Browse code

- dst blacklist measurements added

Gergely Kovacs authored on 31/07/2007 13:27:55
Showing 2 changed files
... ...
@@ -22,8 +22,8 @@
22 22
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23 23
  * GNU General Public License for more details.
24 24
  *
25
- * You should have received a copy of the GNU General Public License 
26
- * along with this program; if not, write to the Free Software 
25
+ * You should have received a copy of the GNU General Public License
26
+ * along with this program; if not, write to the Free Software
27 27
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
28 28
  */
29 29
 /* History:
... ...
@@ -32,6 +32,7 @@
32 32
  *  2007-05-39  added hooks for add; more locks to reduce contention (andrei)
33 33
  *  2007-06-26  added hooks for search (andrei)
34 34
  *  2007-07-30  added dst_blacklist_del() and dst_blacklist_add_to()  (andrei)
35
+ *  2007-07-30  dst blacklist measurements added (Gergo)
35 36
  */
36 37
 
37 38
 
... ...
@@ -48,6 +49,9 @@
48 49
 #include "rpc.h"
49 50
 #include "compiler_opt.h"
50 51
 #include "resolve.h" /* for str2ip */
52
+#ifdef USE_DST_BLACKLIST_STATS
53
+#include "pt.h"
54
+#endif
51 55
 
52 56
 
53 57
 
... ...
@@ -58,7 +62,7 @@ struct dst_blst_entry{
58 62
 	unsigned short port;
59 63
 	unsigned char proto;
60 64
 	unsigned char flags; /* contains the address type + error flags */
61
-	unsigned char ip[4]; /* 4 for ipv4, 16 for ipv6 */ 
65
+	unsigned char ip[4]; /* 4 for ipv4, 16 for ipv6 */
62 66
 };
63 67
 
64 68
 #define DST_BLST_ENTRY_SIZE(b) \
... ...
@@ -127,7 +131,9 @@ unsigned int blst_timeout=DEFAULT_BLST_TIMEOUT;
127 131
 unsigned int blst_timer_interval=DEFAULT_BLST_TIMER_INTERVAL;
128 132
 struct dst_blst_lst_head* dst_blst_hash=0;
129 133
 
130
-
134
+#ifdef USE_DST_BLACKLIST_STATS
135
+struct t_dst_blacklist_stats* dst_blacklist_stats=0;
136
+#endif
131 137
 
132 138
 #ifdef DST_BLACKLIST_HOOKS
133 139
 
... ...
@@ -221,7 +227,7 @@ int register_blacklist_hook(struct blacklist_hook *h, int type)
221 227
 	struct blst_callbacks_lst* cb_lst;
222 228
 	struct blacklist_hook* tmp;
223 229
 	int new_max_hooks;
224
-	
230
+
225 231
 	switch(type){
226 232
 		case DST_BLACKLIST_ADD_CB:
227 233
 			cb_lst=&blst_add_cb;
... ...
@@ -240,15 +246,15 @@ int register_blacklist_hook(struct blacklist_hook *h, int type)
240 246
 
