wanderer/fastnetmon-rewritten
1
0
Fork 0
mirror of https://github.com/pavel-odintsov/fastnetmon synced 2024-11-23 05:02:10 +01:00
Code Issues Releases Activity

Switched to new per protocol total counters

Browse Source
This commit is contained in:
Pavel Odintsov 2024-07-13 20:04:15 +03:00
parent c90dda2536
commit d1934e0165
3 changed files with 145 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/fastnetmon.cpp
View File

@ -359,8 +359,13 @@ log4cpp::Category& logger = log4cpp::Category::getRoot();
/* Configuration block ends */ /* Configuration block ends */
// We count total number of incoming/outgoing/internal and other traffic type packets/bytes // Total IPv4 + IPv6 traffic
total_speed_counters_t total_counters;
// Total IPv4 traffic
total_speed_counters_t total_counters_ipv4; total_speed_counters_t total_counters_ipv4;
// Total IPv6 traffic
total_speed_counters_t total_counters_ipv6; total_speed_counters_t total_counters_ipv6;
std::string total_unparsed_packets_desc = "Total number of packets we failed to parse"; std::string total_unparsed_packets_desc = "Total number of packets we failed to parse";
@ -396,7 +401,7 @@ std::string clickhouse_metrics_writes_failed_desc = "Total number of failed Clic
uint64_t clickhouse_metrics_writes_failed = 0; uint64_t clickhouse_metrics_writes_failed = 0;
// Network counters for IPv6 // Network counters for IPv6
abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_subnet_counters; abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_network_counters;
// Host counters for IPv6 // Host counters for IPv6
abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_host_counters; abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_host_counters;

58
src/fastnetmon_logic.cpp
View File

@ -96,7 +96,7 @@ extern std::chrono::steady_clock::time_point last_call_of_traffic_recalculation;
extern std::string cli_stats_ipv6_file_path; extern std::string cli_stats_ipv6_file_path;
extern unsigned int check_for_availible_for_processing_packets_buckets; extern unsigned int check_for_availible_for_processing_packets_buckets;
extern abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_host_counters; extern abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_host_counters;
extern abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_subnet_counters; extern abstract_subnet_counters_t<subnet_ipv6_cidr_mask_t, subnet_counter_t> ipv6_network_counters;
extern bool process_incoming_traffic; extern bool process_incoming_traffic;
extern bool process_outgoing_traffic; extern bool process_outgoing_traffic;
extern uint64_t total_unparsed_packets; extern uint64_t total_unparsed_packets;
@ -113,6 +113,7 @@ extern uint64_t incoming_total_flows_speed;
extern uint64_t outgoing_total_flows_speed; extern uint64_t outgoing_total_flows_speed;
extern total_speed_counters_t total_counters_ipv4; extern total_speed_counters_t total_counters_ipv4;
extern total_speed_counters_t total_counters_ipv6; extern total_speed_counters_t total_counters_ipv6;
extern total_speed_counters_t total_counters;
extern host_group_ban_settings_map_t host_group_ban_settings_map; extern host_group_ban_settings_map_t host_group_ban_settings_map;
extern bool exabgp_announce_whole_subnet; extern bool exabgp_announce_whole_subnet;
extern subnet_to_host_group_map_t subnet_to_host_groups; extern subnet_to_host_group_map_t subnet_to_host_groups;
@ -1939,7 +1940,7 @@ void recalculate_speed() {
}); });
// Calculate IPv6 per network traffic // Calculate IPv6 per network traffic
ipv6_subnet_counters.recalculate_speed(speed_calc_period, (double)average_calculation_amount, nullptr); ipv6_network_counters.recalculate_speed(speed_calc_period, (double)average_calculation_amount, nullptr);
// Recalculate traffic for hosts // Recalculate traffic for hosts
ipv6_host_counters.recalculate_speed(speed_calc_period, (double)average_calculation_amount, speed_calculation_callback_local_ipv6); ipv6_host_counters.recalculate_speed(speed_calc_period, (double)average_calculation_amount, speed_calculation_callback_local_ipv6);
