W załączniku forward odpowiedzi autora ipt_account odnośnie braku
kolumny time w /proc/net/ipt_account/ - bardzo przydatna rzecz (można na
tej podstawie zrobić np. pasywne monitorowanie ruchu w nagiosie).
--
mrk
--- Begin Message ---
On pon, 09/05, 01:28:04, Mariusz Kryński wrote:
> W wersji (1.7) ipt_account niedostępna jest kolumna z czasem ostatnio
> widzianego pakietu (time). Czym to jest spowodowane?
W SVNie patch-o-matic-ng zagineła (nie wiem kiedy) łatka dająca time.
O ile wiem to stamtąd deweloperzy PLD biorą patch-o-matic-ng i łatają
kernel na potrzeby dystrybucji.
W załączniku dołączam patcha z poprawką, dla kernela 2.6.x. Nałóż na
źródła, przekompiluj. Powinno działać.
--
Piotr 'QuakeR' Gasidło, BOFH @ pandora.barbara.eu.org
############## sending lusers to /dev/null since 1998
##### Waiting for tomorrow, for a little ray of light
### Waiting for tomorrow just to see your smile again
--- patch-o-matic-ng.orig/account/linux-2.6/net/ipv4/netfilter/ipt_account.c
2005-05-09 14:10:11.662262800 +0200
+++ patch-o-matic-ng/account/linux-2.6/net/ipv4/netfilter/ipt_account.c
2005-05-09 14:14:35.110212624 +0200
@@ -453,10 +453,12 @@
unsigned int *bucket = (unsigned int *)v;
u_int32_t address = table->network + *bucket;
+ struct timespec last;
if (!table->shortlisting) {
+ jiffies_to_timespec(jiffies - table->ip_list.l[*bucket].time,
&last);
seq_printf(s,
- "ip = %u.%u.%u.%u bytes_src = %llu %llu %llu
%llu %llu packets_src = %llu %llu %llu %llu %llu bytes_dest = %llu %llu %llu
%llu %llu packets_dest = %llu %llu %llu %llu %llu\n",
+ "ip = %u.%u.%u.%u bytes_src = %llu %llu %llu
%llu %llu packets_src = %llu %llu %llu %llu %llu bytes_dest = %llu %llu %llu
%llu %llu packets_dest = %llu %llu %llu %llu %llu time = %lu\n",
HIPQUAD(address),
table->ip_list.l[*bucket].src.b_all,
table->ip_list.l[*bucket].src.b_tcp,
@@ -477,16 +479,19 @@
table->ip_list.l[*bucket].dest.p_tcp,
table->ip_list.l[*bucket].dest.p_udp,
table->ip_list.l[*bucket].dest.p_icmp,
- table->ip_list.l[*bucket].dest.p_other
+ table->ip_list.l[*bucket].dest.p_other,
+ last.tv_sec
);
} else {
+ jiffies_to_timespec(jiffies - table->ip_list.s[*bucket].time,
&last);
seq_printf(s,
- "ip = %u.%u.%u.%u bytes_src = %llu packets_src
= %llu bytes_dest = %llu packets_dest = %llu\n",
+ "ip = %u.%u.%u.%u bytes_src = %llu packets_src
= %llu bytes_dest = %llu packets_dest = %llu time = %lu\n",
HIPQUAD(address),
table->ip_list.s[*bucket].src.b_all,
table->ip_list.s[*bucket].src.p_all,
table->ip_list.s[*bucket].dest.b_all,
- table->ip_list.s[*bucket].dest.p_all
+ table->ip_list.s[*bucket].dest.p_all,
+ last.tv_sec
);
}
return 0;
signature.asc
Description: Digital signature
--- End Message ---
_______________________________________________
pld-devel-pl mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-devel-pl