241 247
 	if (cb_lst->last_idx >= cb_lst->max_hooks){
242 248
 		new_max_hooks=2*cb_lst->max_hooks;
243
-		tmp=pkg_realloc(cb_lst->hooks, 
249
+		tmp=pkg_realloc(cb_lst->hooks,
244 250
 				new_max_hooks*sizeof(struct blacklist_hook));
245 251
 		if (tmp==0){
246 252
 			goto error;
247 253
 		}
248 254
 		cb_lst->hooks=tmp;
249
-		/* init the new chunk (but not the current entry which is 
255
+		/* init the new chunk (but not the current entry which is
250 256
 		 * overwritten anyway) */
251
-		memset(&cb_lst->hooks[cb_lst->max_hooks+1], 0, 
257
+		memset(&cb_lst->hooks[cb_lst->max_hooks+1], 0,
252 258
 					(new_max_hooks-cb_lst->max_hooks-1)*
253 259
 						sizeof(struct blacklist_hook));
254 260
 		cb_lst->max_hooks=new_max_hooks;
... ...
@@ -267,8 +273,8 @@ inline static int blacklist_run_hooks(struct blst_callbacks_lst *cb_lst,
267 273
 {
268 274
 	int r;
269 275
 	int ret;
270
-	
271
-	ret=DST_BLACKLIST_CONTINUE; /* default, if no hook installed accept 
276
+
277
+	ret=DST_BLACKLIST_CONTINUE; /* default, if no hook installed accept
272 278
 								blacklist operation */
273 279
 	if (likely(cb_lst->last_idx==0))
274 280
 		return ret;
... ...
@@ -313,7 +319,7 @@ inline static unsigned short dst_blst_hash_no(unsigned char proto,
313 319
 {
314 320
 	str s1;
315 321
 	str s2;
316
-	
322
+
317 323
 	s1.s=(char*)ip->u.addr;
318 324
 	s1.len=ip->len;
319 325
 	s2.s=(char*)&port;
... ...
@@ -329,7 +335,7 @@ void destroy_dst_blacklist()
329 335
 	struct dst_blst_entry** crt;
330 336
 	struct dst_blst_entry** tmp;
331 337
 	struct dst_blst_entry* e;
332
-	
338
+
333 339
 	if (blst_timer_h){
334 340
 		timer_del(blst_timer_h);
335 341
 		timer_free(blst_timer_h);
... ...
@@ -351,10 +357,10 @@ void destroy_dst_blacklist()
351 357
 		blst_lock=0;
352 358
 	}
353 359
 #endif
354
-	
360
+
355 361
 	if (dst_blst_hash){
356 362
 		for(r=0; r<DST_BLST_HASH_SIZE; r++){
357
-			for (crt=&dst_blst_hash[r].first, tmp=&(*crt)->next; *crt; 
363
+			for (crt=&dst_blst_hash[r].first, tmp=&(*crt)->next; *crt;
358 364
 					crt=tmp, tmp=&(*crt)->next){
359 365
 			e=*crt;
360 366
 			*crt=(*crt)->next;
... ...
@@ -371,6 +377,11 @@ void destroy_dst_blacklist()
371 377
 #ifdef DST_BLACKLIST_HOOKS
372 378
 	destroy_blacklist_hooks();
373 379
 #endif
380
+
381
+#ifdef USE_DST_BLACKLIST_STATS
382
+	if (dst_blacklist_stats)
383
+		shm_free(dst_blacklist_stats);
384
+#endif
374 385
 }
375 386
 
376 387
 
... ...
@@ -381,7 +392,7 @@ int init_dst_blacklist()
381 392
 #ifdef BLST_LOCK_PER_BUCKET
382 393
 	int r;
383 394
 #endif
384
-	
395
+
385 396
 	ret=-1;
386 397
 #ifdef DST_BLACKLIST_HOOKS
387 398
 	if (init_blacklist_hooks()!=0){
... ...
@@ -457,6 +468,22 @@ error:
457 468
 	return ret;
458 469
 }
459 470
 
471
+#ifdef USE_DST_BLACKLIST_STATS
472
+int init_dst_blacklist_stats(int iproc_num)
473
+{
474
+	/* if it is already initialized */
475
+	if (dst_blacklist_stats)
476
+		shm_free(dst_blacklist_stats);
477
+
478
+	dst_blacklist_stats=shm_malloc(sizeof(*dst_blacklist_stats) * iproc_num);
479
+	if (dst_blacklist_stats==0){
480
+		return E_OUT_OF_MEM;
481
+	}
482
+	memset(dst_blacklist_stats, 0, sizeof(*dst_blacklist_stats) * iproc_num);
483
+
484
+	return 0;
485
+}
486
+#endif
460 487
 