@ -1956,54 +1957,13 @@ void recalculate_speed() {
total_unparsed_packets = 0; total_unparsed_packets = 0;
// Calculate IPv4 total traffic speed // Calculate IPv4 total traffic speed
for (unsigned int index = 0; index < 4; index++) { total_counters_ipv4.calculate_speed(speed_calc_period, (double)average_calculation_amount);
total_counters_ipv4.total_speed_counters[index].total.bytes =
uint64_t((double)total_counters_ipv4.total_counters[index].total.bytes / (double)speed_calc_period);
total_counters_ipv4.total_speed_counters[index].total.packets =
uint64_t((double)total_counters_ipv4.total_counters[index].total.packets / (double)speed_calc_period);
double exp_power = -speed_calc_period / average_calculation_amount;
double exp_value = exp(exp_power);
total_counters_ipv4.total_speed_average_counters[index].total.bytes =
uint64_t(total_counters_ipv4.total_speed_counters[index].total.bytes +
exp_value * ((double)total_counters_ipv4.total_speed_average_counters[index].total.bytes -
(double)total_counters_ipv4.total_speed_counters[index].total.bytes));
total_counters_ipv4.total_speed_average_counters[index].total.packets =
uint64_t(total_counters_ipv4.total_speed_counters[index].total.packets +
exp_value * ((double)total_counters_ipv4.total_speed_average_counters[index].total.packets -
(double)total_counters_ipv4.total_speed_counters[index].total.packets));
// nullify data counters after speed calculation
total_counters_ipv4.total_counters[index].total.bytes = 0;
total_counters_ipv4.total_counters[index].total.packets = 0;
}
// Do same for IPv6 // Do same for IPv6
for (unsigned int index = 0; index < 4; index++) { total_counters_ipv6.calculate_speed(speed_calc_period, (double)average_calculation_amount);
total_counters_ipv6.total_speed_counters[index].total.bytes =
uint64_t((double)total_counters_ipv6.total_counters[index].total.bytes / (double)speed_calc_period);
total_counters_ipv6.total_speed_counters[index].total.packets =
uint64_t((double)total_counters_ipv6.total_counters[index].total.packets / (double)speed_calc_period);
double exp_power = -speed_calc_period / average_calculation_amount; // Calculate total IPv4 + IPv6 traffic
double exp_value = exp(exp_power); total_counters.calculate_speed(speed_calc_period, (double)average_calculation_amount);
total_counters_ipv6.total_speed_average_counters[index].total.bytes =
uint64_t(total_counters_ipv6.total_speed_counters[index].total.bytes +
exp_value * ((double)total_counters_ipv6.total_speed_average_counters[index].total.bytes -
(double)total_counters_ipv6.total_speed_counters[index].total.bytes));
total_counters_ipv6.total_speed_average_counters[index].total.packets =
uint64_t(total_counters_ipv6.total_speed_counters[index].total.packets +
exp_value * ((double)total_counters_ipv6.total_speed_average_counters[index].total.packets -
(double)total_counters_ipv6.total_speed_counters[index].total.packets));
// nullify data counters after speed calculation
total_counters_ipv6.total_counters[index].zeroify();
}
// Set time of previous startup // Set time of previous startup
last_call_of_traffic_recalculation = std::chrono::steady_clock::now(); last_call_of_traffic_recalculation = std::chrono::steady_clock::now();
@ -2335,10 +2295,10 @@ void process_ipv6_packet(simple_packet_t& current_packet) {
#endif #endif
{ {
std::lock_guard<std::mutex> lock_guard(ipv6_subnet_counters.counter_map_mutex); std::lock_guard<std::mutex> lock_guard(ipv6_network_counters.counter_map_mutex);
// We will create keys for new subnet here on demand // We will create keys for new subnet here on demand
subnet_counter_t* counter_ptr = &ipv6_subnet_counters.counter_map[ipv6_cidr_subnet]; subnet_counter_t* counter_ptr = &ipv6_network_counters.counter_map[ipv6_cidr_subnet];
if (current_packet.packet_direction == OUTGOING) { if (current_packet.packet_direction == OUTGOING) {
counter_ptr->total.out_packets += sampled_number_of_packets; counter_ptr->total.out_packets += sampled_number_of_packets;

