Fixed timeout connections handling
[Nuauth]

Collaboration diagram for Fixed timeout connections handling:


Files

file  conntrack.c
 Conntrack handling (used for fixed timeout).
file  period.c
 Provide a set of functions for period and time calculation.

Functions

nu_error_t send_conntrack_message (struct limited_connection *lconn, unsigned char msgtype)
void send_destroy_message_and_free (gpointer user_data)
static gboolean get_old_entry (gpointer key, gpointer value, gpointer user_data)
void destroy_expired_connection (GHashTable *lim_conn_list)
void * limited_connection_handler (GMutex *mutex)
 Unique thread to be able to access to list of connections to expire. Wait for messages.
static unsigned int get_start_of_day_from_time_t (time_t pckt_time)
static time_t get_end_of_period_item_for_time (struct period_item *perioditem, time_t pckt_time)
time_t get_end_of_period_for_time_t (const gchar *period, time_t pckt_time)
void free_period (gpointer data)
gboolean delete_period (GHashTable *periods, gchar *name)
void destroy_periods (GHashTable *periods)
gboolean define_new_period (GHashTable *periods, gchar *name, gchar *description)
gboolean add_perioditem_to_period (GHashTable *periods, gchar *name, struct period_item *perioditem)
GHashTable * init_periods ()
void reload_periods (GHashTable **periods)

Variables

static GStaticMutex period_mutex = G_STATIC_MUTEX_INIT

Function Documentation

gboolean add_perioditem_to_period ( GHashTable *  periods,
gchar *  name,
struct period_item perioditem 
)

Definition at line 222 of file period.c.

References DEBUG_AREA_MAIN, FALSE, period::items, log_message, TRUE, and period::used.

Referenced by period_end_element_handler().

gboolean define_new_period ( GHashTable *  periods,
gchar *  name,
gchar *  description 
)

Definition at line 209 of file period.c.

References period::description, period::items, period::name, and TRUE.

Referenced by period_start_element_handler().

gboolean delete_period ( GHashTable *  periods,
gchar *  name 
)

Definition at line 198 of file period.c.

void destroy_expired_connection ( GHashTable *  lim_conn_list  ) 

search and destroy expired connections

Definition at line 231 of file conntrack.c.

References get_old_entry().

Referenced by limited_connection_handler().

Here is the call graph for this function:

void destroy_periods ( GHashTable *  periods  ) 

Definition at line 204 of file period.c.

Referenced by free_nuauth_params(), and reload_periods().

void free_period ( gpointer  data  ) 

Definition at line 189 of file period.c.

References period::description, period::items, and period::name.

Referenced by init_periods().

time_t get_end_of_period_for_time_t ( const gchar *  period,
time_t  pckt_time 
)

return :

Definition at line 141 of file period.c.

References DEBUG_AREA_MAIN, get_end_of_period_item_for_time(), period::items, log_message, nuauthconf, period_mutex, and nuauth_params::periods.

Referenced by update_decision().

Here is the call graph for this function:

static time_t get_end_of_period_item_for_time ( struct period_item perioditem,
time_t  pckt_time 
) [static]

Compute end of period for a given time (second since epoch)

Returns:
return value of end period
  • 0 if time not in period
  • -1 if there's no end

Definition at line 48 of file period.c.

References period_item::duration, period_item::end_date, period_item::end_day, period_item::end_hour, get_start_of_day_from_time_t(), period_item::start_date, period_item::start_day, and period_item::start_hour.

Referenced by get_end_of_period_for_time_t().

Here is the call graph for this function:

static gboolean get_old_entry ( gpointer  key,
gpointer  value,
gpointer  user_data 
) [static]

get old entry

Definition at line 214 of file conntrack.c.

References DEBUG_AREA_GW, DEBUG_AREA_PACKET, debug_log_message, limited_connection::expire, FALSE, and TRUE.

Referenced by destroy_expired_connection().

static unsigned int get_start_of_day_from_time_t ( time_t  pckt_time  )  [inline, static]

Definition at line 35 of file period.c.

