From patchwork Mon Dec 5 16:41:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kristof Provost X-Patchwork-Id: 2883 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:622a:418d:b0:3a5:7962:c21f with SMTP id cd13csp1957752qtb; Mon, 5 Dec 2022 08:42:02 -0800 (PST) X-Google-Smtp-Source: AA0mqf68mp1veYnJv5qJUEUvGyx80vOajUYyHcSLdpVVqk7Y7ekXZIhxw7X8krOHWJ8fHfmNa/qY X-Received: by 2002:a17:902:bc4a:b0:189:6795:d945 with SMTP id t10-20020a170902bc4a00b001896795d945mr49110301plz.136.1670258522790; Mon, 05 Dec 2022 08:42:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670258522; cv=none; d=google.com; s=arc-20160816; b=PoboxkGcr7vL2Gja62hvFzx3omTU4MR8RJkuzPM1SdZ1dgGikLR3rMpl2eJYloRCEu Bf4JTsunr9wGKMofScd37noVq5T6vWxAPamJETxpPeETL6XK7jrS9zAW//z5lMp4d+S4 j6cZevAUM7F1Y7XxmDf8u9neMzGevHklJN8z9BxdxGtWH1fm4gF4743uzMjrgXPOAyiA hV6QZl0icxnDPzDM/+FWB7Kqe9t1QizqEMLR/YJosN/NynyC+4cGzI1c1pv6qVVbgOyj m55LPZaunJlZTgKjbsBWr5THZgAZqXpV6L5bgsY3NakLHc1gKSG4RxCcMP233ZUHgr6t PZAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:reply-to:from:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:dkim-signature:dkim-signature:dkim-signature; bh=Q/UGLgY6+//DuHNHMDk3yyjaVijEszkgNqSuGuQ6d4I=; b=ryT1CovCWx0Q1wbVAAp/D8HJhlrryyyPU7n7Zy6JPm2qJjZ/EgSaZDhIHs91cT79rR Sxp0Nz3ilHafJBzfmOmidSMCWM9DlatueYqJOmMJW0bMvBf2r40ShMDGChEZ89gRZRxe B7FuQHBWaCJzwslEtQmRC1/wgFYTdpqRs/GWH0mqbWwfnEvMvMtitAKZbG4JCWBmf6T1 iTxHC39wtu2vBGUDCUHTq0PdSEhmjw2fGQBA8I2z10gIkBBDNcDIs/iTub7ta7xLOiL/ fP5uBVR8T6vSQF1IlDDbSEonQ23DaEjJk9SYH/tXldJ8gy5sT11ceOhGytWlGn+ixSgl O2yA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=STWJvzNs; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ug1yonhX; dkim=neutral (body hash did not verify) header.i=@netgate.com header.s=google header.b="i/kA6fao"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id k69-20020a638448000000b004786b7afaabsi13751537pgd.192.2022.12.05.08.42.02 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Dec 2022 08:42:02 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=STWJvzNs; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ug1yonhX; dkim=neutral (body hash did not verify) header.i=@netgate.com header.s=google header.b="i/kA6fao"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1p2EWs-00040J-Fm; Mon, 05 Dec 2022 16:41:18 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1p2EWr-00040D-Mq for openvpn-devel@lists.sourceforge.net; Mon, 05 Dec 2022 16:41:17 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=iueTsI1+wcrTM8asvYM0LafcuRALZ89Y0/C4emrYSkI=; b=STWJvzNsybgkKhlcuige5vdm6H iKld8hxDEi3+LySrcApBfQ6D7nvUkbbIrXncB5xS10j6Q0tgId2irE0j+t6p3vkq4dPG9R+ctUvMs l0hPjSW4lfOTIFfW66IfqIYjs94KXaGNjKgyQccoJG3BBNrJQz+t14JdkbBrf62Troak=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=iueTsI1+wcrTM8asvYM0LafcuRALZ89Y0/C4emrYSkI=; b=Ug1yonhX4xCvEv8oZ4ouZ5OI+G 6VremAKjJXEUuWMCXW2r320j14HfAhSz+t1E3G+kFy3ja0C+zAAo3dcxov6KQ+a8Tmv0NAGoFFYpC RE59OX0zF3k0+XFYcyEohPjEd1+QF3H0H+Rtp2xiZOoIfxqFgUXtaMdOizUbpJ0a91x4=; Received: from mail-ej1-f44.google.com ([209.85.218.44]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1p2EWo-000204-29 for openvpn-devel@lists.sourceforge.net; Mon, 05 Dec 2022 16:41:17 +0000 Received: by mail-ej1-f44.google.com with SMTP id bj12so29179577ejb.13 for ; Mon, 05 Dec 2022 08:41:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netgate.com; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=iueTsI1+wcrTM8asvYM0LafcuRALZ89Y0/C4emrYSkI=; b=i/kA6fao/UyUTaJkEsZur/A8YZ/+Mr2FlLaFWpbw3U/BEcIjuIioM5A3ABlihoJ1Co 4H5j0jAA92VWsG2//773aQVVrKfaoKuZCeXJUXfa3MPivMVtFDHKWrVzY+UIkLUY4Vr7 GVX02mySGqgOwDCzptqdjOzniHN8JdpivjdpQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iueTsI1+wcrTM8asvYM0LafcuRALZ89Y0/C4emrYSkI=; b=HtW7+/QwnWN1K4aI2wIdAoTcDrNjCHcnkryWxgwoFKWQ7Dsa1r2dBc8RcwjURA0Jo6 QcAYr+EI33dMFZSrFqtc242O3MKIDJzKtjiN6TGw0ydWdzrDTmt6NZUnx7Y25WZQta7j IXvbXs3SFwNmvn6kDjWNud+GNEJnyYrJ45hVk0bXUOzlxFZEaBM7tRlQb++cvTwHtWXB TJKb1CCwXTJ5QUGfZ56PJ+qRT7ZIS+YVerFdRxeATYAnND3c4zz9411tD0r/bKN5B9gU f/Buk4PS4Bp0LcRj3Z2ElfsELMgSL9gFsD+u86dm2IlQoAVgFs6jCrlWglXg+HyxhVXd MPWg== X-Gm-Message-State: ANoB5plc7xIgEIRUo6mJVap/5JdVj7ZwU+RA2NWFCh/lsTqgsZ/xSPLh fqX0+JSwfEgJqMTq3qGAkkn1rUUK8Owgg9MW X-Received: by 2002:a17:907:138d:b0:7bc:2ad:fae with SMTP id vs13-20020a170907138d00b007bc02ad0faemr43525011ejb.724.1670258467444; Mon, 05 Dec 2022 08:41:07 -0800 (PST) Received: from nut.jupiter.sigsegv.be (ptr-8rfalzsse26o3oo9imw.18120a2.ip6.access.telenet.be. [2a02:1811:2402:bf00:f602:70ff:feae:6e98]) by smtp.googlemail.com with ESMTPSA id 1-20020a170906310100b0073ae9ba9ba8sm6389266ejx.3.2022.12.05.08.41.