461 488
 /* must be called with the lock held
462 489
  * struct dst_blst_entry** head, struct dst_blst_entry* e */
... ...
@@ -484,7 +511,7 @@ inline static struct dst_blst_entry* _dst_blacklist_lst_find(
484 511
 	struct dst_blst_entry* e;
485 512
 	struct dst_blst_entry** head;
486 513
 	unsigned char type;
487
-	
514
+
488 515
 	head=&dst_blst_hash[hash].first;
489 516
 	type=(ip->af==AF_INET6)*BLST_IS_IPV6;
490 517
 	for (crt=head, tmp=&(*head)->next; *crt; crt=tmp, tmp=&(*crt)->next){
... ...
@@ -498,7 +525,7 @@ inline static struct dst_blst_entry* _dst_blacklist_lst_find(
498 525
 			blst_destroy_entry(e);
499 526
 		}else if ((e->port==port) && ((e->flags & BLST_IS_IPV6)==type) &&
500 527
 				((e->proto==PROTO_NONE) || (proto==PROTO_NONE) ||
501
-					(e->proto==proto)) && 
528
+					(e->proto==proto)) &&
502 529
 					(memcmp(ip->u.addr, e->ip, ip->len)==0)){
503 530
 			return e;
504 531
 		}
... ...
@@ -553,9 +580,9 @@ inline static int _dst_blacklist_del(
553 580
 
554 581
 
555 582
 /* frees all the expired entries until either there are no more of them
556
- *  or the total memory used is <= target (to free all of them use -1 for 
583
+ *  or the total memory used is <= target (to free all of them use -1 for
557 584
  *  targer)
558
- *  params:   target  - free expired entries until no more then taget memory 
585
+ *  params:   target  - free expired entries until no more then taget memory
559 586
  *                      is used  (use 0 to free all of them)
560 587
  *            delta   - consider an entry expired if it expires after delta
561 588
  *                      ticks from now
... ...
@@ -577,7 +604,7 @@ inline static int dst_blacklist_clean_expired(unsigned int target,
577 604
 	ticks_t now;
578 605
 	int no=0;
579 606
 	int i;
580
-	
607
+
581 608
 	now=start_time=get_ticks_raw();
582 609
 	for(h=start; h!=(start+DST_BLST_HASH_SIZE); h++){
583 610
 		i=h%DST_BLST_HASH_SIZE;
... ...
@@ -632,7 +659,7 @@ static ticks_t blst_timer(ticks_t ticks, struct timer_ln* tl, void* data)
632 659
  * returns 0 on success, -1 on error (blacklist full -- would use more then
633 660
  *  blst:_max_mem, or out of shm. mem.)
634 661
  */
635
-inline static int dst_blacklist_add_ip(unsigned char err_flags, 
662
+inline static int dst_blacklist_add_ip(unsigned char err_flags,
636 663
 									unsigned char proto,
637 664
 									struct ip_addr* ip, unsigned short port,
638 665
 									ticks_t timeout)
... ...
@@ -642,7 +669,7 @@ inline static int dst_blacklist_add_ip(unsigned char err_flags,
642 669
 	unsigned short hash;
643 670
 	ticks_t now;
644 671
 	int ret;
645
-	
672
+
646 673
 	ret=0;
647 674
 	if (ip->af==AF_INET){
648 675
 		err_flags&=~BLST_IS_IPV6; /* make sure the ipv6 flag is reset */
... ...
@@ -661,10 +688,13 @@ inline static int dst_blacklist_add_ip(unsigned char err_flags,
661 688
 			e->expire=now+timeout; /* update the timeout */
662 689
 		}else{
663 690
 			if (unlikely((*blst_mem_used+size)>=blst_max_mem)){
691
+#ifdef USE_DST_BLACKLIST_STATS
692
+				dst_blacklist_stats[process_no].bkl_lru_cnt++;
693
+#endif
664 694
 				UNLOCK_BLST(hash);
665 695
 				/* first try to free some memory  (~ 12%), but don't
666 696
 				 * spend more then 250 ms*/
667
-				dst_blacklist_clean_expired(*blst_mem_used/16*14, 0, 
697
+				dst_blacklist_clean_expired(*blst_mem_used/16*14, 0,
668 698
 															MS_TO_TICKS(250));
669 699
 				if (unlikely(*blst_mem_used+size>=blst_max_mem)){
670 700
 					ret=-1;
... ...
@@ -704,7 +734,7 @@ inline static int dst_is_blacklisted_ip(unsigned char proto,
704 734
 	unsigned short hash;
705 735
 	ticks_t now;
706 736
 	int ret;
707
-	
737
+
708 738
 	ret=0;
709 739
 	now=get_ticks_raw();
710 740
 	hash=dst_blst_hash_no(proto, ip, port);
... ...
@@ -726,6 +756,9 @@ int dst_blacklist_add_to(unsigned char err_flags,  struct dest_info* si,
726 756
 {
727 757
 	struct ip_addr ip;
728 758
 
