verbosef("--hexdump implies --verbose"); } if (opt_want_hexdump && opt_want_daemonize) { opt_want_daemonize = 0; verbosef("--hexdump implies --no-daemon"); } if (opt_want_local_only && !is_localnet_specified) verbosef("WARNING: --local-only without -l only matches the local host"); } static void run_from_capfile(void) { now_init(); graph_init(); hosts_db_init(); cap_from_file(opt_capfile); if (export_fn != NULL) db_export(export_fn); hosts_db_free(); graph_free(); verbosef("Total packets: %llu, bytes: %llu", (llu)acct_total_packets, (llu)acct_total_bytes); } /* --- Program body --- */ int main(int argc, char **argv) { test_64order(); parse_cmdline(argc-1, argv+1); if (opt_capfile) { run_from_capfile(); return 0; } /* must verbosef() before first fork to init lock */ verbosef("starting up"); if (pid_fn) pidfile_create(opt_chroot_dir, pid_fn, opt_privdrop_user); if (opt_want_daemonize) { verbosef("daemonizing to run in the background!"); daemonize_start(); verbosef("I am the main process"); } if (pid_fn) pidfile_write_close(); /* do this first as it forks - minimize memory use */ if (opt_want_dns) dns_init(opt_privdrop_user); cap_start(opt_want_promisc); /* needs root */ http_init_base(opt_base); http_listen(opt_bindport); ncache_init(); /* must do before chroot() */ privdrop(opt_chroot_dir, opt_privdrop_user); /* Don't need root privs for these: */ now_init(); if (opt_daylog_fn != NULL) daylog_init(opt_daylog_fn); graph_init(); hosts_db_init(); if (import_fn != NULL) db_import(import_fn); if (signal(SIGTERM, sig_shutdown) == SIG_ERR) errx(1, "signal(SIGTERM) failed"); if (signal(SIGINT, sig_shutdown) == SIG_ERR) errx(1, "signal(SIGINT) failed"); if (signal(SIGUSR1, sig_reset) == SIG_ERR) errx(1, "signal(SIGUSR1) failed"); if (signal(SIGUSR2, sig_export) == SIG_ERR) errx(1, "signal(SIGUSR2) failed"); verbosef("entering main loop"); daemonize_finish(); while (running) { int select_ret; int max_fd = -1; int use_timeout = 0; int cap_ret; struct timeval timeout; struct timespec t; fd_set rs, ws; FD_ZERO(&rs); FD_ZERO(&ws); cap_fd_set(&rs, &max_fd, &timeout, &use_timeout); http_fd_set(&rs, &ws, &max_fd, &timeout, &use_timeout); select_ret = select(max_fd+1, &rs, &ws, NULL, (use_timeout) ? &timeout : NULL); if (select_ret == 0 && !use_timeout) errx(1, "select() erroneously timed out"); if (select_ret == -1) { if (errno == EINTR) continue; else err(1, "select()"); } timer_start(&t); now_update(); if (export_pending) { if (export_fn != NULL) db_export(export_fn); export_pending = 0; } if (reset_pending) { if (export_pending) continue; /* export before reset */ hosts_db_reset(); graph_reset(); reset_pending = 0; } graph_rotate(); cap_ret = cap_poll(&rs); dns_poll(); http_poll(&rs, &ws); timer_stop(&t, 1000000000, "event processing took longer than a second"); if (!cap_ret) { running = 0; } } verbosef("shutting down"); verbosef("pcap stats: %u packets received, %u packets dropped", cap_pkts_recv, cap_pkts_drop); http_stop(); cap_stop(); dns_stop(); if (export_fn != NULL) db_export(export_fn); hosts_db_free(); graph_free(); if (opt_daylog_fn != NULL) daylog_free(); ncache_free(); if (pid_fn) pidfile_unlink(); verbosef("shut down"); return (EXIT_SUCCESS); } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/daylog.c000066400000000000000000000073521416753542100151430ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2007-2014 Emil Mikulic. * * daylog.c: daily usage log * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #define _GNU_SOURCE 1 /* for O_NOFOLLOW on Linux */ #include "cdefs.h" #include "err.h" #include "daylog.h" #include "str.h" #include "now.h" #include #include #include #include #include #include #include static const char *daylog_fn = NULL; static time_t today_real, tomorrow_real; static uint64_t bytes_in, bytes_out, pkts_in, pkts_out; #define DAYLOG_DATE_LEN 26 /* strlen("1900-01-01 00:00:00 +1234") + 1 */ static char datebuf[DAYLOG_DATE_LEN]; static char *fmt_date(time_t when) { if (strftime(datebuf, DAYLOG_DATE_LEN, "%Y-%m-%d %H:%M:%S %z", localtime(&when)) == 0) errx(1, "strftime() failed in fmt_date()"); return datebuf; } /* Given some time today, find the first second of tomorrow. */ static time_t tomorrow(time_t t_before) { time_t t_after; struct tm tm, *lt; lt = localtime(&t_before); memcpy(&tm, lt, sizeof(tm)); tm.tm_sec = 0; tm.tm_min = 0; tm.tm_hour = 0; tm.tm_mday = lt->tm_mday + 1; /* tomorrow */ t_after = mktime(&tm); assert(t_after > t_before); return t_after; } /* Warns on error. */ static void daylog_write(const char *format, ...) _printflike_(1, 2); static void daylog_write(const char *format, ...) { int fd; ssize_t wr; va_list va; struct str *buf; assert(daylog_fn != NULL); fd = open(daylog_fn, O_WRONLY | O_APPEND | O_CREAT | O_NOFOLLOW, 0600); if (fd == -1) { warn("daylog_write: couldn't open '%s' for append", daylog_fn); return; } buf = str_make(); va_start(va, format); str_vappendf(buf, format, va); va_end(va); wr = str_write(buf, fd); if (wr == -1) warn("daylog_write: couldn't write to '%s'", daylog_fn); else if (wr != (ssize_t)str_len(buf)) warnx("daylog_write: truncated write to '%s': wrote %d of %d bytes", daylog_fn, (int)wr, (int)str_len(buf)); close(fd); str_free(buf); } static void daylog_emit(void) { daylog_write("%s|%qu|%qu|%qu|%qu|%qu\n", fmt_date(today_real), (qu)today_real, (qu)bytes_in, (qu)bytes_out, (qu)pkts_in, (qu)pkts_out); } void daylog_init(const char *filename) { daylog_fn = filename; today_real = now_real(); tomorrow_real = tomorrow(today_real); verbosef("today is %llu, tomorrow is %llu", (llu)today_real, (llu)tomorrow_real); bytes_in = bytes_out = pkts_in = pkts_out = 0; daylog_write("# logging started at %s (%qu)\n", fmt_date(today_real), (qu)today_real); } void daylog_free(void) { today_real = now_real(); daylog_emit(); /* Emit what's currently accumulated before we exit. */ daylog_write("# logging stopped at %s (%qu)\n", fmt_date(today_real), (qu)today_real); } void daylog_acct(uint64_t amount, enum graph_dir dir) { if (daylog_fn == NULL) return; /* daylogging disabled */ /* Check if we need to update the log. */ if (now_real() >= tomorrow_real) { daylog_emit(); today_real = now_real(); tomorrow_real = tomorrow(today_real); bytes_in = bytes_out = pkts_in = pkts_out = 0; verbosef("updated daylog, tomorrow = %llu", (llu)tomorrow_real); } /* Accounting. */ if (dir == GRAPH_IN) { bytes_in += amount; pkts_in++; } else { assert(dir == GRAPH_OUT); bytes_out += amount; pkts_out++; } } /* vim:set ts=3 sw=3 tw=78 et: */ darkstat-3.0.721/daylog.h000066400000000000000000000004341416753542100151420ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2007 Emil Mikulic. * * daylog.h: daily usage log */ #include "graph_db.h" /* for graph_dir */ void daylog_init(const char *filename); void daylog_free(void); void daylog_acct(uint64_t amount, enum graph_dir dir); /* vim:set ts=3 sw=3 tw=78 et: */ darkstat-3.0.721/db.c000066400000000000000000000211241416753542100142420ustar00rootroot00000000000000/* darkstat 3 * * db.c: load and save in-memory database from/to file * copyright (c) 2007-2012 Ben Stewart, Emil Mikulic. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #define _GNU_SOURCE 1 /* for O_NOFOLLOW in Linux */ #include #include /* for ntohs() and friends */ #include #include #include #include #include "err.h" #include "hosts_db.h" #include "graph_db.h" #include "db.h" static const unsigned char export_file_header[] = {0xDA, 0x31, 0x41, 0x59}; static const unsigned char export_tag_hosts_ver1[] = {0xDA, 'H', 'S', 0x01}; static const unsigned char export_tag_graph_ver1[] = {0xDA, 'G', 'R', 0x01}; #ifndef swap64 static uint64_t swap64(uint64_t _x) { /* this is __bswap64 from: * $FreeBSD: src/sys/i386/include/endian.h,v 1.41$ */ return ((_x >> 56) | ((_x >> 40) & 0xff00) | ((_x >> 24) & 0xff0000) | ((_x >> 8) & 0xff000000) | ((_x << 8) & ((uint64_t)0xff << 32)) | ((_x << 24) & ((uint64_t)0xff << 40)) | ((_x << 40) & ((uint64_t)0xff << 48)) | ((_x << 56))); } #endif #define ntoh64 hton64 static uint64_t hton64(const uint64_t ho) { if (ntohs(0x1234) == 0x1234) return ho; else return swap64(ho); } void test_64order(void) { static const char str[] = { 0x79,0x74,0x69,0x63,0x6b,0x72,0x65,0x6a }; uint64_t no, ho; assert(sizeof(no) == 8); memcpy(&no, str, 8); ho = ntoh64(no); assert(ho == 8751735851613054314ULL); assert(hton64(ntoh64(no)) == no); } /* --------------------------------------------------------------------------- * Read-from-file helpers. They all return 0 on failure, and 1 on success. */ unsigned int xtell(const int fd) { off_t ofs = lseek(fd, 0, SEEK_CUR); if (ofs == -1) err(1, "lseek(0, SEEK_CUR) failed"); return (unsigned int)ofs; } /* Read bytes from , warn() and return 0 on failure, * or return 1 for success. */ int readn(const int fd, void *dest, const size_t len) { ssize_t numread; numread = read(fd, dest, len); if (numread == (ssize_t)len) return 1; if (numread == -1) warn("at pos %u: couldn't read %d bytes", xtell(fd), (int)len); else warnx("at pos %u: tried to read %d bytes, got %d", xtell(fd), (int)len, (int)numread); return 0; } /* Read a byte. */ int read8(const int fd, uint8_t *dest) { assert(sizeof(*dest) == 1); return readn(fd, dest, sizeof(*dest)); } /* Read a byte and compare it to the expected data. * Returns 0 on failure or mismatch, 1 on success. */ int expect8(const int fd, uint8_t expecting) { uint8_t tmp; assert(sizeof(tmp) == 1); if (!readn(fd, &tmp, sizeof(tmp))) return 0; if (tmp == expecting) return 1; warnx("at pos %u: expecting 0x%02x, got 0x%02x", xtell(fd)-1, expecting, tmp); return 0; } /* Read a network order uint16_t from a file * and store it in host order in memory. */ int read16(const int fd, uint16_t *dest) { uint16_t tmp; assert(sizeof(tmp) == 2); if (!read(fd, &tmp, sizeof(tmp))) return 0; *dest = ntohs(tmp); return 1; } /* Read a network order uint32_t from a file * and store it in host order in memory. */ int read32(const int fd, uint32_t *dest) { uint32_t tmp; assert(sizeof(tmp) == 4); if (!read(fd, &tmp, sizeof(tmp))) return 0; *dest = ntohl(tmp); return 1; } /* Read an IPv4 addr from a file. This is for backward compatibility with * host records version 1 and 2. */ int readaddr_ipv4(const int fd, struct addr *dest) { dest->family = IPv4; return readn(fd, &(dest->ip.v4), sizeof(dest->ip.v4)); } /* Read a struct addr from a file. Addresses are always stored in network * order, both in the file and in the host's memory (FIXME: is that right?) */ int readaddr(const int fd, struct addr *dest) { unsigned char family; if (!read8(fd, &family)) return 0; if (family == 4) { dest->family = IPv4; return readn(fd, &(dest->ip.v4), sizeof(dest->ip.v4)); } else if (family == 6) { dest->family = IPv6; return readn(fd, dest->ip.v6.s6_addr, sizeof(dest->ip.v6.s6_addr)); } else return 0; /* no address family I ever heard of */ } /* Read a network order uint64_t from a file * and store it in host order in memory. */ int read64(const int fd, uint64_t *dest) { uint64_t tmp; assert(sizeof(tmp) == 8); if (!read(fd, &tmp, sizeof(tmp))) return 0; *dest = ntoh64(tmp); return 1; } /* --------------------------------------------------------------------------- * Write-to-file helpers. They all return 0 on failure, and 1 on success. */ /* Write bytes to , warn() and return 0 on failure, * or return 1 for success. */ int writen(const int fd, const void *dest, const size_t len) { ssize_t numwr; numwr = write(fd, dest, len); if (numwr == (ssize_t)len) return 1; if (numwr == -1) warn("couldn't write %d bytes", (int)len); else warnx("tried to write %d bytes but wrote %d", (int)len, (int)numwr); return 0; } int write8(const int fd, const uint8_t i) { assert(sizeof(i) == 1); return writen(fd, &i, sizeof(i)); } /* Given a uint16_t in host order, write it to a file in network order. */ int write16(const int fd, const uint16_t i) { uint16_t tmp = htons(i); assert(sizeof(tmp) == 2); return writen(fd, &tmp, sizeof(tmp)); } /* Given a uint32_t in host order, write it to a file in network order. */ int write32(const int fd, const uint32_t i) { uint32_t tmp = htonl(i); assert(sizeof(tmp) == 4); return writen(fd, &tmp, sizeof(tmp)); } /* Given a uint64_t in host order, write it to a file in network order. */ int write64(const int fd, const uint64_t i) { uint64_t tmp = hton64(i); assert(sizeof(tmp) == 8); return writen(fd, &tmp, sizeof(tmp)); } /* Write the active address part in a struct addr to a file. * Addresses are always stored in network order, both in the file and * in the host's memory (FIXME: is that right?) */ int writeaddr(const int fd, const struct addr *const a) { if (!write8(fd, a->family)) return 0; if (a->family == IPv4) return writen(fd, &(a->ip.v4), sizeof(a->ip.v4)); else { assert(a->family == IPv6); return writen(fd, a->ip.v6.s6_addr, sizeof(a->ip.v6.s6_addr)); } } /* --------------------------------------------------------------------------- * db import/export code follows. */ /* Check that the global file header is correct / supported. */ int read_file_header(const int fd, const uint8_t expected[4]) { uint8_t got[4]; if (!readn(fd, got, sizeof(got))) return 0; /* Check the header data */ if (memcmp(got, expected, sizeof(got)) != 0) { warnx("bad header: " "expecting %02x%02x%02x%02x, got %02x%02x%02x%02x", expected[0], expected[1], expected[2], expected[3], got[0], got[1], got[2], got[3]); return 0; } return 1; } /* Returns 0 on failure, 1 on success. */ static int db_import_from_fd(const int fd) { if (!read_file_header(fd, export_file_header)) return 0; if (!read_file_header(fd, export_tag_hosts_ver1)) return 0; if (!hosts_db_import(fd)) return 0; if (!read_file_header(fd, export_tag_graph_ver1)) return 0; if (!graph_import(fd)) return 0; return 1; } void db_import(const char *filename) { int fd = open(filename, O_RDONLY | O_NOFOLLOW); if (fd == -1) { warn("can't import from \"%s\"", filename); return; } if (!db_import_from_fd(fd)) { warnx("import failed"); /* don't stay in an inconsistent state: */ hosts_db_reset(); graph_reset(); } close(fd); } /* Returns 0 on failure, 1 on success. */ static int db_export_to_fd(const int fd) { if (!writen(fd, export_file_header, sizeof(export_file_header))) return 0; if (!writen(fd, export_tag_hosts_ver1, sizeof(export_tag_hosts_ver1))) return 0; if (!hosts_db_export(fd)) return 0; if (!writen(fd, export_tag_graph_ver1, sizeof(export_tag_graph_ver1))) return 0; if (!graph_export(fd)) return 0; return 1; } void db_export(const char *filename) { int fd = open(filename, O_WRONLY | O_CREAT | O_NOFOLLOW | O_TRUNC, 0600); if (fd == -1) { warn("can't export to \"%s\"", filename); return; } verbosef("exporting db to file \"%s\"", filename); if (!db_export_to_fd(fd)) warnx("export failed"); else verbosef("export successful"); /* FIXME: should write to another filename and use the rename() syscall to * atomically update the output file on success */ close(fd); } /* vim:set ts=3 sw=3 tw=78 et: */ darkstat-3.0.721/db.h000066400000000000000000000022121416753542100142440ustar00rootroot00000000000000/* darkstat 3 * * db.h: load and save in-memory database from/to file * copyright (c) 2007-2012 Ben Stewart, Emil Mikulic. */ #include /* for size_t */ #include /* for uint64_t */ struct addr; void db_import(const char *filename); void db_export(const char *filename); void test_64order(void); /* read helpers */ unsigned int xtell(const int fd); int readn(const int fd, void *dest, const size_t len); int read8(const int fd, uint8_t *dest); int expect8(const int fd, uint8_t expecting); int read16(const int fd, uint16_t *dest); int read32(const int fd, uint32_t *dest); int read64(const int fd, uint64_t *dest); int readaddr_ipv4(const int fd, struct addr *dest); int readaddr(const int fd, struct addr *dest); int read_file_header(const int fd, const uint8_t expected[4]); /* write helpers */ int writen(const int fd, const void *dest, const size_t len); int write8(const int fd, const uint8_t i); int write16(const int fd, const uint16_t i); int write32(const int fd, const uint32_t i); int write64(const int fd, const uint64_t i); int writeaddr(const int fd, const struct addr *const a); /* vim:set ts=3 sw=3 tw=78 et: */ darkstat-3.0.721/decode.c000066400000000000000000000263531416753542100151110ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * decode.c: packet decoding. * * Given a captured packet, decode it and fill out a pktsummary struct which * will be sent to the accounting code in acct.c * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "cdefs.h" #include "decode.h" #include "err.h" #include "opt.h" #include #include #include #include #include #include #include /* inet_ntoa() */ #include /* struct ifreq */ /* need struct ether_header */ #ifdef __NetBSD__ /* works for NetBSD 5.1.2 */ # include #else # ifdef __OpenBSD__ # include # include # include # else # ifdef __sun # include # define ETHER_HDR_LEN 14 # else # ifdef _AIX # include # define ETHER_HDR_LEN 14 # else # include # endif # endif # endif #endif #ifndef ETHERTYPE_PPPOE # define ETHERTYPE_PPPOE 0x8864 #endif #ifndef ETHERTYPE_IPV6 # define ETHERTYPE_IPV6 0x86DD #endif #include /* n_long */ #include /* struct ip */ #include /* struct ip6_hdr */ #define __FAVOR_BSD #include /* struct tcphdr */ #include /* struct udphdr */ #define PPP_HDR_LEN 4 #define FDDI_HDR_LEN 21 #define IP_HDR_LEN sizeof(struct ip) #define IPV6_HDR_LEN sizeof(struct ip6_hdr) #define TCP_HDR_LEN sizeof(struct tcphdr) #define UDP_HDR_LEN sizeof(struct udphdr) #define NULL_HDR_LEN 4 #define SLL_HDR_LEN 16 #define RAW_HDR_LEN 0 #ifndef IPV6_VERSION # define IPV6_VERSION 0x60 #endif #ifndef IPV6_VERSION_MASK # define IPV6_VERSION_MASK 0xF0 #endif static int decode_ether(DECODER_ARGS); static int decode_loop(DECODER_ARGS); static int decode_null(DECODER_ARGS); static int decode_ppp(DECODER_ARGS); static int decode_pppoe(DECODER_ARGS); #ifdef DLT_LINUX_SLL static int decode_linux_sll(DECODER_ARGS); #endif static int decode_raw(DECODER_ARGS); #define HELPER_ARGS const u_char *pdata, \ const uint32_t len, \ struct pktsummary *sm static int helper_pppoe(HELPER_ARGS); static int helper_ip(HELPER_ARGS); static int helper_ipv6(HELPER_ARGS); static void helper_ip_deeper(HELPER_ARGS); /* protocols like TCP/UDP */ /* Link-type header information */ static const struct linkhdr linkhdrs[] = { /* linktype hdrlen handler */ { DLT_EN10MB, ETHER_HDR_LEN, decode_ether }, { DLT_LOOP, NULL_HDR_LEN, decode_loop }, { DLT_NULL, NULL_HDR_LEN, decode_null }, { DLT_PPP, PPP_HDR_LEN, decode_ppp }, #if defined(__NetBSD__) { DLT_PPP_SERIAL, PPP_HDR_LEN, decode_ppp }, #endif { DLT_FDDI, FDDI_HDR_LEN, NULL }, { DLT_PPP_ETHER, PPPOE_HDR_LEN, decode_pppoe }, #ifdef DLT_LINUX_SLL { DLT_LINUX_SLL, SLL_HDR_LEN, decode_linux_sll }, #endif { DLT_RAW, RAW_HDR_LEN, decode_raw }, { -1, 0, NULL } }; /* Returns a pointer to the linkhdr record matching the given linktype, or * NULL if no matching entry found. */ const struct linkhdr *getlinkhdr(const int linktype) { size_t i; for (i=0; linkhdrs[i].linktype != -1; i++) if (linkhdrs[i].linktype == linktype) return (&(linkhdrs[i])); return NULL; } /* Returns the minimum snaplen needed to decode everything up to and including * the TCP/UDP packet headers. */ int getsnaplen(const struct linkhdr *lh) { return (int)(lh->hdrlen + IPV6_HDR_LEN + MAX(TCP_HDR_LEN, UDP_HDR_LEN)); } static int decode_ether(DECODER_ARGS) { u_short type; const struct ether_header *hdr = (const struct ether_header *)pdata; if (pheader->caplen < ETHER_HDR_LEN) { verbosef("ether: packet too short (%u bytes)", pheader->caplen); return 0; } #ifdef __sun memcpy(sm->src_mac, hdr->ether_shost.ether_addr_octet, sizeof(sm->src_mac)); memcpy(sm->dst_mac, hdr->ether_dhost.ether_addr_octet, sizeof(sm->dst_mac)); #else memcpy(sm->src_mac, hdr->ether_shost, sizeof(sm->src_mac)); memcpy(sm->dst_mac, hdr->ether_dhost, sizeof(sm->dst_mac)); #endif type = ntohs(hdr->ether_type); switch (type) { case ETHERTYPE_IP: case ETHERTYPE_IPV6: if (!opt_want_pppoe) return helper_ip(pdata + ETHER_HDR_LEN, pheader->caplen - ETHER_HDR_LEN, sm); verbosef("ether: discarded IP packet, expecting PPPoE instead"); return 0; case ETHERTYPE_PPPOE: if (opt_want_pppoe) return helper_pppoe(pdata + ETHER_HDR_LEN, pheader->caplen - ETHER_HDR_LEN, sm); verbosef("ether: got PPPoE frame: maybe you want --pppoe"); return 0; case ETHERTYPE_ARP: /* known protocol, don't complain about it. */ return 0; default: verbosef("ether: unknown protocol (0x%04x)", type); return 0; } } /* Very similar to decode_null, except on OpenBSD we need to think * about family endianness. */ static int decode_loop(DECODER_ARGS) { uint32_t family; if (pheader->caplen < NULL_HDR_LEN) { verbosef("loop: packet too short (%u bytes)", pheader->caplen); return 0; } family = *(const uint32_t *)pdata; #ifdef __OpenBSD__ family = ntohl(family); #endif if (family == AF_INET) return helper_ip(pdata + NULL_HDR_LEN, pheader->caplen - NULL_HDR_LEN, sm); if (family == AF_INET6) return helper_ipv6(pdata + NULL_HDR_LEN, pheader->caplen - NULL_HDR_LEN, sm); verbosef("loop: unknown family (0x%04x)", family); return 0; } static int decode_null(DECODER_ARGS) { uint32_t family; if (pheader->caplen < NULL_HDR_LEN) { verbosef("null: packet too short (%u bytes)", pheader->caplen); return 0; } family = *(const uint32_t *)pdata; if (family == AF_INET) return helper_ip(pdata + NULL_HDR_LEN, pheader->caplen - NULL_HDR_LEN, sm); if (family == AF_INET6) return helper_ipv6(pdata + NULL_HDR_LEN, pheader->caplen - NULL_HDR_LEN, sm); verbosef("null: unknown family (0x%04x)", family); return 0; } static int decode_ppp(DECODER_ARGS) { if (pheader->caplen < PPPOE_HDR_LEN) { verbosef("ppp: packet too short (%u bytes)", pheader->caplen); return 0; } if (pdata[2] == 0x00 && pdata[3] == 0x21) return helper_ip(pdata + PPP_HDR_LEN, pheader->caplen - PPP_HDR_LEN, sm); verbosef("ppp: non-IP PPP packet; ignoring."); return 0; } static int decode_pppoe(DECODER_ARGS) { return helper_pppoe(pdata, pheader->caplen, sm); } #ifdef DLT_LINUX_SLL /* very similar to decode_ether ... */ static int decode_linux_sll(DECODER_ARGS) { const struct sll_header { uint16_t packet_type; uint16_t device_type; uint16_t addr_length; #define SLL_MAX_ADDRLEN 8 uint8_t addr[SLL_MAX_ADDRLEN]; uint16_t ether_type; } *hdr = (const struct sll_header *)pdata; u_short type; if (pheader->caplen < SLL_HDR_LEN) { verbosef("linux_sll: packet too short (%u bytes)", pheader->caplen); return 0; } type = ntohs(hdr->ether_type); switch (type) { case ETHERTYPE_IP: case ETHERTYPE_IPV6: return helper_ip(pdata + SLL_HDR_LEN, pheader->caplen - SLL_HDR_LEN, sm); case ETHERTYPE_ARP: /* known protocol, don't complain about it. */ return 0; default: verbosef("linux_sll: unknown protocol (0x%04x)", type); return 0; } } #endif /* DLT_LINUX_SLL */ static int decode_raw(DECODER_ARGS) { return helper_ip(pdata, pheader->caplen, sm); } static int helper_pppoe(HELPER_ARGS) { if (len < PPPOE_HDR_LEN) { verbosef("pppoe: packet too short (%u bytes)", len); return 0; } if (pdata[1] != 0x00) { verbosef("pppoe: code = 0x%02x, expecting 0; ignoring.", pdata[1]); return 0; } if ((pdata[6] == 0xc0) && (pdata[7] == 0x21)) return 0; /* LCP */ if ((pdata[6] == 0xc0) && (pdata[7] == 0x25)) return 0; /* LQR */ if ((pdata[6] == 0x00) && (pdata[7] == 0x21)) return helper_ip(pdata + PPPOE_HDR_LEN, len - PPPOE_HDR_LEN, sm); verbosef("pppoe: ignoring non-IP PPPoE packet (0x%02x%02x)", pdata[6], pdata[7]); return 0; } static int helper_ip(HELPER_ARGS) { const struct ip *hdr = (const struct ip *)pdata; if (len < IP_HDR_LEN) { verbosef("ip: packet too short (%u bytes)", len); return 0; } if (hdr->ip_v == 6) { return helper_ipv6(pdata, len, sm); } if (hdr->ip_v != 4) { verbosef("ip: version %d (expecting 4 or 6)", hdr->ip_v); return 0; } sm->len = ntohs(hdr->ip_len); sm->proto = hdr->ip_p; sm->src.family = IPv4; sm->src.ip.v4 = hdr->ip_src.s_addr; sm->dst.family = IPv4; sm->dst.ip.v4 = hdr->ip_dst.s_addr; helper_ip_deeper(pdata + IP_HDR_LEN, len - IP_HDR_LEN, sm); return 1; } static int helper_ipv6(HELPER_ARGS) { const struct ip6_hdr *hdr = (const struct ip6_hdr *)pdata; if (len < IPV6_HDR_LEN) { verbosef("ipv6: packet too short (%u bytes)", len); return 0; } if ((hdr->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) { verbosef("ipv6: bad version (%02x, expecting %02x)", hdr->ip6_vfc & IPV6_VERSION_MASK, IPV6_VERSION); return 0; } /* IPv4 has "total length," but IPv6 has "payload length" which doesn't * count the header bytes. */ sm->len = ntohs(hdr->ip6_plen) + IPV6_HDR_LEN; sm->proto = hdr->ip6_nxt; sm->src.family = IPv6; memcpy(&sm->src.ip.v6, &hdr->ip6_src, sizeof(sm->src.ip.v6)); sm->dst.family = IPv6; memcpy(&sm->dst.ip.v6, &hdr->ip6_dst, sizeof(sm->dst.ip.v6)); helper_ip_deeper(pdata + IPV6_HDR_LEN, len - IPV6_HDR_LEN, sm); return 1; } static void helper_ip_deeper(HELPER_ARGS) { /* At this stage we have IP addresses so we can do host accounting. * * If proto decode fails, we set IPPROTO_INVALID to skip accounting of port * numbers. * * We don't need to "return 0" like other helpers. */ switch (sm->proto) { case IPPROTO_TCP: { const struct tcphdr *thdr = (const struct tcphdr *)pdata; if (len < TCP_HDR_LEN) { verbosef("tcp: packet too short (%u bytes)", len); sm->proto = IPPROTO_INVALID; /* don't do accounting! */ return; } sm->src_port = ntohs(thdr->th_sport); sm->dst_port = ntohs(thdr->th_dport); sm->tcp_flags = thdr->th_flags & (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG); return; } case IPPROTO_UDP: { const struct udphdr *uhdr = (const struct udphdr *)pdata; if (len < UDP_HDR_LEN) { verbosef("udp: packet too short (%u bytes)", len); sm->proto = IPPROTO_INVALID; /* don't do accounting! */ return; } sm->src_port = ntohs(uhdr->uh_sport); sm->dst_port = ntohs(uhdr->uh_dport); return; } } } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/decode.h000066400000000000000000000030261416753542100151060ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * decode.h: packet decoding. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #ifndef __DARKSTAT_DECODE_H #define __DARKSTAT_DECODE_H #include "addr.h" #ifndef ETHER_ADDR_LEN # define ETHER_ADDR_LEN 6 #endif #define IPPROTO_INVALID 254 /* special: means don't do proto accounting */ #ifndef IPPROTO_OSPF # define IPPROTO_OSPF 89 #endif #define PPPOE_HDR_LEN 8 /* Decoding creates a summary which is passed to accounting. */ struct pktsummary { /* Fields are in host byte order (except IPs) */ struct addr src, dst; uint16_t len; uint8_t proto; /* IPPROTO_INVALID means don't do proto accounting */ uint8_t tcp_flags; /* only for TCP */ uint16_t src_port, dst_port; /* only for TCP, UDP */ uint8_t src_mac[ETHER_ADDR_LEN], /* only for Ethernet */ dst_mac[ETHER_ADDR_LEN]; /* only for Ethernet */ }; struct pcap_pkthdr; /* from pcap.h */ #define DECODER_ARGS const struct pcap_pkthdr *pheader, \ const u_char *pdata, \ struct pktsummary *sm /* Returns 0 on decode failure (meaning accounting should not be performed) */ typedef int (decoder_fn)(DECODER_ARGS); struct linkhdr { int linktype; unsigned int hdrlen; decoder_fn *decoder; }; const struct linkhdr *getlinkhdr(const int linktype); int getsnaplen(const struct linkhdr *lh); #endif /* __DARKSTAT_DECODE_H */ /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/dev_all.c000066400000000000000000000012561416753542100152670ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2014 Emil Mikulic. * * dev_all.c: a single compilation unit of all darkstat code. * Useful for static analysis. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "acct.c" #include "addr.c" #include "bsd.c" #include "cap.c" #include "conv.c" #include "daylog.c" #include "db.c" #include "decode.c" #include "dns.c" #include "err.c" #include "graph_db.c" #include "hosts_db.c" #include "hosts_sort.c" #include "html.c" #include "http.c" #include "localip.c" #include "ncache.c" #include "now.c" #include "pidfile.c" #include "str.c" #include "darkstat.c" darkstat-3.0.721/dev_analyze.sh000077500000000000000000000032461416753542100163560ustar00rootroot00000000000000#!/bin/bash -x # # Run the clang static analyzer. # time $HOME/llvm/install/bin/scan-build \ -analyze-headers \ \ -enable-checker alpha.core.BoolAssignment \ -enable-checker alpha.core.CallAndMessageUnInitRefArg \ -enable-checker alpha.core.CastSize \ -enable-checker alpha.core.CastToStruct \ -enable-checker alpha.core.DynamicTypeChecker \ -enable-checker alpha.core.FixedAddr \ -enable-checker alpha.core.IdenticalExpr \ -enable-checker alpha.core.PointerArithm \ -enable-checker alpha.core.PointerSub \ -enable-checker alpha.core.SizeofPtr \ -enable-checker alpha.core.TestAfterDivZero \ -enable-checker alpha.cplusplus.VirtualCall \ -enable-checker alpha.deadcode.UnreachableCode \ -enable-checker alpha.security.ArrayBound \ -enable-checker alpha.security.ArrayBoundV2 \ -enable-checker alpha.security.MallocOverflow \ -enable-checker alpha.security.ReturnPtrRange \ -enable-checker alpha.security.taint.TaintPropagation \ -enable-checker alpha.unix.Chroot \ -enable-checker alpha.unix.PthreadLock \ -enable-checker alpha.unix.SimpleStream \ -enable-checker alpha.unix.Stream \ -enable-checker alpha.unix.cstring.BufferOverlap \ -enable-checker alpha.unix.cstring.NotNullTerminated \ -enable-checker alpha.unix.cstring.OutOfBounds \ -enable-checker llvm.Conventions \ -enable-checker nullability.NullableDereferenced \ -enable-checker nullability.NullablePassedToNonnull \ -enable-checker nullability.NullablePassedToNonnull \ -enable-checker optin.performance.Padding \ -enable-checker security.FloatLoopCounter \ -enable-checker security.insecureAPI.rand \ -enable-checker security.insecureAPI.strcpy \ \ '$CC -c dev_all.c' darkstat-3.0.721/dev_clang_warns.sh000077500000000000000000000005001416753542100171770ustar00rootroot00000000000000#!/bin/sh -x # # Build with lots of Clang warnings enabled. # TARGET=dev_all.c # Adjust to suit: LLVM=$HOME/llvm CLANG=$LLVM/install/bin/clang $CLANG -Weverything -Wno-padded -Wno-format-non-iso -Wno-cast-align \ -Wno-disabled-macro-expansion -Wno-used-but-marked-unused \ -Wno-reserved-id-macro \ -O -c $TARGET darkstat-3.0.721/dev_gcc_warns.sh000077500000000000000000000002221416753542100166500ustar00rootroot00000000000000#!/bin/sh -x # # Build with lots of GCC warnings enabled. # TARGET=dev_all.c gcc -O -c -fstrict-aliasing --all-warnings --extra-warnings $TARGET darkstat-3.0.721/dns.c000066400000000000000000000254071416753542100144510ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * dns.c: synchronous DNS in a child process. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "cdefs.h" #include "cap.h" #include "conv.h" #include "decode.h" #include "dns.h" #include "err.h" #include "hosts_db.h" #include "queue.h" #include "str.h" #include "tree.h" #include "bsd.h" /* for setproctitle, strlcpy */ #include #include #include #include #include #include #include #include #include #include #ifdef __NetBSD__ # define gethostbyaddr(addr, len, type) \ gethostbyaddr((const char *)(addr), len, type) #endif static void dns_main(void) _noreturn_; /* the child process runs this */ #define CHILD 0 /* child process uses this socket */ #define PARENT 1 static int dns_sock[2]; static pid_t pid = -1; struct dns_reply { struct addr addr; int error; /* for gai_strerror(), or 0 if no error */ char name[256]; /* http://tools.ietf.org/html/rfc1034#section-3.1 */ }; void dns_init(const char *privdrop_user) { if (socketpair(AF_UNIX, SOCK_STREAM, 0, dns_sock) == -1) err(1, "socketpair"); pid = fork(); if (pid == -1) err(1, "fork"); if (pid == 0) { /* We are the child. */ privdrop(NULL /* don't chroot */, privdrop_user); close(dns_sock[PARENT]); dns_sock[PARENT] = -1; daemonize_finish(); /* drop our copy of the lifeline! */ if (signal(SIGUSR1, SIG_IGN) == SIG_ERR) errx(1, "signal(SIGUSR1, ignore) failed"); cap_free_args(); dns_main(); } else { /* We are the parent. */ close(dns_sock[CHILD]); dns_sock[CHILD] = -1; fd_set_nonblock(dns_sock[PARENT]); verbosef("DNS child has PID %d", pid); } } void dns_stop(void) { if (pid == -1) return; /* no child was started */ close(dns_sock[PARENT]); if (kill(pid, SIGINT) == -1) err(1, "kill"); verbosef("dns_stop() waiting for child"); if (waitpid(pid, NULL, 0) == -1) err(1, "waitpid"); verbosef("dns_stop() done waiting for child"); } struct tree_rec { RB_ENTRY(tree_rec) ptree; struct addr ip; }; static int tree_cmp(struct tree_rec *a, struct tree_rec *b) { if (a->ip.family != b->ip.family) /* Sort IPv4 to the left of IPv6. */ return ((a->ip.family == IPv4) ? -1 : +1); if (a->ip.family == IPv4) return (memcmp(&a->ip.ip.v4, &b->ip.ip.v4, sizeof(a->ip.ip.v4))); else { assert(a->ip.family == IPv6); return (memcmp(&a->ip.ip.v6, &b->ip.ip.v6, sizeof(a->ip.ip.v6))); } } static RB_HEAD(tree_t, tree_rec) ip_tree = RB_INITIALIZER(&tree_rec); RB_GENERATE_STATIC(tree_t, tree_rec, ptree, tree_cmp) void dns_queue(const struct addr *const ipaddr) { struct tree_rec *rec; ssize_t num_w; if (pid == -1) return; /* no child was started - we're not doing any DNS */ if ((ipaddr->family != IPv4) && (ipaddr->family != IPv6)) { verbosef("dns_queue() for unknown family %d", ipaddr->family); return; } rec = xmalloc(sizeof(*rec)); memcpy(&rec->ip, ipaddr, sizeof(rec->ip)); if (RB_INSERT(tree_t, &ip_tree, rec) != NULL) { /* Already queued - this happens seldom enough that we don't care about * the performance hit of needlessly malloc()ing. */ verbosef("already queued %s", addr_to_str(ipaddr)); free(rec); return; } num_w = write(dns_sock[PARENT], ipaddr, sizeof(*ipaddr)); /* won't block */ if (num_w == 0) warnx("dns_queue: write: ignoring end of file"); else if (num_w == -1) warn("dns_queue: ignoring write error"); else if (num_w != sizeof(*ipaddr)) err(1, "dns_queue: wrote %zu instead of %zu", num_w, sizeof(*ipaddr)); } static void dns_unqueue(const struct addr *const ipaddr) { struct tree_rec tmp, *rec; memcpy(&tmp.ip, ipaddr, sizeof(tmp.ip)); if ((rec = RB_FIND(tree_t, &ip_tree, &tmp)) != NULL) { RB_REMOVE(tree_t, &ip_tree, rec); free(rec); } else verbosef("couldn't unqueue %s - not in queue!", addr_to_str(ipaddr)); } /* * Returns non-zero if result waiting, stores IP and name into given pointers * (name buffer is allocated by dns_poll) */ static int dns_get_result(struct addr *ipaddr, char **name) { struct dns_reply reply; ssize_t numread; numread = read(dns_sock[PARENT], &reply, sizeof(reply)); if (numread == -1) { if (errno == EAGAIN) return (0); /* no input waiting */ else goto error; } if (numread == 0) goto error; /* EOF */ if (numread != sizeof(reply)) errx(1, "dns_get_result read got %zu, expected %zu", numread, sizeof(reply)); /* Return successful reply. */ memcpy(ipaddr, &reply.addr, sizeof(*ipaddr)); if (reply.error != 0) { /* Identify common special cases. */ const char *type = "none"; if (reply.addr.family == IPv6) { if (IN6_IS_ADDR_LINKLOCAL(&reply.addr.ip.v6)) type = "link-local"; else if (IN6_IS_ADDR_SITELOCAL(&reply.addr.ip.v6)) type = "site-local"; else if (IN6_IS_ADDR_MULTICAST(&reply.addr.ip.v6)) type = "multicast"; } else { assert(reply.addr.family == IPv4); if (IN_MULTICAST(htonl(reply.addr.ip.v4))) type = "multicast"; } xasprintf(name, "(%s)", type); } else /* Correctly resolved name. */ *name = xstrdup(reply.name); dns_unqueue(&reply.addr); return (1); error: warn("dns_get_result: ignoring read error"); /* FIXME: re-align to stream? restart dns child? */ return (0); } void dns_poll(void) { struct addr ip; char *name; if (pid == -1) return; /* no child was started - we're not doing any DNS */ while (dns_get_result(&ip, &name)) { /* push into hosts_db */ struct bucket *b = host_find(&ip); if (b == NULL) { verbosef("resolved %s to %s but it's not in the DB!", addr_to_str(&ip), name); return; } if (b->u.host.dns != NULL) { verbosef("resolved %s to %s but it's already in the DB!", addr_to_str(&ip), name); return; } b->u.host.dns = name; } } /* ------------------------------------------------------------------------ */ struct qitem { STAILQ_ENTRY(qitem) entries; struct addr ip; }; static STAILQ_HEAD(qhead, qitem) queue = STAILQ_HEAD_INITIALIZER(queue); static void enqueue(const struct addr *const ip) { struct qitem *i; i = xmalloc(sizeof(*i)); memcpy(&i->ip, ip, sizeof(i->ip)); STAILQ_INSERT_TAIL(&queue, i, entries); verbosef("DNS: enqueued %s", addr_to_str(ip)); } /* Return non-zero and populate pointer if queue isn't empty. */ static int dequeue(struct addr *ip) { struct qitem *i; i = STAILQ_FIRST(&queue); if (i == NULL) return (0); STAILQ_REMOVE_HEAD(&queue, entries); memcpy(ip, &i->ip, sizeof(*ip)); free(i); verbosef("DNS: dequeued %s", addr_to_str(ip)); return 1; } static void xwrite(const int d, const void *buf, const size_t nbytes) { ssize_t ret = write(d, buf, nbytes); if (ret == -1) err(1, "write"); if (ret != (ssize_t)nbytes) err(1, "wrote %d bytes instead of all %d bytes", (int)ret, (int)nbytes); } static void dns_main(void) { struct addr ip; setproctitle("DNS child"); fd_set_nonblock(dns_sock[CHILD]); verbosef("DNS child entering main DNS loop"); for (;;) { int blocking; if (STAILQ_EMPTY(&queue)) { blocking = 1; fd_set_block(dns_sock[CHILD]); verbosef("entering blocking read loop"); } else { blocking = 0; fd_set_nonblock(dns_sock[CHILD]); verbosef("non-blocking poll"); } for (;;) { /* While we have input to process... */ ssize_t numread = read(dns_sock[CHILD], &ip, sizeof(ip)); if (numread == 0) exit(0); /* end of file, nothing more to do here. */ if (numread == -1) { if (!blocking && (errno == EAGAIN)) break; /* ran out of input */ /* else error */ err(1, "DNS: read failed"); } if (numread != sizeof(ip)) err(1, "DNS: read got %zu bytes, expecting %zu", numread, sizeof(ip)); enqueue(&ip); if (blocking) { /* After one blocking read, become non-blocking so that when we * run out of input we fall through to queue processing. */ blocking = 0; fd_set_nonblock(dns_sock[CHILD]); } } /* Process queue. */ if (dequeue(&ip)) { struct dns_reply reply; struct sockaddr_in sin; struct sockaddr_in6 sin6; struct hostent *he; char host[NI_MAXHOST]; int ret, flags; reply.addr = ip; flags = NI_NAMEREQD; # ifdef NI_IDN flags |= NI_IDN; # endif switch (ip.family) { case IPv4: sin.sin_family = AF_INET; sin.sin_addr.s_addr = ip.ip.v4; ret = getnameinfo((struct sockaddr *) &sin, sizeof(sin), host, sizeof(host), NULL, 0, flags); if (ret == EAI_FAMILY) { verbosef("getnameinfo error %s, trying gethostbyname", gai_strerror(ret)); he = gethostbyaddr(&sin.sin_addr.s_addr, sizeof(sin.sin_addr.s_addr), sin.sin_family); if (he == NULL) { ret = EAI_FAIL; verbosef("gethostbyname error %s", hstrerror(h_errno)); } else { ret = 0; strlcpy(host, he->h_name, sizeof(host)); } } break; case IPv6: sin6.sin6_family = AF_INET6; memcpy(&sin6.sin6_addr, &ip.ip.v6, sizeof(sin6.sin6_addr)); ret = getnameinfo((struct sockaddr *) &sin6, sizeof(sin6), host, sizeof(host), NULL, 0, flags); break; default: errx(1, "unexpected ip.family = %d", ip.family); } if (ret != 0) { reply.name[0] = '\0'; reply.error = ret; } else { assert(sizeof(reply.name) > sizeof(char *)); /* not just a ptr */ strlcpy(reply.name, host, sizeof(reply.name)); reply.error = 0; } fd_set_block(dns_sock[CHILD]); xwrite(dns_sock[CHILD], &reply, sizeof(reply)); verbosef("DNS: %s is \"%s\".", addr_to_str(&reply.addr), (ret == 0) ? reply.name : gai_strerror(ret)); } } } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/dns.h000066400000000000000000000006611416753542100144510ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2011 Emil Mikulic. * * dns.h: synchronous DNS in a child process. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ struct addr; void dns_init(const char *privdrop_user); void dns_stop(void); void dns_queue(const struct addr *const ipaddr); void dns_poll(void); /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/err.c000066400000000000000000000105601416753542100144470ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * err.c: BSD-like err() and warn() functions * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "cdefs.h" #include "err.h" #include "opt.h" #include "pidfile.h" #include "bsd.h" /* for strlcpy */ #include #include #include #include #include #include #include static void to_syslog(const char *type, const int want_err, const char *format, va_list va) _printflike_(3, 0); static void to_syslog(const char *type, const int want_err, const char *format, va_list va) { char buf[512]; size_t pos = 0; int saved_errno = errno; if (type != NULL) { strlcpy(buf, type, sizeof(buf)); pos = strlen(buf); } vsnprintf(buf+pos, sizeof(buf)-pos, format, va); if (want_err) { strlcat(buf, ": ", sizeof(buf)); strlcat(buf, strerror(saved_errno), sizeof(buf)); } syslog(LOG_DEBUG, "%s", buf); } void err(const int code, const char *format, ...) { va_list va; va_start(va, format); if (opt_want_syslog) to_syslog("ERROR: ", 1, format, va); else { fprintf(stderr, "%5d: error: ", (int)getpid()); vfprintf(stderr, format, va); fprintf(stderr, ": %s\n", strerror(errno)); } va_end(va); pidfile_unlink(); exit(code); } void errx(const int code, const char *format, ...) { va_list va; va_start(va, format); if (opt_want_syslog) to_syslog("ERROR: ", 0, format, va); else { fprintf(stderr, "%5d: error: ", (int)getpid()); vfprintf(stderr, format, va); fprintf(stderr, "\n"); } va_end(va); pidfile_unlink(); exit(code); } void warn(const char *format, ...) { va_list va; va_start(va, format); if (opt_want_syslog) to_syslog("WARNING: ", 1, format, va); else { fprintf(stderr, "%5d: warning: ", (int)getpid()); vfprintf(stderr, format, va); fprintf(stderr, ": %s\n", strerror(errno)); } va_end(va); } void warnx(const char *format, ...) { va_list va; va_start(va, format); if (opt_want_syslog) to_syslog("WARNING: ", 0, format, va); else { fprintf(stderr, "%5d: warning: ", (int)getpid()); vfprintf(stderr, format, va); fprintf(stderr, "\n"); } va_end(va); } /* We interlock verbosef() between processes by using a pipe with a single * byte in it. This pipe must be initialized before the first fork() in order * to work. Then, verbosef() will block on a read() until it is able to * retrieve the byte. After doing its business, it will put a byte back into * the pipe. * * This is completely silly and largely unnecessary. */ static int inited = 0; static int lockpipe[2]; static void unlock(void); static void initlock(void) { if (pipe(lockpipe) == -1) err(1, "pipe(lockpipe)"); inited = 1; unlock(); } static void lock(void) { char buf[1]; if (!inited) initlock(); if (read(lockpipe[0], buf, 1) != 1) { fprintf(stderr, "lock failed!\n"); pidfile_unlink(); exit(1); } } static void unlock(void) { char c = 0; if (write(lockpipe[1], &c, 1) != 1) { fprintf(stderr, "unlock failed!\n"); pidfile_unlink(); exit(1); } } void verbosef(const char *format, ...) { va_list va; if (!opt_want_verbose) return; va_start(va, format); if (opt_want_syslog) to_syslog(NULL, 0, format, va); else { lock(); fprintf(stderr, "darkstat (%05d): ", (int)getpid()); vfprintf(stderr, format, va); fprintf(stderr, "\n"); unlock(); } va_end(va); } void dverbosef(const char *format _unused_, ...) { /* disabled / do-nothing verbosef */ } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/err.h000066400000000000000000000024321416753542100144530ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * err.h: BSD-like err() and warn() functions * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "cdefs.h" void err(const int code, const char *format, ...) _noreturn_ _printflike_(2, 3); void errx(const int code, const char *format, ...) _noreturn_ _printflike_(2, 3); void warn(const char *format, ...) _printflike_(1, 2); void warnx(const char *format, ...) _printflike_(1, 2); void verbosef(const char *format, ...) _printflike_(1, 2); void dverbosef(const char *format _unused_, ...) _printflike_(1, 2); /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/export-format.txt000066400000000000000000000064711416753542100170710ustar00rootroot00000000000000The darkstat export format was designed by Ben Stewart. Note that all integers are stored in network order (big-endian). FILE HEADER 0xDA314159 darkstat export format SECTION HEADER 0xDA 'H' 'S' 0x01 hosts_db ver1 HOST COUNT 0x00000001 1 host follows For each host: HOST HEADER 'H' 'S' 'T' 0x04 host ver4 ADDRESS FAMILY 0x04 Either 4 or 6. IPv4 ADDR 0x0A010101 IPv4 10.1.1.1 or for 0x06: IPv6 ADDR 0x0000 0000 0000 0000 0000 0000 0000 0001 meaning IPv6 ::1 LASTSEEN 0x0000 0000 4800 0123 64-bit time_t meaning: 2008-04-12 00:24:03 UTC MACADDR 0x001122334455 00:11:22:33:44:55 HOSTNAME 0x09 "localhost" 9 is the string length IN 0x0000000000123456 Bytes in: 1193046 OUT 0x0000000000789ABC Bytes out: 7903932 PROTOS DATA 'P' start ip proto data IP PROTO COUNT 0x03 3 ip_proto entries IP PROTO 0x06 tcp IN 0x0000000000123456 Bytes in: 1193046 OUT 0x0000000000789ABC Bytes out: 7903932 IP PROTO 0x11 udp IN 0x0000000000000444 Bytes in: 1092 OUT 0x0000000000000555 Bytes out: 1365 IP PROTO 0x01 icmp IN 0x0000000000000001 Bytes in: 1 OUT 0x0000000000000002 Bytes out: 2 TCP DATA 'T' start tcp proto data TCP PROTO COUNT 0x0001 1 tcp_proto entry PORT 0x0050 http (port 80) SYN COUNT 0x0000000000000003 SYNs: 3 IN 0x0000000000000001 Bytes in: 1 OUT 0x0000000000000002 Bytes out: 2 UDP DATA 'U' start udp proto data UDP PROTO COUNT 0x0001 1 udp_proto entry PORT 0x0045 tftp (port 69) IN 0x0000000000000001 Bytes in: 1 OUT 0x0000000000000002 Bytes out: 2 REMOTE TCP DATA 't' (as above) REMOTE UDP DATA 'u' (as above) SECTION HEADER 0xDA 'G' 'R' 0x01 graph_db ver1 LAST_TIME (time_t as 64-bit uint) For each of 4 graphs: (60 seconds, 60 minutes, 24 hours, 31 days) 8 bits - number of bars in this graph 8 bits - index of last_time bar, in the range [0:n_bars) For each bar: 64 bits - bytes in 64 bits - bytes out Host header version 1 is just version 2 without the lastseen time. Host header version 2 is just version 3 without the address family byte (or the possibility of an IPv6 address). Host header version 3 is just version 4 without the remote TCP and UDP ports. darkstat-3.0.721/graph_db.c000066400000000000000000000254631416753542100154350ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2006-2014 Emil Mikulic. * * graph_db.c: round robin database for graph data * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include #include "cap.h" #include "conv.h" #include "db.h" #include "acct.h" #include "err.h" #include "str.h" #include "html.h" #include "graph_db.h" #include "now.h" #include "opt.h" #include #include #include /* for memcpy() */ #include #define GRAPH_WIDTH "320" #define GRAPH_HEIGHT "200" struct graph { uint64_t *in, *out; unsigned int offset; /* i.e. seconds start at 0, days start at 1 */ unsigned int pos, num_bars; const char *unit; unsigned int bar_secs; /* one bar represents seconds */ }; static struct graph graph_secs = {NULL, NULL, 0, 0, 60, "seconds", 1}, graph_mins = {NULL, NULL, 0, 0, 60, "minutes", 60}, graph_hrs = {NULL, NULL, 0, 0, 24, "hours", 3600}, graph_days = {NULL, NULL, 1, 0, 31, "days", 86400}; static struct graph *graph_db[] = { &graph_secs, &graph_mins, &graph_hrs, &graph_days }; static unsigned int graph_db_size = sizeof(graph_db)/sizeof(*graph_db); static time_t start_mono, start_real, last_real; void graph_init(void) { unsigned int i; for (i=0; iin = xmalloc(sizeof(uint64_t) * graph_db[i]->num_bars); graph_db[i]->out = xmalloc(sizeof(uint64_t) * graph_db[i]->num_bars); } graph_reset(); } static void zero_graph(struct graph *g) { memset(g->in, 0, sizeof(uint64_t) * g->num_bars); memset(g->out, 0, sizeof(uint64_t) * g->num_bars); } void graph_reset(void) { unsigned int i; for (i=0; iin); free(graph_db[i]->out); } } void graph_acct(uint64_t amount, enum graph_dir dir) { unsigned int i; for (i=0; iin[ graph_db[i]->pos ] += amount; } else { assert(dir == GRAPH_OUT); graph_db[i]->out[ graph_db[i]->pos ] += amount; } } /* Advance a graph: advance the pos, zeroing out bars as we move. */ static void advance(struct graph *g, const unsigned int pos) { if (g->pos == pos) return; /* didn't need to advance */ do { g->pos = (g->pos + 1) % g->num_bars; g->in[g->pos] = g->out[g->pos] = 0; } while (g->pos != pos); } /* Rotate a graph: rotate all bars so that the bar at the current pos is moved * to the newly given pos. */ static void rotate(struct graph *g, const unsigned int pos) { uint64_t *tmp; unsigned int i, ofs; size_t size; if (pos == g->pos) return; /* nothing to rotate */ size = sizeof(*tmp) * g->num_bars; tmp = xmalloc(size); ofs = g->num_bars + pos - g->pos; for (i=0; inum_bars; i++) tmp[ (i+ofs) % g->num_bars ] = g->in[i]; memcpy(g->in, tmp, size); for (i=0; inum_bars; i++) tmp[ (i+ofs) % g->num_bars ] = g->out[i]; memcpy(g->out, tmp, size); free(tmp); assert(g->num_bars > 0); assert(pos == ( (g->pos + ofs) % g->num_bars )); g->pos = pos; } static void graph_resync(const time_t new_real) { struct tm *tm; /* * If real time went backwards, we assume that the time adjustment should * only affect display. i.e., if we have: * * second 15: 12 bytes * second 16: 345 bytes * second 17: <-- current pos * * and time goes backwards to second 8, we will shift the graph around to * get: * * second 6: 12 bytes * second 7: 345 bytes * second 8: <-- current pos * * We don't make any corrections for time being stepped forward, * it's treated as though there was no traffic during that time. * * We rely on graph advancement to happen at the correct real time to * account for, for example, bandwidth used per day. */ assert(new_real < last_real); tm = localtime(&new_real); if (tm->tm_sec == 60) tm->tm_sec = 59; /* mis-handle leap seconds */ rotate(&graph_secs, tm->tm_sec); rotate(&graph_mins, tm->tm_min); rotate(&graph_hrs, tm->tm_hour); rotate(&graph_days, tm->tm_mday - 1); last_real = new_real; } void graph_rotate(void) { time_t t, td; struct tm *tm; unsigned int i; t = now_real(); td = t - last_real; if (last_real == 0) { verbosef("first rotate"); last_real = t; tm = localtime(&t); graph_secs.pos = tm->tm_sec; graph_mins.pos = tm->tm_min; graph_hrs.pos = tm->tm_hour; graph_days.pos = tm->tm_mday - 1; return; } if (t == last_real) return; /* time has not advanced a full second, don't rotate */ if (t < last_real) { verbosef("graph_db: realtime went backwards! " "(from %ld to %ld, offset is %ld)", last_real, t, td); graph_resync(t); return; } /* else, normal rotation */ last_real = t; tm = localtime(&t); /* zero out graphs which have been completely rotated through */ for (i=0; i= (int)(graph_db[i]->num_bars * graph_db[i]->bar_secs)) zero_graph(graph_db[i]); /* advance the current position, zeroing up to it */ advance(&graph_secs, tm->tm_sec); advance(&graph_mins, tm->tm_min); advance(&graph_hrs, tm->tm_hour); advance(&graph_days, tm->tm_mday - 1); } /* --------------------------------------------------------------------------- * Database Import: Grab graphs from a file provided by the caller. * * This function will retrieve the data sans the header. We expect the caller * to have validated the header of the segment, and left the file position at * the start of the data. */ int graph_import(const int fd) { uint64_t last; unsigned int i, j; if (!read64(fd, &last)) return 0; last_real = last; for (i=0; i= num_bars) { warn("pos is %u, should be < num_bars which is %u", (unsigned int)pos, (unsigned int)num_bars); return 0; } if (graph_db[i]->num_bars != num_bars) { warn("num_bars is %u, expecting %u", (unsigned int)num_bars, graph_db[i]->num_bars); return 0; } graph_db[i]->pos = pos; for (j=0; jin[j]))) return 0; if (!read64(fd, &(graph_db[i]->out[j]))) return 0; } } return 1; } /* --------------------------------------------------------------------------- * Database Export: Dump hosts_db into a file provided by the caller. * The caller is responsible for writing out the header first. */ int graph_export(const int fd) { unsigned int i, j; if (!write64(fd, (uint64_t)last_real)) return 0; for (i=0; inum_bars)) return 0; if (!write8(fd, graph_db[i]->pos)) return 0; for (j=0; jnum_bars; j++) { if (!write64(fd, graph_db[i]->in[j])) return 0; if (!write64(fd, graph_db[i]->out[j])) return 0; } } return 1; } /* --------------------------------------------------------------------------- * Web interface: front page! */ struct str *html_front_page(void) { struct str *buf, *rf; unsigned int i; char start_when[100]; time_t d_real, d_mono; buf = str_make(); html_open(buf, "Graphs", /*path_depth=*/0, /*want_graph_js=*/1); d_mono = now_mono() - start_mono; d_real = now_real() - start_real; str_append(buf, "

