diff options
| author | Vadim Kochan <vadim4j@gmail.com> | 2015-08-04 11:00:00 +0300 | 
|---|---|---|
| committer | Tobias Klauser <tklauser@distanz.ch> | 2015-08-04 10:25:12 +0200 | 
| commit | 123b444d78337a8f00d3ba83de3af3cdc6891de8 (patch) | |
| tree | b6e088efc4058a93b1d30d141d51d0e9e7263347 | |
| parent | bc7a68b9230282d3d7acf65ec040f73688da920b (diff) | |
flowtop: Do not insert DNS flows into list
Just ignore DNS flows instead of insert it and then
filter it out by presenter.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
| -rw-r--r-- | flowtop.c | 29 | 
1 files changed, 20 insertions, 9 deletions
| @@ -205,6 +205,8 @@ static void signal_handler(int number)  static void flow_entry_from_ct(struct flow_entry *n, struct nf_conntrack *ct);  static void flow_entry_get_extended(struct flow_entry *n); +static bool nfct_is_dns(struct nf_conntrack *ct); +  static void help(void)  {  	printf("flowtop %s, top-like netfilter TCP/UDP/SCTP/.. flow tracking\n", @@ -264,7 +266,15 @@ static inline void flow_list_init(struct flow_list *fl)  static void flow_list_new_entry(struct flow_list *fl, struct nf_conntrack *ct)  { -	struct flow_entry *n = flow_entry_xalloc(); +	struct flow_entry *n; + +	/* We don't want to analyze / display DNS itself, since we +	 * use it to resolve reverse dns. +	 */ +	if (nfct_is_dns(ct)) +		return; + +	n = flow_entry_xalloc();  	n->ct = nfct_clone(ct); @@ -522,12 +532,15 @@ enum flow_entry_direction {  	flow_entry_dst,  }; -static inline bool flow_entry_get_extended_is_dns(struct flow_entry *n) +static bool nfct_is_dns(struct nf_conntrack *ct)  { -	/* We don't want to analyze / display DNS itself, since we -	 * use it to resolve reverse dns. -	 */ -	return n->port_src == 53 || n->port_dst == 53; +	struct flow_entry fl; +	struct flow_entry *n = &fl; + +	CP_NFCT(port_src, ATTR_ORIG_PORT_SRC, 16); +	CP_NFCT(port_dst, ATTR_ORIG_PORT_DST, 16); + +	return ntohs(n->port_src) == 53 || ntohs(n->port_dst) == 53;  }  #define SELFLD(dir,src_member,dst_member)	\ @@ -670,7 +683,7 @@ static void flow_entry_get_extended_revdns(struct flow_entry *n,  static void flow_entry_get_extended(struct flow_entry *n)  { -	if (n->flow_id == 0 || flow_entry_get_extended_is_dns(n)) +	if (n->flow_id == 0)  		return;  	if (show_src) { @@ -945,8 +958,6 @@ static void presenter_screen_update(WINDOW *screen, struct flow_list *fl,  	for (; n; n = rcu_dereference(n->next)) {  		n->is_visible = false; -		if (presenter_get_port(n->port_src, n->port_dst, false) == 53) -			continue;  		if (presenter_flow_wrong_state(n))  			continue; | 
