summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVadim Kochan <vadim4j@gmail.com>2015-08-04 11:00:00 +0300
committerTobias Klauser <tklauser@distanz.ch>2015-08-04 10:25:12 +0200
commit123b444d78337a8f00d3ba83de3af3cdc6891de8 (patch)
treeb6e088efc4058a93b1d30d141d51d0e9e7263347
parentbc7a68b9230282d3d7acf65ec040f73688da920b (diff)
flowtop: Do not insert DNS flows into list
Just ignore DNS flows instead of insert it and then filter it out by presenter. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
-rw-r--r--flowtop.c29
1 files changed, 20 insertions, 9 deletions
diff --git a/flowtop.c b/flowtop.c
index 0a498ed..b740ec1 100644
--- a/flowtop.c
+++ b/flowtop.c
@@ -205,6 +205,8 @@ static void signal_handler(int number)
static void flow_entry_from_ct(struct flow_entry *n, struct nf_conntrack *ct);
static void flow_entry_get_extended(struct flow_entry *n);
+static bool nfct_is_dns(struct nf_conntrack *ct);
+
static void help(void)
{
printf("flowtop %s, top-like netfilter TCP/UDP/SCTP/.. flow tracking\n",
@@ -264,7 +266,15 @@ static inline void flow_list_init(struct flow_list *fl)
static void flow_list_new_entry(struct flow_list *fl, struct nf_conntrack *ct)
{
- struct flow_entry *n = flow_entry_xalloc();
+ struct flow_entry *n;
+
+ /* We don't want to analyze / display DNS itself, since we
+ * use it to resolve reverse dns.
+ */
+ if (nfct_is_dns(ct))
+ return;
+
+ n = flow_entry_xalloc();
n->ct = nfct_clone(ct);
@@ -522,12 +532,15 @@ enum flow_entry_direction {
flow_entry_dst,
};
-static inline bool flow_entry_get_extended_is_dns(struct flow_entry *n)
+static bool nfct_is_dns(struct nf_conntrack *ct)
{
- /* We don't want to analyze / display DNS itself, since we
- * use it to resolve reverse dns.
- */
- return n->port_src == 53 || n->port_dst == 53;
+ struct flow_entry fl;
+ struct flow_entry *n = &fl;
+
+ CP_NFCT(port_src, ATTR_ORIG_PORT_SRC, 16);
+ CP_NFCT(port_dst, ATTR_ORIG_PORT_DST, 16);
+
+ return ntohs(n->port_src) == 53 || ntohs(n->port_dst) == 53;
}
#define SELFLD(dir,src_member,dst_member) \
@@ -670,7 +683,7 @@ static void flow_entry_get_extended_revdns(struct flow_entry *n,
static void flow_entry_get_extended(struct flow_entry *n)
{
- if (n->flow_id == 0 || flow_entry_get_extended_is_dns(n))
+ if (n->flow_id == 0)
return;
if (show_src) {
@@ -945,8 +958,6 @@ static void presenter_screen_update(WINDOW *screen, struct flow_list *fl,
for (; n; n = rcu_dereference(n->next)) {
n->is_visible = false;
- if (presenter_get_port(n->port_src, n->port_dst, false) == 53)
- continue;
if (presenter_flow_wrong_state(n))
continue;