131
src/fastnetmon_types.hpp
View File

@ -317,21 +317,148 @@ class total_counter_element_t {
}; };
// Set of structures for calculating total traffic counters // Set of structures for calculating total traffic counters
class total_speed_counters_t { class total_speed_counters_t {
public: public:
total_counter_element_t total_counters[4]; total_counter_element_t total_counters[4];
total_counter_element_t total_speed_counters[4];
total_counter_element_t total_speed_average_counters[4]; total_counter_element_t total_speed_average_counters[4];
// Calculates speed
void calculate_speed(double speed_calc_period, double average_calculation_time) {
for (unsigned int index = 0; index < 4; index++) {
total_counter_element_t total_speed_counters;
// Calculate instant speed
total_speed_counters.total.bytes = uint64_t((double)total_counters[index].total.bytes / (double)speed_calc_period);
total_speed_counters.total.packets = uint64_t((double)total_counters[index].total.packets / (double)speed_calc_period);
// tcp
total_speed_counters.tcp.bytes = uint64_t((double)total_counters[index].tcp.bytes / (double)speed_calc_period);
total_speed_counters.tcp.packets = uint64_t((double)total_counters[index].tcp.packets / (double)speed_calc_period);
// udp
total_speed_counters.udp.bytes = uint64_t((double)total_counters[index].udp.bytes / (double)speed_calc_period);
total_speed_counters.udp.packets = uint64_t((double)total_counters[index].udp.packets / (double)speed_calc_period);
// icmp
total_speed_counters.icmp.bytes = uint64_t((double)total_counters[index].icmp.bytes / (double)speed_calc_period);
total_speed_counters.icmp.packets = uint64_t((double)total_counters[index].icmp.packets / (double)speed_calc_period);
// fragmented
total_speed_counters.fragmented.bytes =
uint64_t((double)total_counters[index].fragmented.bytes / (double)speed_calc_period);
total_speed_counters.fragmented.packets =
uint64_t((double)total_counters[index].fragmented.packets / (double)speed_calc_period);
// tcp_syn
total_speed_counters.tcp_syn.bytes = uint64_t((double)total_counters[index].tcp_syn.bytes / (double)speed_calc_period);
total_speed_counters.tcp_syn.packets =
uint64_t((double)total_counters[index].tcp_syn.packets / (double)speed_calc_period);
// dropped
total_speed_counters.dropped.bytes = uint64_t((double)total_counters[index].dropped.bytes / (double)speed_calc_period);
total_speed_counters.dropped.packets =
uint64_t((double)total_counters[index].dropped.packets / (double)speed_calc_period);
// Calculate average speed
double exp_power = -speed_calc_period / average_calculation_time;
double exp_value = exp(exp_power);
// Total
total_speed_average_counters[index].total.bytes = uint64_t(
total_speed_counters.total.bytes + exp_value * ((double)total_speed_average_counters[index].total.bytes -
(double)total_speed_counters.total.bytes));
total_speed_average_counters[index].total.packets = uint64_t(
total_speed_counters.total.packets + exp_value * ((double)total_speed_average_counters[index].total.packets -
(double)total_speed_counters.total.packets));
// tcp
total_speed_average_counters[index].tcp.bytes =
uint64_t(total_speed_counters.tcp.bytes + exp_value * ((double)total_speed_average_counters[index].tcp.bytes -
(double)total_speed_counters.tcp.bytes));
total_speed_average_counters[index].tcp.packets =
uint64_t(total_speed_counters.tcp.packets + exp_value * ((double)total_speed_average_counters[index].tcp.packets -
(double)total_speed_counters.tcp.packets));
// udp
total_speed_average_counters[index].udp.bytes =
uint64_t(total_speed_counters.udp.bytes + exp_value * ((double)total_speed_average_counters[index].udp.bytes -
(double)total_speed_counters.udp.bytes));
total_speed_average_counters[index].udp.packets =
uint64_t(total_speed_counters.udp.packets + exp_value * ((double)total_speed_average_counters[index].udp.packets -
(double)total_speed_counters.udp.packets));
// icmp
total_speed_average_counters[index].icmp.bytes =
uint64_t(total_speed_counters.icmp.bytes + exp_value * ((double)total_speed_average_counters[index].icmp.bytes -
(double)total_speed_counters.icmp.bytes));
total_speed_average_counters[index].icmp.packets = uint64_t(
total_speed_counters.icmp.packets + exp_value * ((double)total_speed_average_counters[index].icmp.packets -
(double)total_speed_counters.icmp.packets));
// fragmented
total_speed_average_counters[index].fragmented.bytes =
uint64_t(total_speed_counters.fragmented.bytes +
exp_value * ((double)total_speed_average_counters[index].fragmented.bytes -
(double)total_speed_counters.fragmented.bytes));
total_speed_average_counters[index].fragmented.packets =
uint64_t(total_speed_counters.fragmented.packets +
exp_value * ((double)total_speed_average_counters[index].fragmented.packets -
(double)total_speed_counters.fragmented.packets));
// tcp_syn
total_speed_average_counters[index].tcp_syn.bytes = uint64_t(
total_speed_counters.tcp_syn.bytes + exp_value * ((double)total_speed_average_counters[index].tcp_syn.bytes -
(double)total_speed_counters.tcp_syn.bytes));
total_speed_average_counters[index].tcp_syn.packets = uint64_t(
total_speed_counters.tcp_syn.packets + exp_value * ((double)total_speed_average_counters[index].tcp_syn.packets -
(double)total_speed_counters.tcp_syn.packets));
// dropped
total_speed_average_counters[index].dropped.bytes = uint64_t(
total_speed_counters.dropped.bytes + exp_value * ((double)total_speed_average_counters[index].dropped.bytes -
(double)total_speed_counters.dropped.bytes));
total_speed_average_counters[index].dropped.packets = uint64_t(
total_speed_counters.dropped.packets + exp_value * ((double)total_speed_average_counters[index].dropped.packets -
(double)total_speed_counters.dropped.packets));
// nullify data counters after speed calculation
total_counters[index].zeroify();
}
}
template <class Archive> void serialize(Archive& ar, [[maybe_unused]] const unsigned int version) { template <class Archive> void serialize(Archive& ar, [[maybe_unused]] const unsigned int version) {
ar& BOOST_SERIALIZATION_NVP(total_counters); ar& BOOST_SERIALIZATION_NVP(total_counters);
ar& BOOST_SERIALIZATION_NVP(total_speed_counters);
ar& BOOST_SERIALIZATION_NVP(total_speed_average_counters); ar& BOOST_SERIALIZATION_NVP(total_speed_average_counters);
} }
}; };
// struct for save per direction and per protocol details for flow // struct for save per direction and per protocol details for flow
class conntrack_key_struct_t { class conntrack_key_struct_t {
public: public: