Re: [netsniff-ng] [PATCH] flowtop: Fix collector stuck while flush IPv6 flows
On Mon, Jul 27, 2015 at 11:01:10AM +0300, Vadim Kochan wrote: On Mon, Jul 27, 2015 at 09:53:58AM +0200, Daniel Borkmann wrote: On 07/27/2015 12:20 AM, Vadim Kochan wrote: On Sun, Jul 26, 2015 at 09:57:04PM +0300, Vadim Kochan wrote: On Sun, Jul 26, 2015 at 08:39:04PM +0200, Daniel Borkmann wrote: On 07/25/2015 06:09 PM, Vadim Kochan wrote: From: Vadim Kochan vadi...@gmail.com Seems it was caused by specifying all netfilter groups when flushing connections. Used separated nfct instance w/o netfilter groups to flush ipv4/ipv6 connections. More info can be fetched from the issue item on github: https://github.com/netsniff-ng/netsniff-ng/issues/145 Signed-off-by: Vadim Kochan vadi...@gmail.com Applied, thanks. BTW is it really needs to flush connections ? Because counters will be cleared too, and they will not reflect the real data flow through the connection ? Regards, Seems I understand, this is for catch existing connections through the event-driven way, but I assume it will be possible too if dump everything once to save the counters, and then do a polling. Yes, I agree it's a bit suboptimal currently. Fuf, I found new flowtop issue, which seems mystic for me meanwhile. Two cases: #1 Have some downloading on background (e.g. ~600KB/s) Then run flowtop ACTUAL: Bytes counter seems show increases correct. #2 Run flowtop, then run downloading process (e.g. ~600KB/s). ACTUAL: Bytes counter increases very slow for this connection. #2 seems buggy, but I don't know why, will try to investigate it. It seems that in these different cases good bytes are in different directions - repl or orig, what do you think if it would be correct to use ATTR_ORIG_COUNTER_BYTES + ATTR_REPL_COUNTER_BYTES, and probably the same for packets ? Regards, -- You received this message because you are subscribed to the Google Groups netsniff-ng group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] [PATCH] flowtop: Fix collector stuck while flush IPv6 flows
On Mon, Jul 27, 2015 at 09:53:58AM +0200, Daniel Borkmann wrote: On 07/27/2015 12:20 AM, Vadim Kochan wrote: On Sun, Jul 26, 2015 at 09:57:04PM +0300, Vadim Kochan wrote: On Sun, Jul 26, 2015 at 08:39:04PM +0200, Daniel Borkmann wrote: On 07/25/2015 06:09 PM, Vadim Kochan wrote: From: Vadim Kochan vadi...@gmail.com Seems it was caused by specifying all netfilter groups when flushing connections. Used separated nfct instance w/o netfilter groups to flush ipv4/ipv6 connections. More info can be fetched from the issue item on github: https://github.com/netsniff-ng/netsniff-ng/issues/145 Signed-off-by: Vadim Kochan vadi...@gmail.com Applied, thanks. BTW is it really needs to flush connections ? Because counters will be cleared too, and they will not reflect the real data flow through the connection ? Regards, Seems I understand, this is for catch existing connections through the event-driven way, but I assume it will be possible too if dump everything once to save the counters, and then do a polling. Yes, I agree it's a bit suboptimal currently. Fuf, I found new flowtop issue, which seems mystic for me meanwhile. Two cases: #1 Have some downloading on background (e.g. ~600KB/s) Then run flowtop ACTUAL: Bytes counter seems show increases correct. #2 Run flowtop, then run downloading process (e.g. ~600KB/s). ACTUAL: Bytes counter increases very slow for this connection. #2 seems buggy, but I don't know why, will try to investigate it. -- You received this message because you are subscribed to the Google Groups netsniff-ng group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] [PATCH] flowtop: Fix collector stuck while flush IPv6 flows
On 07/27/2015 12:20 AM, Vadim Kochan wrote: On Sun, Jul 26, 2015 at 09:57:04PM +0300, Vadim Kochan wrote: On Sun, Jul 26, 2015 at 08:39:04PM +0200, Daniel Borkmann wrote: On 07/25/2015 06:09 PM, Vadim Kochan wrote: From: Vadim Kochan vadi...@gmail.com Seems it was caused by specifying all netfilter groups when flushing connections. Used separated nfct instance w/o netfilter groups to flush ipv4/ipv6 connections. More info can be fetched from the issue item on github: https://github.com/netsniff-ng/netsniff-ng/issues/145 Signed-off-by: Vadim Kochan vadi...@gmail.com Applied, thanks. BTW is it really needs to flush connections ? Because counters will be cleared too, and they will not reflect the real data flow through the connection ? Regards, Seems I understand, this is for catch existing connections through the event-driven way, but I assume it will be possible too if dump everything once to save the counters, and then do a polling. Yes, I agree it's a bit suboptimal currently. -- You received this message because you are subscribed to the Google Groups netsniff-ng group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] [PATCH] flowtop: Fix collector stuck while flush IPv6 flows
