Browse code

- dst blacklist measurements added

Gergely Kovacs authored on 31/07/2007 13:27:55
Showing 2 changed files
... ...
@@ -22,8 +22,8 @@
22 22
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23 23
  * GNU General Public License for more details.
24 24
  *
25
- * You should have received a copy of the GNU General Public License 
26
- * along with this program; if not, write to the Free Software 
25
+ * You should have received a copy of the GNU General Public License
26
+ * along with this program; if not, write to the Free Software
27 27
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
28 28
  */
29 29
 /* History:
... ...
@@ -32,6 +32,7 @@
32 32
  *  2007-05-39  added hooks for add; more locks to reduce contention (andrei)
33 33
  *  2007-06-26  added hooks for search (andrei)
34 34
  *  2007-07-30  added dst_blacklist_del() and dst_blacklist_add_to()  (andrei)
35
+ *  2007-07-30  dst blacklist measurements added (Gergo)
35 36
  */
36 37
 
37 38
 
... ...
@@ -48,6 +49,9 @@
48 48
 #include "rpc.h"
49 49
 #include "compiler_opt.h"
50 50
 #include "resolve.h" /* for str2ip */
51
+#ifdef USE_DST_BLACKLIST_STATS
52
+#include "pt.h"
53
+#endif
51 54
 
52 55
 
53 56
 
... ...
@@ -58,7 +62,7 @@ struct dst_blst_entry{
58 58
 	unsigned short port;
59 59
 	unsigned char proto;
60 60
 	unsigned char flags; /* contains the address type + error flags */
61
-	unsigned char ip[4]; /* 4 for ipv4, 16 for ipv6 */ 
61
+	unsigned char ip[4]; /* 4 for ipv4, 16 for ipv6 */
62 62
 };
63 63
 
64 64
 #define DST_BLST_ENTRY_SIZE(b) \
... ...
@@ -127,7 +131,9 @@ unsigned int blst_timeout=DEFAULT_BLST_TIMEOUT;
127 127
 unsigned int blst_timer_interval=DEFAULT_BLST_TIMER_INTERVAL;
128 128
 struct dst_blst_lst_head* dst_blst_hash=0;
129 129
 
130
-
130
+#ifdef USE_DST_BLACKLIST_STATS
131
+struct t_dst_blacklist_stats* dst_blacklist_stats=0;
132
+#endif
131 133
 
132 134
 #ifdef DST_BLACKLIST_HOOKS
133 135
 
... ...
@@ -221,7 +227,7 @@ int register_blacklist_hook(struct blacklist_hook *h, int type)
221 221
 	struct blst_callbacks_lst* cb_lst;
222 222
 	struct blacklist_hook* tmp;
223 223
 	int new_max_hooks;
224
-	
224
+
225 225
 	switch(type){
226 226
 		case DST_BLACKLIST_ADD_CB:
227 227
 			cb_lst=&blst_add_cb;
... ...
@@ -240,15 +246,15 @@ int register_blacklist_hook(struct blacklist_hook *h, int type)
240 240
 