\n"); str_append(buf, "Measuring for "); rf = length_of_time(d_mono); str_appendstr(buf, rf); str_free(rf); str_append(buf, ""); if (labs((long)(d_real - d_mono)) > 1) str_appendf(buf, " (real time is off by %qd sec)", (qd)(d_real - d_mono)); if (strftime(start_when, sizeof(start_when), "%Y-%m-%d %H:%M:%S %Z%z", localtime(&start_real)) != 0) str_appendf(buf, ", since %s", start_when); str_appendf(buf,".
\n" "Seen %'qu bytes, " "in %'qu packets. " "(%'u captured, " "%'u dropped)
\n" "

\n", (qu)acct_total_bytes, (qu)acct_total_packets, cap_pkts_recv, cap_pkts_drop); str_append(buf, "
\n" "Graphs require JavaScript.\n" "\n" "
\n" ); html_close(buf); return (buf); } /* --------------------------------------------------------------------------- * Web interface: graphs.xml */ struct str *xml_graphs(void) { unsigned int i, j; struct str *buf = str_make(), *rf; str_appendf(buf, "\n"); for (i=0; i\n", g->unit); j = g->pos; do { j = (j + 1) % g->num_bars; /* */ str_appendf(buf, "\n", g->offset + j, (qu)g->in[j], (qu)g->out[j]); } while (j != g->pos); str_appendf(buf, "\n", g->unit); } str_append(buf, "\n"); return (buf); } /* vim:set ts=3 sw=3 tw=80 et: */ darkstat-3.0.721/graph_db.h000066400000000000000000000012231416753542100154260ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2006-2011 Emil Mikulic. * * graph_db.h: round robin database for graph data */ #ifndef __DARKSTAT_GRAPH_DB_H #define __DARKSTAT_GRAPH_DB_H #include /* for uint64_t on Linux and OS X */ enum graph_dir { MIN_GRAPH_DIR = 1, GRAPH_IN = 1, GRAPH_OUT = 2, MAX_GRAPH_DIR = 2 }; void graph_init(void); void graph_reset(void); void graph_free(void); void graph_acct(uint64_t amount, enum graph_dir dir); void graph_rotate(void); int graph_import(const int fd); int graph_export(const int fd); struct str *html_front_page(void); struct str *xml_graphs(void); #endif /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/hosts_db.c000066400000000000000000001276441416753542100155000ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * hosts_db.c: database of hosts, ports, protocols. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "cdefs.h" #include "conv.h" #include "decode.h" #include "dns.h" #include "err.h" #include "hosts_db.h" #include "db.h" #include "html.h" #include "ncache.h" #include "now.h" #include "opt.h" #include "str.h" #include /* struct addrinfo */ #include #include #include #include #include /* memset(), strcmp() */ #include #include int hosts_db_show_macs = 0; /* FIXME: specify somewhere more sane/tunable */ #define MAX_ENTRIES 30 /* in an HTML table rendered from a hashtable */ typedef uint32_t (hash_func_t)(const struct hashtable *, const void *); typedef void (free_func_t)(struct bucket *); typedef const void * (key_func_t)(const struct bucket *); typedef int (find_func_t)(const struct bucket *, const void *); typedef struct bucket * (make_func_t)(const void *); typedef void (format_cols_func_t)(struct str *); typedef void (format_row_func_t)(struct str *, const struct bucket *); struct hashtable { uint8_t bits; /* size of hashtable in bits */ uint32_t size, mask; uint32_t count, count_max, count_keep; /* items in table */ uint32_t coeff; /* coefficient for Fibonacci hashing */ struct bucket **table; struct { uint64_t inserts, searches, deletions, rehashes; } stats; hash_func_t *hash_func; /* returns hash value of given key (passed as void*) */ free_func_t *free_func; /* free of bucket payload */ key_func_t *key_func; /* returns pointer to key of bucket (to pass to hash_func) */ find_func_t *find_func; /* returns true if given bucket matches key (passed as void*) */ make_func_t *make_func; /* returns bucket containing new record with key (passed as void*) */ format_cols_func_t *format_cols_func; /* append table columns to str */ format_row_func_t *format_row_func; /* format record and append to str */ }; static void hashtable_reduce(struct hashtable *ht); static void hashtable_free(struct hashtable *h); #define HOST_BITS 1 /* initial size of hosts table */ #define PORT_BITS 1 /* initial size of ports tables */ #define PROTO_BITS 1 /* initial size of proto table */ /* We only use one hosts_db hashtable and this is it. */ static struct hashtable *hosts_db = NULL; /* phi^-1 (reciprocal of golden ratio) = (sqrt(5) - 1) / 2 */ static const double phi_1 = 0.61803398874989490252573887119069695472717285156250; /* Co-prime of u, using phi^-1 */ static uint32_t coprime(const uint32_t u) { return ( (uint32_t)( (double)(u) * phi_1 ) | 1U ); } /* * This is the "recommended" IPv4 hash function, as seen in FreeBSD's * src/sys/netinet/tcp_hostcache.c 1.1 */ static uint32_t ipv4_hash(const struct addr *const a) { uint32_t ip = a->ip.v4; return ( (ip) ^ ((ip) >> 7) ^ ((ip) >> 17) ); } #ifndef s6_addr32 # ifdef sun /* * http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/uts/common/netinet/in.h#130 */ # define s6_addr32 _S6_un._S6_u32 # else /* Covers OpenBSD and FreeBSD. The macro __USE_GNU has * taken care of GNU/Linux and GNU/kfreebsd. */ # define s6_addr32 __u6_addr.__u6_addr32 # endif #endif /* * This is the IPv6 hash function used by FreeBSD in the same file as above, * svn rev 122922. */ static uint32_t ipv6_hash(const struct addr *const a) { const struct in6_addr *const ip6 = &(a->ip.v6); return ( ip6->s6_addr32[0] ^ ip6->s6_addr32[1] ^ ip6->s6_addr32[2] ^ ip6->s6_addr32[3] ); } /* --------------------------------------------------------------------------- * hash_func collection */ static uint32_t hash_func_host(const struct hashtable *h _unused_, const void *key) { const struct addr *a = key; if (a->family == IPv4) return (ipv4_hash(a)); else { assert(a->family == IPv6); return (ipv6_hash(a)); } } #define CASTKEY(type) (*((const type *)key)) static uint32_t hash_func_short(const struct hashtable *h, const void *key) { return (CASTKEY(uint16_t) * h->coeff); } static uint32_t hash_func_byte(const struct hashtable *h, const void *key) { return (CASTKEY(uint8_t) * h->coeff); } /* --------------------------------------------------------------------------- * key_func collection */ static const void * key_func_host(const struct bucket *b) { return &(b->u.host.addr); } static const void * key_func_port_tcp(const struct bucket *b) { return &(b->u.port_tcp.port); } static const void * key_func_port_udp(const struct bucket *b) { return &(b->u.port_udp.port); } static const void * key_func_ip_proto(const struct bucket *b) { return &(b->u.ip_proto.proto); } /* --------------------------------------------------------------------------- * find_func collection */ static int find_func_host(const struct bucket *b, const void *key) { return (addr_equal(key, &(b->u.host.addr))); } static int find_func_port_tcp(const struct bucket *b, const void *key) { return (b->u.port_tcp.port == CASTKEY(uint16_t)); } static int find_func_port_udp(const struct bucket *b, const void *key) { return (b->u.port_udp.port == CASTKEY(uint16_t)); } static int find_func_ip_proto(const struct bucket *b, const void *key) { return (b->u.ip_proto.proto == CASTKEY(uint8_t)); } /* --------------------------------------------------------------------------- * make_func collection */ #define MAKE_BUCKET(name_bucket, name_content, type) struct { \ struct bucket *next; \ uint64_t in, out, total; \ union { struct type t; } u; } _custom_bucket; \ struct bucket *name_bucket = xcalloc(1, sizeof(_custom_bucket)); \ struct type *name_content = &(name_bucket->u.type); \ name_bucket->next = NULL; \ name_bucket->in = name_bucket->out = name_bucket->total = 0; static struct bucket * make_func_host(const void *key) { MAKE_BUCKET(b, h, host); h->addr = CASTKEY(struct addr); h->dns = NULL; h->last_seen_mono = 0; memset(&h->mac_addr, 0, sizeof(h->mac_addr)); h->ports_tcp = NULL; h->ports_tcp_remote = NULL; h->ports_udp = NULL; h->ports_udp_remote = NULL; h->ip_protos = NULL; return (b); } static void free_func_host(struct bucket *b) { struct host *h = &(b->u.host); if (h->dns != NULL) free(h->dns); hashtable_free(h->ports_tcp); hashtable_free(h->ports_tcp_remote); hashtable_free(h->ports_udp); hashtable_free(h->ports_udp_remote); hashtable_free(h->ip_protos); } static struct bucket * make_func_port_tcp(const void *key) { MAKE_BUCKET(b, p, port_tcp); p->port = CASTKEY(uint16_t); p->syn = 0; return (b); } static struct bucket * make_func_port_udp(const void *key) { MAKE_BUCKET(b, p, port_udp); p->port = CASTKEY(uint16_t); return (b); } static struct bucket * make_func_ip_proto(const void *key) { MAKE_BUCKET(b, p, ip_proto); p->proto = CASTKEY(uint8_t); return (b); } static void free_func_simple(struct bucket *b _unused_) { /* nop */ } /* --------------------------------------------------------------------------- * format_func collection (ordered by struct) */ static void format_cols_host(struct str *buf) { /* FIXME: don't clobber parts of the query string * specifically "full" and "start" * when setting sort direction */ str_append(buf, "\n" "\n" " \n" " \n"); if (hosts_db_show_macs) str_append(buf, " \n"); str_append(buf, " \n" " \n" " \n"); if (opt_want_lastseen) str_append(buf, " \n"); str_append(buf, "\n"); } static void format_row_host(struct str *buf, const struct bucket *b) { const char *ip = addr_to_str(&(b->u.host.addr)); str_appendf(buf, "\n" " \n" " \n", ip, ip, (b->u.host.dns == NULL) ? "" : b->u.host.dns); if (hosts_db_show_macs) str_appendf(buf, " \n", b->u.host.mac_addr[0], b->u.host.mac_addr[1], b->u.host.mac_addr[2], b->u.host.mac_addr[3], b->u.host.mac_addr[4], b->u.host.mac_addr[5]); str_appendf(buf, " \n" " \n" " \n", (qu)b->in, (qu)b->out, (qu)b->total); if (opt_want_lastseen) { int64_t last = b->u.host.last_seen_mono; int64_t now = (int64_t)now_mono(); struct str *last_str = NULL; if ((now >= last) && (last != 0)) last_str = length_of_time(now - last); str_append(buf, " "); } str_appendf(buf, "\n"); /* Only resolve hosts "on demand" */ if (b->u.host.dns == NULL) dns_queue(&(b->u.host.addr)); } static void format_cols_port_tcp(struct str *buf) { str_append(buf, "
IPHostnameMAC AddressInOutTotalLast seen
%s%s%x:%x:%x:%x:%x:%x%'qu%'qu%'qu"); if (last_str == NULL) { if (last == 0) str_append(buf, "(never)"); else str_appendf(buf, "(clock error: last = %qd, now = %qu)", (qd)last, (qu)now); } else { str_appendstr(buf, last_str); str_free(last_str); } str_append(buf, "
\n" "\n" " \n" ); } static void format_row_port_tcp(struct str *buf, const struct bucket *b) { const struct port_tcp *p = &(b->u.port_tcp); str_appendf(buf, "\n" " \n" " \n" " \n" " \n" " \n" " \n" "\n", p->port, getservtcp(p->port), (qu)b->in, (qu)b->out, (qu)b->total, (qu)p->syn ); } static void format_cols_port_udp(struct str *buf) { str_append(buf, "
Port\n" " Service\n" " In\n" " Out\n" " Total\n" " SYNs\n" "
%u%s%'qu%'qu%'qu%'qu
\n" "\n" " \n" ); } static void format_row_port_udp(struct str *buf, const struct bucket *b) { const struct port_udp *p = &(b->u.port_udp); str_appendf(buf, "\n" " \n" " \n" " \n" " \n" " \n" "\n", p->port, getservudp(p->port), (qu)b->in, (qu)b->out, (qu)b->total ); } static void format_cols_ip_proto(struct str *buf) { str_append(buf, "
Port\n" " Service\n" " In\n" " Out\n" " Total\n" "
%u%s%'qu%'qu%'qu
\n" "\n" " \n" ); } static void format_row_ip_proto(struct str *buf, const struct bucket *b) { const struct ip_proto *p = &(b->u.ip_proto); str_appendf(buf, "\n" " \n" " \n" " \n" " \n" " \n" "\n", p->proto, getproto(p->proto), (qu)b->in, (qu)b->out, (qu)b->total ); } /* --------------------------------------------------------------------------- * Initialise a hashtable. */ static struct hashtable * hashtable_make(const uint8_t bits, const unsigned int count_max, const unsigned int count_keep, hash_func_t *hash_func, free_func_t *free_func, key_func_t *key_func, find_func_t *find_func, make_func_t *make_func, format_cols_func_t *format_cols_func, format_row_func_t *format_row_func) { struct hashtable *hash; assert(bits > 0); hash = xmalloc(sizeof(*hash)); hash->bits = bits; hash->count_max = count_max; hash->count_keep = count_keep; hash->size = 1U << bits; hash->mask = hash->size - 1; hash->coeff = coprime(hash->size); hash->hash_func = hash_func; hash->free_func = free_func; hash->key_func = key_func; hash->find_func = find_func; hash->make_func = make_func; hash->format_cols_func = format_cols_func; hash->format_row_func = format_row_func; hash->count = 0; hash->table = xcalloc(hash->size, sizeof(*hash->table)); memset(&(hash->stats), 0, sizeof(hash->stats)); return (hash); } /* --------------------------------------------------------------------------- * Initialise global hosts_db. */ void hosts_db_init(void) { assert(hosts_db == NULL); hosts_db = hashtable_make(HOST_BITS, opt_hosts_max, opt_hosts_keep, hash_func_host, free_func_host, key_func_host, find_func_host, make_func_host, format_cols_host, format_row_host); } static void hashtable_rehash(struct hashtable *h, const uint8_t bits) { struct bucket **old_table, **new_table; uint32_t i, old_size; assert(h != NULL); assert(bits > 0); h->stats.rehashes++; old_size = h->size; old_table = h->table; h->bits = bits; h->size = 1U << bits; h->mask = h->size - 1; h->coeff = coprime(h->size); new_table = xcalloc(h->size, sizeof(*new_table)); for (i=0; ihash_func(h, h->key_func(b)) & h->mask; next = b->next; b->next = new_table[pos]; new_table[pos] = b; b = next; } } free(h->table); h->table = new_table; } static void hashtable_insert(struct hashtable *h, struct bucket *b) { uint32_t pos; assert(h != NULL); assert(b != NULL); assert(b->next == NULL); /* Rehash on 80% occupancy */ if ((h->count > h->size) || ((h->size - h->count) < h->size / 5)) hashtable_rehash(h, h->bits+1); pos = h->hash_func(h, h->key_func(b)) & h->mask; if (h->table[pos] == NULL) h->table[pos] = b; else { /* Insert at top of chain. */ b->next = h->table[pos]; h->table[pos] = b; } h->count++; h->stats.inserts++; } /* Return bucket matching key, or NULL if no such entry. */ static struct bucket * hashtable_search(struct hashtable *h, const void *key) { uint32_t pos; struct bucket *b; h->stats.searches++; pos = h->hash_func(h, key) & h->mask; b = h->table[pos]; while (b != NULL) { if (h->find_func(b, key)) return (b); else b = b->next; } return (NULL); } typedef enum { NO_REDUCE = 0, ALLOW_REDUCE = 1 } reduce_bool; /* Search for a key. If it's not there, make and insert a bucket for it. */ static struct bucket * hashtable_find_or_insert(struct hashtable *h, const void *key, const reduce_bool allow_reduce) { struct bucket *b = hashtable_search(h, key); if (b == NULL) { /* Not found, so insert after checking occupancy. */ if (allow_reduce && (h->count >= h->count_max)) hashtable_reduce(h); b = h->make_func(key); hashtable_insert(h, b); } return (b); } /* * Frees the hashtable and the buckets. The contents are assumed to be * "simple" -- i.e. no "destructor" action is required beyond simply freeing * the bucket. */ static void hashtable_free(struct hashtable *h) { uint32_t i; if (h == NULL) return; for (i=0; isize; i++) { struct bucket *tmp, *b = h->table[i]; while (b != NULL) { tmp = b; b = b->next; h->free_func(tmp); free(tmp); } } free(h->table); free(h); } /* --------------------------------------------------------------------------- * Return existing host or insert a new one. */ struct bucket * host_get(const struct addr *const a) { return (hashtable_find_or_insert(hosts_db, a, NO_REDUCE)); } /* --------------------------------------------------------------------------- * Find host, returns NULL if not in DB. */ struct bucket * host_find(const struct addr *const a) { return (hashtable_search(hosts_db, a)); } /* --------------------------------------------------------------------------- * Find host, returns NULL if not in DB. */ static struct bucket * host_search(const char *ipstr) { struct addr a; struct addrinfo hints, *ai; memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_flags = AI_NUMERICHOST; if (getaddrinfo(ipstr, NULL, &hints, &ai)) return (NULL); /* invalid addr */ if (ai->ai_family == AF_INET) { a.family = IPv4; a.ip.v4 = ((const struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr; } else if (ai->ai_family == AF_INET6) { a.family = IPv6; memcpy(&(a.ip.v6), ((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr.s6_addr, sizeof(a.ip.v6)); } else { freeaddrinfo(ai); return (NULL); /* unknown family */ } freeaddrinfo(ai); verbosef("search(%s) turned into %s", ipstr, addr_to_str(&a)); return (hashtable_search(hosts_db, &a)); } /* --------------------------------------------------------------------------- * Reduce a hashtable to the top entries. */ static void hashtable_reduce(struct hashtable *ht) { uint32_t i, pos, rmd; const struct bucket **table; uint64_t cutoff; assert(ht->count_keep < ht->count); /* Fill table with pointers to buckets in hashtable. */ table = xcalloc(ht->count, sizeof(*table)); for (pos=0, i=0; isize; i++) { struct bucket *b = ht->table[i]; while (b != NULL) { table[pos++] = b; b = b->next; } } assert(pos == ht->count); qsort_buckets(table, ht->count, 0, ht->count_keep, TOTAL); cutoff = table[ht->count_keep]->total; free(table); /* Remove all elements with total <= cutoff. */ rmd = 0; for (i=0; isize; i++) { struct bucket *last = NULL, *next, *b = ht->table[i]; while (b != NULL) { next = b->next; if (b->total <= cutoff) { /* Remove this one. */ ht->free_func(b); free(b); if (last == NULL) ht->table[i] = next; else last->next = next; rmd++; ht->count--; } else { last = b; } b = next; } } verbosef("hashtable_reduce: removed %u buckets, left %u", rmd, ht->count); hashtable_rehash(ht, ht->bits); /* is this needed? */ } /* Reduce hosts_db if needed. */ void hosts_db_reduce(void) { if (hosts_db->count >= hosts_db->count_max) hashtable_reduce(hosts_db); } /* --------------------------------------------------------------------------- * Reset hosts_db to empty. */ void hosts_db_reset(void) { unsigned int i; for (i=0; isize; i++) { struct bucket *next, *b = hosts_db->table[i]; while (b != NULL) { next = b->next; hosts_db->free_func(b); free(b); b = next; } hosts_db->table[i] = NULL; } verbosef("hosts_db reset to empty, freed %u hosts", hosts_db->count); hosts_db->count = 0; } /* --------------------------------------------------------------------------- * Deallocate hosts_db. */ void hosts_db_free(void) { uint32_t i; assert(hosts_db != NULL); for (i=0; isize; i++) { struct bucket *tmp, *b = hosts_db->table[i]; while (b != NULL) { tmp = b; b = b->next; hosts_db->free_func(tmp); free(tmp); } } free(hosts_db->table); free(hosts_db); hosts_db = NULL; } /* --------------------------------------------------------------------------- * Find or create a port_tcp inside a host. */ struct bucket * host_get_port_tcp(struct bucket *host, const uint16_t port) { struct host *h = &host->u.host; if (h->ports_tcp == NULL) h->ports_tcp = hashtable_make(PORT_BITS, opt_ports_max, opt_ports_keep, hash_func_short, free_func_simple, key_func_port_tcp, find_func_port_tcp, make_func_port_tcp, format_cols_port_tcp, format_row_port_tcp); return (hashtable_find_or_insert(h->ports_tcp, &port, ALLOW_REDUCE)); } struct bucket * host_get_port_tcp_remote(struct bucket *host, const uint16_t port) { struct host *h = &host->u.host; if (h->ports_tcp_remote == NULL) h->ports_tcp_remote = hashtable_make( PORT_BITS, opt_ports_max, opt_ports_keep, hash_func_short, free_func_simple, key_func_port_tcp, find_func_port_tcp, make_func_port_tcp, format_cols_port_tcp, format_row_port_tcp); return (hashtable_find_or_insert(h->ports_tcp_remote, &port, ALLOW_REDUCE)); } /* --------------------------------------------------------------------------- * Find or create a port_udp inside a host. */ struct bucket * host_get_port_udp(struct bucket *host, const uint16_t port) { struct host *h = &host->u.host; if (h->ports_udp == NULL) h->ports_udp = hashtable_make(PORT_BITS, opt_ports_max, opt_ports_keep, hash_func_short, free_func_simple, key_func_port_udp, find_func_port_udp, make_func_port_udp, format_cols_port_udp, format_row_port_udp); return (hashtable_find_or_insert(h->ports_udp, &port, ALLOW_REDUCE)); } struct bucket * host_get_port_udp_remote(struct bucket *host, const uint16_t port) { struct host *h = &host->u.host; if (h->ports_udp_remote == NULL) h->ports_udp_remote = hashtable_make( PORT_BITS, opt_ports_max, opt_ports_keep, hash_func_short, free_func_simple, key_func_port_udp, find_func_port_udp, make_func_port_udp, format_cols_port_udp, format_row_port_udp); return (hashtable_find_or_insert(h->ports_udp_remote, &port, ALLOW_REDUCE)); } /* --------------------------------------------------------------------------- * Find or create an ip_proto inside a host. */ struct bucket * host_get_ip_proto(struct bucket *host, const uint8_t proto) { struct host *h = &host->u.host; static const unsigned int PROTOS_MAX = 512, PROTOS_KEEP = 256; assert(h != NULL); if (h->ip_protos == NULL) h->ip_protos = hashtable_make(PROTO_BITS, PROTOS_MAX, PROTOS_KEEP, hash_func_byte, free_func_simple, key_func_ip_proto, find_func_ip_proto, make_func_ip_proto, format_cols_ip_proto, format_row_ip_proto); return (hashtable_find_or_insert(h->ip_protos, &proto, ALLOW_REDUCE)); } static struct str *html_hosts_main(const char *qs); static struct str *html_hosts_detail(const char *ip); /* --------------------------------------------------------------------------- * Web interface: delegate the /hosts/ space. */ struct str * html_hosts(const char *uri, const char *query) { unsigned int i, num_elems; char **elem = split('/', uri, &num_elems); struct str *buf = NULL; assert(num_elems >= 1); assert(strcmp(elem[0], "hosts") == 0); if (num_elems == 1) /* /hosts/ */ buf = html_hosts_main(query); else if (num_elems == 2) /* /hosts// */ buf = html_hosts_detail(elem[1]); for (i=0; icount == 0)) { return NULL; } /* Fill table with pointers to buckets in hashtable. */ table = xcalloc(ht->count, sizeof(*table)); for (pos=0, i=0; isize; i++) { struct bucket *b = ht->table[i]; while (b != NULL) { table[pos++] = b; b = b->next; } } assert(pos == ht->count); return table; } typedef void (hashtable_foreach_func_t)(const struct bucket *, const void *); /* --------------------------------------------------------------------------- * Loop over all buckets in the given hashtable, calling the supplied function * with each bucket and the supplied user_data. */ static void hashtable_foreach(struct hashtable *ht, hashtable_foreach_func_t *hashtable_foreach_func, const void *user_data) { const struct bucket **table; unsigned int i; table = hashtable_list_buckets(ht); if (table == NULL) return; for (i = 0; icount; i++) { const struct bucket *b = table[i]; (*hashtable_foreach_func)(b, user_data); } free(table); } /* --------------------------------------------------------------------------- * Format hashtable into HTML. */ static void format_table(struct str *buf, struct hashtable *ht, unsigned int start, const enum sort_dir sort, const int full) { const struct bucket **table; unsigned int i, end; int alt = 0; table = hashtable_list_buckets(ht); if (table == NULL) { str_append(buf, "