759
+#ifdef USE_DST_BLACKLIST_STATS
760
+	dst_blacklist_stats[process_no].bkl_hit_cnt++;
761
+#endif
729 762
 #ifdef DST_BLACKLIST_HOOKS
730 763
 	if (unlikely (blacklist_run_hooks(&blst_add_cb, si, &err_flags, msg) ==
731 764
 					DST_BLACKLIST_DENY))
... ...
@@ -740,6 +773,7 @@ int dst_blacklist_add_to(unsigned char err_flags,  struct dest_info* si,
740 773
 
741 774
 int dst_is_blacklisted(struct dest_info* si, struct sip_msg* msg)
742 775
 {
776
+	int ires;
743 777
 	struct ip_addr ip;
744 778
 #ifdef DST_BLACKLIST_HOOKS
745 779
 	unsigned char err_flags;
... ...
@@ -757,7 +791,12 @@ int dst_is_blacklisted(struct dest_info* si, struct sip_msg* msg)
757 791
 			return err_flags;
758 792
 	}
759 793
 #endif
760
-	return dst_is_blacklisted_ip(si->proto, &ip, su_getport(&si->to));
794
+	ires=dst_is_blacklisted_ip(si->proto, &ip, su_getport(&si->to));
795
+#ifdef USE_DST_BLACKLIST_STATS
796
+	if (ires)
797
+		dst_blacklist_stats[process_no].bkl_hit_cnt++;
798
+#endif
799
+	return ires;
761 800
 }
762 801
 
763 802
 
... ...
@@ -811,6 +850,69 @@ static char* get_proto_name(unsigned char proto)
811 850
 }
812 851
 
813 852
 
853
+#ifdef USE_DST_BLACKLIST_STATS
854
+void dst_blst_stats_get(rpc_t* rpc, void* c)
855
+{
856
+	char *name=NULL;
857
+	void *handle;
858
+	int found=0,i=0;
859
+	int reset=0;
860
+	char* dst_blacklist_stats_names[] = {
861
+		"bkl_hit_cnt",
862
+		"bkl_lru_cnt",
863
+		NULL
864
+	};
865
+	unsigned long  stat_sum(int ivar, int breset) {
866
+		unsigned long isum=0;
867
+		int i1=0;
868
+
869
+		for (; i1 < get_max_procs(); i1++)
870
+			switch (ivar) {
871
+				case 0:
872
+					isum+=dst_blacklist_stats[i1].bkl_hit_cnt;
873
+					if (breset)
874
+						dst_blacklist_stats[i1].bkl_hit_cnt=0;
875
+					break;
876
+				case 1:
877
+					isum+=dst_blacklist_stats[i1].bkl_lru_cnt;
878
+					if (breset)
879
+						dst_blacklist_stats[i1].bkl_lru_cnt=0;
880
+					break;
881
+			}
882
+
883
+			return isum;
884
+	}
885
+
886
+	if (rpc->scan(c, "s", &name) < 0)
887
+		return;
888
+	if (rpc->scan(c, "d", &reset) < 0)
889
+		return;
890
+	if (!strcasecmp(name, DST_BLACKLIST_ALL_STATS)) {
891
+		/* dump all the dns cache stat values */
892
+		rpc->add(c, "{", &handle);
893
+		for (i=0; dst_blacklist_stats_names[i]; i++)
894
+			rpc->struct_add(handle, "d",
895
+							dst_blacklist_stats_names[i],
896
+							stat_sum(i, reset));
897
+
898
+		found=1;
899
+	} else {
900
+		for (i=0; dst_blacklist_stats_names[i]; i++)
901
+			if (!strcasecmp(dst_blacklist_stats_names[i], name)) {
902
+			rpc->add(c, "{", &handle);
903
+			rpc->struct_add(handle, "d",
904
+							dst_blacklist_stats_names[i],
905
+							stat_sum(i, reset));
906
+			found=1;
907
+			break;
908
+			}
909
+	}
910
+	if(!found)
911
+		rpc->fault(c, 500, "unknown dst blacklist stat parameter");
912
+
913
+	return;
914
+}
915
+#endif /* USE_DST_BLACKLIST_STATS */
814 916
 