241 241
 	if (cb_lst->last_idx >= cb_lst->max_hooks){
242 242
 		new_max_hooks=2*cb_lst->max_hooks;
243
-		tmp=pkg_realloc(cb_lst->hooks, 
243
+		tmp=pkg_realloc(cb_lst->hooks,
244 244
 				new_max_hooks*sizeof(struct blacklist_hook));
245 245
 		if (tmp==0){
246 246
 			goto error;
247 247
 		}
248 248
 		cb_lst->hooks=tmp;
249
-		/* init the new chunk (but not the current entry which is 
249
+		/* init the new chunk (but not the current entry which is
250 250
 		 * overwritten anyway) */
251
-		memset(&cb_lst->hooks[cb_lst->max_hooks+1], 0, 
251
+		memset(&cb_lst->hooks[cb_lst->max_hooks+1], 0,
252 252
 					(new_max_hooks-cb_lst->max_hooks-1)*
253 253
 						sizeof(struct blacklist_hook));
254 254
 		cb_lst->max_hooks=new_max_hooks;
... ...
@@ -267,8 +273,8 @@ inline static int blacklist_run_hooks(struct blst_callbacks_lst *cb_lst,
267 267
 {
268 268
 	int r;
269 269
 	int ret;
270
-	
271
-	ret=DST_BLACKLIST_CONTINUE; /* default, if no hook installed accept 
270
+
271
+	ret=DST_BLACKLIST_CONTINUE; /* default, if no hook installed accept
272 272
 								blacklist operation */
273 273
 	if (likely(cb_lst->last_idx==0))
274 274
 		return ret;
... ...
@@ -313,7 +319,7 @@ inline static unsigned short dst_blst_hash_no(unsigned char proto,
313 313
 {
314 314
 	str s1;
315 315
 	str s2;
316
-	
316
+
317 317
 	s1.s=(char*)ip->u.addr;
318 318
 	s1.len=ip->len;
319 319
 	s2.s=(char*)&port;
... ...
@@ -329,7 +335,7 @@ void destroy_dst_blacklist()
329 329
 	struct dst_blst_entry** crt;
330 330
 	struct dst_blst_entry** tmp;
331 331
 	struct dst_blst_entry* e;
332
-	
332
+
333 333
 	if (blst_timer_h){
334 334
 		timer_del(blst_timer_h);
335 335
 		timer_free(blst_timer_h);
... ...
@@ -351,10 +357,10 @@ void destroy_dst_blacklist()
351 351
 		blst_lock=0;
352 352
 	}
353 353
 #endif
354
-	
354
+
355 355
 	if (dst_blst_hash){
356 356
 		for(r=0; r<DST_BLST_HASH_SIZE; r++){
357
-			for (crt=&dst_blst_hash[r].first, tmp=&(*crt)->next; *crt; 
357
+			for (crt=&dst_blst_hash[r].first, tmp=&(*crt)->next; *crt;
358 358
 					crt=tmp, tmp=&(*crt)->next){
359 359
 			e=*crt;
360 360
 			*crt=(*crt)->next;
... ...
@@ -371,6 +377,11 @@ void destroy_dst_blacklist()
371 371
 #ifdef DST_BLACKLIST_HOOKS
372 372
 	destroy_blacklist_hooks();
373 373
 #endif
374
+
375
+#ifdef USE_DST_BLACKLIST_STATS
376
+	if (dst_blacklist_stats)
377
+		shm_free(dst_blacklist_stats);
378
+#endif
374 379
 }
375 380
 
376 381
 
... ...
@@ -381,7 +392,7 @@ int init_dst_blacklist()
381 381
 #ifdef BLST_LOCK_PER_BUCKET
382 382
 	int r;
383 383
 #endif
384
-	
384
+
385 385
 	ret=-1;
386 386
 #ifdef DST_BLACKLIST_HOOKS
387 387
 	if (init_blacklist_hooks()!=0){
... ...
@@ -457,6 +468,22 @@ error:
457 457
 	return ret;
458 458
 }
459 459
 
460
+#ifdef USE_DST_BLACKLIST_STATS
461
+int init_dst_blacklist_stats(int iproc_num)
462
+{
463
+	/* if it is already initialized */
464
+	if (dst_blacklist_stats)
465
+		shm_free(dst_blacklist_stats);
466
+
467
+	dst_blacklist_stats=shm_malloc(sizeof(*dst_blacklist_stats) * iproc_num);
468
+	if (dst_blacklist_stats==0){
469
+		return E_OUT_OF_MEM;
470
+	}
471
+	memset(dst_blacklist_stats, 0, sizeof(*dst_blacklist_stats) * iproc_num);
472
+
473
+	return 0;
474
+}
475
+#endif
460 476
 
461 477
 /* must be called with the lock held
462 478
  * struct dst_blst_entry** head, struct dst_blst_entry* e */
... ...
@@ -484,7 +511,7 @@ inline static struct dst_blst_entry* _dst_blacklist_lst_find(
484 484
 	struct dst_blst_entry* e;
485 485
 	struct dst_blst_entry** head;
486 486
 	unsigned char type;
487
-	
487
+
488 488
 	head=&dst_blst_hash[hash].first;
489 489
 	type=(ip->af==AF_INET6)*BLST_IS_IPV6;
490 490
 	for (crt=head, tmp=&(*head)->next; *crt; crt=tmp, tmp=&(*crt)->next){
... ...
@@ -498,7 +525,7 @@ inline static struct dst_blst_entry* _dst_blacklist_lst_find(
498 498
 			blst_destroy_entry(e);
499 499
 		}else if ((e->port==port) && ((e->flags & BLST_IS_IPV6)==type) &&
500 500
 				((e->proto==PROTO_NONE) || (proto==PROTO_NONE) ||
501
-					(e->proto==proto)) && 
501
+					(e->proto==proto)) &&
502 502
 					(memcmp(ip->u.addr, e->ip, ip->len)==0)){
503 503
 			return e;
504 504
 		}
... ...
@@ -553,9 +580,9 @@ inline static int _dst_blacklist_del(
553 553
 
554 554
 
555 555
 /* frees all the expired entries until either there are no more of them
556
- *  or the total memory used is <= target (to free all of them use -1 for 
556
+ *  or the total memory used is <= target (to free all of them use -1 for
557 557
  *  targer)
558
- *  params:   target  - free expired entries until no more then taget memory 
558
+ *  params:   target  - free expired entries until no more then taget memory
559 559
  *                      is used  (use 0 to free all of them)
560 560
  *            delta   - consider an entry expired if it expires after delta
561 561
  *                      ticks from now
... ...
@@ -577,7 +604,7 @@ inline static int dst_blacklist_clean_expired(unsigned int target,
577 577
 	ticks_t now;
578 578
 	int no=0;
579 579
 	int i;
580
-	
580
+
581 581
 	now=start_time=get_ticks_raw();
582 582
 	for(h=start; h!=(start+DST_BLST_HASH_SIZE); h++){
583 583
 		i=h%DST_BLST_HASH_SIZE;
... ...
@@ -632,7 +659,7 @@ static ticks_t blst_timer(ticks_t ticks, struct timer_ln* tl, void* data)
632 632
  * returns 0 on success, -1 on error (blacklist full -- would use more then
633 633
  *  blst:_max_mem, or out of shm. mem.)
634 634
  */
635
-inline static int dst_blacklist_add_ip(unsigned char err_flags, 
635
+inline static int dst_blacklist_add_ip(unsigned char err_flags,
636 636
 									unsigned char proto,
637 637
 									struct ip_addr* ip, unsigned short port,
638 638
 									ticks_t timeout)
... ...
@@ -642,7 +669,7 @@ inline static int dst_blacklist_add_ip(unsigned char err_flags,
642 642
 	unsigned short hash;
643 643
 	ticks_t now;
644 644
 	int ret;
645
-	
645
+
646 646
 	ret=0;
647 647
 	if (ip->af==AF_INET){
648 648
 		err_flags&=~BLST_IS_IPV6; /* make sure the ipv6 flag is reset */
... ...
@@ -661,10 +688,13 @@ inline static int dst_blacklist_add_ip(unsigned char err_flags,
661 661
 			e->expire=now+timeout; /* update the timeout */
662 662
 		}else{
663 663
 			if (unlikely((*blst_mem_used+size)>=blst_max_mem)){
664
+#ifdef USE_DST_BLACKLIST_STATS
665
+				dst_blacklist_stats[process_no].bkl_lru_cnt++;
666
+#endif
664 667
 				UNLOCK_BLST(hash);
665 668
 				/* first try to free some memory  (~ 12%), but don't
666 669
 				 * spend more then 250 ms*/
667
-				dst_blacklist_clean_expired(*blst_mem_used/16*14, 0, 
670
+				dst_blacklist_clean_expired(*blst_mem_used/16*14, 0,
668 671
 															MS_TO_TICKS(250));
669 672
 				if (unlikely(*blst_mem_used+size>=blst_max_mem)){
670 673
 					ret=-1;
... ...
@@ -704,7 +734,7 @@ inline static int dst_is_blacklisted_ip(unsigned char proto,
704 704
 	unsigned short hash;
705 705
 	ticks_t now;
706 706
 	int ret;
707
-	
707
+
708 708
 	ret=0;
709 709
 	now=get_ticks_raw();
710 710
 	hash=dst_blst_hash_no(proto, ip, port);
... ...
@@ -726,6 +756,9 @@ int dst_blacklist_add_to(unsigned char err_flags,  struct dest_info* si,
726 726
 {
727 727
 	struct ip_addr ip;
728 728
 
729
+#ifdef USE_DST_BLACKLIST_STATS
730
+	dst_blacklist_stats[process_no].bkl_hit_cnt++;
731
+#endif
729 732
 #ifdef DST_BLACKLIST_HOOKS
730 733
 	if (unlikely (blacklist_run_hooks(&blst_add_cb, si, &err_flags, msg) ==
731 734
 					DST_BLACKLIST_DENY))
... ...
@@ -740,6 +773,7 @@ int dst_blacklist_add_to(unsigned char err_flags,  struct dest_info* si,
740 740
 
741 741
 int dst_is_blacklisted(struct dest_info* si, struct sip_msg* msg)
742 742
 {
743
+	int ires;
743 744
 	struct ip_addr ip;
744 745
 #ifdef DST_BLACKLIST_HOOKS
745 746
 	unsigned char err_flags;
... ...
@@ -757,7 +791,12 @@ int dst_is_blacklisted(struct dest_info* si, struct sip_msg* msg)
757 757
 			return err_flags;
758 758
 	}
759 759
 #endif
760
-	return dst_is_blacklisted_ip(si->proto, &ip, su_getport(&si->to));
760
+	ires=dst_is_blacklisted_ip(si->proto, &ip, su_getport(&si->to));
761
+#ifdef USE_DST_BLACKLIST_STATS
762
+	if (ires)
763
+		dst_blacklist_stats[process_no].bkl_hit_cnt++;
764
+#endif
765
+	return ires;
761 766
 }
762 767
 
763 768
 
... ...
@@ -811,6 +850,69 @@ static char* get_proto_name(unsigned char proto)
811 811
 }
812 812
 
813 813
 
814
+#ifdef USE_DST_BLACKLIST_STATS
815
+void dst_blst_stats_get(rpc_t* rpc, void* c)
816
+{
817
+	char *name=NULL;
818
+	void *handle;
819
+	int found=0,i=0;
820
+	int reset=0;
821
+	char* dst_blacklist_stats_names[] = {
822
+		"bkl_hit_cnt",
823
+		"bkl_lru_cnt",
824
+		NULL
825
+	};
826
+	unsigned long  stat_sum(int ivar, int breset) {
827
+		unsigned long isum=0;
828
+		int i1=0;
829
+
830
+		for (; i1 < get_max_procs(); i1++)
831
+			switch (ivar) {
832
+				case 0:
833
+					isum+=dst_blacklist_stats[i1].bkl_hit_cnt;
834
+					if (breset)
835
+						dst_blacklist_stats[i1].bkl_hit_cnt=0;
836
+					break;
837
+				case 1:
838
+					isum+=dst_blacklist_stats[i1].bkl_lru_cnt;
839
+					if (breset)
840
+						dst_blacklist_stats[i1].bkl_lru_cnt=0;
841
+					break;
842
+			}
843
+
844
+			return isum;
845
+	}
846
+
847
+	if (rpc->scan(c, "s", &name) < 0)
848
+		return;
849
+	if (rpc->scan(c, "d", &reset) < 0)
850
+		return;
851
+	if (!strcasecmp(name, DST_BLACKLIST_ALL_STATS)) {
852
+		/* dump all the dns cache stat values */
853
+		rpc->add(c, "{", &handle);
854
+		for (i=0; dst_blacklist_stats_names[i]; i++)
855
+			rpc->struct_add(handle, "d",
856
+							dst_blacklist_stats_names[i],
857
+							stat_sum(i, reset));
858
+
859
+		found=1;
860
+	} else {
861
+		for (i=0; dst_blacklist_stats_names[i]; i++)
862
+			if (!strcasecmp(dst_blacklist_stats_names[i], name)) {
863
+			rpc->add(c, "{", &handle);
864
+			rpc->struct_add(handle, "d",
865
+							dst_blacklist_stats_names[i],
866
+							stat_sum(i, reset));
867
+			found=1;
868
+			break;
869
+			}
870
+	}
871
+	if(!found)
872
+		rpc->fault(c, 500, "unknown dst blacklist stat parameter");
873
+
874
+	return;
875
+}
876
+#endif /* USE_DST_BLACKLIST_STATS */
814 877
 
