Age | Commit message (Collapse) | Author | Files | Lines |
|
Add left/right scrolling for flows list table to make
possible see all the columns with a smaller display size.
Handle 'Left' & 'Right' keypress to scroll left or right.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Render each column to the ncurses raw buffer first, this buffer
contains ncurses {char:attr} elements which will be printed
to the screen after ui_table_row_show() will
be called (at the end of columns rendering by flowtop).
The reason of this change is to have easy way to
make horizontal scrolling over this buffer.
Approach is used from the 'htop' tool.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Mark the nf_conntrack_msg_type parameter to flow_dump_cb with
__maybe_unused to prevent a warning when compiling with
-Wunused-parameter.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The only place where flow_list_update_entry() is called passes the
global flow_list anyway, so use the passed argument instead of the
global. This fixes the following -Wunused-parameter warning:
flowtop.c: In function ‘flow_list_update_entry’:
flowtop.c:1438:53: warning: unused parameter ‘fl’ [-Wunused-parameter]
static int flow_list_update_entry(struct flow_list *fl, struct nf_conntrack *ct)
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The WINDOW *screen parameter to draw_help() and draw_footer() is unused,
so remove it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Remove unused "screen" & "line" parameters from draw_flow_entry().
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Simplify screen refresh logic by removing tricky delay
logic which freezes a little key pressing.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Don't use refresh() & clear() as we draw entire screen
and flows table will be filled with empty rows.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Used new UI table API for flows printing to make it more
generic. Also it will allow to have same code to dump
flows in text mode.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use new colors definitions via enum variables instead of
numbers which helps to undrerstand better which kind
of color is used.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add 's' key option to toggle source peer info at runtime,
behaviour is the same like for '-s' command line option.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Changed flows list layout to look more a top-like output
with header and in 1 line. When -s option is specified
then layout changes to 2 lines view including with src peer
info and dst under it on next line.
Also shortified flow state names to allocate less space.
Removed presenter_get_port be cause ports are printed for both peers
separately.
The flow duration time is printed in very short form in one of the
units:
XXd - days
XXh - hours
XXm - minutes
XXs - seconds
the reason is that it is enough to have actually generic understanding
about flow time in the biggest time unit.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Simplify dump & flows refreshing via one nfct handle, which is enough.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
There is no need to have 2 separate handlers for the flow updating, so
use the one which was used for flow refreshing. Significant change is
that a new flow entry will be not added during update (i.e. on
NFCT_T_UPDATE events) if it was not found in the list. But this case
shoud never happen as there will always be an NFCT_T_NEW event before an
NFCT_T_UPDATE event.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Reset do_reload_flows flag before dump flows. It allows to change
filter state more dynamically
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show 'Active' filter status if 'a' was pressed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show family name in the filter status line.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add U/T/I/D/S runtime commands (same like for command line)
to filter flows by UDP/TCP/ICMP/DCCP/SCTP proto.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add header bar to be symmetric to the footer.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It's not only ports we look up, make the names a bit more generic.
Preparatory patch before moving OUI lookup to the lookup module.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
No need to use if/else, just toogle it like any other bool.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add command 'a' to show only active flows with rate > 0 (dst or src).
Now 'n->is_visible' means which flow to show by presenter.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add interactive command 'b' to change rate units to show.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show help window by pressing '?' with interactive commands description.
Added simple footer bar with help label.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Seems like screen is updating too frequently which
may block some terminals, so lets do it once in 1s
but only if no key was pressed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make rate calculation more carefully by checking previous & current
bytes/pkts counter.
Do calculation only if update time passed >= 1s.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is easier to differentiate bytes/pkts counters with rate counters
if to use different colors.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Rename flow_entry_direction to flow_direction, which is a bit shorter
and change the enum value names to be in upper case.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Handle non-zero return values by exiting flowtop like we do in the other
tools.
This fixes Coverity warnings CID 1338093 and CID 1338092.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add G,--no-geoip to the usage output.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Replace bugs@netsniff-ng.com with netsniff-ng@googlegroups.com
which is used in REPORTING-BUGS file.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add -b,--bits command line option to show rates in bits/s instead of
bytes/s.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make sure we always terminate the strings with '\0'. Also only set the
first byte to '\0' instead of memset()ing the entire buffer in case no
city/country is returned.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use boolean false/true for show_src option value. This makes the
handling of on/off parameters more consistent.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add option -G,--no-geoip which allows to disable GeoIP lookup.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Minor wording tweaks]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add option -n,--no-dns which allows to disable hostname lookup.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Minor wording tweaks]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use strlcpy to copy resolved src/dst hostname.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Remove superflous min() for size argument]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The SI prefix for 1000 is 'k', not 'K' (which is used for 1024 bytes by
some).
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add new -t,--interval option to specify flow refresh interval in
seconds.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Fix type conversion on rate calculation]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use GB/MB/KB for traffic rate & accounting.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Constify pointers struct flow_entry and struct nf_conntrack where
possible.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The cmdline entry of struct flow_entry is only used to display the
process name using basename() in presenter_screen_do_line(). Instead of
calling basename() everytime just call it once when we read the cmdline
proc entry and store the basename in struct flow_entry. Also rename the
struct member accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Calculate and display the rate of src/dst bytes and packets. Also change
the refresh time for the flows to 1s so the rate info will not disappear
too quickly.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Bail out early if we fail to read the current sysctl variable values for
net/netfilter/nf_conntrack_acct and net/netfilter/nf_conntrack_timestamp
Otherwise we'll not be able restore the previous value on exit/panic.
Moreover, if we fail to read the sysctl file, we usually also lack the
permissions to write it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Allow setting start/stop timestamp for new flows by enabling:
/proc/sys/net/netfilter/nf_conntrack_timestamp
on start and resetting it on exit or panic.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tklauser: Remove unnecessary cast of void pointer]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show flow time duration in human readable form.
Originally submitted by Vadim in a slightly different form.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Instead of creating an additional struct flow_entry on the stack just to
use the CP_NFCT macros, call nfct_get_attr_u16() directly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show byte/packet counters in the same colors as their direction:
- src in red
- dst in blue
so it will be easiser to identify them by direction.
Also unifed counters printing in one function and changed counters
naming similar to other *_src members of flow_entry struct.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tklauser: Reverted to using parentheses in printed message]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Just ignore DNS flows instead of insert it and then
filter it out by presenter.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|