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 05 Dec 2022 08:41:06 -0800 (PST) To: openvpn-devel Date: Mon, 5 Dec 2022 17:41:01 +0100 Message-Id: <20221205164103.9190-3-kprovost@netgate.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221205164103.9190-1-kprovost@netgate.com> References: <20221205164103.9190-1-kprovost@netgate.com> MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Kristof Provost When the kernel module (Linux or FreeBSD) notifies us that a peer has disconnected we'd like to get a final count of the in/out bytes for that peer. We can't request that information any more, because [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.218.44 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.218.44 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1p2EWo-000204-29 Subject: [Openvpn-devel] [PATCH 2/4] dco: Update counters when a client disconnects X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Kristof Provost via Openvpn-devel From: Kristof Provost Reply-To: Kristof Provost Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1751393000690460520?= X-GMAIL-MSGID: =?utf-8?q?1751393000690460520?= From: Kristof Provost When the kernel module (Linux or FreeBSD) notifies us that a peer has disconnected we'd like to get a final count of the in/out bytes for that peer. We can't request that information any more, because the kernel has already removed the peer at that point. Have the kernel send that information as part of the "delete peer" notification, and update the counters a final time. This implements the FreeBSD-specific DCO code, but not the Linux-specific code. It will simply add 0 to the count on Linux. Signed-off-by: Kristof Provost Acked-by: Gert Doering --- src/openvpn/dco_freebsd.c | 9 +++++++++ src/openvpn/dco_freebsd.h | 2 ++ src/openvpn/dco_linux.h | 2 ++ src/openvpn/multi.c | 4 ++++ 4 files changed, 17 insertions(+) diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index 5b352859..2ae46589 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -528,6 +528,15 @@ dco_do_read(dco_context_t *dco) else { dco->dco_del_peer_reason = OVPN_DEL_PEER_REASON_EXPIRED; + + if (nvlist_exists_nvlist(nvl, "bytes")) + { + const nvlist_t *bytes = nvlist_get_nvlist(nvl, "bytes"); + + dco->dco_read_bytes = nvlist_get_number(bytes, "in"); + dco->dco_write_bytes = nvlist_get_number(bytes, "out"); + } + dco->dco_message_type = OVPN_CMD_DEL_PEER; } diff --git a/src/openvpn/dco_freebsd.h b/src/openvpn/dco_freebsd.h index 7de11697..0d059dda 100644 --- a/src/openvpn/dco_freebsd.h +++ b/src/openvpn/dco_freebsd.h @@ -55,6 +55,8 @@ typedef struct dco_context { int dco_message_type; int dco_message_peer_id; int dco_del_peer_reason; + uint64_t dco_read_bytes; + uint64_t dco_write_bytes; } dco_context_t; #endif /* defined(ENABLE_DCO) && defined(TARGET_FREEBSD) */ diff --git a/src/openvpn/dco_linux.h b/src/openvpn/dco_linux.h index 416ea30a..7d56308b 100644 --- a/src/openvpn/dco_linux.h +++ b/src/openvpn/dco_linux.h @@ -53,6 +53,8 @@ typedef struct int dco_message_type; int dco_message_peer_id; int dco_del_peer_reason; + uint64_t dco_read_bytes; + uint64_t dco_write_bytes; } dco_context_t; #endif /* defined(ENABLE_DCO) && defined(TARGET_LINUX) */ diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 38da87b8..74671303 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3245,6 +3245,8 @@ process_incoming_del_peer(struct multi_context *m, struct multi_instance *mi, * installed, and we do not need to clean up the state in the kernel */ mi->context.c2.tls_multi->dco_peer_id = -1; mi->context.sig->signal_text = reason; + mi->context.c2.dco_read_bytes = dco->dco_read_bytes; + mi->context.c2.dco_write_bytes = dco->dco_write_bytes; multi_signal_instance(m, mi, SIGTERM); } @@ -3278,6 +3280,8 @@ multi_process_incoming_dco(struct multi_context *m) dco->dco_message_type = 0; dco->dco_message_peer_id = -1; + dco->dco_read_bytes = 0; + dco->dco_write_bytes = 0; return ret > 0; } #endif /* if defined(ENABLE_DCO) && defined(TARGET_LINUX) */