815 878
 /* only for debugging, it helds the lock too long for "production" use */
816 879
 void dst_blst_debug(rpc_t* rpc, void* ctx)
... ...
@@ -819,14 +921,14 @@ void dst_blst_debug(rpc_t* rpc, void* ctx)
819 819
 	struct dst_blst_entry* e;
820 820
 	ticks_t now;
821 821
 	struct ip_addr ip;
822
-	
822
+
823 823
 	now=get_ticks_raw();
824 824
 		for(h=0; h<DST_BLST_HASH_SIZE; h++){
825 825
 			LOCK_BLST(h);
826 826
 			for(e=dst_blst_hash[h].first; e; e=e->next){
827 827
 				dst_blst_entry2ip(&ip, e);
828
-				rpc->add(ctx, "ssddd", get_proto_name(e->proto), 
829
-										ip_addr2a(&ip), e->port, 
828
+				rpc->add(ctx, "ssddd", get_proto_name(e->proto),
829
+										ip_addr2a(&ip), e->port,
830 830
 										(s_ticks_t)(now-e->expire)<=0?
831 831
 										TICKS_TO_S(e->expire-now):
832 832
 										-TICKS_TO_S(now-e->expire) ,
... ...
@@ -843,10 +945,10 @@ void dst_blst_hash_stats(rpc_t* rpc, void* ctx)
843 843
 	struct dst_blst_entry* e;
844 844
 #ifdef BLST_HASH_STATS
845 845
 	int n;
846
-	
846
+
847 847
 	n=0;
848 848
 #endif
849
-	
849
+
850 850
 		for(h=0; h<DST_BLST_HASH_SIZE; h++){
851 851
 #ifdef BLST_HASH_STATS
852 852
 			LOCK_BLST(h);
... ...
@@ -867,7 +969,7 @@ void dst_blst_view(rpc_t* rpc, void* ctx)
867 867
 	ticks_t now;
868 868
 	struct ip_addr ip;
869 869
 	void* handle;
870
-	
870
+
871 871
 	now=get_ticks_raw();
872 872
 		for(h=0; h<DST_BLST_HASH_SIZE; h++){
873 873
 			LOCK_BLST(h);
... ...
@@ -22,13 +22,14 @@
22 22
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23 23
  * GNU General Public License for more details.
24 24
  *
25
- * You should have received a copy of the GNU General Public License 
26
- * along with this program; if not, write to the Free Software 
25
+ * You should have received a copy of the GNU General Public License
26
+ * along with this program; if not, write to the Free Software
27 27
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
28 28
  */
29 29
 /* History:
30 30
  * --------
31 31
  *  2006-07-29  created by andrei
32
+ *  2007-07-30  dst blacklist measurements added (Gergo)
32 33
  */
33 34
 
34 35
 #ifndef dst_black_list_h
... ...
@@ -75,6 +76,10 @@ int register_blacklist_hook(struct blacklist_hook *h, int type);
75 75
 #endif /* DST_BLACKLIST_HOOKS */
76 76
 
77 77
 int init_dst_blacklist();
78
+#ifdef USE_DST_BLACKLIST_STATS
79
+int init_dst_blacklist_stats(int iproc_num);
80
+#define DST_BLACKLIST_ALL_STATS "bkl_all_stats"
81
+#endif
78 82
 void destroy_dst_blacklist();
79 83
 
80 84