The table is empty.

\n"); return; } if (full) { /* full report overrides start and end */ start = 0; end = ht->count; } else end = MIN(ht->count, (uint32_t)start+MAX_ENTRIES); str_appendf(buf, "(%u-%u of %u)
\n", start+1, end, ht->count); qsort_buckets(table, ht->count, start, end, sort); ht->format_cols_func(buf); for (i=start; iformat_row_func(buf, table[i]); alt = !alt; /* alternate class for table rows */ } free(table); str_append(buf, "
#\n" " Protocol\n" " In\n" " Out\n" " Total\n" "
%u%s%'qu%'qu%'qu
\n"); } /* --------------------------------------------------------------------------- * Web interface: sorted table of hosts. */ static struct str * html_hosts_main(const char *qs) { struct str *buf = str_make(); char *qs_start, *qs_sort, *qs_full, *ep; const char *sortstr; int start, full = 0; enum sort_dir sort; /* parse query string */ qs_start = qs_get(qs, "start"); qs_sort = qs_get(qs, "sort"); qs_full = qs_get(qs, "full"); if (qs_full != NULL) { full = 1; free(qs_full); } /* validate sort */ if (qs_sort == NULL) sort = TOTAL; else if (strcmp(qs_sort, "total") == 0) sort = TOTAL; else if (strcmp(qs_sort, "in") == 0) sort = IN; else if (strcmp(qs_sort, "out") == 0) sort = OUT; else if (strcmp(qs_sort, "lastseen") == 0) sort = LASTSEEN; else { str_append(buf, "Error: invalid value for \"sort\".\n"); goto done; } /* parse start */ if (qs_start == NULL) start = 0; else { start = (int)strtoul(qs_start, &ep, 10); if (*ep != '\0') { str_append(buf, "Error: \"start\" is not a number.\n"); goto done; } if ((errno == ERANGE) || (start < 0) || (start >= (int)hosts_db->count)) { str_append(buf, "Error: \"start\" is out of bounds.\n"); goto done; } } #define PREV "<<< prev page" #define NEXT "next page >>>" #define FULL "full table" html_open(buf, "Hosts", /*path_depth=*/1, /*want_graph_js=*/0); format_table(buf, hosts_db, start, sort, full); /* */ sortstr = qs_sort; if (sortstr == NULL) sortstr = "total"; if (start > 0) { int prev = start - MAX_ENTRIES; if (prev < 0) prev = 0; str_appendf(buf, "" PREV "", prev, sortstr); } else str_append(buf, PREV); if (full) str_append(buf, " | " FULL); else str_appendf(buf, " | " FULL "", sortstr); if (start+MAX_ENTRIES < (int)hosts_db->count) str_appendf(buf, " | " NEXT "", start+MAX_ENTRIES, sortstr); else str_append(buf, " | " NEXT); str_append(buf, "
\n"); html_close(buf); done: if (qs_start != NULL) free(qs_start); if (qs_sort != NULL) free(qs_sort); return buf; #undef PREV #undef NEXT #undef FULL } /* --------------------------------------------------------------------------- * Web interface: detailed view of a single host. */ static struct str *html_hosts_detail(const char *ip) { struct bucket *h; struct str *buf, *ls_len; char ls_when[100]; const char *canonical; time_t last_seen_real; h = host_search(ip); if (h == NULL) return (NULL); /* no such host */ canonical = addr_to_str(&(h->u.host.addr)); /* Overview. */ buf = str_make(); html_open(buf, ip, /*path_depth=*/2, /*want_graph_js=*/0); if (strcmp(ip, canonical) != 0) str_appendf(buf, "(canonically %s)\n", canonical); str_appendf(buf, "

\n" "Hostname: %s
\n", (h->u.host.dns == NULL)?"(resolving...)":h->u.host.dns); /* Resolve host "on demand" */ if (h->u.host.dns == NULL) dns_queue(&(h->u.host.addr)); if (hosts_db_show_macs) str_appendf(buf, "MAC Address: " "%x:%x:%x:%x:%x:%x
\n", h->u.host.mac_addr[0], h->u.host.mac_addr[1], h->u.host.mac_addr[2], h->u.host.mac_addr[3], h->u.host.mac_addr[4], h->u.host.mac_addr[5]); str_append(buf, "

\n" "

\n" "Last seen: "); if (h->u.host.last_seen_mono == 0) { str_append(buf, "(never)"); } else { last_seen_real = mono_to_real(h->u.host.last_seen_mono); if (strftime(ls_when, sizeof(ls_when), "%Y-%m-%d %H:%M:%S %Z%z", localtime(&last_seen_real)) != 0) str_append(buf, ls_when); if (h->u.host.last_seen_mono <= now_mono()) { ls_len = length_of_time((int64_t)now_mono() - h->u.host.last_seen_mono); str_append(buf, " ("); str_appendstr(buf, ls_len); str_free(ls_len); str_append(buf, " ago)"); } else { str_appendf(buf, " (in the future, possible clock problem, " "last = %qd, now = %qu)", (qd)h->u.host.last_seen_mono, (qu)now_mono()); } } str_appendf(buf, "

\n" "

\n" " In: %'qu
\n" " Out: %'qu
\n" " Total: %'qu
\n" "

\n", (qu)h->in, (qu)h->out, (qu)h->total); str_append(buf, "

TCP ports on this host

\n"); format_table(buf, h->u.host.ports_tcp, 0,TOTAL,0); str_append(buf, "

TCP ports on remote hosts

\n"); format_table(buf, h->u.host.ports_tcp_remote, 0,TOTAL,0); str_append(buf, "

UDP ports on this host

\n"); format_table(buf, h->u.host.ports_udp, 0,TOTAL,0); str_append(buf, "

UDP ports on remote hosts

\n"); format_table(buf, h->u.host.ports_udp_remote, 0,TOTAL,0); str_append(buf, "

IP protocols

\n"); format_table(buf, h->u.host.ip_protos, 0,TOTAL,0); str_append(buf, "
\n"); html_close(buf); return buf; } /* --------------------------------------------------------------------------- * Database import and export code: * Initially written and contributed by Ben Stewart. * copyright (c) 2007-2014 Ben Stewart, Emil Mikulic. */ static int hosts_db_export_ip(const struct hashtable *h, const int fd); static int hosts_db_export_tcp(const char magic, const struct hashtable *h, const int fd); static int hosts_db_export_udp(const char magic, const struct hashtable *h, const int fd); static const char export_proto_ip = 'P', export_proto_tcp = 'T', export_proto_tcp_remote = 't', export_proto_udp = 'U', export_proto_udp_remote = 'u'; static const unsigned char export_tag_host_ver1[] = {'H', 'S', 'T', 0x01}, export_tag_host_ver2[] = {'H', 'S', 'T', 0x02}, export_tag_host_ver3[] = {'H', 'S', 'T', 0x03}, export_tag_host_ver4[] = {'H', 'S', 'T', 0x04}; static void text_metrics_counter(struct str *buf, const char *metric, const char *type, const char *help); static void text_metrics_format_host(const struct bucket *b, const void *user_data); /* --------------------------------------------------------------------------- * Web interface: export stats in Prometheus text format on /metrics */ struct str * text_metrics() { struct str *buf = str_make(); text_metrics_counter(buf, "host_bytes_total", "counter", "Total number of network bytes by host and direction."); hashtable_foreach(hosts_db, &text_metrics_format_host, (void *)buf); return buf; } static void text_metrics_counter(struct str *buf, const char *metric, const char *type, const char *help) { str_appendf(buf, "# HELP %s %s\n", metric, help); str_appendf(buf, "# TYPE %s %s\n", metric, type); } static void text_metrics_format_host_key(struct str *buf, const struct bucket *b) { const char *ip = addr_to_str(&(b->u.host.addr)); str_appendf(buf, "host_bytes_total{interface=\"%s\",ip=\"%s\"", title_interfaces, ip); if (hosts_db_show_macs) str_appendf(buf, ",mac=\"%x:%x:%x:%x:%x:%x\"", b->u.host.mac_addr[0], b->u.host.mac_addr[1], b->u.host.mac_addr[2], b->u.host.mac_addr[3], b->u.host.mac_addr[4], b->u.host.mac_addr[5]); } static void text_metrics_format_host(const struct bucket *b, const void *user_data) { struct str *buf = (struct str *)user_data; text_metrics_format_host_key(buf, b); str_appendf(buf, ",dir=\"in\"} %qu\n", (qu)b->in); text_metrics_format_host_key(buf, b); str_appendf(buf, ",dir=\"out\"} %qu\n", (qu)b->out); } /* --------------------------------------------------------------------------- * Load a host's ip_proto table from a file. * Returns 0 on failure, 1 on success. */ static int hosts_db_import_ip(const int fd, struct bucket *host) { uint8_t count, i; if (!expect8(fd, export_proto_ip)) return 0; if (!read8(fd, &count)) return 0; for (i=0; iin = in; b->out = out; b->total = in + out; assert(b->u.ip_proto.proto == proto); /* should be done by make fn */ } return 1; } /* --------------------------------------------------------------------------- * Load a host's port_tcp{,_remote} table from a file. * Returns 0 on failure, 1 on success. */ static int hosts_db_import_tcp(const int fd, const char magic, struct bucket *host, struct bucket *(get_port_fn)(struct bucket *host, uint16_t port)) { uint16_t count, i; if (!expect8(fd, magic)) return 0; if (!read16(fd, &count)) return 0; for (i=0; iin = in; b->out = out; b->total = in + out; assert(b->u.port_tcp.port == port); /* done by make_func_port_tcp */ b->u.port_tcp.syn = syn; } return 1; } /* --------------------------------------------------------------------------- * Load a host's port_tcp table from a file. * Returns 0 on failure, 1 on success. */ static int hosts_db_import_udp(const int fd, const char magic, struct bucket *host, struct bucket *(get_port_fn)(struct bucket *host, uint16_t port)) { uint16_t count, i; if (!expect8(fd, magic)) return 0; if (!read16(fd, &count)) return 0; for (i=0; iin = in; b->out = out; b->total = in + out; assert(b->u.port_udp.port == port); /* done by make_func */ } return 1; } /* --------------------------------------------------------------------------- * Load all hosts from a file. * Returns 0 on failure, 1 on success. */ static int hosts_db_import_host(const int fd) { struct bucket *host; struct addr a; uint8_t hostname_len; uint64_t in, out; unsigned int pos = xtell(fd); char hdr[4]; int ver = 0; if (!readn(fd, hdr, sizeof(hdr))) return 0; if (memcmp(hdr, export_tag_host_ver4, sizeof(hdr)) == 0) ver = 4; else if (memcmp(hdr, export_tag_host_ver3, sizeof(hdr)) == 0) ver = 3; else if (memcmp(hdr, export_tag_host_ver2, sizeof(hdr)) == 0) ver = 2; else if (memcmp(hdr, export_tag_host_ver1, sizeof(hdr)) == 0) ver = 1; else { warnx("bad host header: %02x%02x%02x%02x", hdr[0], hdr[1], hdr[2], hdr[3]); return 0; } if (ver >= 3) { if (!readaddr(fd, &a)) return 0; } else { assert((ver == 1) || (ver == 2)); if (!readaddr_ipv4(fd, &a)) return 0; } verbosef("at file pos %u, importing host %s", pos, addr_to_str(&a)); host = host_get(&a); assert(addr_equal(&(host->u.host.addr), &a)); if (ver > 1) { uint64_t t; if (!read64(fd, &t)) return 0; host->u.host.last_seen_mono = real_to_mono(t); } assert(sizeof(host->u.host.mac_addr) == 6); if (!readn(fd, host->u.host.mac_addr, sizeof(host->u.host.mac_addr))) return 0; /* HOSTNAME */ assert(host->u.host.dns == NULL); /* make fn? */ if (!read8(fd, &hostname_len)) return 0; if (hostname_len > 0) { host->u.host.dns = xmalloc(hostname_len + 1); host->u.host.dns[0] = '\0'; /* At this point, the hostname is attached to a host which is in our * hosts_db, so if we bail out due to an import error, this pointer * isn't lost and leaked, it can be cleaned up in hosts_db_{free,reset} */ if (!readn(fd, host->u.host.dns, hostname_len)) return 0; host->u.host.dns[hostname_len] = '\0'; } if (!read64(fd, &in)) return 0; if (!read64(fd, &out)) return 0; host->in = in; host->out = out; host->total = in + out; /* Host's port and proto subtables: */ if (!hosts_db_import_ip(fd, host)) return 0; if (!hosts_db_import_tcp(fd, export_proto_tcp, host, host_get_port_tcp)) return 0; if (!hosts_db_import_udp(fd, export_proto_udp, host, host_get_port_udp)) return 0; if (ver == 4) { if (!hosts_db_import_tcp(fd, export_proto_tcp_remote, host, host_get_port_tcp_remote)) return 0; if (!hosts_db_import_udp(fd, export_proto_udp_remote, host, host_get_port_udp_remote)) return 0; } return 1; } /* --------------------------------------------------------------------------- * Database Import: Grab hosts_db from a file provided by the caller. * * This function will retrieve the data sans the header. We expect the caller * to have validated the header of the hosts_db segment, and left the file * sitting at the start of the data. */ int hosts_db_import(const int fd) { uint32_t host_count, i; if (!read32(fd, &host_count)) return 0; for (i=0; icount)) return 0; for (i = 0; isize; i++) for (b = hosts_db->table[i]; b != NULL; b = b->next) { /* For each host: */ if (!writen(fd, export_tag_host_ver4, sizeof(export_tag_host_ver4))) return 0; if (!writeaddr(fd, &(b->u.host.addr))) return 0; if (!write64(fd, (uint64_t)mono_to_real(b->u.host.last_seen_mono))) return 0; assert(sizeof(b->u.host.mac_addr) == 6); if (!writen(fd, b->u.host.mac_addr, sizeof(b->u.host.mac_addr))) return 0; /* HOSTNAME */ if (b->u.host.dns == NULL) { if (!write8(fd, 0)) return 0; } else { int dnslen = strlen(b->u.host.dns); if (dnslen > 255) { warnx("found a very long hostname: \"%s\"\n" "wasn't expecting one longer than 255 chars (this one is %d)", b->u.host.dns, dnslen); dnslen = 255; } if (!write8(fd, (uint8_t)dnslen)) return 0; if (!writen(fd, b->u.host.dns, dnslen)) return 0; } if (!write64(fd, b->in)) return 0; if (!write64(fd, b->out)) return 0; if (!hosts_db_export_ip(b->u.host.ip_protos, fd)) return 0; if (!hosts_db_export_tcp(export_proto_tcp, b->u.host.ports_tcp, fd)) return 0; if (!hosts_db_export_udp(export_proto_udp, b->u.host.ports_udp, fd)) return 0; if (!hosts_db_export_tcp(export_proto_tcp_remote, b->u.host.ports_tcp_remote, fd)) return 0; if (!hosts_db_export_udp(export_proto_udp_remote, b->u.host.ports_udp_remote, fd)) return 0; } return 1; } /* --------------------------------------------------------------------------- * Dump the ip_proto table of a host. */ static int hosts_db_export_ip(const struct hashtable *h, const int fd) { uint32_t i, written = 0; struct bucket *b; /* IP DATA */ if (!write8(fd, export_proto_ip)) return 0; /* If no data, write a IP Proto count of 0 and we're done. */ if (h == NULL) { if (!write8(fd, 0)) return 0; return 1; } assert(h->count < 256); if (!write8(fd, (uint8_t)h->count)) return 0; for (i = 0; isize; i++) for (b = h->table[i]; b != NULL; b = b->next) { /* For each ip_proto bucket: */ if (!write8(fd, b->u.ip_proto.proto)) return 0; if (!write64(fd, b->in)) return 0; if (!write64(fd, b->out)) return 0; written++; } assert(written == h->count); return 1; } /* --------------------------------------------------------------------------- * Dump the port_tcp table of a host. */ static int hosts_db_export_tcp(const char magic, const struct hashtable *h, const int fd) { struct bucket *b; uint32_t i, written = 0; /* TCP DATA */ if (!write8(fd, magic)) return 0; /* If no data, write a count of 0 and we're done. */ if (h == NULL) { if (!write16(fd, 0)) return 0; return 1; } assert(h->count < 65536); if (!write16(fd, (uint16_t)h->count)) return 0; for (i = 0; isize; i++) for (b = h->table[i]; b != NULL; b = b->next) { if (!write16(fd, b->u.port_tcp.port)) return 0; if (!write64(fd, b->u.port_tcp.syn)) return 0; if (!write64(fd, b->in)) return 0; if (!write64(fd, b->out)) return 0; written++; } assert(written == h->count); return 1; } /* --------------------------------------------------------------------------- * Dump the port_udp table of a host. */ static int hosts_db_export_udp(const char magic, const struct hashtable *h, const int fd) { struct bucket *b; uint32_t i, written = 0; /* UDP DATA */ if (!write8(fd, magic)) return 0; /* If no data, write a count of 0 and we're done. */ if (h == NULL) { if (!write16(fd, 0)) return 0; return 1; } assert(h->count < 65536); if (!write16(fd, (uint16_t)h->count)) return 0; for (i = 0; isize; i++) for (b = h->table[i]; b != NULL; b = b->next) { if (!write16(fd, b->u.port_udp.port)) return 0; if (!write64(fd, b->in)) return 0; if (!write64(fd, b->out)) return 0; written++; } assert(written == h->count); return 1; } /* vim:set ts=3 sw=3 tw=80 expandtab: */ darkstat-3.0.721/hosts_db.h000066400000000000000000000044121416753542100154700ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * hosts_db.h: database of hosts, ports, protocols. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #ifndef __DARKSTAT_HOSTS_DB_H #define __DARKSTAT_HOSTS_DB_H #include /* for uint64_t */ #include "addr.h" struct hashtable; struct host { struct addr addr; char *dns; uint8_t mac_addr[6]; /* last_seen_mono is converted to/from time_t in export/import. * It can be negative (due to machine reboots). */ int64_t last_seen_mono; struct hashtable *ports_tcp; struct hashtable *ports_tcp_remote; struct hashtable *ports_udp; struct hashtable *ports_udp_remote; struct hashtable *ip_protos; }; struct port_tcp { uint16_t port; uint64_t syn; }; struct port_udp { uint16_t port; }; struct ip_proto { uint8_t proto; }; struct bucket { struct bucket *next; uint64_t in, out, total; union { struct host host; struct port_tcp port_tcp; struct port_udp port_udp; struct ip_proto ip_proto; } u; }; enum sort_dir { IN, OUT, TOTAL, LASTSEEN }; extern int hosts_db_show_macs; void hosts_db_init(void); void hosts_db_reduce(void); void hosts_db_reset(void); void hosts_db_free(void); int hosts_db_import(const int fd); int hosts_db_export(const int fd); struct bucket *host_find(const struct addr *const a); /* can return NULL */ struct bucket *host_get(const struct addr *const a); struct bucket *host_get_port_tcp(struct bucket *host, const uint16_t port); struct bucket *host_get_port_tcp_remote(struct bucket *host, const uint16_t port); struct bucket *host_get_port_udp(struct bucket *host, const uint16_t port); struct bucket *host_get_port_udp_remote(struct bucket *host, const uint16_t port); struct bucket *host_get_ip_proto(struct bucket *host, const uint8_t proto); /* Web pages. */ struct str *html_hosts(const char *uri, const char *query); struct str *text_metrics(); /* From hosts_sort */ void qsort_buckets(const struct bucket **a, size_t n, size_t left, size_t right, const enum sort_dir d); #endif /* __DARKSTAT_HOSTS_DB_H */ /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/hosts_sort.c000066400000000000000000000127371416753542100160760ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * hosts_sort.c: quicksort a table of buckets. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "cdefs.h" #include "err.h" #include "hosts_db.h" static int cmp_u64(const uint64_t a, const uint64_t b) { if (a < b) return (1); if (a > b) return (-1); return (0); } static int cmp_i64(const int64_t a, const int64_t b) { if (a < b) return (1); if (a > b) return (-1); return (0); } /* Comparator for sorting 'struct bucket' */ static int cmp(const struct bucket * const *x, const struct bucket * const *y, const enum sort_dir dir) { switch (dir) { case IN: return cmp_u64((*x)->in, (*y)->in); case OUT: return cmp_u64((*x)->out, (*y)->out); case TOTAL: return cmp_u64((*x)->total, (*y)->total); case LASTSEEN: return cmp_i64((*x)->u.host.last_seen_mono, (*y)->u.host.last_seen_mono); default: errx(1, "cmp: unknown direction: %d", dir); } } /* * The quicksort code is derived from FreeBSD's * src/lib/libc/stdlib/qsort.c v1.12 */ /*- * Copyright (c) 1992, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ static void vecswap(const struct bucket **pi, const struct bucket **pj, int n) { if (n <= 0) return; do { const struct bucket *t = *pi; *pi++ = *pj; *pj++ = t; } while (--n > 0); } #define swap(a, b) { \ const struct bucket *t = *(const struct bucket **)(a); \ *(const struct bucket **)(a) = *(const struct bucket **)(b); \ *(const struct bucket **)(b) = t; \ } static const struct bucket ** med3(const struct bucket **a, const struct bucket **b, const struct bucket **c, const enum sort_dir dir) { return (cmp(a, b, dir) < 0) ? (cmp(b, c, dir) < 0 ? b : (cmp(a, c, dir) < 0 ? c : a )) : (cmp(b, c, dir) > 0 ? b : (cmp(a, c, dir) < 0 ? a : c )); } /* Partial sort - only sort elements in the range [left:right] */ void qsort_buckets(const struct bucket **a, size_t n, size_t left, size_t right, const enum sort_dir dir) { const struct bucket **pa, **pb, **pc, **pd, **pl, **pm, **pn; int d, r, swap_cnt; loop: swap_cnt = 0; if (n < 7) { for (pm = a+1; pm < a+n; pm++) for (pl = pm; (pl > a) && (cmp(pl-1, pl, dir) > 0); pl--) swap(pl, pl-1); return; } pm = a + (n / 2); if (n > 7) { pl = a; pn = a + (n - 1); if (n > 40) { d = (n / 8); pl = med3(pl, pl + d, pl + 2 * d, dir); pm = med3(pm - d, pm, pm + d, dir); pn = med3(pn - 2 * d, pn - d, pn, dir); } pm = med3(pl, pm, pn, dir); } swap(a, pm); pa = pb = a + 1; pc = pd = a + (n - 1); for (;;) { while (pb <= pc && (r = cmp(pb, a, dir)) <= 0) { if (r == 0) { swap_cnt = 1; swap(pa, pb); pa++; } pb++; } while (pb <= pc && (r = cmp(pc, a, dir)) >= 0) { if (r == 0) { swap_cnt = 1; swap(pc, pd); pd--; } pc--; } if (pb > pc) break; swap(pb, pc); swap_cnt = 1; pb++; pc--; } if (swap_cnt == 0) { /* Switch to insertion sort */ for (pm = a + 1; pm < a+n; pm++) for (pl = pm; (pl > a) && (cmp(pl-1, pl, dir) > 0); pl--) swap(pl, pl-1); return; } pn = a + n; r = MIN(pa - a, pb - pa); vecswap(a, pb - r, r); r = MIN(pd - pc, pn - pd - 1); vecswap(pb, pn - r, r); if (((r = pb - pa) > 1) && ((unsigned)r >= left)) qsort_buckets(a, r, left, right, dir); if (((r = pd - pc) > 1) && (n - r <= right)) { /* Iterate rather than recurse to save stack space */ if (n - r > left) left = 0; else left -= n - r; right -= n - r; a += n - r; n = r; goto loop; } /* qsort(pn - r, r, cmp);*/ } /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/html.c000066400000000000000000000037341416753542100146300ustar00rootroot00000000000000/* darkstat 3 * * html.c: HTML header/footer templating for web interface. * copyright (c) 2006 Ben Stewart. * copyright (c) 2010 Malte S. Stretz. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "config.h" #include "str.h" #include "html.h" #include "opt.h" #include static const char *relpaths[] = { ".", "..", "../.." }; void html_open(struct str *buf, const char *title, const unsigned int path_depth, const int want_graph_js) { const char *root; assert(path_depth < (sizeof(relpaths)/sizeof(*relpaths))); root = relpaths[path_depth]; str_appendf(buf, "\n" "\n" "\n" "%s (darkstat %s)\n" "\n" "\n" "\n" "\n", title, title_interfaces, root); if (want_graph_js) str_appendf(buf, "\n" , root); str_appendf(buf, "\n" "\n" "
\n" "\n" "
\n" "
\n" "

%s

\n" , root, root, title); } void html_close(struct str *buf) { str_append(buf, "
\n" "\n" "\n"); } /* vim:set ts=4 sw=4 tw=80 et: */ darkstat-3.0.721/html.h000066400000000000000000000005441416753542100146310ustar00rootroot00000000000000/* darkstat 3 * * html.h: HTML header/footer templating for web interface. * copyright (c) 2006 Ben Stewart. * copyright (c) 2010 Malte S. Stretz. */ struct str; void html_open(struct str *buf, const char *title, const unsigned int path_depth, const int want_graph_js); void html_close(struct str *buf); /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/http.c000066400000000000000000001034701416753542100146410ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2016 Emil Mikulic. * * http.c: embedded webserver. * This borrows a lot of code from darkhttpd. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "cdefs.h" #include "config.h" #include "conv.h" #include "err.h" #include "graph_db.h" #include "hosts_db.h" #include "http.h" #include "now.h" #include "queue.h" #include "str.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include static char *http_base_url = NULL; static int http_base_len = 0; static const char mime_type_xml[] = "text/xml"; static const char mime_type_html[] = "text/html; charset=us-ascii"; static const char mime_type_text_prometheus[] = "text/plain; version=0.0.4"; static const char mime_type_css[] = "text/css"; static const char mime_type_js[] = "text/javascript"; static const char mime_type_png[] = "image/png"; static const char encoding_identity[] = "identity"; static const char encoding_gzip[] = "gzip"; static const char server[] = PACKAGE_NAME "/" PACKAGE_VERSION; static int idletime = 60; #define MAX_REQUEST_LENGTH 4000 static int *insocks = NULL; static unsigned int insock_num = 0; struct connection { LIST_ENTRY(connection) entries; int socket; struct sockaddr_storage client; time_t last_active_mono; enum { RECV_REQUEST, /* receiving request */ SEND_HEADER_AND_REPLY, /* try to send header+reply together */ SEND_HEADER, /* sending generated header */ SEND_REPLY, /* sending reply */ DONE /* conn closed, need to remove from queue */ } state; /* char request[request_length+1] is null-terminated */ char *request; size_t request_length; int accept_gzip; /* request fields */ char *method, *uri, *query; /* query can be NULL */ char *header; const char *mime_type, *encoding, *header_extra; size_t header_length, header_sent; int header_dont_free, header_only, http_code; char *reply; int reply_dont_free; size_t reply_length, reply_sent; unsigned int total_sent; /* header + body = total, for logging */ }; static LIST_HEAD(conn_list_head, connection) connlist = LIST_HEAD_INITIALIZER(conn_list_head); struct bindaddr_entry { STAILQ_ENTRY(bindaddr_entry) entries; const char *s; }; static STAILQ_HEAD(bindaddrs_head, bindaddr_entry) bindaddrs = STAILQ_HEAD_INITIALIZER(bindaddrs); /* --------------------------------------------------------------------------- * Decode URL by converting %XX (where XX are hexadecimal digits) to the * character it represents. Don't forget to free the return value. */ static char *urldecode(const char *url) { size_t i, len = strlen(url); char *out = xmalloc(len+1); int pos; for (i=0, pos=0; i= 'A' && (hex) <= 'F') ? ((hex)-'A'+10): \ ((hex) >= 'a' && (hex) <= 'f') ? ((hex)-'a'+10): \ ((hex)-'0') ) out[pos++] = HEX_TO_DIGIT(url[i+1]) * 16 + HEX_TO_DIGIT(url[i+2]); i += 2; #undef HEX_TO_DIGIT } else { /* straight copy */ out[pos++] = url[i]; } } out[pos] = 0; #if 0 /* don't really need to realloc here - it's probably a performance hit */ out = xrealloc(out, strlen(out)+1); /* dealloc what we don't need */ #endif return (out); } /* --------------------------------------------------------------------------- * Consolidate slashes in-place by shifting parts of the string over repeated * slashes. */ static void consolidate_slashes(char *s) { size_t left = 0, right = 0; int saw_slash = 0; assert(s != NULL); while (s[right] != '\0') { if (saw_slash) { if (s[right] == '/') right++; else { saw_slash = 0; s[left++] = s[right++]; } } else { if (s[right] == '/') saw_slash++; s[left++] = s[right++]; } } s[left] = '\0'; } /* --------------------------------------------------------------------------- * Resolve /./ and /../ in a URI, returing a new, safe URI, or NULL if the URI * is invalid/unsafe. Returned buffer needs to be deallocated. */ static char *make_safe_uri(char *uri) { char **elem, *out; unsigned int slashes = 0, elements = 0; size_t urilen, i, j, pos; assert(uri != NULL); if (uri[0] != '/') return (NULL); consolidate_slashes(uri); urilen = strlen(uri); /* count the slashes */ for (i=0, slashes=0; isocket = -1; memset(&conn->client, 0, sizeof(conn->client)); conn->last_active_mono = now_mono(); conn->request = NULL; conn->request_length = 0; conn->accept_gzip = 0; conn->method = NULL; conn->uri = NULL; conn->query = NULL; conn->header = NULL; conn->mime_type = NULL; conn->encoding = NULL; conn->header_extra = ""; conn->header_length = 0; conn->header_sent = 0; conn->header_dont_free = 0; conn->header_only = 0; conn->http_code = 0; conn->reply = NULL; conn->reply_dont_free = 0; conn->reply_length = 0; conn->reply_sent = 0; conn->total_sent = 0; /* Make it harmless so it gets garbage-collected if it should, for some * reason, fail to be correctly filled out. */ conn->state = DONE; return (conn); } /* --------------------------------------------------------------------------- * Accept a connection from sockin and add it to the connection queue. */ static void accept_connection(const int sockin) { struct sockaddr_storage addrin; socklen_t sin_size; struct connection *conn; char ipaddr[INET6_ADDRSTRLEN], portstr[12]; int sock; sin_size = (socklen_t)sizeof(addrin); sock = accept(sockin, (struct sockaddr *)&addrin, &sin_size); if (sock == -1) { if (errno == ECONNABORTED || errno == EINTR) { verbosef("accept() failed: %s", strerror(errno)); return; } /* else */ err(1, "accept()"); } fd_set_nonblock(sock); /* allocate and initialise struct connection */ conn = new_connection(); conn->socket = sock; conn->state = RECV_REQUEST; memcpy(&conn->client, &addrin, sizeof(conn->client)); LIST_INSERT_HEAD(&connlist, conn, entries); getnameinfo((struct sockaddr *) &addrin, sin_size, ipaddr, sizeof(ipaddr), portstr, sizeof(portstr), NI_NUMERICHOST | NI_NUMERICSERV); verbosef("accepted connection from %s:%s", ipaddr, portstr); } /* --------------------------------------------------------------------------- * Log a connection, then cleanly deallocate its internals. */ static void free_connection(struct connection *conn) { dverbosef("free_connection(%d)", conn->socket); if (conn->socket != -1) close(conn->socket); free(conn->request); free(conn->method); free(conn->uri); free(conn->query); if (!conn->header_dont_free) free(conn->header); if (!conn->reply_dont_free) free(conn->reply); } /* --------------------------------------------------------------------------- * Format [when] as an RFC1123 date, stored in the specified buffer. The same * buffer is returned for convenience. */ #define DATE_LEN 30 /* strlen("Fri, 28 Feb 2003 00:02:08 GMT")+1 */ static char *rfc1123_date(char *dest, time_t when) { if (strftime(dest, DATE_LEN, "%a, %d %b %Y %H:%M:%S %Z", gmtime(&when) ) == 0) errx(1, "strftime() failed [%s]", dest); return dest; } static void generate_header(struct connection *conn, const int code, const char *text) { char date[DATE_LEN]; assert(conn->header == NULL); assert(conn->mime_type != NULL); if (conn->encoding == NULL) conn->encoding = encoding_identity; verbosef("http: %d %s (%s: %zu bytes)", code, text, conn->encoding, conn->reply_length); conn->header_length = xasprintf(&(conn->header), "HTTP/1.1 %d %s\r\n" "Date: %s\r\n" "Server: %s\r\n" "Vary: Accept-Encoding\r\n" "Content-Type: %s\r\n" "Content-Length: %qu\r\n" "Content-Encoding: %s\r\n" "X-Robots-Tag: noindex, noarchive\r\n" "%s" "\r\n", code, text, rfc1123_date(date, now_real()), server, conn->mime_type, (qu)conn->reply_length, conn->encoding, conn->header_extra); conn->http_code = code; } /* --------------------------------------------------------------------------- * A default reply for any (erroneous) occasion. */ static void default_reply(struct connection *conn, const int errcode, const char *errname, const char *format, ...) _printflike_(4, 5); static void default_reply(struct connection *conn, const int errcode, const char *errname, const char *format, ...) { char *reason; va_list va; va_start(va, format); xvasprintf(&reason, format, va); va_end(va); conn->reply_length = xasprintf(&(conn->reply), "%d %s\n" "

%s

\n" /* errname */ "%s\n" /* reason */ "
\n" "Generated by %s" "\n", errcode, errname, errname, reason, server); free(reason); /* forget any dangling metadata */ conn->mime_type = mime_type_html; conn->encoding = encoding_identity; generate_header(conn, errcode, errname); } /* --------------------------------------------------------------------------- * Parses a single HTTP request field. Returns string from end of [field] to * first \r, \n or end of request string. Returns NULL if [field] can't be * matched. * * You need to remember to deallocate the result. * example: parse_field(conn, "Referer: "); */ static char *parse_field(const struct connection *conn, const char *field) { size_t bound1, bound2; char *pos; /* find start */ pos = strstr(conn->request, field); if (pos == NULL) return (NULL); bound1 = pos - conn->request + strlen(field); /* find end */ for (bound2 = bound1; bound2 < conn->request_length && conn->request[bound2] != '\r'; bound2++) ; /* copy to buffer */ return (split_string(conn->request, bound1, bound2)); } /* --------------------------------------------------------------------------- * Parse an HTTP request like "GET /hosts/?sort=in HTTP/1.1" to get the method * (GET), the uri (/hosts/), the query (sort=in) and whether the UA will * accept gzip encoding. Remember to deallocate all these buffers. Query * can be NULL. The method will be returned in uppercase. */ static int parse_request(struct connection *conn) { size_t bound1, bound2, mid; char *accept_enc; /* parse method */ for (bound1 = 0; bound1 < conn->request_length && conn->request[bound1] != ' '; bound1++) ; conn->method = split_string(conn->request, 0, bound1); strntoupper(conn->method, bound1); /* parse uri */ for (; bound1 < conn->request_length && conn->request[bound1] == ' '; bound1++) ; if (bound1 == conn->request_length) return (0); /* fail */ for (bound2=bound1+1; bound2 < conn->request_length && conn->request[bound2] != ' ' && conn->request[bound2] != '\r'; bound2++) ; /* find query string */ for (mid=bound1; midrequest[mid] != '?'; mid++) ; if (conn->request[mid] == '?') { conn->query = split_string(conn->request, mid+1, bound2); bound2 = mid; } conn->uri = split_string(conn->request, bound1, bound2); /* parse important fields */ accept_enc = parse_field(conn, "Accept-Encoding: "); if (accept_enc != NULL) { if (strstr(accept_enc, "gzip") != NULL) conn->accept_gzip = 1; free(accept_enc); } return (1); } /* FIXME: maybe we need a smarter way of doing static pages: */ /* --------------------------------------------------------------------------- * Web interface: static stylesheet. */ static void static_style_css(struct connection *conn) { #include "stylecss.h" conn->reply = (char*)style_css; conn->reply_length = style_css_len; conn->reply_dont_free = 1; conn->mime_type = mime_type_css; } /* --------------------------------------------------------------------------- * Web interface: static JavaScript. */ static void static_graph_js(struct connection *conn) { #include "graphjs.h" conn->reply = (char*)graph_js; conn->reply_length = graph_js_len; conn->reply_dont_free = 1; conn->mime_type = mime_type_js; } /* --------------------------------------------------------------------------- * Web interface: favicon. */ static void static_favicon(struct connection *conn) { #include "favicon.h" conn->reply = (char*)favicon_png; conn->reply_length = sizeof(favicon_png); conn->reply_dont_free = 1; conn->mime_type = mime_type_png; } /* --------------------------------------------------------------------------- * gzip a reply, if requested and possible. Don't bother with a minimum * length requirement, I've never seen a page fail to compress. */ static void process_gzip(struct connection *conn) { char *buf; size_t len; z_stream zs; if (!conn->accept_gzip) return; buf = xmalloc(conn->reply_length); len = conn->reply_length; zs.zalloc = Z_NULL; zs.zfree = Z_NULL; zs.opaque = Z_NULL; if (deflateInit2(&zs, Z_BEST_COMPRESSION, Z_DEFLATED, 15+16, /* 15 = biggest window, 16 = add gzip header+trailer */ 8 /* default */, Z_DEFAULT_STRATEGY) != Z_OK) { free(buf); return; } zs.avail_in = conn->reply_length; zs.next_in = (unsigned char *)conn->reply; zs.avail_out = conn->reply_length; zs.next_out = (unsigned char *)buf; if (deflate(&zs, Z_FINISH) != Z_STREAM_END) { deflateEnd(&zs); free(buf); verbosef("failed to compress %zu bytes", len); return; } if (conn->reply_dont_free) conn->reply_dont_free = 0; else free(conn->reply); conn->reply = buf; conn->reply_length -= zs.avail_out; conn->encoding = encoding_gzip; deflateEnd(&zs); } /* --------------------------------------------------------------------------- * Process a GET/HEAD request */ static void process_get(struct connection *conn) { char *safe_url; verbosef("http: %s \"%s\" %s", conn->method, conn->uri, (conn->query == NULL)?"":conn->query); { /* Decode the URL being requested. */ char *decoded_url; char *decoded_url_offset; decoded_url = urldecode(conn->uri); /* Optionally strip the base. */ decoded_url_offset = decoded_url; if (str_starts_with(decoded_url, http_base_url)) { decoded_url_offset += http_base_len - 1; } /* Make sure it's safe. */ safe_url = make_safe_uri(decoded_url_offset); free(decoded_url); if (safe_url == NULL) { default_reply(conn, 400, "Bad Request", "You requested an invalid URI: %s", conn->uri); return; } } if (strcmp(safe_url, "/") == 0) { struct str *buf = html_front_page(); str_extract(buf, &(conn->reply_length), &(conn->reply)); conn->mime_type = mime_type_html; } else if (str_starts_with(safe_url, "/hosts/")) { /* FIXME here - make this saner */ struct str *buf = html_hosts(safe_url, conn->query); if (buf == NULL) { default_reply(conn, 404, "Not Found", "The page you requested could not be found."); free(safe_url); return; } str_extract(buf, &(conn->reply_length), &(conn->reply)); conn->mime_type = mime_type_html; } else if (str_starts_with(safe_url, "/graphs.xml")) { struct str *buf = xml_graphs(); str_extract(buf, &(conn->reply_length), &(conn->reply)); conn->mime_type = mime_type_xml; /* hack around Opera caching the XML */ conn->header_extra = "Pragma: no-cache\r\n"; } else if (str_starts_with(safe_url, "/metrics")) { struct str *buf = text_metrics(); str_extract(buf, &(conn->reply_length), &(conn->reply)); conn->mime_type = mime_type_text_prometheus; } else if (strcmp(safe_url, "/style.css") == 0) static_style_css(conn); else if (strcmp(safe_url, "/graph.js") == 0) static_graph_js(conn); else if (strcmp(safe_url, "/favicon.ico") == 0) { /* serves a PNG instead of an ICO, might cause problems for IE6 */ static_favicon(conn); } else { default_reply(conn, 404, "Not Found", "The page you requested could not be found."); free(safe_url); return; } free(safe_url); process_gzip(conn); assert(conn->mime_type != NULL); generate_header(conn, 200, "OK"); } /* --------------------------------------------------------------------------- * Process a request: build the header and reply, advance state. */ static void process_request(struct connection *conn) { if (!parse_request(conn)) { default_reply(conn, 400, "Bad Request", "You sent a request that the server couldn't understand."); } else if (strcmp(conn->method, "GET") == 0) { process_get(conn); } else if (strcmp(conn->method, "HEAD") == 0) { process_get(conn); conn->header_only = 1; } else { default_reply(conn, 501, "Not Implemented", "The method you specified (%s) is not implemented.", conn->method); } /* advance state */ if (conn->header_only) conn->state = SEND_HEADER; else conn->state = SEND_HEADER_AND_REPLY; } /* --------------------------------------------------------------------------- * Receiving request. */ static void poll_recv_request(struct connection *conn) { char buf[65536]; ssize_t recvd; recvd = recv(conn->socket, buf, sizeof(buf), 0); dverbosef("poll_recv_request(%d) got %d bytes", conn->socket, (int)recvd); if (recvd <= 0) { if (recvd == -1) verbosef("recv(%d) error: %s", conn->socket, strerror(errno)); conn->state = DONE; return; } conn->last_active_mono = now_mono(); /* append to conn->request */ conn->request = xrealloc(conn->request, conn->request_length+recvd+1); memcpy(conn->request+conn->request_length, buf, (size_t)recvd); conn->request_length += recvd; conn->request[conn->request_length] = 0; /* die if it's too long */ if (conn->request_length > MAX_REQUEST_LENGTH) { default_reply(conn, 413, "Request Entity Too Large", "Your request was dropped because it was too long."); conn->state = SEND_HEADER; return; } /* process request if we have all of it */ if (conn->request_length > 4 && memcmp(conn->request+conn->request_length-4, "\r\n\r\n", 4) == 0) { process_request(conn); /* request not needed anymore */ free(conn->request); conn->request = NULL; /* important: don't free it again later */ } } /* --------------------------------------------------------------------------- * Try to send header and [a part of the] reply in one packet. */ static void poll_send_header_and_reply(struct connection *conn) { ssize_t sent; struct iovec iov[2]; assert(!conn->header_only); assert(conn->reply_length > 0); assert(conn->header_sent == 0); assert(conn->reply_sent == 0); /* Fill out iovec */ iov[0].iov_base = conn->header; iov[0].iov_len = conn->header_length; iov[1].iov_base = conn->reply; iov[1].iov_len = conn->reply_length; sent = writev(conn->socket, iov, 2); conn->last_active_mono = now_mono(); /* handle any errors (-1) or closure (0) in send() */ if (sent < 1) { if (sent == -1) verbosef("writev(%d) error: %s", conn->socket, strerror(errno)); conn->state = DONE; return; } /* Figure out what we've sent. */ conn->total_sent += (unsigned int)sent; if (sent < (ssize_t)conn->header_length) { verbosef("partially sent header"); conn->header_sent = sent; conn->state = SEND_HEADER; return; } /* else */ conn->header_sent = conn->header_length; sent -= conn->header_length; if (sent < (ssize_t)conn->reply_length) { verbosef("partially sent reply"); conn->reply_sent += sent; conn->state = SEND_REPLY; return; } /* else */ conn->reply_sent = conn->reply_length; conn->state = DONE; } /* --------------------------------------------------------------------------- * Sending header. Assumes conn->header is not NULL. */ static void poll_send_header(struct connection *conn) { ssize_t sent; sent = send(conn->socket, conn->header + conn->header_sent, conn->header_length - conn->header_sent, 0); conn->last_active_mono = now_mono(); dverbosef("poll_send_header(%d) sent %d bytes", conn->socket, (int)sent); /* handle any errors (-1) or closure (0) in send() */ if (sent < 1) { if (sent == -1) verbosef("send(%d) error: %s", conn->socket, strerror(errno)); conn->state = DONE; return; } conn->header_sent += (unsigned int)sent; conn->total_sent += (unsigned int)sent; /* check if we're done sending */ if (conn->header_sent == conn->header_length) { if (conn->header_only) conn->state = DONE; else conn->state = SEND_REPLY; } } /* --------------------------------------------------------------------------- * Sending reply. */ static void poll_send_reply(struct connection *conn) { ssize_t sent; sent = send(conn->socket, conn->reply + conn->reply_sent, conn->reply_length - conn->reply_sent, 0); conn->last_active_mono = now_mono(); dverbosef("poll_send_reply(%d) sent %d: [%d-%d] of %d", conn->socket, (int)sent, (int)conn->reply_sent, (int)(conn->reply_sent + sent - 1), (int)conn->reply_length); /* handle any errors (-1) or closure (0) in send() */ if (sent < 1) { if (sent == -1) verbosef("send(%d) error: %s", conn->socket, strerror(errno)); else if (sent == 0) verbosef("send(%d) closure", conn->socket); conn->state = DONE; return; } conn->reply_sent += (unsigned int)sent; conn->total_sent += (unsigned int)sent; /* check if we're done sending */ if (conn->reply_sent == conn->reply_length) conn->state = DONE; } /* -------------------------------------------------------------------------- * Initialize the base url. */ void http_init_base(const char *url) { char *slashed_url, *safe_url; size_t urllen; if (url == NULL) { http_base_url = strdup("/"); } else { /* Make sure that the url has leading and trailing slashes. */ urllen = strlen(url); slashed_url = xmalloc(urllen+3); slashed_url[0] = '/'; memcpy(slashed_url+1, url, urllen); /* don't copy NUL */ slashed_url[urllen+1] = '/'; slashed_url[urllen+2] = '\0'; /* Clean the url. */ safe_url = make_safe_uri(slashed_url); free(slashed_url); if (safe_url == NULL) { verbosef("invalid base \"%s\", ignored", url); http_base_url = strdup("/"); /* set to default */ } else { http_base_url = safe_url; } } http_base_len = strlen(http_base_url); verbosef("set base url to \"%s\"", http_base_url); } /* Use getaddrinfo to figure out what type of socket to create and * what to bind it to. "bindaddr" can be NULL. Remember to freeaddrinfo() * the result. */ static struct addrinfo *get_bind_addr( const char *bindaddr, const unsigned short bindport) { struct addrinfo hints, *ai; char portstr[6]; int ret; memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_PASSIVE; snprintf(portstr, sizeof(portstr), "%u", bindport); if ((ret = getaddrinfo(bindaddr, portstr, &hints, &ai))) err(1, "getaddrinfo(%s, %s) failed: %s", bindaddr ? bindaddr : "NULL", portstr, gai_strerror(ret)); if (ai == NULL) err(1, "getaddrinfo() returned NULL pointer"); return ai; } void http_add_bindaddr(const char *bindaddr) { struct bindaddr_entry *ent; ent = xmalloc(sizeof(*ent)); ent->s = bindaddr; STAILQ_INSERT_TAIL(&bindaddrs, ent, entries); } static void http_listen_one(struct addrinfo *ai, const unsigned short bindport) { char ipaddr[INET6_ADDRSTRLEN]; int sockin, sockopt, ret; /* format address into ipaddr string */ if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, ipaddr, sizeof(ipaddr), NULL, 0, NI_NUMERICHOST)) != 0) err(1, "getnameinfo failed: %s", gai_strerror(ret)); /* create incoming socket */ if ((sockin = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol)) == -1) { warn("http_listen_one(%s, %u): socket(%d (%s), %d, %d) failed", ipaddr, (unsigned int)bindport, ai->ai_family, (ai->ai_family == AF_INET6) ? "AF_INET6" : (ai->ai_family == AF_INET) ? "AF_INET" : "?", ai->ai_socktype, ai->ai_protocol); return; } fd_set_nonblock(sockin); /* reuse address */ sockopt = 1; if (setsockopt(sockin, SOL_SOCKET, SO_REUSEADDR, &sockopt, sizeof(sockopt)) == -1) err(1, "can't set SO_REUSEADDR"); #ifdef IPV6_V6ONLY /* explicitly disallow IPv4 mapped addresses since OpenBSD doesn't allow * dual stack sockets under any circumstances */ if (ai->ai_family == AF_INET6) { sockopt = 1; if (setsockopt(sockin, IPPROTO_IPV6, IPV6_V6ONLY, &sockopt, sizeof(sockopt)) == -1) err(1, "can't set IPV6_V6ONLY"); } #endif /* bind socket */ if (bind(sockin, ai->ai_addr, ai->ai_addrlen) == -1) { warn("bind(\"%s\") failed", ipaddr); close(sockin); return; } /* listen on socket */ if (listen(sockin, 128) == -1) err(1, "listen() failed"); verbosef("listening on http://%s%s%s:%u%s", (ai->ai_family == AF_INET6) ? "[" : "", ipaddr, (ai->ai_family == AF_INET6) ? "]" : "", bindport, http_base_url); /* add to insocks */ insocks = xrealloc(insocks, sizeof(*insocks) * (insock_num + 1)); insocks[insock_num++] = sockin; } /* Initialize the http sockets and listen on them. */ void http_listen(const unsigned short bindport) { /* If the user didn't specify any bind addresses, add a NULL. * This will become a wildcard. */ if (STAILQ_EMPTY(&bindaddrs)) http_add_bindaddr(NULL); /* Listen on every specified interface. */ while (!STAILQ_EMPTY(&bindaddrs)) { struct bindaddr_entry *bindaddr = STAILQ_FIRST(&bindaddrs); struct addrinfo *ai, *ais = get_bind_addr(bindaddr->s, bindport); /* There could be multiple addresses returned, handle them all. */ for (ai = ais; ai; ai = ai->ai_next) http_listen_one(ai, bindport); freeaddrinfo(ais); STAILQ_REMOVE_HEAD(&bindaddrs, entries); free(bindaddr); } if (insocks == NULL) errx(1, "was not able to bind any ports for http interface"); /* ignore SIGPIPE */ if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) err(1, "can't ignore SIGPIPE"); } /* --------------------------------------------------------------------------- * Set recv/send fd_sets and calculate timeout length. */ void http_fd_set(fd_set *recv_set, fd_set *send_set, int *max_fd, struct timeval *timeout, int *need_timeout) { struct connection *conn, *next; int minidle = idletime + 1; unsigned int i; #define MAX_FD_SET(sock, fdset) do { \ FD_SET(sock, fdset); *max_fd = MAX(*max_fd, sock); } while(0) for (i=0; ilast_active_mono; /* Time out dead connections. */ if (idlefor >= idletime) { char ipaddr[INET6_ADDRSTRLEN]; /* FIXME: this is too late on FreeBSD, socket is invalid */ int ret = getnameinfo((struct sockaddr *)&conn->client, sizeof(conn->client), ipaddr, sizeof(ipaddr), NULL, 0, NI_NUMERICHOST); if (ret == 0) verbosef("http socket timeout from %s (fd %d)", ipaddr, conn->socket); else warn("http socket timeout: getnameinfo error: %s", gai_strerror(ret)); conn->state = DONE; } /* Connections that need a timeout. */ if (conn->state != DONE) minidle = MIN(minidle, (idletime - idlefor)); switch (conn->state) { case DONE: /* clean out stale connection */ LIST_REMOVE(conn, entries); free_connection(conn); free(conn); break; case RECV_REQUEST: MAX_FD_SET(conn->socket, recv_set); break; case SEND_HEADER_AND_REPLY: case SEND_HEADER: case SEND_REPLY: MAX_FD_SET(conn->socket, send_set); break; default: errx(1, "invalid state"); } } #undef MAX_FD_SET /* Only set timeout if cap hasn't already. */ if ((*need_timeout == 0) && (minidle <= idletime)) { *need_timeout = 1; timeout->tv_sec = minidle; timeout->tv_usec = 0; } } /* --------------------------------------------------------------------------- * poll connections that select() says need attention */ void http_poll(fd_set *recv_set, fd_set *send_set) { struct connection *conn; unsigned int i; for (i=0; istate) { case RECV_REQUEST: if (FD_ISSET(conn->socket, recv_set)) poll_recv_request(conn); break; case SEND_HEADER_AND_REPLY: if (FD_ISSET(conn->socket, send_set)) poll_send_header_and_reply(conn); break; case SEND_HEADER: if (FD_ISSET(conn->socket, send_set)) poll_send_header(conn); break; case SEND_REPLY: if (FD_ISSET(conn->socket, send_set)) poll_send_reply(conn); break; case DONE: /* fallthrough */ default: errx(1, "invalid state"); } } void http_stop(void) { struct connection *conn; struct connection *next; unsigned int i; free(http_base_url); /* Close listening sockets. */ for (i=0; i #include void http_init_base(const char *url); void http_add_bindaddr(const char *bindaddr); void http_listen(const unsigned short bindport); void http_fd_set(fd_set *recv_set, fd_set *send_set, int *max_fd, struct timeval *timeout, int *need_timeout); void http_poll(fd_set *read_set, fd_set *write_set); void http_stop(void); /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/install-sh000077500000000000000000000220211416753542100155120ustar00rootroot00000000000000#!/bin/sh # install - install a program, script, or datafile scriptversion=2005-05-14.22 # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the # following copyright and license. # # Copyright (C) 1994 X Consortium # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to # deal in the Software without restriction, including without limitation the # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or # sell copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in # all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN # AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- # TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. # # Except as contained in this notice, the name of the X Consortium shall not # be used in advertising or otherwise to promote the sale, use or other deal- # ings in this Software without prior written authorization from the X Consor- # tium. # # # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent # `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. It can only install one file at a time, a restriction # shared with many OS's install programs. # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit="${DOITPROG-}" # put in absolute paths if you don't have them in your path; or use env. vars. mvprog="${MVPROG-mv}" cpprog="${CPPROG-cp}" chmodprog="${CHMODPROG-chmod}" chownprog="${CHOWNPROG-chown}" chgrpprog="${CHGRPPROG-chgrp}" stripprog="${STRIPPROG-strip}" rmprog="${RMPROG-rm}" mkdirprog="${MKDIRPROG-mkdir}" chmodcmd="$chmodprog 0755" chowncmd= chgrpcmd= stripcmd= rmcmd="$rmprog -f" mvcmd="$mvprog" src= dst= dir_arg= dstarg= no_target_directory= usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE or: $0 [OPTION]... SRCFILES... DIRECTORY or: $0 [OPTION]... -t DIRECTORY SRCFILES... or: $0 [OPTION]... -d DIRECTORIES... In the 1st form, copy SRCFILE to DSTFILE. In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. In the 4th, create DIRECTORIES. Options: -c (ignored) -d create directories instead of installing files. -g GROUP $chgrpprog installed files to GROUP. -m MODE $chmodprog installed files to MODE. -o USER $chownprog installed files to USER. -s $stripprog installed files. -t DIRECTORY install into DIRECTORY. -T report an error if DSTFILE is a directory. --help display this help and exit. --version display version info and exit. Environment variables override the default commands: CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG " while test -n "$1"; do case $1 in -c) shift continue;; -d) dir_arg=true shift continue;; -g) chgrpcmd="$chgrpprog $2" shift shift continue;; --help) echo "$usage"; exit $?;; -m) chmodcmd="$chmodprog $2" shift shift continue;; -o) chowncmd="$chownprog $2" shift shift continue;; -s) stripcmd=$stripprog shift continue;; -t) dstarg=$2 shift shift continue;; -T) no_target_directory=true shift continue;; --version) echo "$0 $scriptversion"; exit $?;; *) # When -d is used, all remaining arguments are directories to create. # When -t is used, the destination is already specified. test -n "$dir_arg$dstarg" && break # Otherwise, the last argument is the destination. Remove it from $@. for arg do if test -n "$dstarg"; then # $@ is not empty: it contains at least $arg. set fnord "$@" "$dstarg" shift # fnord fi shift # arg dstarg=$arg done break;; esac done if test -z "$1"; then if test -z "$dir_arg"; then echo "$0: no input file specified." >&2 exit 1 fi # It's OK to call `install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi for src do # Protect names starting with `-'. case $src in -*) src=./$src ;; esac if test -n "$dir_arg"; then dst=$src src= if test -d "$dst"; then mkdircmd=: chmodcmd= else mkdircmd=$mkdirprog fi else # Waiting for this to be detected by the "$cpprog $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if test ! -f "$src" && test ! -d "$src"; then echo "$0: $src does not exist." >&2 exit 1 fi if test -z "$dstarg"; then echo "$0: no destination specified." >&2 exit 1 fi dst=$dstarg # Protect names starting with `-'. case $dst in -*) dst=./$dst ;; esac # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. if test -d "$dst"; then if test -n "$no_target_directory"; then echo "$0: $dstarg: Is a directory" >&2 exit 1 fi dst=$dst/`basename "$src"` fi fi # This sed command emulates the dirname command. dstdir=`echo "$dst" | sed -e 's,/*$,,;s,[^/]*$,,;s,/*$,,;s,^$,.,'` # Make sure that the destination directory exists. # Skip lots of stat calls in the usual case. if test ! -d "$dstdir"; then defaultIFS=' ' IFS="${IFS-$defaultIFS}" oIFS=$IFS # Some sh's can't handle IFS=/ for some reason. IFS='%' set x `echo "$dstdir" | sed -e 's@/@%@g' -e 's@^%@/@'` shift IFS=$oIFS pathcomp= while test $# -ne 0 ; do pathcomp=$pathcomp$1 shift if test ! -d "$pathcomp"; then $mkdirprog "$pathcomp" # mkdir can fail with a `File exist' error in case several # install-sh are creating the directory concurrently. This # is OK. test -d "$pathcomp" || exit fi pathcomp=$pathcomp/ done fi if test -n "$dir_arg"; then $doit $mkdircmd "$dst" \ && { test -z "$chowncmd" || $doit $chowncmd "$dst"; } \ && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } \ && { test -z "$stripcmd" || $doit $stripcmd "$dst"; } \ && { test -z "$chmodcmd" || $doit $chmodcmd "$dst"; } else dstfile=`basename "$dst"` # Make a couple of temp file names in the proper directory. dsttmp=$dstdir/_inst.$$_ rmtmp=$dstdir/_rm.$$_ # Trap to clean up those temp files at exit. trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 trap '(exit $?); exit' 1 2 13 15 # Copy the file name to the temp name. $doit $cpprog "$src" "$dsttmp" && # and set any options; do chmod last to preserve setuid bits. # # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $cpprog $src $dsttmp" command. # { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \ && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \ && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \ && { test -z "$chmodcmd" || $doit $chmodcmd "$dsttmp"; } && # Now rename the file to the real destination. { $doit $mvcmd -f "$dsttmp" "$dstdir/$dstfile" 2>/dev/null \ || { # The rename failed, perhaps because mv can't rename something else # to itself, or perhaps because mv is so ancient that it does not # support -f. # Now remove or move aside any old file at destination location. # We try this two ways since rm can't unlink itself on some # systems and the destination file might be busy for other # reasons. In this case, the final cleanup might fail but the new # file should still install successfully. { if test -f "$dstdir/$dstfile"; then $doit $rmcmd -f "$dstdir/$dstfile" 2>/dev/null \ || $doit $mvcmd -f "$dstdir/$dstfile" "$rmtmp" 2>/dev/null \ || { echo "$0: cannot unlink or rename $dstdir/$dstfile" >&2 (exit 1); exit 1 } else : fi } && # Now rename the file to the real destination. $doit $mvcmd "$dsttmp" "$dstdir/$dstfile" } } fi || { (exit 1); exit 1; } done # The final little trick to "correctly" pass the exit status to the exit trap. { (exit 0); exit 0 } # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-end: "$" # End: darkstat-3.0.721/localip.c000066400000000000000000000106541416753542100153060ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * localip.c: determine local IPs of an interface * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "addr.h" #include "bsd.h" /* for strlcpy */ #include "config.h" /* for HAVE_IFADDRS_H */ #include "conv.h" #include "err.h" #include "localip.h" #include "now.h" #include #include #include #include #include #include #include #include #ifdef HAVE_IFADDRS_H # include #else # ifdef HAVE_SYS_SOCKIO_H # include /* for SIOCGIFADDR, especially on Solaris */ # endif # include #endif void localip_init(struct local_ips *ips) { ips->is_valid = 0; ips->last_update_mono = 0; ips->num_addrs = 0; ips->addrs = NULL; } void localip_free(struct local_ips *ips) { if (ips->addrs != NULL) free(ips->addrs); } static void add_ip(const char *iface, struct local_ips *ips, int *idx, struct addr *a) { if (ips->num_addrs <= *idx) { /* Grow. */ ips->addrs = xrealloc(ips->addrs, sizeof(*(ips->addrs)) * (*idx + 1)); ips->num_addrs++; assert(ips->num_addrs > *idx); verbosef("interface '%s' gained new address %s", iface, addr_to_str(a)); } else { /* Warn about changed address. */ if (!addr_equal(ips->addrs + *idx, a)) { static char before[INET6_ADDRSTRLEN]; strncpy(before, addr_to_str(ips->addrs + *idx), INET6_ADDRSTRLEN); verbosef("interface '%s' address %d/%d changed from %s to %s", iface, *idx+1, ips->num_addrs, before, addr_to_str(a)); } } ips->addrs[*idx] = *a; (*idx)++; } /* Returns 0 on failure. */ void localip_update(const char *iface, struct local_ips *ips) { struct addr a; int new_addrs = 0; if (iface == NULL) { /* reading from capfile */ ips->is_valid = 0; return; } if (ips->last_update_mono == now_mono()) { /* Too soon, bail out. */ return; } ips->last_update_mono = now_mono(); #ifdef HAVE_IFADDRS_H { struct ifaddrs *ifas, *ifa; if (getifaddrs(&ifas) < 0) err(1, "getifaddrs() failed"); for (ifa=ifas; ifa; ifa=ifa->ifa_next) { if (strncmp(ifa->ifa_name, iface, IFNAMSIZ)) continue; /* Wrong interface. */ if (!ifa->ifa_addr) continue; /* This can be NULL, e.g. for ppp0. */ if (ifa->ifa_addr->sa_family == AF_INET) { a.family = IPv4; a.ip.v4 = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr.s_addr; add_ip(iface, ips, &new_addrs, &a); } if (ifa->ifa_addr->sa_family == AF_INET6) { struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)ifa->ifa_addr; # if 0 if ( IN6_IS_ADDR_LINKLOCAL(&(sa6->sin6_addr)) || IN6_IS_ADDR_SITELOCAL(&(sa6->sin6_addr)) ) continue; # endif a.family = IPv6; memcpy(&(a.ip.v6), &sa6->sin6_addr, sizeof(a.ip.v6)); add_ip(iface, ips, &new_addrs, &a); } } freeifaddrs(ifas); } #else /* don't HAVE_IFADDRS_H */ { int tmp = socket(AF_INET, SOCK_DGRAM, IPPROTO_IP); struct ifreq ifr; struct sockaddr sa; strlcpy(ifr.ifr_name, iface, IFNAMSIZ); ifr.ifr_addr.sa_family = AF_INET; if (ioctl(tmp, SIOCGIFADDR, &ifr) != -1) { sa = ifr.ifr_addr; a.family = IPv4; a.ip.v4 = ((struct sockaddr_in*)(&ifr.ifr_addr))->sin_addr.s_addr; add_ip(iface, ips, &new_addrs, &a); } close(tmp); } #endif if (new_addrs == 0) { if (ips->is_valid) verbosef("interface '%s' no longer has any addresses", iface); ips->is_valid = 0; } else { if (!ips->is_valid) verbosef("interface '%s' now has addresses", iface); ips->is_valid = 1; if (ips->num_addrs != new_addrs) verbosef("interface '%s' number of addresses decreased from %d to %d", iface, ips->num_addrs, new_addrs); ips->num_addrs = new_addrs; } } int is_localip(const struct addr * const a, const struct local_ips * const ips) { int i; for (i=0; inum_addrs; i++) { if (addr_equal(a, ips->addrs+i)) return 1; } return 0; } /* vim:set ts=3 sw=3 tw=80 et: */ darkstat-3.0.721/localip.h000066400000000000000000000013241416753542100153050ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * localip.h: determine the local IPs of an interface * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #ifndef __DARKSTAT_LOCALIP_H #define __DARKSTAT_LOCALIP_H #include struct local_ips { int is_valid; time_t last_update_mono; int num_addrs; struct addr *addrs; }; void localip_init(struct local_ips *ips); void localip_free(struct local_ips *ips); void localip_update(const char *iface, struct local_ips *ips); int is_localip(const struct addr * const a, const struct local_ips * const ips); #endif /* vim:set ts=3 sw=3 tw=80 et: */ darkstat-3.0.721/ncache.c000066400000000000000000000060021416753542100150740ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * ncache.c: cache of protocol and service names. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "conv.h" #include "err.h" #include "ncache.h" #include "tree.h" #include "bsd.h" /* for strlcpy */ #include /* ntohs */ #include #include #include struct name_rec { RB_ENTRY(name_rec) ptree; int num; char *name; }; static int rec_cmp(struct name_rec *a, struct name_rec *b) { if (a->num < b->num) return (-1); else if (a->num > b->num) return (+1); else return (0); } RB_HEAD(nc_tree, name_rec); RB_GENERATE_STATIC(nc_tree, name_rec, ptree, rec_cmp) static struct nc_tree t_proto = RB_INITIALIZER(&name_rec), t_servtcp = RB_INITIALIZER(&name_rec), t_servudp = RB_INITIALIZER(&name_rec); static void add_rec(struct nc_tree *tree, const int num, const char *name) { struct name_rec *e, *r = xmalloc(sizeof(*r)); r->num = num; e = RB_INSERT(nc_tree, tree, r); if (e != NULL) { size_t newlen; /* record exists: append service name, free record */ newlen = strlen(e->name) + strlen(name) + 2; e->name = xrealloc(e->name, newlen); strlcat(e->name, " ", newlen); strlcat(e->name, name, newlen); free(r); } else { /* record added: fill out name field */ r->name = xstrdup(name); } } void ncache_init(void) { struct protoent *pe; struct servent *se; int count, ctcp, cudp; count = 0; setprotoent(0); while ((pe = getprotoent()) != NULL) { add_rec(&t_proto, pe->p_proto, pe->p_name); count++; } endprotoent(); verbosef("loaded %d protos", count); count = ctcp = cudp = 0; setservent(0); while ((se = getservent()) != NULL) { if (strcmp(se->s_proto, "tcp") == 0) { add_rec(&t_servtcp, ntohs(se->s_port), se->s_name); ctcp++; } else if (strcmp(se->s_proto, "udp") == 0) { add_rec(&t_servudp, ntohs(se->s_port), se->s_name); cudp++; } count++; } endservent(); verbosef("loaded %d tcp and %d udp servs, from total %d", ctcp, cudp, count); } static void tree_free(struct nc_tree *tree) { struct name_rec *curr, *next; for (curr = RB_MIN(nc_tree, tree); curr != NULL; curr = next) { next = RB_NEXT(nc_tree, tree, curr); RB_REMOVE(nc_tree, tree, curr); free(curr->name); free(curr); } } void ncache_free(void) { tree_free(&t_proto); tree_free(&t_servtcp); tree_free(&t_servudp); } #define FIND(tree,n) { \ struct name_rec r, *f; \ r.num = n; \ f = RB_FIND(nc_tree, &tree, &r); \ if (f == NULL) \ return (""); \ else \ return (f->name); \ } const char * getproto(const int proto) FIND(t_proto, proto) const char * getservtcp(const int port) FIND(t_servtcp, port) const char * getservudp(const int port) FIND(t_servudp, port) /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/ncache.h000066400000000000000000000007111416753542100151020ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2006 Emil Mikulic. * * ncache.h: cache of protocol and service names. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ void ncache_init(void); void ncache_free(void); const char *getproto(const int proto); const char *getservtcp(const int port); const char *getservudp(const int port); /* vim:set ts=3 sw=3 tw=78 expandtab: */ darkstat-3.0.721/now.c000066400000000000000000000107411416753542100144630ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2012-2014 Emil Mikulic. * * now.c: a cache of the current time. * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "err.h" #include "now.h" #include "str.h" #include #include #include #if defined(__MACH__) && !defined(__gnu_hurd__) /* Fake up clock_gettime() on OS X. */ # include # include # include # include typedef int clockid_t; # define CLOCK_REALTIME 0 # define CLOCK_MONOTONIC 1 static uint64_t mono_first = 0; int clock_gettime(clockid_t clk_id, struct timespec *tp) { if (clk_id == CLOCK_REALTIME) { struct timeval tv; gettimeofday(&tv, NULL); tp->tv_sec = tv.tv_sec; tp->tv_nsec = tv.tv_usec * 1000; return 0; } if (clk_id == CLOCK_MONOTONIC) { uint64_t t = mach_absolute_time(); mach_timebase_info_data_t timebase; mach_timebase_info(&timebase); if (!mono_first) { mono_first = t; } uint64_t tdiff = (t - mono_first) * timebase.numer / timebase.denom; tp->tv_sec = tdiff / 1000000000; tp->tv_nsec = tdiff % 1000000000; return 0; } return -1; } #endif /* __MACH__ */ static struct timespec clock_real, clock_mono; static int now_initialized = 0; time_t now_real(void) { assert(now_initialized); return clock_real.tv_sec; } time_t now_mono(void) { assert(now_initialized); return clock_mono.tv_sec; } static int before(const struct timespec *a, const struct timespec *b) { if (a->tv_sec < b->tv_sec) return 1; if (a->tv_sec == b->tv_sec && a->tv_nsec < b->tv_nsec) return 1; return 0; } static void warn_backwards(const char *name, const struct timespec * const t0, const struct timespec * const t1) { verbosef("%s clock went backwards from %lld.%09lld to %lld.%09lld", name, (lld)t0->tv_sec, (lld)t0->tv_nsec, (lld)t1->tv_sec, (lld)t1->tv_nsec); } static void clock_update(const clockid_t clk_id, struct timespec *dest, const char *name) { struct timespec t; clock_gettime(clk_id, &t); if (now_initialized && before(&t, dest)) { warn_backwards(name, &t, dest); } memcpy(dest, &t, sizeof(t)); } static void all_clocks_update(void) { clock_update(CLOCK_REALTIME, &clock_real, "realtime"); clock_update(CLOCK_MONOTONIC, &clock_mono, "monotonic"); } void now_init(void) { assert(!now_initialized); all_clocks_update(); now_initialized = 1; } void now_update(void) { assert(now_initialized); all_clocks_update(); } time_t mono_to_real(const int64_t t) { assert(now_initialized); return (time_t)(t - (int64_t)clock_mono.tv_sec + (int64_t)clock_real.tv_sec); } int64_t real_to_mono(const time_t t) { assert(now_initialized); return (int64_t)(t - clock_real.tv_sec + clock_mono.tv_sec); } void timer_start(struct timespec *t) { clock_gettime(CLOCK_MONOTONIC, t); } static int64_t ts_diff(const struct timespec * const a, const struct timespec * const b) { return (int64_t)(a->tv_sec - b->tv_sec) * 1000000000 + a->tv_nsec - b->tv_nsec; } void timer_stop(const struct timespec * const t0, const int64_t nsec, const char *warning) { struct timespec t1; int64_t diff; clock_gettime(CLOCK_MONOTONIC, &t1); if (before(&t1, t0)) { warn_backwards("monotonic timer", t0, &t1); return; } diff = ts_diff(&t1, t0); if (diff > nsec) { warnx("%s (took %lld nsec, over threshold of %lld nsec)", warning, (lld)diff, (lld)nsec); } } /* vim:set ts=3 sw=3 tw=80 et: */ darkstat-3.0.721/now.h000066400000000000000000000026201416753542100144650ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * now.h: a cache of the current time. * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include void now_init(void); void now_update(void); /* once per event loop (in darkstat.c) */ time_t now_real(void); time_t now_mono(void); /* Monotonic times can be negative (a time from before the machine booted) so * treat them as signed. */ time_t mono_to_real(const int64_t t); int64_t real_to_mono(const time_t t); /* Emits warnings if a call is too slow. */ struct timespec; void timer_start(struct timespec *t); void timer_stop(const struct timespec * const t, const int64_t nsec, const char *warning); /* vim:set ts=3 sw=3 tw=80 et: */ darkstat-3.0.721/opt.h000066400000000000000000000015671416753542100144750ustar00rootroot00000000000000/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * opt.h: global options */ /* Capture options. */ extern int opt_want_pppoe; extern int opt_want_macs; extern int opt_want_hexdump; extern int opt_want_snaplen; extern int opt_wait_secs; /* Error/logging options. */ extern int opt_want_verbose; extern int opt_want_syslog; /* Accounting options. */ extern unsigned int opt_highest_port; extern int opt_want_local_only; /* Hosts table reduction - when the number of entries is about to exceed * , we reduce the table to the top entries. */ extern unsigned int opt_hosts_max; extern unsigned int opt_hosts_keep; extern unsigned int opt_ports_max; extern unsigned int opt_ports_keep; /* Hosts output options. */ extern int opt_want_lastseen; /* Initialized in cap.c, added to */ extern char *title_interfaces; /* vim:set ts=3 sw=3 tw=78 expandtab: */ �����������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/pidfile.c��������������������������������������������������������������������������0000664�0000000�0000000�00000004717�14167535421�0015302�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* darkstat 3 * copyright (c) 2007-2014 Emil Mikulic. * * pidfile.h: pidfile manglement * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "err.h" #include "str.h" #include "pidfile.h" #include <errno.h> #include <fcntl.h> #include <pwd.h> #include <stdlib.h> #include <unistd.h> static int pidfd = -1; static const char *pidname = NULL; void pidfile_create(const char *chroot_dir, const char *filename, const char *privdrop_user) { struct passwd *pw; if (pidfd != -1) errx(1, "pidfile already created"); errno = 0; pw = getpwnam(privdrop_user); if (pw == NULL) { if (errno == 0) errx(1, "getpwnam(\"%s\") failed: no such user", privdrop_user); else err(1, "getpwnam(\"%s\") failed", privdrop_user); } if (chroot_dir != NULL) { if (chdir(chroot_dir) == -1) { err(1, "chdir(\"%s\") failed", chroot_dir); } } pidname = filename; pidfd = open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL, 0600); if (pidfd == -1) err(1, "couldn't not create pidfile"); if (chown(filename, pw->pw_uid, pw->pw_gid) == -1) err(1, "couldn't chown pidfile"); } void pidfile_write_close(void) { struct str *s; size_t len; char *buf; if (pidfd == -1) errx(1, "cannot write pidfile: not created"); s = str_make(); str_appendf(s, "%u\n", (unsigned int)getpid()); str_extract(s, &len, &buf); if (write(pidfd, buf, len) != (int)len) err(1, "couldn't write to pidfile"); free(buf); if (close(pidfd) == -1) warn("problem closing pidfile"); } void pidfile_unlink(void) { if (pidname == NULL) return; /* pidfile wasn't created */ if (unlink(pidname) == -1) warn("problem unlinking pidfile"); } /* vim:set ts=3 sw=3 tw=78 et: */ �������������������������������������������������darkstat-3.0.721/pidfile.h��������������������������������������������������������������������������0000664�0000000�0000000�00000000432�14167535421�0015275�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* darkstat 3 * copyright (c) 2007 Emil Mikulic. * * pidfile.h: pidfile manglement */ void pidfile_create(const char *chroot_dir, const char *filename, const char *privdrop_user); void pidfile_write_close(void); void pidfile_unlink(void); /* vim:set ts=3 sw=3 tw=78 et: */ ��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/queue.h����������������������������������������������������������������������������0000664�0000000�0000000�00000012421�14167535421�0015006�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* This is a stripped down version of FreeBSD's * src/sys/sys/queue.h,v 1.60.2.1 * * The original file's license: * * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #define STAILQ_HEAD(name, type) \ struct name { \ struct type *stqh_first;/* first element */ \ struct type **stqh_last;/* addr of last next element */ \ } #define STAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).stqh_first } #define STAILQ_ENTRY(type) \ struct { \ struct type *stqe_next; /* next element */ \ } #define STAILQ_EMPTY(head) ((head)->stqh_first == NULL) #define STAILQ_FIRST(head) ((head)->stqh_first) #define STAILQ_FOREACH(var, head, field) \ for((var) = STAILQ_FIRST((head)); \ (var); \ (var) = STAILQ_NEXT((var), field)) #define STAILQ_NEXT(elm, field) ((elm)->field.stqe_next) #ifdef STAILQ_INSERT_TAIL #undef STAILQ_INSERT_TAIL #endif #define STAILQ_INSERT_TAIL(head, elm, field) do { \ STAILQ_NEXT((elm), field) = NULL; \ *(head)->stqh_last = (elm); \ (head)->stqh_last = &STAILQ_NEXT((elm), field); \ } while (0) #ifdef STAILQ_REMOVE_HEAD #undef STAILQ_REMOVE_HEAD #endif #define STAILQ_REMOVE_HEAD(head, field) do { \ if ((STAILQ_FIRST((head)) = \ STAILQ_NEXT(STAILQ_FIRST((head)), field)) == NULL) \ (head)->stqh_last = &STAILQ_FIRST((head)); \ } while (0) #undef LIST_HEAD #define LIST_HEAD(name, type) \ struct name { \ struct type *lh_first; /* first element */ \ } #undef LIST_HEAD_INITIALIZER #define LIST_HEAD_INITIALIZER(head) \ { NULL } #undef LIST_ENTRY #define LIST_ENTRY(type) \ struct { \ struct type *le_next; /* next element */ \ struct type **le_prev; /* address of previous next element */ \ } #undef LIST_FIRST #define LIST_FIRST(head) ((head)->lh_first) #undef LIST_FOREACH #define LIST_FOREACH(var, head, field) \ for ((var) = LIST_FIRST((head)); \ (var); \ (var) = LIST_NEXT((var), field)) #undef LIST_FOREACH_SAFE #define LIST_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = LIST_FIRST((head)); \ (var) && ((tvar) = LIST_NEXT((var), field), 1); \ (var) = (tvar)) #undef LIST_INIT #define LIST_INIT(head) do { \ LIST_FIRST((head)) = NULL; \ } while (0) #undef LIST_INSERT_HEAD #define LIST_INSERT_HEAD(head, elm, field) do { \ if ((LIST_NEXT((elm), field) = LIST_FIRST((head))) != NULL) \ LIST_FIRST((head))->field.le_prev = &LIST_NEXT((elm), field);\ LIST_FIRST((head)) = (elm); \ (elm)->field.le_prev = &LIST_FIRST((head)); \ } while (0) #undef LIST_NEXT #define LIST_NEXT(elm, field) ((elm)->field.le_next) #undef LIST_REMOVE #define LIST_REMOVE(elm, field) do { \ if (LIST_NEXT((elm), field) != NULL) \ LIST_NEXT((elm), field)->field.le_prev = \ (elm)->field.le_prev; \ *(elm)->field.le_prev = LIST_NEXT((elm), field); \ } while (0) �����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/release.sh�������������������������������������������������������������������������0000775�0000000�0000000�00000003575�14167535421�0015502�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������#!/bin/sh # # release.sh: script to roll a release tarball of darkstat. # copyright (c) 2006-2016 Emil Mikulic. # # This is for developer use only and lives in the repo but # shouldn't end up in a tarball. # # Release checklist: # - git tag 3.0.xxx # - git push --tags # - Update website # - Mail announcement to darkstat-announce@googlegroups.com # - Update FreeBSD port, e.g.: # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200425 # if [ $# -ne 1 ]; then echo "usage: $0 3.0.0rc0" >&2 exit 1 fi NAME=darkstat VERSION="$1" files="\ AUTHORS \ ChangeLog \ COPYING.GPL \ INSTALL \ LICENSE \ Makefile.in \ NEWS \ README.md \ acct.c \ acct.h \ addr.c \ addr.h \ bsd.c \ bsd.h \ cap.c \ cap.h \ cdefs.h \ contrib \ conv.c \ conv.h \ darkstat.8.in \ darkstat.c \ daylog.c \ daylog.h \ db.c \ db.h \ decode.c \ decode.h \ dns.c \ dns.h \ err.c \ err.h \ export-format.txt \ favicon.h \ graph_db.c \ graph_db.h \ graphjs.h \ hosts_db.c \ hosts_db.h \ hosts_sort.c \ html.c \ html.h \ http.c \ http.h \ install-sh \ localip.c \ localip.h \ ncache.c \ ncache.h \ now.c \ now.h \ opt.h \ pidfile.c \ pidfile.h \ queue.h \ static \ str.c \ str.h \ stylecss.h \ tree.h \ " # end packing list say() { echo ==\> "$@" >&2 } run() { say "$@" "$@" || { say ERROR!; exit 1; } } PKG=$NAME-$VERSION say releasing $PKG run make depend run make graphjs.h stylecss.h run autoconf run autoheader run ./config.status run ./test_headers.sh if git status --porcelain | egrep -v '^\?\?' -q; then say ERROR: uncommitted changes: git status exit 1 fi run mkdir $PKG run cp -r $files $PKG/. run sed -e "/AC_INIT/s/3.0.0-git/$VERSION/" configure.ac > $PKG/configure.ac say version set to: $(grep '^AC_INIT' $PKG/configure.ac) (cd $PKG run autoconf run autoheader run rm -r autom4te.cache ) || exit 1 # package it up run tar chof $PKG.tar $PKG run bzip2 -9vv $PKG.tar say output: ls -l $PKG.tar.bz2 say FINISHED! �����������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/static/����������������������������������������������������������������������������0000775�0000000�0000000�00000000000�14167535421�0015000�5����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/static/c-ify.c���������������������������������������������������������������������0000664�0000000�0000000�00000001362�14167535421�0016155�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* Converts a textfile to a const char array with characters escaped. */ #include <stdio.h> #include <stdlib.h> int main(int argc, char **argv) { int c, eol; if (argc != 2) { fprintf(stderr, "usage: %s name <infile >outfile.h\n", argv[0]); exit(EXIT_FAILURE); } printf("/* this file was automatically generated with c-ify */\n" "static const char %s[] =", argv[1]); eol = 1; while ((c = getchar()) != EOF) { if (eol) { printf("\n\""); eol = 0; } switch (c) { case '\n': printf("\\n\""); eol = 1; break; case '"': printf("\\\""); break; case '\\': printf("\\\\"); break; default: putchar(c); } } printf(";\n" "static const size_t %s_len = sizeof(%s) - 1;\n", argv[1], argv[1]); return (0); } ������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/static/favicon.png�����������������������������������������������������������������0000664�0000000�0000000�00000000175�14167535421�0017136�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������‰PNG  ��� IHDR��� ��� ���’g��� PLTEëððfwˆª»Ì\«·w���tRNS3ÿ6¹p���"IDATx¥Æ1��¡/IÉKi™ØVÛöMQÿ@ñ¼sxUœÀ§­����IEND®B`‚���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/static/graph.js��������������������������������������������������������������������0000664�0000000�0000000�00000017044�14167535421�0016445�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* darkstat 3 * copyright (c) 2006-2008 Emil Mikulic. * * graph.js: graph renderer * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) * * At some point, this script worked correctly in: * - Firefox 1.5.0.4, 2.0.0.1, 3.0 * - IE 6.0 * - Opera 8.53, 9.50 * - Konqueror 3.5.9, 4.0.80, 4.0.83 * * Consumer needs to supply the following variables: * - graph_width * - graph_height * - bar_gap * * - graphs [ {id, name, title, bar_secs} ] * - graphs_uri * * - window.onload = graphs_init */ function killChildren(elem) { while (elem.childNodes.length > 0) elem.removeChild( elem.childNodes.item(0) ); } function setClass(elem, c) { elem.setAttribute("class", c); elem.setAttribute("className", c); /* for MSIE */ } function setStyle(elem, s) { elem.setAttribute("style", s); elem.style.cssText = s; /* for MSIE */ } function makeElemClass(e, c) { var r = document.createElement(e); setClass(r, c); return r; } function makeClear() { var r = document.createElement("div"); setStyle(r, "clear:both"); return r; } function thousands(n) { var s = String(n); var out = ""; while (s.length > 3) { out = "," + s.substr(s.length - 3, 3) + out; s = s.substr(0, s.length - 3); } return s+out; } function fkbps(bps) { bps /= 1024; return bps.toFixed(1); } function kbps(bps) { bps /= 1024; if (bps < 1) return bps.toPrecision(2); else return bps.toFixed(1); } function min(a,b) { return (a<b)?a:b; } function max(a,b) { return (a>b)?a:b; } var xh, autoreload=false; function graphs_init() { var gr = document.getElementById("graphs"); /* update message */ var msg = document.createElement("div"); msg.appendChild(document.createTextNode("Graphs are being loaded...")); msg.appendChild(document.createElement("br")); msg.appendChild(document.createElement("br")); killChildren(gr); gr.appendChild(msg); graphs.msg = msg; for (var i=0; i<graphs.length; i++) { var g = makeElemClass("div", "outergraph"); gr.appendChild(g); graphs[i].graph = g; if (i % 2 == 1) gr.appendChild(makeClear()); } /* create buttons */ var b_reload = document.createElement("a"); b_reload.setAttribute("id", "graph_reload"); b_reload.setAttribute("href", "javascript:graph_reload()"); b_reload.appendChild(document.createTextNode("reload graphs")); var b_autoreload = document.createElement("a"); b_autoreload.setAttribute("id", "graph_autoreload"); b_autoreload.setAttribute("href", "javascript:graph_autoreload()"); b_autoreload.appendChild(document.createTextNode("off")); var b = document.createElement("div"); b.appendChild(b_reload); b.appendChild(document.createTextNode(" - automatic reload is: ")); b.appendChild(b_autoreload); gr.appendChild(b); graph_reload(); } function graph_reload() { if (!autoreload) document.getElementById("graph_reload").innerHTML = "loading..."; xh = (window.ActiveXObject) ? new ActiveXObject("Microsoft.XMLHTTP") : new XMLHttpRequest(); var asyncFlag = true; xh.open("GET", graphs_uri, asyncFlag); // try to nerf caching: xh.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT"); xh.onreadystatechange = poll; xh.send(null); } function graph_autoreload() { // toggle autoreload = !autoreload; document.getElementById("graph_autoreload").innerHTML = autoreload ? "on" : "off"; if (autoreload) reload_loop(); } function reload_loop() { if (autoreload) { graph_reload(); setTimeout("reload_loop()", 1000); } } function poll() { var STATE_COMPLETE = 4; if (xh && xh.readyState == STATE_COMPLETE) { for (var i=0; i<graphs.length; i++) { g = xh.responseXML.getElementsByTagName(graphs[i].name); buildGraph(graphs[i].graph, graphs[i].title, graphs[i].bar_secs, g[0].getElementsByTagName("e")); } document.getElementById("graph_reload").innerHTML = "reload graphs"; killChildren(graphs.msg); head = xh.responseXML.childNodes[0]; for (var n in {"tb":0, "tp":0, "pc":0, "pd":0}) document.getElementById(n).innerHTML = thousands(head.getAttribute(n)); document.getElementById("rf").innerHTML = head.getAttribute("rf"); } } function addBar(graph, title, barclass, width, height, left, bottom) { if (height == 0) return; /* not visible */ var bar = makeElemClass("div", barclass); bar.setAttribute("title", title); setStyle(bar, "width:"+width+"px; "+ "height:"+height+"px; "+ "position: absolute; "+ "left:"+left+"px; "+ "bottom:"+bottom+"px;"); graph.appendChild(bar); } function buildGraph(graph, title, bar_secs, elems) { var total_max = 0; var data = []; /* list of [in, out] */ for (var i=0; i<elems.length; i++) { var elem = elems.item(i); var b_pos = Number( elem.getAttribute("p") ); var b_in = Number( elem.getAttribute("i") ); var b_out = Number( elem.getAttribute("o") ); var b_total = b_in + b_out; /* FIXME: what happens when a bar's value is >4G? */ if (b_total > total_max) total_max = b_total; data.push( [b_pos, b_in, b_out] ); } var igraph = makeElemClass("div", "graph"); // inner graph setStyle(igraph, "width:"+graph_width+"px; "+ "height:"+graph_height+"px; "+ "position:relative;"); var nbars = data.length; var b_width = (graph_width - bar_gap * (nbars-1)) / nbars; var next_xofs = 0; var min_i = 0, min_o = 0, max_i = 0, max_o = 0, tot_i = 0, tot_o = 0; for (var i=0; i<nbars; i++) { var b_p = data[i][0]; var b_i = data[i][1]; var b_o = data[i][2]; if (b_i>0) { if (min_i == 0) min_i = b_i; else min_i = min(min_i, b_i); } max_i = max(max_i, b_i); tot_i += b_i; if (b_o>0) { if (min_o == 0) min_o = b_o; else min_o = min(min_o, b_o); } max_o = max(max_o, b_o); tot_o += b_o; var xofs = next_xofs; next_xofs = Math.round((b_width + bar_gap) * (i+1)); var curr_w = next_xofs - xofs - bar_gap; var h_i = Math.round( b_i * graph_height / total_max ); var h_o = Math.round( b_o * graph_height / total_max ); var label = b_p+": "+ thousands(b_i)+" bytes in, "+ thousands(b_o)+" bytes out | "+ kbps(b_i/bar_secs)+" KB/s in, "+ kbps(b_o/bar_secs)+" KB/s out"; addBar(igraph, label, "bar_in", curr_w, h_i, xofs, 0); addBar(igraph, label, "bar_out", curr_w, h_o, xofs, h_i); } function legendRow(dir_str, minb, avgb, maxb) { function makeTD(c, str) { var r = makeElemClass("td", c); r.appendChild(document.createTextNode(str)); return r; } function addToRow(row, type_str, bytes, trail) { row.appendChild( makeTD("type", type_str) ); row.appendChild( makeTD("rate", fkbps(bytes/bar_secs)+" KB/s"+trail) ); } var row = document.createElement("tr"); row.appendChild( makeTD("dir", dir_str) ); var cell = makeElemClass("td", "swatch"); var swatch = makeElemClass("div", "bar_"+dir_str); setStyle(swatch, "width:6px; height:6px;"); cell.appendChild(swatch); row.appendChild(cell); addToRow(row, "min:", minb, ","); addToRow(row, "avg:", avgb, ","); addToRow(row, "max:", maxb, ""); return row; } var glegend = makeElemClass("div", "legend"); var avg_i = tot_i / nbars, avg_o = tot_o / nbars; var tbl = document.createElement("table"); var tb = document.createElement("tbody"); /* for MSIE */ tb.appendChild( legendRow("in", min_i, avg_i, max_i) ); tb.appendChild( legendRow("out", min_o, avg_o, max_o) ); tbl.appendChild(tb); glegend.appendChild(tbl); setStyle(glegend, "width:"+graph_width+"px;"); var gtitle = makeElemClass("div", "graphtitle"); setStyle(gtitle, "width:"+graph_width+"px;"); gtitle.appendChild(document.createTextNode(title)); killChildren(graph); graph.appendChild(igraph); graph.appendChild(glegend); graph.appendChild(gtitle); } ��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/static/hex-ify.c�������������������������������������������������������������������0000664�0000000�0000000�00000001514�14167535421�0016516�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* Convert a binary file to a const char array of hex. */ #include <stdio.h> #include <stdlib.h> int main(int argc, char **argv) { int c, eol; if (argc != 2) { fprintf(stderr, "usage: %s name <infile >outfile.h\n", argv[0]); exit(EXIT_FAILURE); } printf("/* this file was automatically generated with hex-ify */\n" "static const unsigned char %s[] = {\n", argv[1]); int start_of_line = 1; int first = 1; int bytes = 0; while ((c = getchar()) != EOF) { if (start_of_line) { printf(" "); start_of_line = 0; } if (first) { first = 0; } else { printf(", "); } printf("0x%02x", (unsigned char)c); bytes++; if (bytes == 12) { printf(", \n"); first = 1; start_of_line = 1; bytes = 0; } } printf("\n};\n"); return (0); } ������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/static/style.css�������������������������������������������������������������������0000664�0000000�0000000�00000005533�14167535421�0016660�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* darkstat 3 * * style.css: CSS stylesheet for web interface. * copyright (c) 2006 Ben Stewart. * colors broken in 2007 by Emil Mikulic. * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ body { background-color: #fff; z-index: 0; } .content { z-index: 1; position: absolute; top:15px; left:10px; } div.menu { z-index: 2; position: absolute; top:0; left:0; width: 100%; background-color: #789; border-bottom: 1px solid black; font-size:11px; } ul.menu { list-style: none; margin:0; padding:2px 0 3px 0; } ul.menu li { list-style: none; display: inline; margin:0; padding:2px 0 3px 0; border-right:1px solid white; } ul.menu li.label { padding-left:10px; padding-right:10px; color:#000; text-shadow: 0px 1px 0px #9ab; } ul.menu li a { color: white; text-decoration: none; text-shadow: 0px 1px 0px #456; border-bottom: none; padding:2px 15px 3px 15px; } ul.menu li a:hover { background-color: #9ab; } h1, h2, h3, h4, h5, h6 { margin-top:10px; margin-bottom:5px; color: #000000; font-family: Arial, sans-serif; font-weight:bold; } .pageheader { border-bottom: 2px dotted black; } table { border-collapse: collapse; } td, th { border:1px solid #C0C0C0; padding:1px 5px 1px 5px; } td.num { text-align:right; } th { background-color:#EFEFEF; font-weight: bold; padding-top:2px; padding-bottom:2px; } th a { color:black; border-bottom:1px dotted; } tr:nth-child(odd) { background:#FFFFFF; } tr:nth-child(even) { background:#FAFAFA; } tr:hover { background:#EFEFEF; } body, td, th, p, input, textarea { font-family: Tahoma, Verdana, sans-serif; font-size: small; } tt { font-family: Courier New, monospace; font-size: small; } a:hover { border-bottom: 1px dotted #666; } a { text-decoration: none; color: #666; } div.outergraph { float:left; margin-right:10px; margin-bottom:20px; } div.graph { border: 1px solid black; } div.graphtitle { text-align:center; font-weight:bold; } div.bar_in { background: #678; } div.bar_out { background: #abc; } #graph_reload,#graph_autoreload { border:1px solid black; padding:2px 10px 2px 10px; margin-left:5px; color:black; } #graph_reload:hover,#graph_autoreload:hover { background:#9ab; color:black; } div.legend table { margin-left:auto; margin-right:auto; /* center */ border:0; } div.legend td { border:0; padding:0 0.2em 0 0.2em; font-size:11px; color:#444; } div.legend td.dir { text-align:right; } div.legend td.rate { text-align:right; white-space: nowrap; } ���������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/str.c������������������������������������������������������������������������������0000664�0000000�0000000�00000020275�14167535421�0014473�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* darkstat 3 * copyright (c) 2001-2012 Emil Mikulic. * * str.c: string buffer with pool-based reallocation * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "conv.h" #include "err.h" #include "str.h" #include <assert.h> #include <stdlib.h> #include <string.h> #include <stdint.h> /* for uint32_t on Linux and OS X */ #include <unistd.h> #define INITIAL_LEN 1024 struct str { char *buf; size_t len, pool; }; struct str * str_make(void) { struct str *s = xmalloc(sizeof(*s)); s->len = 0; s->pool = INITIAL_LEN; s->buf = xmalloc(s->pool); return (s); } void str_free(struct str *s) { free(s->buf); free(s); } /* * Extract struct str into buffer and length, freeing the struct in the * process. */ void str_extract(struct str *s, size_t *len, char **str) { *len = s->len; *str = s->buf; free(s); } void str_appendn(struct str *buf, const char *s, const size_t len) { if (buf->pool < buf->len + len) { /* pool has dried up */ while (buf->pool < buf->len + len) buf->pool *= 2; buf->buf = xrealloc(buf->buf, buf->pool); } memcpy(buf->buf + buf->len, s, len); buf->len += len; } void str_appendstr(struct str *buf, const struct str *s) { str_appendn(buf, s->buf, s->len); } #ifndef str_append void str_append(struct str *buf, const char *s) { str_appendn(buf, s, strlen(s)); } #endif /* * Apparently, some wacky locales use periods, or another character that isn't * a comma, to separate thousands. If you are afflicted by such a locale, * change this macro: */ #define COMMA ',' /* 2^32 = 4,294,967,296 (10 digits, 13 chars) */ #define I32_MAXLEN 13 /* 2^64 = 18,446,744,073,709,551,616 (20 digits, 26 chars) */ #define I64_MAXLEN 26 static void str_append_u32(struct str *s, const uint32_t i, const int mod_sep) { char out[I32_MAXLEN]; int pos; unsigned int len; uint32_t rem, next; if (i == 0) { str_append(s, "0"); return; } pos = sizeof(out)-1; len = 0; rem = i; while (rem > 0) { assert(pos >= 0); next = rem / 10; rem = rem - next * 10; assert(rem < 10); out[pos] = '0' + rem; pos--; len++; rem = next; if (mod_sep && (rem > 0) && (len > 0) && (len % 3 == 0)) { out[pos] = COMMA; pos--; } } str_appendn(s, out+pos+1, sizeof(out)-1-pos); } static void str_append_i32(struct str *s, int32_t i, const int mod_sep) { if (i < 0) { str_append(s, "-"); i = -i; } str_append_u32(s, (uint32_t)i, mod_sep); } static void str_append_u64(struct str *s, const uint64_t i, const int mod_sep) { char out[I64_MAXLEN]; int pos; unsigned int len; uint64_t rem, next; uint32_t rem32, next32; if (i == 0) { str_append(s, "0"); return; } pos = sizeof(out)-1; len = 0; rem = i; while (rem >= 4294967295U) { assert(pos >= 0); next = rem / 10; rem = rem - next * 10; assert(rem < 10); out[pos] = '0' + rem; pos--; len++; rem = next; if (mod_sep && (rem > 0) && (len > 0) && (len % 3 == 0)) { out[pos] = COMMA; pos--; } } /* * Stick to 32-bit math when we can as it's faster on 32-bit platforms. * FIXME: a tunable way to switch this off? */ rem32 = (uint32_t)rem; while (rem32 > 0) { assert(pos >= 0); next32 = rem32 / 10; rem32 = rem32 - next32 * 10; assert(rem32 < 10); out[pos] = '0' + rem32; pos--; len++; rem32 = next32; if (mod_sep && (rem32 > 0) && (len > 0) && (len % 3 == 0)) { out[pos] = COMMA; pos--; } } str_appendn(s, out+pos+1, sizeof(out)-1-pos); } static void str_append_i64(struct str *s, int64_t i, const int mod_sep) { if (i < 0) { str_append(s, "-"); i = -i; } str_append_u64(s, (uint64_t)i, mod_sep); } static void str_append_hex8(struct str *s, const uint8_t b) { char out[2]; static const char hexset[] = "0123456789abcdef"; out[0] = hexset[ ((b >> 4) & 15) ]; out[1] = hexset[ (b & 15) ]; str_appendn(s, out, 2); } /* accepted formats: %s %d %u %x * accepted modifiers: q and ' * * %x is equivalent to %02x and expects a uint8_t */ void str_vappendf(struct str *s, const char *format, va_list va) { size_t pos, len; len = strlen(format); for (pos=0; pos<len; pos++) { size_t span_start = pos, span_len = 0; while ((format[pos] != '\0') && (format[pos] != '%')) { span_len++; pos++; } if (span_len > 0) str_appendn(s, format+span_start, span_len); if (format[pos] == '%') { int mod_quad = 0, mod_sep = 0; char *arg_str; FORMAT: pos++; switch (format[pos]) { case '%': str_append(s, "%"); break; case 'q': mod_quad = 1; goto FORMAT; case '\'': mod_sep = 1; goto FORMAT; case 's': arg_str = va_arg(va, char*); str_append(s, arg_str); /* str_append can be a macro! passing it va_arg can result in * va_arg being called twice */ break; case 'd': if (mod_quad) str_append_i64(s, va_arg(va, int64_t), mod_sep); else str_append_i32(s, (int32_t)va_arg(va, int), mod_sep); break; case 'u': if (mod_quad) str_append_u64(s, va_arg(va, uint64_t), mod_sep); else str_append_u32(s, (uint32_t)va_arg(va, unsigned int), mod_sep); break; case 'x': str_append_hex8(s, (uint8_t)va_arg(va, int)); break; default: errx(1, "format string is \"%s\", unknown format '%c' at %u", format, format[pos], (unsigned int)pos); } } } } void str_appendf(struct str *s, const char *format, ...) { va_list va; va_start(va, format); str_vappendf(s, format, va); va_end(va); } size_t xvasprintf(char **result, const char *format, va_list va) { size_t len; struct str *s = str_make(); str_vappendf(s, format, va); str_appendn(s, "", 1); /* "" still contains \0 */ str_extract(s, &len, result); return (len-1); } size_t xasprintf(char **result, const char *format, ...) { va_list va; size_t ret; va_start(va, format); ret = xvasprintf(result, format, va); va_end(va); return (ret); } /* * Format a length of time in seconds to "n days, n hrs, n mins, n secs". * Returns a newly allocated str. */ struct str * length_of_time(const time_t t) { struct str *buf = str_make(); int secs = t % 60; int mins = (t / 60) % 60; int hours = (t / 3600) % 24; int days = t / 86400; int show_zeroes = 0; if (days > 0) { str_appendf(buf, "%d %s", days, (days==1)?"day":"days"); show_zeroes = 1; } if (show_zeroes || (hours > 0)) { if (show_zeroes) str_append(buf, ", "); str_appendf(buf, "%d %s", hours, (hours==1)?"hr":"hrs"); show_zeroes = 1; } if (show_zeroes || (mins > 0)) { if (show_zeroes) str_append(buf, ", "); str_appendf(buf, "%d %s", mins, (mins==1)?"min":"mins"); show_zeroes = 1; } if (show_zeroes) str_append(buf, ", "); str_appendf(buf, "%d %s", secs, (secs==1)?"sec":"secs"); return buf; } ssize_t str_write(const struct str * const buf, const int fd) { return write(fd, buf->buf, buf->len); } size_t str_len(const struct str * const buf) { return buf->len; } /* vim:set ts=3 sw=3 tw=78 expandtab: */ �����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/str.h������������������������������������������������������������������������������0000664�0000000�0000000�00000005211�14167535421�0014471�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* darkstat 3 * copyright (c) 2001-2014 Emil Mikulic. * * str.h: string buffer with pool-based reallocation * * Permission to use, copy, modify, and distribute this file for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #ifndef __DARKSTAT_STR_H #define __DARKSTAT_STR_H #include "cdefs.h" #include <sys/types.h> #include <stdarg.h> #include <stdint.h> /* for uint64_t */ typedef long long signed int qd; /* as in appendf("%qd") */ typedef long long unsigned int qu; /* as in appendf("%qu") */ typedef long long unsigned int lld; /* as in printf("%lld") */ typedef long long unsigned int llu; /* as in printf("%llu") */ _Static_assert(sizeof(qd) == sizeof(int64_t), "qd must be int64_t sized"); _Static_assert(sizeof(qu) == sizeof(uint64_t), "qu must be uint64_t sized"); _Static_assert(sizeof(lld) == sizeof(int64_t), "lld must be int64_t sized"); _Static_assert(sizeof(llu) == sizeof(uint64_t), "llu must be uint64_t sized"); /* Note: the contents are 8-bit clean and not zero terminated! */ struct str; struct str *str_make(void); void str_free(struct str *s); void str_extract(struct str *buf, size_t *len, char **str); void str_appendn(struct str *buf, const char *s, const size_t len); void str_appendstr(struct str *buf, const struct str *s); #ifdef __GNUC__ /* amusing efficiency hack */ # include <string.h> # define str_append(buf, s) \ str_appendn(buf, s, \ (__builtin_constant_p(s) ? sizeof(s)-1 : strlen(s)) ) #else void str_append(struct str *buf, const char *s); #endif size_t xvasprintf(char **result, const char *format, va_list va) _printflike_(2, 0); size_t xasprintf(char **result, const char *format, ...) _printflike_(2, 3); void str_vappendf(struct str *s, const char *format, va_list va) _printflike_(2, 0); void str_appendf(struct str *s, const char *format, ...) _printflike_(2, 3); struct str *length_of_time(const time_t t); ssize_t str_write(const struct str * const buf, const int fd); size_t str_len(const struct str * const buf); #endif /* __DARKSTAT_STR_H */ /* vim:set ts=3 sw=3 tw=78 expandtab: */ ���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/test_addr.c������������������������������������������������������������������������0000664�0000000�0000000�00000004164�14167535421�0015633�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* darkstat 3 * copyright (c) 2011 Emil Mikulic. * * test_addr.c: tests for addr module * * You may use, modify and redistribute this file under the terms of the * GNU General Public License version 2. (see COPYING.GPL) */ #include "addr.h" #include <netdb.h> #include <stdio.h> #include <string.h> void test(const char *in, const char *expect_out, int expect_result) { struct addr a; int success, ret; const char *out; success = 1; ret = str_to_addr(in, &a); if (ret != expect_result) success = 0; if (ret == 0) out = addr_to_str(&a); else out = "(error)"; if (expect_out && (strcmp(out, expect_out) != 0)) success = 0; printf("%s:", success ? "PASS" : "FAIL"); printf(" \"%s\" -> \"%s\"", in, out); if (expect_out && (strcmp(out, expect_out) != 0)) printf(" (expected \"%s\")", expect_out); if (ret != expect_result) printf(" [ret %d, expected %d]", ret, expect_result); if (ret != 0) printf(" [err: %s]", gai_strerror(ret)); printf("\n"); } void test_inside(const char *a, const char *net, const char *mask, int expect) { struct addr aa, anet, amask; str_to_addr(a, &aa); str_to_addr(net, &anet); str_to_addr(mask, &amask); printf("%s: %s in %s/%s\n", addr_inside(&aa, &anet, &amask) ? "PASS" : "FAIL", a, net, mask); } int main() { test("0.0.0.0", "0.0.0.0", 0); test("192.168.1.2", "192.168.1.2", 0); test("::", "::", 0); test("::0", "::", 0); test("::00", "::", 0); test("::000", "::", 0); test("::0000", "::", 0); test("::1", "::1", 0); test("::01", "::1", 0); test("::001", "::1", 0); test("::0001", "::1", 0); test("2404:6800:8004::68", "2404:6800:8004::68", 0); test("2404:6800:8004:0000:0000:0000:0000:0068", "2404:6800:8004::68", 0); test(".", NULL, EAI_NONAME); test(":", NULL, EAI_NONAME); test("23.75.345.200", NULL, EAI_NONAME); test_inside("192.168.1.2", "192.168.0.0", "255.255.0.0", 1); test_inside("2001:0200::3eff:feb1:44d7", "2001:0200::", "ffff:ffff::", 1); return 0; } /* vim:set ts=3 sw=3 tw=78 et: */ ������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/test_headers.sh��������������������������������������������������������������������0000775�0000000�0000000�00000004141�14167535421�0016522�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������#!/bin/sh # copyright (c) 2011-2012 Emil Mikulic. a="\033[33;1m" z="\033[m" problem=0 check_deps() { echo checking header dependencies... # Except for the c-ify output, every header should bring in all of its # dependencies, and be able to be included multiple times. src=_test_hdr.c obj=_test_hdr.o files=`ls *.h | fgrep -v -e graphjs.h -e stylecss.h -e favicon.h` for f in $files; do echo " * $f" cat >$src <<EOF #include "$f" void test_hdr_do_nothing(void) { } EOF if ! gcc -c $src 2>/dev/null; then echo "${a}===> $f can't be included by itself${z}" problem=1 gcc -c $src else cat >$src <<EOF #include "$f" #include "$f" void test_hdr_do_nothing(void) { } EOF if ! gcc -c $src 2>/dev/null; then echo "${a}===> $f can't be included twice${z}" problem=1 gcc -c $src fi fi done rm $src $obj } check_defines() { header=$1 defines="(^|[^a-zA-Z_])($2)" files=$3 echo checking $header users... # Check that files expecting defines include it. for file in `egrep -l "$defines" $files`; do if ! fgrep -q '#include "'$header'"' $file; then echo "${a}===> $file should include $header${z}" problem=1 egrep --color=always "$defines" $file fi done # And that others don't. for file in `fgrep -l '#include "'$header'"' *.[ch]`; do if ! egrep -q "$defines" $file; then echo "${a}===> $file should not include $header${z}" problem=1 fi done } # -=- check_deps # Check config.h: build a list of macros that are or could be defined. defines=`egrep '#define|#undef' config.h | cut -d# -f2 | cut -d' ' -f2 | sort -u | tr '\n' '|' | sed -e 's/|$//'` # Check against all files except itself. files=`ls *.[ch] | fgrep -v config.h` #echo "config.h defines: ($defines)" check_defines config.h "$defines" "$files" defines=`sed -e 's/# \+/#/;' < cdefs.h | grep '#define' | cut -d' ' -f2 | sed -e 's/(.\+/\\\\(/' | tr '\n' '|' | sed -e 's/|$//'` files=`ls *.[ch] | fgrep -v -e cdefs.h -e graphjs.h -e stylecss.h` check_defines cdefs.h "$defines" "$files" exit $problem # vim:set ts=2 sw=2 et: �������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������darkstat-3.0.721/tree.h�����������������������������������������������������������������������������0000664�0000000�0000000�00000041263�14167535421�0014627�0����������������������������������������������������������������������������������������������������ustar�00root����������������������������root����������������������������0000000�0000000������������������������������������������������������������������������������������������������������������������������������������������������������������������������/* This is a cut down version of NetBSD's /usr/include/sys/tree.h */ /* $NetBSD: tree.h,v 1.20 2013/09/14 13:20:45 joerg Exp $ */ /* $OpenBSD: tree.h,v 1.13 2011/07/09 00:19:45 pirofti Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef _SYS_TREE_H_ #define _SYS_TREE_H_ #include "cdefs.h" /* Macros that define a red-black tree */ #define RB_HEAD(name, type) \ struct name { \ struct type *rbh_root; /* root of the tree */ \ } #define RB_INITIALIZER(root) \ { NULL } #define RB_INIT(root) do { \ (root)->rbh_root = NULL; \ } while (/*CONSTCOND*/ 0) #define RB_BLACK 0 #define RB_RED 1 #define RB_ENTRY(type) \ struct { \ struct type *rbe_left; /* left element */ \ struct type *rbe_right; /* right element */ \ struct type *rbe_parent; /* parent element */ \ int rbe_color; /* node color */ \ } #define RB_LEFT(elm, field) (elm)->field.rbe_left #define RB_RIGHT(elm, field) (elm)->field.rbe_right #define RB_PARENT(elm, field) (elm)->field.rbe_parent #define RB_COLOR(elm, field) (elm)->field.rbe_color #define RB_ROOT(head) (head)->rbh_root #define RB_EMPTY(head) (RB_ROOT(head) == NULL) #define RB_SET(elm, parent, field) do { \ RB_PARENT(elm, field) = parent; \ RB_LEFT(elm, field) = RB_RIGHT(elm, field) = NULL; \ RB_COLOR(elm, field) = RB_RED; \ } while (/*CONSTCOND*/ 0) #define RB_SET_BLACKRED(black, red, field) do { \ RB_COLOR(black, field) = RB_BLACK; \ RB_COLOR(red, field) = RB_RED; \ } while (/*CONSTCOND*/ 0) #ifndef RB_AUGMENT #define RB_AUGMENT(x) do {} while (/*CONSTCOND*/ 0) #endif #define RB_ROTATE_LEFT(head, elm, tmp, field) do { \ (tmp) = RB_RIGHT(elm, field); \ if ((RB_RIGHT(elm, field) = RB_LEFT(tmp, field)) != NULL) { \ RB_PARENT(RB_LEFT(tmp, field), field) = (elm); \ } \ RB_AUGMENT(elm); \ if ((RB_PARENT(tmp, field) = RB_PARENT(elm, field)) != NULL) { \ if ((elm) == RB_LEFT(RB_PARENT(elm, field), field)) \ RB_LEFT(RB_PARENT(elm, field), field) = (tmp); \ else \ RB_RIGHT(RB_PARENT(elm, field), field) = (tmp); \ } else \ (head)->rbh_root = (tmp); \ RB_LEFT(tmp, field) = (elm); \ RB_PARENT(elm, field) = (tmp); \ RB_AUGMENT(tmp); \ if ((RB_PARENT(tmp, field))) \ RB_AUGMENT(RB_PARENT(tmp, field)); \ } while (/*CONSTCOND*/ 0) #define RB_ROTATE_RIGHT(head, elm, tmp, field) do { \ (tmp) = RB_LEFT(elm, field); \ if ((RB_LEFT(elm, field) = RB_RIGHT(tmp, field)) != NULL) { \ RB_PARENT(RB_RIGHT(tmp, field), field) = (elm); \ } \ RB_AUGMENT(elm); \ if ((RB_PARENT(tmp, field) = RB_PARENT(elm, field)) != NULL) { \ if ((elm) == RB_LEFT(RB_PARENT(elm, field), field)) \ RB_LEFT(RB_PARENT(elm, field), field) = (tmp); \ else \ RB_RIGHT(RB_PARENT(elm, field), field) = (tmp); \ } else \ (head)->rbh_root = (tmp); \ RB_RIGHT(tmp, field) = (elm); \ RB_PARENT(elm, field) = (tmp); \ RB_AUGMENT(tmp); \ if ((RB_PARENT(tmp, field))) \ RB_AUGMENT(RB_PARENT(tmp, field)); \ } while (/*CONSTCOND*/ 0) /* Generates prototypes and inline functions */ #define RB_PROTOTYPE(name, type, field, cmp) \ RB_PROTOTYPE_INTERNAL(name, type, field, cmp,) #define RB_PROTOTYPE_STATIC(name, type, field, cmp) \ RB_PROTOTYPE_INTERNAL(name, type, field, cmp, _unused_ static) #define RB_PROTOTYPE_INTERNAL(name, type, field, cmp, attr) \ attr void name##_RB_INSERT_COLOR(struct name *, struct type *); \ attr void name##_RB_REMOVE_COLOR(struct name *, struct type *, struct type *);\ attr struct type *name##_RB_REMOVE(struct name *, struct type *); \ attr struct type *name##_RB_INSERT(struct name *, struct type *); \ attr struct type *name##_RB_FIND(struct name *, struct type *); \ attr struct type *name##_RB_NFIND(struct name *, struct type *); \ attr struct type *name##_RB_NEXT(struct type *); \ attr struct type *name##_RB_PREV(struct type *); \ attr struct type *name##_RB_MINMAX(struct name *, int); \ \ #include <assert.h> /* Main rb operation. * Moves node close to the key of elm to top */ #define RB_GENERATE(name, type, field, cmp) \ RB_GENERATE_INTERNAL(name, type, field, cmp,) #define RB_GENERATE_STATIC(name, type, field, cmp) \ RB_GENERATE_INTERNAL(name, type, field, cmp, _unused_ static) #define RB_GENERATE_INTERNAL(name, type, field, cmp, attr) \ attr void \ name##_RB_INSERT_COLOR(struct name *head, struct type *elm) \ { \ struct type *parent, *gparent, *tmp; \ while ((parent = RB_PARENT(elm, field)) != NULL && \ RB_COLOR(parent, field) == RB_RED) { \ gparent = RB_PARENT(parent, field); \ assert(gparent != NULL); \ if (parent == RB_LEFT(gparent, field)) { \ tmp = RB_RIGHT(gparent, field); \ if (tmp && RB_COLOR(tmp, field) == RB_RED) { \ RB_COLOR(tmp, field) = RB_BLACK; \ RB_SET_BLACKRED(parent, gparent, field);\ elm = gparent; \ continue; \ } \ if (RB_RIGHT(parent, field) == elm) { \ RB_ROTATE_LEFT(head, parent, tmp, field);\ tmp = parent; \ parent = elm; \ elm = tmp; \ } \ RB_SET_BLACKRED(parent, gparent, field); \ RB_ROTATE_RIGHT(head, gparent, tmp, field); \ } else { \ tmp = RB_LEFT(gparent, field); \ if (tmp && RB_COLOR(tmp, field) == RB_RED) { \ RB_COLOR(tmp, field) = RB_BLACK; \ RB_SET_BLACKRED(parent, gparent, field);\ elm = gparent; \ continue; \ } \ if (RB_LEFT(parent, field) == elm) { \ RB_ROTATE_RIGHT(head, parent, tmp, field);\ tmp = parent; \ parent = elm; \ elm = tmp; \ } \ RB_SET_BLACKRED(parent, gparent, field); \ RB_ROTATE_LEFT(head, gparent, tmp, field); \ } \ } \ RB_COLOR(head->rbh_root, field) = RB_BLACK; \ } \ \ attr void \ name##_RB_REMOVE_COLOR(struct name *head, struct type *parent, struct type *elm) \ { \ struct type *tmp; \ while ((elm == NULL || RB_COLOR(elm, field) == RB_BLACK) && \ elm != RB_ROOT(head)) { \ if (RB_LEFT(parent, field) == elm) { \ tmp = RB_RIGHT(parent, field); \ if (RB_COLOR(tmp, field) == RB_RED) { \ RB_SET_BLACKRED(tmp, parent, field); \ RB_ROTATE_LEFT(head, parent, tmp, field);\ tmp = RB_RIGHT(parent, field); \ } \ assert(tmp != NULL); \ if ((RB_LEFT(tmp, field) == NULL || \ RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) &&\ (RB_RIGHT(tmp, field) == NULL || \ RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK)) {\ RB_COLOR(tmp, field) = RB_RED; \ elm = parent; \ parent = RB_PARENT(elm, field); \ } else { \ if (RB_RIGHT(tmp, field) == NULL || \ RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK) {\ struct type *oleft; \ if ((oleft = RB_LEFT(tmp, field)) \ != NULL) \ RB_COLOR(oleft, field) = RB_BLACK;\ RB_COLOR(tmp, field) = RB_RED; \ RB_ROTATE_RIGHT(head, tmp, oleft, field);\ tmp = RB_RIGHT(parent, field); \ } \ RB_COLOR(tmp, field) = RB_COLOR(parent, field);\ RB_COLOR(parent, field) = RB_BLACK; \ if (RB_RIGHT(tmp, field)) \ RB_COLOR(RB_RIGHT(tmp, field), field) = RB_BLACK;\ RB_ROTATE_LEFT(head, parent, tmp, field);\ elm = RB_ROOT(head); \ break; \ } \ } else { \ tmp = RB_LEFT(parent, field); \ if (RB_COLOR(tmp, field) == RB_RED) { \ RB_SET_BLACKRED(tmp, parent, field); \ RB_ROTATE_RIGHT(head, parent, tmp, field);\ tmp = RB_LEFT(parent, field); \ } \ assert(tmp != NULL); \ if ((RB_LEFT(tmp, field) == NULL || \ RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) &&\ (RB_RIGHT(tmp, field) == NULL || \ RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK)) {\ RB_COLOR(tmp, field) = RB_RED; \ elm = parent; \ parent = RB_PARENT(elm, field); \ } else { \ if (RB_LEFT(tmp, field) == NULL || \ RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) {\ struct type *oright; \ if ((oright = RB_RIGHT(tmp, field)) \ != NULL) \ RB_COLOR(oright, field) = RB_BLACK;\ RB_COLOR(tmp, field) = RB_RED; \ RB_ROTATE_LEFT(head, tmp, oright, field);\ tmp = RB_LEFT(parent, field); \ } \ RB_COLOR(tmp, field) = RB_COLOR(parent, field);\ RB_COLOR(parent, field) = RB_BLACK; \ if (RB_LEFT(tmp, field)) \ RB_COLOR(RB_LEFT(tmp, field), field) = RB_BLACK;\ RB_ROTATE_RIGHT(head, parent, tmp, field);\ elm = RB_ROOT(head); \ break; \ } \ } \ } \ if (elm) \ RB_COLOR(elm, field) = RB_BLACK; \ } \ \ attr struct type * \ name##_RB_REMOVE(struct name *head, struct type *elm) \ { \ struct type *child, *parent, *old = elm; \ int color; \ if (RB_LEFT(elm, field) == NULL) \ child = RB_RIGHT(elm, field); \ else if (RB_RIGHT(elm, field) == NULL) \ child = RB_LEFT(elm, field); \ else { \ struct type *left; \ elm = RB_RIGHT(elm, field); \ while ((left = RB_LEFT(elm, field)) != NULL) \ elm = left; \ child = RB_RIGHT(elm, field); \ parent = RB_PARENT(elm, field); \ color = RB_COLOR(elm, field); \ if (child) \ RB_PARENT(child, field) = parent; \ if (parent) { \ if (RB_LEFT(parent, field) == elm) \ RB_LEFT(parent, field) = child; \ else \ RB_RIGHT(parent, field) = child; \ RB_AUGMENT(parent); \ } else \ RB_ROOT(head) = child; \ if (RB_PARENT(elm, field) == old) \ parent = elm; \ (elm)->field = (old)->field; \ if (RB_PARENT(old, field)) { \ if (RB_LEFT(RB_PARENT(old, field), field) == old)\ RB_LEFT(RB_PARENT(old, field), field) = elm;\ else \ RB_RIGHT(RB_PARENT(old, field), field) = elm;\ RB_AUGMENT(RB_PARENT(old, field)); \ } else \ RB_ROOT(head) = elm; \ assert(RB_LEFT(old, field) != NULL); \ RB_PARENT(RB_LEFT(old, field), field) = elm; \ if (RB_RIGHT(old, field)) \ RB_PARENT(RB_RIGHT(old, field), field) = elm; \ if (parent) { \ left = parent; \ do { \ RB_AUGMENT(left); \ } while ((left = RB_PARENT(left, field)) != NULL); \ } \ goto color; \ } \ parent = RB_PARENT(elm, field); \ color = RB_COLOR(elm, field); \ if (child) \ RB_PARENT(child, field) = parent; \ if (parent) { \ if (RB_LEFT(parent, field) == elm) \ RB_LEFT(parent, field) = child; \ else \ RB_RIGHT(parent, field) = child; \ RB_AUGMENT(parent); \ } else \ RB_ROOT(head) = child; \ color: \ if (color == RB_BLACK) \ name##_RB_REMOVE_COLOR(head, parent, child); \ return (old); \ } \ \ /* Inserts a node into the RB tree */ \ attr struct type * \ name##_RB_INSERT(struct name *head, struct type *elm) \ { \ struct type *tmp; \ struct type *parent = NULL; \ int comp = 0; \ tmp = RB_ROOT(head); \ while (tmp) { \ parent = tmp; \ comp = (cmp)(elm, parent); \ if (comp < 0) \ tmp = RB_LEFT(tmp, field); \ else if (comp > 0) \ tmp = RB_RIGHT(tmp, field); \ else \ return (tmp); \ } \ RB_SET(elm, parent, field); \ if (parent != NULL) { \ if (comp < 0) \ RB_LEFT(parent, field) = elm; \ else \ RB_RIGHT(parent, field) = elm; \ RB_AUGMENT(parent); \ } else \ RB_ROOT(head) = elm; \ name##_RB_INSERT_COLOR(head, elm); \ return (NULL); \ } \ \ /* Finds the node with the same key as elm */ \ attr struct type * \ name##_RB_FIND(struct name *head, struct type *elm) \ { \ struct type *tmp = RB_ROOT(head); \ int comp; \ while (tmp) { \ comp = cmp(elm, tmp); \ if (comp < 0) \ tmp = RB_LEFT(tmp, field); \ else if (comp > 0) \ tmp = RB_RIGHT(tmp, field); \ else \ return (tmp); \ } \ return (NULL); \ } \ \ /* Finds the first node greater than or equal to the search key */ \ attr struct type * \ name##_RB_NFIND(struct name *head, struct type *elm) \ { \ struct type *tmp = RB_ROOT(head); \ struct type *res = NULL; \ int comp; \ while (tmp) { \ comp = cmp(elm, tmp); \ if (comp < 0) { \ res = tmp; \ tmp = RB_LEFT(tmp, field); \ } \ else if (comp > 0) \ tmp = RB_RIGHT(tmp, field); \ else \ return (tmp); \ } \ return (res); \ } \ \ /* ARGSUSED */ \ attr struct type * \ name##_RB_NEXT(struct type *elm) \ { \ if (RB_RIGHT(elm, field)) { \ elm = RB_RIGHT(elm, field); \ while (RB_LEFT(elm, field)) \ elm = RB_LEFT(elm, field); \ } else { \ if (RB_PARENT(elm, field) && \ (elm == RB_LEFT(RB_PARENT(elm, field), field))) \ elm = RB_PARENT(elm, field); \ else { \ while (RB_PARENT(elm, field) && \ (elm == RB_RIGHT(RB_PARENT(elm, field), field)))\ elm = RB_PARENT(elm, field); \ elm = RB_PARENT(elm, field); \ } \ } \ return (elm); \ } \ \ /* ARGSUSED */ \ attr struct type * \ name##_RB_PREV(struct type *elm) \ { \ if (RB_LEFT(elm, field)) { \ elm = RB_LEFT(elm, field); \ while (RB_RIGHT(elm, field)) \ elm = RB_RIGHT(elm, field); \ } else { \ if (RB_PARENT(elm, field) && \ (elm == RB_RIGHT(RB_PARENT(elm, field), field))) \ elm = RB_PARENT(elm, field); \ else { \ while (RB_PARENT(elm, field) && \ (elm == RB_LEFT(RB_PARENT(elm, field), field)))\ elm = RB_PARENT(elm, field); \ elm = RB_PARENT(elm, field); \ } \ } \ return (elm); \ } \ \ attr struct type * \ name##_RB_MINMAX(struct name *head, int val) \ { \ struct type *tmp = RB_ROOT(head); \ struct type *parent = NULL; \ while (tmp) { \ parent = tmp; \ if (val < 0) \ tmp = RB_LEFT(tmp, field); \ else \ tmp = RB_RIGHT(tmp, field); \ } \ return (parent); \ } #define RB_NEGINF -1 #define RB_INF 1 #define RB_INSERT(name, x, y) name##_RB_INSERT(x, y) #define RB_REMOVE(name, x, y) name##_RB_REMOVE(x, y) #define RB_FIND(name, x, y) name##_RB_FIND(x, y) #define RB_NFIND(name, x, y) name##_RB_NFIND(x, y) #define RB_NEXT(name, x, y) name##_RB_NEXT(y) #define RB_PREV(name, x, y) name##_RB_PREV(y) #define RB_MIN(name, x) name##_RB_MINMAX(x, RB_NEGINF) #define RB_MAX(name, x) name##_RB_MINMAX(x, RB_INF) #define RB_FOREACH(x, name, head) \ for ((x) = RB_MIN(name, head); \ (x) != NULL; \ (x) = name##_RB_NEXT(x)) #define RB_FOREACH_FROM(x, name, y) \ for ((x) = (y); \ ((x) != NULL) && ((y) = name##_RB_NEXT(x), (x) != NULL); \ (x) = (y)) #define RB_FOREACH_SAFE(x, name, head, y) \ for ((x) = RB_MIN(name, head); \ ((x) != NULL) && ((y) = name##_RB_NEXT(x), (x) != NULL); \ (x) = (y)) #define RB_FOREACH_REVERSE(x, name, head) \ for ((x) = RB_MAX(name, head); \ (x) != NULL; \ (x) = name##_RB_PREV(x)) #define RB_FOREACH_REVERSE_FROM(x, name, y) \ for ((x) = (y); \ ((x) != NULL) && ((y) = name##_RB_PREV(x), (x) != NULL); \ (x) = (y)) #define RB_FOREACH_REVERSE_SAFE(x, name, head, y) \ for ((x) = RB_MAX(name, head); \ ((x) != NULL) && ((y) = name##_RB_PREV(x), (x) != NULL); \ (x) = (y)) #endif /* _SYS_TREE_H_ */ ���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������