From d1934e01655c99a81f13f53759d4526a30eee7f5 Mon Sep 17 00:00:00 2001 From: Pavel Odintsov Date: Sat, 13 Jul 2024 20:04:15 +0300 Subject: [PATCH] Switched to new per protocol total counters --- src/fastnetmon.cpp | 9 ++- src/fastnetmon_logic.cpp | 58 +++-------------- src/fastnetmon_types.hpp | 131 ++++++++++++++++++++++++++++++++++++++- 3 files changed, 145 insertions(+), 53 deletions(-) diff --git a/src/fastnetmon.cpp b/src/fastnetmon.cpp index abe6c40..ad5d68d 100644 --- a/src/fastnetmon.cpp +++ b/src/fastnetmon.cpp @@ -359,8 +359,13 @@ log4cpp::Category& logger = log4cpp::Category::getRoot(); /* Configuration block ends */ -// We count total number of incoming/outgoing/internal and other traffic type packets/bytes +// Total IPv4 + IPv6 traffic +total_speed_counters_t total_counters; + +// Total IPv4 traffic total_speed_counters_t total_counters_ipv4; + +// Total IPv6 traffic total_speed_counters_t total_counters_ipv6; std::string total_unparsed_packets_desc = "Total number of packets we failed to parse"; @@ -396,7 +401,7 @@ std::string clickhouse_metrics_writes_failed_desc = "Total number of failed Clic uint64_t clickhouse_metrics_writes_failed = 0; // Network counters for IPv6 -abstract_subnet_counters_t ipv6_subnet_counters; +abstract_subnet_counters_t ipv6_network_counters; // Host counters for IPv6 abstract_subnet_counters_t ipv6_host_counters; diff --git a/src/fastnetmon_logic.cpp b/src/fastnetmon_logic.cpp index fa2c5b0..85ee007 100644 --- a/src/fastnetmon_logic.cpp +++ b/src/fastnetmon_logic.cpp @@ -96,7 +96,7 @@ extern std::chrono::steady_clock::time_point last_call_of_traffic_recalculation; extern std::string cli_stats_ipv6_file_path; extern unsigned int check_for_availible_for_processing_packets_buckets; extern abstract_subnet_counters_t ipv6_host_counters; -extern abstract_subnet_counters_t ipv6_subnet_counters; +extern abstract_subnet_counters_t ipv6_network_counters; extern bool process_incoming_traffic; extern bool process_outgoing_traffic; extern uint64_t total_unparsed_packets; @@ -113,6 +113,7 @@ extern uint64_t incoming_total_flows_speed; extern uint64_t outgoing_total_flows_speed; extern total_speed_counters_t total_counters_ipv4; extern total_speed_counters_t total_counters_ipv6; +extern total_speed_counters_t total_counters; extern host_group_ban_settings_map_t host_group_ban_settings_map; extern bool exabgp_announce_whole_subnet; extern subnet_to_host_group_map_t subnet_to_host_groups; @@ -1939,7 +1940,7 @@ void recalculate_speed() { }); // Calculate IPv6 per network traffic - ipv6_subnet_counters.recalculate_speed(speed_calc_period, (double)average_calculation_amount, nullptr); + ipv6_network_counters.recalculate_speed(speed_calc_period, (double)average_calculation_amount, nullptr); // Recalculate traffic for hosts ipv6_host_counters.recalculate_speed(speed_calc_period, (double)average_calculation_amount, speed_calculation_callback_local_ipv6); @@ -1956,54 +1957,13 @@ void recalculate_speed() { total_unparsed_packets = 0; // Calculate IPv4 total traffic speed - for (unsigned int index = 0; index < 4; index++) { - total_counters_ipv4.total_speed_counters[index].total.bytes = - uint64_t((double)total_counters_ipv4.total_counters[index].total.bytes / (double)speed_calc_period); - - total_counters_ipv4.total_speed_counters[index].total.packets = - uint64_t((double)total_counters_ipv4.total_counters[index].total.packets / (double)speed_calc_period); - - double exp_power = -speed_calc_period / average_calculation_amount; - double exp_value = exp(exp_power); - - total_counters_ipv4.total_speed_average_counters[index].total.bytes = - uint64_t(total_counters_ipv4.total_speed_counters[index].total.bytes + - exp_value * ((double)total_counters_ipv4.total_speed_average_counters[index].total.bytes - - (double)total_counters_ipv4.total_speed_counters[index].total.bytes)); - - total_counters_ipv4.total_speed_average_counters[index].total.packets = - uint64_t(total_counters_ipv4.total_speed_counters[index].total.packets + - exp_value * ((double)total_counters_ipv4.total_speed_average_counters[index].total.packets - - (double)total_counters_ipv4.total_speed_counters[index].total.packets)); - - // nullify data counters after speed calculation - total_counters_ipv4.total_counters[index].total.bytes = 