From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Mon, 15 Jul 2013 15:47:00 +0000 (+0300)
Subject: Log TOS and Netfilter marks set by Squid
X-Git-Tag: SQUID_3_4_0_1~16
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f123f5e9dacf0f96079e9d7933bf3f5007b76a88;p=thirdparty%2Fsquid.git

Log TOS and Netfilter marks set by Squid

This patch add new logformat codes to log TOS/DSCP values and netfilter marks
for client and server connections. If multiple outgoing connections were used,
the last used connection value logged.
The values printed in hexadecimal form.
The logformat codes are:
   %>tos    Client connection tos mark set by Squid
   %<tos    Server connection tos mark set by Squid
   %>nfmark Client connection netfilter mark set by Squid
   %<nfmark Server connection netfilter mark set by Squid

This patch also modify qos related code to set Comm::Connection::nfmark and
Comm::Connection::tos members in Ip::Qos::setSockNfmark and Ip::Qos::setSockTos
methods. The Comm::Connection members are now set only if the tos and nfmark
set successfuly.

This is a Measurement Factory project
---

diff --git a/src/FwdState.cc b/src/FwdState.cc
index 06a5350316..cbb5c3a808 100644
--- a/src/FwdState.cc
+++ b/src/FwdState.cc
@@ -1164,13 +1164,13 @@ FwdState::connectStart()
 
         /* Update server side TOS and Netfilter mark on the connection. */
         if (Ip::Qos::TheConfig.isAclTosActive()) {
-            temp->tos = GetTosToServer(request);
-            Ip::Qos::setSockTos(temp, temp->tos);
+            const tos_t tos = GetTosToServer(request);
+            Ip::Qos::setSockTos(temp, tos);
         }
 #if SO_MARK
         if (Ip::Qos::TheConfig.isAclNfmarkActive()) {
-            temp->nfmark = GetNfmarkToServer(request);
-            Ip::Qos::setSockNfmark(temp, temp->nfmark);
+            const nfmark_t nfmark = GetNfmarkToServer(request);
+            Ip::Qos::setSockNfmark(temp, nfmark);
         }
 #endif
 
diff --git a/src/cf.data.pre b/src/cf.data.pre
index 79007a96ff..23cbc881c9 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -3678,6 +3678,8 @@ DOC_START
 		>eui	Client source EUI (MAC address, EUI-48 or EUI-64 identifier)
 		>la	Local IP address the client connected to
 		>lp	Local port number the client connected to
+		>qos    Client connection TOS/DSCP value set by Squid
+		>nfmark Client connection netfilter mark set by Squid
 
 		la	Local listening IP address the client connection was connected to.
 		lp	Local listening port number the client connection was connected to.
@@ -3687,6 +3689,8 @@ DOC_START
 		<p	Server port number of the last server or peer connection
 		<la	Local IP address of the last server or peer connection
 		<lp     Local port number of the last server or peer connection
+		<qos	Server connection TOS/DSCP value set by Squid
+		<nfmark Server connection netfilter mark set by Squid
 
 	Time related format codes:
 
diff --git a/src/comm/Connection.cc b/src/comm/Connection.cc
index 1b8d1be21a..5cd9e3d71c 100644
--- a/src/comm/Connection.cc
+++ b/src/comm/Connection.cc
@@ -47,6 +47,7 @@ Comm::Connection::copyDetails() const
     c->remote = remote;
     c->peerType = peerType;
     c->tos = tos;
+    c->nfmark = nfmark;
     c->flags = flags;
 
     // ensure FD is not open in the new copy.
diff --git a/src/format/ByteCode.h b/src/format/ByteCode.h
index b2674b8d16..81e33a836f 100644
--- a/src/format/ByteCode.h
+++ b/src/format/ByteCode.h
@@ -35,6 +35,8 @@ typedef enum {
     LFT_CLIENT_LOCAL_IP,
     LFT_CLIENT_LOCAL_PORT,
     /*LFT_CLIENT_LOCAL_FQDN, (rDNS) */
+    LFT_CLIENT_LOCAL_TOS,
+    LFT_CLIENT_LOCAL_NFMARK,
 
     /* client connection local squid.conf details */
     LFT_LOCAL_LISTENING_IP,
@@ -50,6 +52,8 @@ typedef enum {
     LFT_SERVER_LOCAL_IP,
     LFT_SERVER_LOCAL_IP_OLD_27,
     LFT_SERVER_LOCAL_PORT,
+    LFT_SERVER_LOCAL_TOS,
+    LFT_SERVER_LOCAL_NFMARK,
 
     /* original Request-Line details recieved from client */
     LFT_CLIENT_REQ_METHOD,
diff --git a/src/format/Format.cc b/src/format/Format.cc
index 483d71b039..e737280e8e 100644
--- a/src/format/Format.cc
+++ b/src/format/Format.cc
@@ -401,6 +401,20 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS
             }
             break;
 
+        case LFT_CLIENT_LOCAL_TOS:
+            if (al->tcpClient != NULL) {
+                snprintf(tmp, sizeof(tmp), "0x%x", (uint32_t)al->tcpClient->tos);
+                out = tmp;
+            }
+            break;
+
+        case LFT_CLIENT_LOCAL_NFMARK:
+            if (al->tcpClient != NULL) {
+                snprintf(tmp, sizeof(tmp), "0x%x", al->tcpClient->nfmark);
+                out = tmp;
+            }
+            break;
+
         case LFT_LOCAL_LISTENING_PORT:
             if (al->cache.port) {
                 outint = al->cache.port->s.port();
@@ -430,6 +444,20 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS
 
             break;
 
+        case LFT_SERVER_LOCAL_TOS:
+            if (al->hier.tcpServer != NULL) {
+                snprintf(tmp, sizeof(tmp), "0x%x", (uint32_t)al->hier.tcpServer->tos);
+                out = tmp;
+            }
+            break;
+
+        case LFT_SERVER_LOCAL_NFMARK:
+            if (al->hier.tcpServer != NULL) {
+                snprintf(tmp, sizeof(tmp), "0x%x", al->hier.tcpServer->nfmark);
+                out = tmp;
+            }
+            break;
+
         case LFT_TIME_SECONDS_SINCE_EPOCH:
             // some platforms store time in 32-bit, some 64-bit...
             outoff = static_cast<int64_t>(current_time.tv_sec);
@@ -1046,6 +1074,7 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS
             }
             break;
 #endif
+
         case LFT_NOTE:
             if (fmt->data.string) {
 #if USE_ADAPTATION
diff --git a/src/format/Token.cc b/src/format/Token.cc
index 52718618a1..1dd60e6c50 100644
--- a/src/format/Token.cc
+++ b/src/format/Token.cc
@@ -46,7 +46,6 @@ static TokenTableEntry TokenTable2C[] = {
     {"<la", LFT_SERVER_LOCAL_IP},
     {"oa", LFT_SERVER_LOCAL_IP_OLD_27},
     {"<lp", LFT_SERVER_LOCAL_PORT},
-    /* {"ot", LFT_PEER_OUTGOING_TOS}, */
 
     {"ts", LFT_TIME_SECONDS_SINCE_EPOCH},
     {"tu", LFT_TIME_SUBSECOND},
@@ -122,6 +121,10 @@ static TokenTableEntry TokenTable2C[] = {
 /// Miscellaneous >2 byte tokens
 static TokenTableEntry TokenTableMisc[] = {
     {">eui", LFT_CLIENT_EUI},
+    {">qos", LFT_CLIENT_LOCAL_TOS},
+    {"<qos", LFT_SERVER_LOCAL_TOS},
+    {">nfmark", LFT_CLIENT_LOCAL_NFMARK},
+    {"<nfmark", LFT_SERVER_LOCAL_NFMARK},
     {"err_code", LFT_SQUID_ERROR },
     {"err_detail", LFT_SQUID_ERROR_DETAIL },
     {"note", LFT_NOTE },
diff --git a/src/ip/Qos.cci b/src/ip/Qos.cci
index 97a5918a40..51f5ecc502 100644
--- a/src/ip/Qos.cci
+++ b/src/ip/Qos.cci
@@ -14,6 +14,8 @@ Ip::Qos::setSockTos(const Comm::ConnectionPointer &conn, tos_t tos)
     int x = setsockopt(conn->fd, IPPROTO_IP, IP_TOS, &bTos, sizeof(bTos));
     if (x < 0)
         debugs(50, 2, "Ip::Qos::setSockTos: setsockopt(IP_TOS) on " << conn << ": " << xstrerror());
+    else
+        conn->tos = tos;
     return x;
 #else
     debugs(50, DBG_IMPORTANT, "WARNING: setsockopt(IP_TOS) not supported on this platform");
@@ -28,6 +30,8 @@ Ip::Qos::setSockNfmark(const Comm::ConnectionPointer &conn, nfmark_t mark)
     int x = setsockopt(conn->fd, SOL_SOCKET, SO_MARK, &mark, sizeof(nfmark_t));
     if (x < 0)
         debugs(50, 2, "setSockNfmark: setsockopt(SO_MARK) on " << conn << ": " << xstrerror());
+    else
+        conn->nfmark = mark;
     return x;
 #elif USE_LIBCAP
     debugs(50, DBG_IMPORTANT, "WARNING: setsockopt(SO_MARK) not supported on this platform");