On Sun, Jul 26, 2015 at 08:39:04PM +0200, Daniel Borkmann wrote: On 07/25/2015 06:09 PM, Vadim Kochan wrote: From: Vadim Kochan vadi...@gmail.com Seems it was caused by specifying all netfilter groups when flushing connections. Used separated nfct instance w/o netfilter groups to flush ipv4/ipv6 connections. More info can be fetched from the issue item on github: https://github.com/netsniff-ng/netsniff-ng/issues/145 Signed-off-by: Vadim Kochan vadi...@gmail.com Applied, thanks. BTW is it really needs to flush connections ? Because counters will be cleared too, and they will not reflect the real data flow through the connection ? Regards, -- You received this message because you are subscribed to the Google Groups netsniff-ng group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] [PATCH] flowtop: Fix collector stuck while flush IPv6 flows
On Sun, Jul 26, 2015 at 09:57:04PM +0300, Vadim Kochan wrote: On Sun, Jul 26, 2015 at 08:39:04PM +0200, Daniel Borkmann wrote: On 07/25/2015 06:09 PM, Vadim Kochan wrote: From: Vadim Kochan vadi...@gmail.com Seems it was caused by specifying all netfilter groups when flushing connections. Used separated nfct instance w/o netfilter groups to flush ipv4/ipv6 connections. More info can be fetched from the issue item on github: https://github.com/netsniff-ng/netsniff-ng/issues/145 Signed-off-by: Vadim Kochan vadi...@gmail.com Applied, thanks. BTW is it really needs to flush connections ? Because counters will be cleared too, and they will not reflect the real data flow through the connection ? Regards, Seems I understand, this is for catch existing connections through the event-driven way, but I assume it will be possible too if dump everything once to save the counters, and then do a polling. -- You received this message because you are subscribed to the Google Groups netsniff-ng group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] [PATCH] flowtop: Fix collector stuck while flush IPv6 flows
On 07/25/2015 06:09 PM, Vadim Kochan wrote: From: Vadim Kochan vadi...@gmail.com Seems it was caused by specifying all netfilter groups when flushing connections. Used separated nfct instance w/o netfilter groups to flush ipv4/ipv6 connections. More info can be fetched from the issue item on github: https://github.com/netsniff-ng/netsniff-ng/issues/145 Signed-off-by: Vadim Kochan vadi...@gmail.com Applied, thanks. -- You received this message because you are subscribed to the Google Groups netsniff-ng group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] [PATCH] flowtop: Fix collector stuck while flush IPv6 flows
From: Vadim Kochan vadi...@gmail.com
Seems it was caused by specifying all netfilter groups
when flushing connections.
Used separated nfct instance w/o netfilter groups to
flush ipv4/ipv6 connections.
More info can be fetched from the issue item on github:
https://github.com/netsniff-ng/netsniff-ng/issues/145
Signed-off-by: Vadim Kochan vadi...@gmail.com
---
flowtop.c | 22 +-
1 file changed, 17 insertions(+), 5 deletions(-)
diff --git a/flowtop.c b/flowtop.c
index 0927ff5..d2fac50 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -1044,9 +1044,22 @@ static int collector_cb(enum nf_conntrack_msg_type type,
return NFCT_CB_CONTINUE;
}
-static inline void collector_flush(struct nfct_handle *handle, uint8_t family)
+static inline void collector_flush(void)
{
- nfct_query(handle, NFCT_Q_FLUSH, family);
+ struct nfct_handle *nfct = nfct_open(CONNTRACK, 0);
+ uint8_t family;
+
+ if (!nfct)
+ panic(Cannot create a nfct to flush connections: %s\n,
+ strerror(errno));
+
+ family = AF_INET;
+ nfct_query(nfct, NFCT_Q_FLUSH, family);
+
+ family = AF_INET6;
+ nfct_query(nfct, NFCT_Q_FLUSH, family);
+
+ nfct_close(nfct);
}
static void restore_sysctl(void *value)
@@ -1121,15 +1134,14 @@ static void *collector(void *null __maybe_unused)
struct pollfd poll_fd[1];
int ret;
+ collector_flush();
+
ct_event = nfct_open(CONNTRACK, NF_NETLINK_CONNTRACK_NEW |
NF_NETLINK_CONNTRACK_UPDATE |
NF_NETLINK_CONNTRACK_DESTROY);
if (!ct_event)
panic(Cannot create a nfct handle: %s\n, strerror(errno));
- collector_flush(ct_event, AF_INET);
- collector_flush(ct_event, AF_INET6);
-
filter = nfct_filter_create();
if (!filter)
panic(Cannot create a nfct filter: %s\n, strerror(errno));
--
2.4.2
--
You received this message because you are subscribed to the Google Groups
netsniff-ng group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
