Age | Commit message (Collapse) | Author | Files | Lines |
|
Use cds_list_del_rcu for safer deletion flow from the process flow
list to prevent possible use-after-free by UI thread when it is
refreshing the processes.
It may fix the #183 issue.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move rate, bytes & pkts stats fields from flow & proc entry
to separate flow_stat struct.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move scrolling logic to the ui.c module, it requires to have
some data iteration provided in flowtop.c and delegated to ui.c part.
So approach is that now flowtop provides 2 additional callbacks for:
1) Iterate over flows/procs list
2) Draw flow/proc on each iteration which is controlled from ui.c
it allows to unify scrolling logic and delegate it to the ui.c, in the
future it should allow to easy handle press event on selected row and
drow some additional information, or draw a cursor line per selected
row.
Also fixed case when down scrolling was bigger that printed rows, not
it is handled by ui part.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
GeoIP_record_by_ipnum{,_v6} returns allocated pointer to
GeoIPRecord with allocated city, region & postal_code which is
not freed after the call.
Fixed by xstrdup-ing required GeoIPRecord member (city/region) and
after calling GeoIPRecord_delete to free the geoip record.
Of course it is needed to also free obtained city/region in netsniff-ng,
astraceroute & flowtop tools.
Fixes #169
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add process UI tab entry to show flows statistics per pid.
Also changed flow_entry which now has pointer to new struct proc_entry
object which contains process related info.
On each 1 second refresh proc_entry is checked if it exists by checking
/proc/<pid> path, and is deleted if there is no any flows related to it
(flows_count is 0), if the process exists then dst & src rates info is
zeroed and summed from the all related flows which are in the
proc_entry->flows list.
The bytes & pkts amount info is collected during all the time process
exists.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add ui_tab API to create ui tab control to switch between
different ui tables which may contain different aggregated
info per unique pid/port/proto/dst/src.
Meanwhile there is only 1 ui tab entry for flows table.
Added some missing cds_list_{next,prev,last}_entry functions
into urcu-list-compat.h header.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use the cds_list_* types and macros directly instead of redefining them.
This makes it clear that we're not using the Linux kernel implementation
of list_head but the one from urcu.
Also make sure _LGPL_SOURCE is defined everywhere the urcu
functionality is used, such that we get the statically linkable version
with reduced overhead.
Reference: https://lwn.net/Articles/573424/#qq2answer
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
list.h provides generic Linux-like linked list API which also supports
RCU list operations.
Also additionally was removed the spinlock which is not needed for
RCU-list operations, for the list_del_rcu(...) case it is needed
additionally call call_rcu(...) before free the flow entry.
Because of full RCU support now flows are freed after grace-period
(after presenter leaves RCU lock) via calling call_rcu(), because
of that for the new entries we return NFCT_CB_STOLEN to tell conntrack
API do not automatically free received nfct_conntrack object, it will be
freed by us via call_rcu(...) therefor no need to use nfct_clone(n).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use halfdelay(1) to poll keyboard input with delay in 1 tenth of second
and get rid of custom usleep(...) using.
With this approach (it is also used in htop tool) the key events are more
sensitive to user inputs.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add proc_find_by_inode() in proc.c which finds pid by inode & gets
processe's command line and use it in the flowtop.c instead of
walk_processes().
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
All tools (except mausezahn) use getopt_long() and pass a pointer to a
local opt_index variable for the longindex parameter. However, this
variable is never read afterwards.
According to getopt(3) it's perfectly fine to pass NULL as the longindex
parameter instead, so do that.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Really ui_table_row_print(x) no more prints anything, it
just sets column value in a row.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add left/right scrolling for flows list table to make
possible see all the columns with a smaller display size.
Handle 'Left' & 'Right' keypress to scroll left or right.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Render each column to the ncurses raw buffer first, this buffer
contains ncurses {char:attr} elements which will be printed
to the screen after ui_table_row_show() will
be called (at the end of columns rendering by flowtop).
The reason of this change is to have easy way to
make horizontal scrolling over this buffer.
