[net-next-2.6.git] / net / netfilter / nf_conntrack_acct.c

/* Accouting handling for netfilter. */

/*
 * (C) 2008 Krzysztof Piotr Oledzki <ole@ans.pl>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

#include <linux/netfilter.h>
#include <linux/slab.h>
#include <linux/kernel.h>
#include <linux/moduleparam.h>

#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_extend.h>
#include <net/netfilter/nf_conntrack_acct.h>

static int nf_ct_acct __read_mostly;

module_param_named(acct, nf_ct_acct, bool, 0644);
MODULE_PARM_DESC(acct, "Enable connection tracking flow accounting.");

#ifdef CONFIG_SYSCTL
static struct ctl_table acct_sysctl_table[] = {
	{
		.procname	= "nf_conntrack_acct",
		.data		= &init_net.ct.sysctl_acct,
		.maxlen		= sizeof(unsigned int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec,
	},
	{}
};
#endif /* CONFIG_SYSCTL */

unsigned int
seq_print_acct(struct seq_file *s, const struct nf_conn *ct, int dir)
{
	struct nf_conn_counter *acct;

	acct = nf_conn_acct_find(ct);
	if (!acct)
		return 0;

	return seq_printf(s, "packets=%llu bytes=%llu ",
			  (unsigned long long)acct[dir].packets,
			  (unsigned long long)acct[dir].bytes);
};
EXPORT_SYMBOL_GPL(seq_print_acct);

static struct nf_ct_ext_type acct_extend __read_mostly = {
	.len	= sizeof(struct nf_conn_counter[IP_CT_DIR_MAX]),
	.align	= __alignof__(struct nf_conn_counter[IP_CT_DIR_MAX]),
	.id	= NF_CT_EXT_ACCT,
};

#ifdef CONFIG_SYSCTL
static int nf_conntrack_acct_init_sysctl(struct net *net)
{
	struct ctl_table *table;

	table = kmemdup(acct_sysctl_table, sizeof(acct_sysctl_table),
			GFP_KERNEL);
	if (!table)
		goto out;

	table[0].data = &net->ct.sysctl_acct;

	net->ct.acct_sysctl_header = register_net_sysctl_table(net,
			nf_net_netfilter_sysctl_path, table);
	if (!net->ct.acct_sysctl_header) {
		printk(KERN_ERR "nf_conntrack_acct: can't register to sysctl.\n");
		goto out_register;
	}
	return 0;

out_register:
	kfree(table);
out:
	return -ENOMEM;
}

static void nf_conntrack_acct_fini_sysctl(struct net *net)
{
	struct ctl_table *table;

	table = net->ct.acct_sysctl_header->ctl_table_arg;
	unregister_net_sysctl_table(net->ct.acct_sysctl_header);
	kfree(table);
}
#else
static int nf_conntrack_acct_init_sysctl(struct net *net)
{
	return 0;
}

static void nf_conntrack_acct_fini_sysctl(struct net *net)
{
}
#endif

int nf_conntrack_acct_init(struct net *net)
{
	int ret;

	net->ct.sysctl_acct = nf_ct_acct;

	if (net_eq(net, &init_net)) {
		ret = nf_ct_extend_register(&acct_extend);
		if (ret < 0) {
			printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n");
			goto out_extend_register;
		}
	}

	ret = nf_conntrack_acct_init_sysctl(net);
	if (ret < 0)
		goto out_sysctl;

	return 0;

out_sysctl:
	if (net_eq(net, &init_net))
		nf_ct_extend_unregister(&acct_extend);
out_extend_register:
	return ret;
}

void nf_conntrack_acct_fini(struct net *net)
{
	nf_conntrack_acct_fini_sysctl(net);
	if (net_eq(net, &init_net))
		nf_ct_extend_unregister(&acct_extend);
}
Commit	Line	Data
58401572 KPO	1	/* Accouting handling for netfilter. */
	2
	3	/*
	4	* (C) 2008 Krzysztof Piotr Oledzki <ole@ans.pl>
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License version 2 as
	8	* published by the Free Software Foundation.
	9	*/
	10
	11	#include <linux/netfilter.h>
5a0e3ad6	12	#include <linux/slab.h>
58401572 KPO	13	#include <linux/kernel.h>
	14	#include <linux/moduleparam.h>
	15
	16	#include <net/netfilter/nf_conntrack.h>
	17	#include <net/netfilter/nf_conntrack_extend.h>
	18	#include <net/netfilter/nf_conntrack_acct.h>
	19
d70a011d	20	static int nf_ct_acct __read_mostly;
58401572 KPO	21
	22	module_param_named(acct, nf_ct_acct, bool, 0644);
	23	MODULE_PARM_DESC(acct, "Enable connection tracking flow accounting.");
	24
	25	#ifdef CONFIG_SYSCTL
58401572 KPO	26	static struct ctl_table acct_sysctl_table[] = {
58401572 KPO	27	{
58401572	28	.procname = "nf_conntrack_acct",
d716a4df	29	.data = &init_net.ct.sysctl_acct,
58401572 KPO	30	.maxlen = sizeof(unsigned int),
58401572 KPO	31	.mode = 0644,
6d9f239a	32	.proc_handler = proc_dointvec,
58401572 KPO	33	},
	34	{}
	35	};
	36	#endif /* CONFIG_SYSCTL */
	37
	38	unsigned int
	39	seq_print_acct(struct seq_file s, const struct nf_conn ct, int dir)
	40	{
	41	struct nf_conn_counter *acct;
	42
	43	acct = nf_conn_acct_find(ct);
	44	if (!acct)
	45	return 0;
	46
	47	return seq_printf(s, "packets=%llu bytes=%llu ",
	48	(unsigned long long)acct[dir].packets,
	49	(unsigned long long)acct[dir].bytes);
	50	};
	51	EXPORT_SYMBOL_GPL(seq_print_acct);
	52
	53	static struct nf_ct_ext_type acct_extend __read_mostly = {
	54	.len = sizeof(struct nf_conn_counter[IP_CT_DIR_MAX]),
	55	.align = __alignof__(struct nf_conn_counter[IP_CT_DIR_MAX]),
	56	.id = NF_CT_EXT_ACCT,
	57	};
	58
d716a4df AD	59	#ifdef CONFIG_SYSCTL
d716a4df AD	60	static int nf_conntrack_acct_init_sysctl(struct net *net)
58401572	61	{
d716a4df	62	struct ctl_table *table;
58401572	63
d716a4df AD	64	table = kmemdup(acct_sysctl_table, sizeof(acct_sysctl_table),
	65	GFP_KERNEL);
	66	if (!table)
	67	goto out;
	68
	69	table[0].data = &net->ct.sysctl_acct;
58401572	70
d716a4df AD	71	net->ct.acct_sysctl_header = register_net_sysctl_table(net,
	72	nf_net_netfilter_sysctl_path, table);
	73	if (!net->ct.acct_sysctl_header) {
	74	printk(KERN_ERR "nf_conntrack_acct: can't register to sysctl.\n");
	75	goto out_register;
58401572	76	}
d716a4df	77	return 0;
58401572	78
d716a4df AD	79	out_register:
	80	kfree(table);
	81	out:
	82	return -ENOMEM;
	83	}
58401572	84
d716a4df AD	85	static void nf_conntrack_acct_fini_sysctl(struct net *net)
	86	{
	87	struct ctl_table *table;
58401572	88
d716a4df AD	89	table = net->ct.acct_sysctl_header->ctl_table_arg;
	90	unregister_net_sysctl_table(net->ct.acct_sysctl_header);
	91	kfree(table);
	92	}
	93	#else
	94	static int nf_conntrack_acct_init_sysctl(struct net *net)
	95	{
	96	return 0;
	97	}
	98
	99	static void nf_conntrack_acct_fini_sysctl(struct net *net)
	100	{
	101	}
	102	#endif
	103
	104	int nf_conntrack_acct_init(struct net *net)
	105	{
	106	int ret;
	107
	108	net->ct.sysctl_acct = nf_ct_acct;
	109
	110	if (net_eq(net, &init_net)) {
d716a4df AD	111	ret = nf_ct_extend_register(&acct_extend);
	112	if (ret < 0) {
	113	printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n");
	114	goto out_extend_register;
	115	}
	116	}
	117
	118	ret = nf_conntrack_acct_init_sysctl(net);
	119	if (ret < 0)
	120	goto out_sysctl;
	121
58401572	122	return 0;
d716a4df AD	123
	124	out_sysctl:
	125	if (net_eq(net, &init_net))
	126	nf_ct_extend_unregister(&acct_extend);
	127	out_extend_register:
	128	return ret;
58401572 KPO	129	}
58401572 KPO	130
d716a4df	131	void nf_conntrack_acct_fini(struct net *net)
58401572	132	{
d716a4df AD	133	nf_conntrack_acct_fini_sysctl(net);
	134	if (net_eq(net, &init_net))
	135	nf_ct_extend_unregister(&acct_extend);
58401572	136	}