815 917
 /* only for debugging, it helds the lock too long for "production" use */
816 918
 void dst_blst_debug(rpc_t* rpc, void* ctx)
... ...
@@ -819,14 +921,14 @@ void dst_blst_debug(rpc_t* rpc, void* ctx)
819 921
 	struct dst_blst_entry* e;
820 922
 	ticks_t now;
821 923
 	struct ip_addr ip;
822
-	
924
+
823 925
 	now=get_ticks_raw();
824 926
 		for(h=0; h<DST_BLST_HASH_SIZE; h++){
825 927
 			LOCK_BLST(h);
826 928
 			for(e=dst_blst_hash[h].first; e; e=e->next){
827 929
 				dst_blst_entry2ip(&ip, e);
828
-				rpc->add(ctx, "ssddd", get_proto_name(e->proto), 
829
-										ip_addr2a(&ip), e->port, 
930
+				rpc->add(ctx, "ssddd", get_proto_name(e->proto),
931
+										ip_addr2a(&ip), e->port,
830 932
 										(s_ticks_t)(now-e->expire)<=0?
831 933
 										TICKS_TO_S(e->expire-now):
832 934
 										-TICKS_TO_S(now-e->expire) ,
... ...
@@ -843,10 +945,10 @@ void dst_blst_hash_stats(rpc_t* rpc, void* ctx)
843 945
 	struct dst_blst_entry* e;
844 946
 #ifdef BLST_HASH_STATS
845 947
 	int n;
846
-	
948
+
847 949
 	n=0;
848 950
 #endif
849
-	
951
+
850 952
 		for(h=0; h<DST_BLST_HASH_SIZE; h++){
851 953
 #ifdef BLST_HASH_STATS
852 954
 			LOCK_BLST(h);
... ...
@@ -867,7 +969,7 @@ void dst_blst_view(rpc_t* rpc, void* ctx)
867 969
 	ticks_t now;
868 970
 	struct ip_addr ip;
869 971
 	void* handle;
870
-	
972
+
871 973
 	now=get_ticks_raw();
872 974
 		for(h=0; h<DST_BLST_HASH_SIZE; h++){
873 975
 			LOCK_BLST(h);
... ...
@@ -22,13 +22,14 @@
22 22
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23 23
  * GNU General Public License for more details.
24 24
  *
25
- * You should have received a copy of the GNU General Public License 
26
- * along with this program; if not, write to the Free Software 
25
+ * You should have received a copy of the GNU General Public License
26
+ * along with this program; if not, write to the Free Software
27 27
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
28 28
  */
29 29
 /* History:
30 30
  * --------
31 31
  *  2006-07-29  created by andrei
32
+ *  2007-07-30  dst blacklist measurements added (Gergo)
32 33
  */
33 34
 
34 35
 #ifndef dst_black_list_h
... ...
@@ -75,6 +76,10 @@ int register_blacklist_hook(struct blacklist_hook *h, int type);
75 76
 #endif /* DST_BLACKLIST_HOOKS */
76 77
 
77 78
 int init_dst_blacklist();
79
+#ifdef USE_DST_BLACKLIST_STATS
80
+int init_dst_blacklist_stats(int iproc_num);
81
+#define DST_BLACKLIST_ALL_STATS "bkl_all_stats"
82
+#endif
78 83
 void destroy_dst_blacklist();
79 84
 
80 85