From: Y7n05h Date: Thu, 21 Apr 2022 15:12:20 +0000 (+0800) Subject: add BPFFilter::getRangeStats() X-Git-Tag: auth-4.8.0-alpha0~66^2~17 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=783b86322ec1a91f3802626cf0047cb996dd324c;p=thirdparty%2Fpdns.git add BPFFilter::getRangeStats() add BPF_MAP_TYPE_LPM_TRIE support in getStats() Signed-off-by: Y7n05h --- diff --git a/pdns/bpf-filter.cc b/pdns/bpf-filter.cc index ce75b0a230..c7912fd39f 100644 --- a/pdns/bpf-filter.cc +++ b/pdns/bpf-filter.cc @@ -740,6 +740,50 @@ std::vector > BPFFilter::getAddrStats() return result; } +std::vector> BPFFilter::getRangeStats() +{ + CIDR4 cidr4[2]; + CIDR6 cidr6[2]; + std::vector> result; + + sockaddr_in v4Addr; + sockaddr_in6 v6Addr; + CounterAndActionValue value; + + memset(cidr4, 0, sizeof(cidr4)); + memset(cidr6, 0, sizeof(cidr6)); + memset(&v4Addr, 0, sizeof(v4Addr)); + memset(&v6Addr, 0, sizeof(v6Addr)); + auto maps = d_maps.lock(); + result.reserve(maps->d_cidr4.d_count + maps->d_cidr6.d_count); + { + auto& map = maps->d_cidr4; + int res = bpf_get_next_key(map.d_fd.getHandle(), &cidr4[0], &cidr4[1]); + while (res == 0) { + if (bpf_lookup_elem(map.d_fd.getHandle(), &cidr4[1], &value) == 0) { + v4Addr.sin_addr.s_addr = cidr4[1].addr.s_addr; + result.emplace_back(Netmask(&v4Addr, cidr4[1].cidr), value.counter); + } + + res = bpf_get_next_key(map.d_fd.getHandle(), &cidr4[1], &cidr4[1]); + } + } + + { + auto& map = maps->d_cidr6; + int res = bpf_get_next_key(map.d_fd.getHandle(), &cidr6[0], &cidr6[1]); + while (res == 0) { + if (bpf_lookup_elem(map.d_fd.getHandle(), &cidr6[1], &value) == 0) { + v6Addr.sin6_addr = cidr6[0].addr; + result.emplace_back(Netmask(&v6Addr, cidr6[1].cidr), value.counter); + } + + res = bpf_get_next_key(map.d_fd.getHandle(), &cidr6[1], &cidr6[1]); + } + } + return result; +} + std::vector > BPFFilter::getQNameStats() { std::vector > result; diff --git a/pdns/bpf-filter.hh b/pdns/bpf-filter.hh index 5fc991e47a..87e4a41557 100644 --- a/pdns/bpf-filter.hh +++ b/pdns/bpf-filter.hh @@ -76,6 +76,7 @@ public: void unblock(const DNSName& qname, uint16_t qtype=255); std::vector > getAddrStats(); + std::vector> getRangeStats(); std::vector > getQNameStats(); uint64_t getHits(const ComboAddress& requestor); diff --git a/pdns/dnsdist-lua-bindings.cc b/pdns/dnsdist-lua-bindings.cc index f09b7a22ac..d9b84e6342 100644 --- a/pdns/dnsdist-lua-bindings.cc +++ b/pdns/dnsdist-lua-bindings.cc @@ -580,6 +580,15 @@ void setupLuaBindings(LuaContext& luaCtx, bool client) res += "[" + value.first.toString() + "]: " + std::to_string(value.second) + "\n"; } } + const auto rangeStat = bpf->getRangeStats(); + for (const auto& value : rangeStat) { + if (value.first.isIPv4()) { + res += value.first.toString() + ": " + std::to_string(value.second) + "\n"; + } + else if (value.first.isIPv6()) { + res += "[" + value.first.toString() + "]: " + std::to_string(value.second) + "\n"; + } + } auto qstats = bpf->getQNameStats(); for (const auto& value : qstats) { res += std::get<0>(value).toString() + " " + std::to_string(std::get<1>(value)) + ": " + std::to_string(std::get<2>(value)) + "\n"; diff --git a/pdns/iputils.hh b/pdns/iputils.hh index dc7ed62624..7a949f6f2a 100644 --- a/pdns/iputils.hh +++ b/pdns/iputils.hh @@ -460,6 +460,16 @@ public: setBits(network.isIPv4() ? std::min(bits, static_cast(32)) : std::min(bits, static_cast(128))); } + Netmask(const sockaddr_in* network, uint8_t bits = 0xff): d_network(network) + { + d_network.sin4.sin_port = 0; + setBits(std::min(bits, static_cast(32))); + } + Netmask(const sockaddr_in6* network, uint8_t bits = 0xff): d_network(network) + { + d_network.sin4.sin_port = 0; + setBits(std::min(bits, static_cast(128))); + } void setBits(uint8_t value) { d_bits = value;