Referenced by get_end_of_period_item_for_time().

GHashTable* init_periods (  ) 

can have no parameter as a module reload is needed

Definition at line 243 of file period.c.

References free_period(), and modules_parse_periods().

Referenced by init_nuauthdata(), nuauth_reload(), and reload_periods().

Here is the call graph for this function:

void* limited_connection_handler ( GMutex *  mutex  ) 

Unique thread to be able to access to list of connections to expire. Wait for messages.

here we get message from nufw kernel connection is ASSURED we have to limit it if needed and log the state change if needed

Definition at line 244 of file conntrack.c.

References AUTH_CONN_UPDATE, internal_message::datas, DEBUG_AREA_GW, DEBUG_AREA_PACKET, debug_log_message, destroy_expired_connection(), limited_connection::expire, FREE_MESSAGE, hash_connection(), INSERT_MESSAGE, nuauth_datas::limited_connections_queue, log_message, nuauthconf, nuauthdatas, nuauth_params::nufw_has_fixed_timeout, POP_DELAY, REFRESH_MESSAGE, send_conntrack_message(), send_destroy_message_and_free(), limited_connection::tracking, tracking_equal(), internal_message::type, and UPDATE_MESSAGE.

Referenced by init_nuauthdata().

Here is the call graph for this function:

void reload_periods ( GHashTable **  periods  ) 

Definition at line 257 of file period.c.

References destroy_periods(), init_periods(), and period_mutex.

Here is the call graph for this function:

nu_error_t send_conntrack_message ( struct limited_connection lconn,
unsigned char  msgtype 
)

Send conntrack message to nufw server

Parameters:
lconn Pointer to a limited_connection which contains informations about the connection to modify
msgtype Action to take against connection
Returns:
a nu_error_t

Definition at line 40 of file conntrack.c.

References acquire_nufw_session_by_addr(), tracking_t::code, tracking_t::daddr, DEBUG_AREA_GW, DEBUG_AREA_PACKET, debug_log_message, declare_dead_nufw_session(), nuv3_conntrack_message_t::dest_port, limited_connection::expire, limited_connection::gwaddr, nuv4_conntrack_message_t::ip_dst, nuv4_conntrack_message_t::ip_protocol, nuv4_conntrack_message_t::ip_src, nuv3_conntrack_message_t::ipv4_dst, nuv3_conntrack_message_t::ipv4_protocol, nuv3_conntrack_message_t::ipv4_src, log_message, nuv4_conntrack_message_t::msg_length, nuv4_conntrack_message_t::msg_type, nuv3_conntrack_message_t::msg_type, NU_EXIT_ERROR, NU_EXIT_OK, nufw_session_send(), PROTO_VERSION_NUFW_V20, PROTO_VERSION_NUFW_V22_2, tracking_t::protocol, nuv4_conntrack_message_t::protocol_version, nuv3_conntrack_message_t::protocol_version, release_nufw_session(), tracking_t::saddr, session, nuv3_conntrack_message_t::src_port, nuv4_conntrack_message_t::timeout, nuv3_conntrack_message_t::timeout, limited_connection::tracking, and tracking_t::type.

Referenced by destroy_user_connections(), limited_connection_handler(), and send_destroy_message_and_free().

Here is the call graph for this function:

void send_destroy_message_and_free ( gpointer  user_data  ) 

Definition at line 198 of file conntrack.c.

References AUTH_CONN_DESTROY, DEBUG_AREA_GW, DEBUG_AREA_PACKET, debug_log_message, and send_conntrack_message().

Referenced by limited_connection_handler().

Here is the call graph for this function:

Variable Documentation

GStaticMutex period_mutex = G_STATIC_MUTEX_INIT [static]

Definition at line 33 of file period.c.

Referenced by get_end_of_period_for_time_t(), and reload_periods().

Generated on Sat Nov 22 04:01:00 2008 for NuFW by  doxygen 1.4.7