0; - total_counters_ipv4.total_counters[index].total.packets = 0; - } + total_counters_ipv4.calculate_speed(speed_calc_period, (double)average_calculation_amount); // Do same for IPv6 - for (unsigned int index = 0; index < 4; index++) { - total_counters_ipv6.total_speed_counters[index].total.bytes = - uint64_t((double)total_counters_ipv6.total_counters[index].total.bytes / (double)speed_calc_period); - total_counters_ipv6.total_speed_counters[index].total.packets = - uint64_t((double)total_counters_ipv6.total_counters[index].total.packets / (double)speed_calc_period); + total_counters_ipv6.calculate_speed(speed_calc_period, (double)average_calculation_amount); - double exp_power = -speed_calc_period / average_calculation_amount; - double exp_value = exp(exp_power); - - total_counters_ipv6.total_speed_average_counters[index].total.bytes = - uint64_t(total_counters_ipv6.total_speed_counters[index].total.bytes + - exp_value * ((double)total_counters_ipv6.total_speed_average_counters[index].total.bytes - - (double)total_counters_ipv6.total_speed_counters[index].total.bytes)); - - total_counters_ipv6.total_speed_average_counters[index].total.packets = - uint64_t(total_counters_ipv6.total_speed_counters[index].total.packets + - exp_value * ((double)total_counters_ipv6.total_speed_average_counters[index].total.packets - - (double)total_counters_ipv6.total_speed_counters[index].total.packets)); - - // nullify data counters after speed calculation - total_counters_ipv6.total_counters[index].zeroify(); - } + // Calculate total IPv4 + IPv6 traffic + total_counters.calculate_speed(speed_calc_period, (double)average_calculation_amount); // Set time of previous startup last_call_of_traffic_recalculation = std::chrono::steady_clock::now(); @@ -2335,10 +2295,10 @@ void process_ipv6_packet(simple_packet_t& current_packet) { #endif { - std::lock_guard lock_guard(ipv6_subnet_counters.counter_map_mutex); + std::lock_guard lock_guard(ipv6_network_counters.counter_map_mutex); // We will create keys for new subnet here on demand - subnet_counter_t* counter_ptr = &ipv6_subnet_counters.counter_map[ipv6_cidr_subnet]; + subnet_counter_t* counter_ptr = &ipv6_network_counters.counter_map[ipv6_cidr_subnet]; if (current_packet.packet_direction == OUTGOING) { counter_ptr->total.out_packets += sampled_number_of_packets; diff --git a/src/fastnetmon_types.hpp b/src/fastnetmon_types.hpp index dd5c5db..2ef2174 100644 --- a/src/fastnetmon_types.hpp +++ b/src/fastnetmon_types.hpp @@ -317,21 +317,148 @@ class total_counter_element_t { }; + // Set of structures for calculating total traffic counters class total_speed_counters_t { public: total_counter_element_t total_counters[4]; - total_counter_element_t total_speed_counters[4]; total_counter_element_t total_speed_average_counters[4]; + // Calculates speed + void calculate_speed(double speed_calc_period, double average_calculation_time) { + for (unsigned int index = 0; index < 4; index++) { + total_counter_element_t total_speed_counters; + + // Calculate instant speed + total_speed_counters.total.bytes = uint64_t((double)total_counters[index].total.bytes / (double)speed_calc_period); + + total_speed_counters.total.packets = uint64_t((double)total_counters[index].total.packets / (double)speed_calc_period); + + + // tcp + total_speed_counters.tcp.bytes = uint64_t((double)total_counters[index].tcp.bytes / (double)speed_calc_period); + + total_speed_counters.tcp.packets = uint64_t((double)total_counters[index].tcp.packets / (double)speed_calc_period); + + // udp + + total_speed_counters.udp.bytes = uint64_t((double)total_counters[index].udp.bytes / (double)speed_calc_period); + + total_speed_counters.udp.packets = uint64_t((double)total_counters[index].udp.packets / (double)speed_calc_period); + + // icmp + total_speed_counters.icmp.bytes = uint64_t((double)total_counters[index].icmp.bytes / (double)speed_calc_period); + + total_speed_counters.icmp.packets = uint64_t((double)total_counters[index].icmp.packets / (double)speed_calc_period); + + // fragmented + total_speed_counters.fragmented.bytes = + uint64_t((double)total_counters[index].fragmented.bytes / (double)speed_calc_period); + + total_speed_counters.fragmented.packets = + uint64_t((double)total_counters[index].fragmented.packets / (double)speed_calc_period); + + + // tcp_syn + total_speed_counters.tcp_syn.bytes = uint64_t((double)total_counters[index].tcp_syn.bytes / (double)speed_calc_period); + + total_speed_counters.tcp_syn.packets = + uint64_t((double)total_counters[index].tcp_syn.packets / (double)speed_calc_period); + + // dropped + total_speed_counters.dropped.bytes = uint64_t((double)total_counters[index].dropped.bytes / (double)speed_calc_period); + + total_speed_counters.dropped.packets = + uint64_t((double)total_counters[index].dropped.packets / (double)speed_calc_period); + + // Calculate average speed + double exp_power = -speed_calc_period / average_calculation_time; + double exp_value = exp(exp_power); + + // Total + total_speed_average_counters[index].total.bytes = uint64_t( + total_speed_counters.total.bytes + exp_value * ((double)total_speed_average_counters[index].total.bytes - + (double)total_speed_counters.total.bytes)); + + total_speed_average_counters[index].total.packets = uint64_t( + total_speed_counters.total.packets + exp_value * ((double)total_speed_average_counters[index].total.packets - + (double)total_speed_counters.total.packets)); + + // tcp + total_speed_average_counters[index].tcp.bytes = + uint64_t(total_speed_counters.tcp.bytes + exp_value * ((double)total_speed_average_counters[index].tcp.bytes - + (double)total_speed_counters.tcp.bytes)); + + total_speed_average_counters[index].tcp.packets = + uint64_t(total_speed_counters.tcp.packets + exp_value * ((double)total_speed_average_counters[index].tcp.packets - + (double)total_speed_counters.tcp.packets)); + + + // udp + total_speed_average_counters[index].udp.bytes = + uint64_t(total_speed_counters.udp.bytes + exp_value * ((double)total_speed_average_counters[index].udp.bytes - + (double)total_speed_counters.udp.bytes)); + + total_speed_average_counters[index].udp.packets = + uint64_t(total_speed_counters.udp.packets + exp_value * ((double)total_speed_average_counters[index].udp.packets - + (double)total_speed_counters.udp.packets)); + + + // icmp + total_speed_average_counters[index].icmp.bytes = + uint64_t(total_speed_counters.icmp.bytes + exp_value * ((double)total_speed_average_counters[index].icmp.bytes - + (double)total_speed_counters.icmp.bytes)); + + total_speed_average_counters[index].icmp.packets = uint64_t( + total_speed_counters.icmp.packets + exp_value * ((double)total_speed_average_counters[index].icmp.packets - + (double)total_speed_counters.icmp.packets)); + + + // fragmented + total_speed_average_counters[index].fragmented.bytes = + uint64_t(total_speed_counters.fragmented.bytes + + exp_value * ((double)total_speed_average_counters[index].fragmented.bytes - + (double)total_speed_counters.fragmented.bytes)); + + total_speed_average_counters[index].fragmented.packets = + uint64_t(total_speed_counters.fragmented.packets + + exp_value * ((double)total_speed_average_counters[index].fragmented.packets - + (double)total_speed_counters.fragmented.packets)); + + + // tcp_syn + total_speed_average_counters[index].tcp_syn.bytes = uint64_t( + total_speed_counters.tcp_syn.bytes + exp_value * ((double)total_speed_average_counters[index].tcp_syn.bytes - + (double)total_speed_counters.tcp_syn.bytes)); + + total_speed_average_counters[index].tcp_syn.packets = uint64_t( + total_speed_counters.tcp_syn.packets + exp_value * ((double)total_speed_average_counters[index].tcp_syn.packets - + (double)total_speed_counters.tcp_syn.packets)); + + + // dropped + total_speed_average_counters[index].dropped.bytes = uint64_t( + total_speed_counters.dropped.bytes + exp_value * ((double)total_speed_average_counters[index].dropped.bytes - + (double)total_speed_counters.dropped.bytes)); + + total_speed_average_counters[index].dropped.packets = uint64_t( + total_speed_counters.dropped.packets + exp_value * ((double)total_speed_average_counters[index].dropped.packets - + (double)total_speed_counters.dropped.packets)); + + + // nullify data counters after speed calculation + total_counters[index].zeroify(); + } + } + template void serialize(Archive& ar, [[maybe_unused]] const unsigned int version) { ar& BOOST_SERIALIZATION_NVP(total_counters); - ar& BOOST_SERIALIZATION_NVP(total_speed_counters); ar& BOOST_SERIALIZATION_NVP(total_speed_average_counters); } }; + // struct for save per direction and per protocol details for flow class conntrack_key_struct_t { public: