X-Git-Url: https://git.octo.it/?a=blobdiff_plain;ds=sidebyside;f=src%2Fiptables.c;h=5fa1f4086a8aa23dd5bfff14e289f0e80845d65c;hb=e4b274ed754af52196d3390b8ce101a7f94e318a;hp=b6aa938ea631f546fdceb221f254e36aaa9f48a1;hpb=d92c34382175773e1583810359db0d3330e0cfc7;p=collectd.git diff --git a/src/iptables.c b/src/iptables.c index b6aa938e..5fa1f408 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -24,48 +24,16 @@ #include "common.h" #include "plugin.h" #include "configfile.h" -#include "utils_debug.h" #if HAVE_LIBIPTC_LIBIPTC_H # include #endif -#if HAVE_LIBIPTC_LIBIPTC_H -# define IPTABLES_HAVE_READ 1 -#else -# define IPTABLES_HAVE_READ 0 -#endif - -#define MODULE_NAME "iptables" -#define BUFSIZE 512 - /* * (Module-)Global variables */ /* - * Removed packet count for now, should have config option if you want to save - * them Although other collectd models don't seem to care much for options - * eitherway for what to log - */ -/* Limit to ~125MByte/s (~1GBit/s) */ -static data_source_t dsrc[1] = -{ - {"value", DS_TYPE_COUNTER, 0.0, 134217728.0} -}; - -static data_set_t ipt_bytes_ds = -{ - "ipt_bytes", 1, dsrc -}; - -static data_set_t ipt_packets_ds = -{ - "ipt_packets", 1, dsrc -}; - -#if IPTABLES_HAVE_READ -/* * Config format should be `Chain table chainname', * e. g. `Chain mangle incoming' */ @@ -120,7 +88,9 @@ static int iptables_config (const char *key, const char *value) value_copy = strdup (value); if (value_copy == NULL) { - ERROR ("strdup failed: %s", strerror (errno)); + char errbuf[1024]; + ERROR ("strdup failed: %s", + sstrerror (errno, errbuf, sizeof (errbuf))); return (1); } @@ -167,8 +137,12 @@ static int iptables_config (const char *key, const char *value) } else { - strncpy (temp.rule.comment, comment, - sizeof (temp.rule.comment) - 1); + temp.rule.comment = strdup (comment); + if (temp.rule.comment == NULL) + { + free (value_copy); + return (1); + } temp.rule_type = RTYPE_COMMENT; } } @@ -188,16 +162,20 @@ static int iptables_config (const char *key, const char *value) list = (ip_chain_t **) realloc (chain_list, (chain_num + 1) * sizeof (ip_chain_t *)); if (list == NULL) { - ERROR ("realloc failed: %s", strerror (errno)); - return (1); + char errbuf[1024]; + ERROR ("realloc failed: %s", + sstrerror (errno, errbuf, sizeof (errbuf))); + return (1); } chain_list = list; final = (ip_chain_t *) malloc( sizeof(temp) ); if (final == NULL) { - ERROR ("malloc failed: %s", strerror (errno)); - return (1); + char errbuf[1024]; + ERROR ("malloc failed: %s", + sstrerror (errno, errbuf, sizeof (errbuf))); + return (1); } memcpy (final, &temp, sizeof (temp)); chain_list[chain_num] = final; @@ -212,9 +190,7 @@ static int iptables_config (const char *key, const char *value) return (0); } /* int iptables_config */ -#endif /* IPTABLES_HAVE_READ */ -#if IPTABLES_HAVE_READ /* This needs to return `int' for IPT_MATCH_ITERATE to work. */ static int submit_match (const struct ipt_entry_match *match, const struct ipt_entry *entry, @@ -346,28 +322,25 @@ static int iptables_shutdown (void) int i; for (i = 0; i < chain_num; i++) + { + if ((chain_list[i] != NULL) && (chain_list[i]->rule_type == RTYPE_COMMENT)) + { + sfree (chain_list[i]->rule.comment); + } sfree (chain_list[i]); + } sfree (chain_list); return (0); } /* int iptables_shutdown */ -#endif /* IPTABLES_HAVE_READ */ void module_register (void) { - plugin_register_data_set (&ipt_bytes_ds); - plugin_register_data_set (&ipt_packets_ds); - -#if IPTABLES_HAVE_READ plugin_register_config ("iptables", iptables_config, config_keys, config_keys_num); plugin_register_read ("iptables", iptables_read); plugin_register_shutdown ("iptables", iptables_shutdown); -#endif -} - -#undef BUFSIZE -#undef MODULE_NAME +} /* void module_register */ /* * vim:shiftwidth=4:softtabstop=4:tabstop=8