Approach is used from the 'htop' tool.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Mark the nf_conntrack_msg_type parameter to flow_dump_cb with
__maybe_unused to prevent a warning when compiling with
-Wunused-parameter.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The only place where flow_list_update_entry() is called passes the
global flow_list anyway, so use the passed argument instead of the
global. This fixes the following -Wunused-parameter warning:
flowtop.c: In function ‘flow_list_update_entry’:
flowtop.c:1438:53: warning: unused parameter ‘fl’ [-Wunused-parameter]
static int flow_list_update_entry(struct flow_list *fl, struct nf_conntrack *ct)
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The WINDOW *screen parameter to draw_help() and draw_footer() is unused,
so remove it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Remove unused "screen" & "line" parameters from draw_flow_entry().
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Simplify screen refresh logic by removing tricky delay
logic which freezes a little key pressing.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Don't use refresh() & clear() as we draw entire screen
and flows table will be filled with empty rows.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Used new UI table API for flows printing to make it more
generic. Also it will allow to have same code to dump
flows in text mode.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use new colors definitions via enum variables instead of
numbers which helps to undrerstand better which kind
of color is used.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 's' key option to toggle source peer info at runtime,
behaviour is the same like for '-s' command line option.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Changed flows list layout to look more a top-like output
with header and in 1 line. When -s option is specified
then layout changes to 2 lines view including with src peer
info and dst under it on next line.
Also shortified flow state names to allocate less space.
Removed presenter_get_port be cause ports are printed for both peers
separately.
The flow duration time is printed in very short form in one of the
units:
XXd - days
XXh - hours
XXm - minutes
XXs - seconds
the reason is that it is enough to have actually generic understanding
about flow time in the biggest time unit.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Simplify dump & flows refreshing via one nfct handle, which is enough.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
There is no need to have 2 separate handlers for the flow updating, so
use the one which was used for flow refreshing. Significant change is
that a new flow entry will be not added during update (i.e. on
NFCT_T_UPDATE events) if it was not found in the list. But this case
shoud never happen as there will always be an NFCT_T_NEW event before an
NFCT_T_UPDATE event.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Reset do_reload_flows flag before dump flows. It allows to change
filter state more dynamically
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show 'Active' filter status if 'a' was pressed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show family name in the filter status line.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add U/T/I/D/S runtime commands (same like for command line)
to filter flows by UDP/TCP/ICMP/DCCP/SCTP proto.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add header bar to be symmetric to the footer.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It's not only ports we look up, make the names a bit more generic.
Preparatory patch before moving OUI lookup to the lookup module.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
No need to use if/else, just toogle it like any other bool.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add command 'a' to show only active flows with rate > 0 (dst or src).
Now 'n->is_visible' means which flow to show by presenter.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add interactive command 'b' to change rate units to show.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show help window by pressing '?' with interactive commands description.
Added simple footer bar with help label.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Seems like screen is updating too frequently which
may block some terminals, so lets do it once in 1s
but only if no key was pressed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make rate calculation more carefully by checking previous & current
bytes/pkts counter.
Do calculation only if update time passed >= 1s.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is easier to differentiate bytes/pkts counters with rate counters
if to use different colors.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename flow_entry_direction to flow_direction, which is a bit shorter
and change the enum value names to be in upper case.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Handle non-zero return values by exiting flowtop like we do in the other
tools.
This fixes Coverity warnings CID 1338093 and CID 1338092.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add G,--no-geoip to the usage output.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Replace bugs@netsniff-ng.com with netsniff-ng@googlegroups.com
which is used in REPORTING-BUGS file.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add -b,--bits command line option to show rates in bits/s instead of
bytes/s.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make sure we always terminate the strings with '\0'. Also only set the
first byte to '\0' instead of memset()ing the entire buffer in case no
city/country is returned.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use boolean false/true for show_src option value. This makes the
handling of on/off parameters more consistent.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add option -G,--no-geoip which allows to disable GeoIP lookup.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Minor wording tweaks]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add option -n,--no-dns which allows to disable hostname lookup.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Minor wording tweaks]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use strlcpy to copy resolved src/dst hostname.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Remove superflous min() for size argument]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|