From patchwork Wed Dec 14 22:42:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 2913 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:622a:418d:b0:3a5:7962:c21f with SMTP id cd13csp571706qtb; Wed, 14 Dec 2022 14:43:03 -0800 (PST) X-Google-Smtp-Source: AA0mqf7eZBoXjjku0sXMTgIAzBiKvIRMOcIDog6k1EW2oNVnP14qFS3qQ5h63jpB2JkNgoqYjVg8 X-Received: by 2002:a05:6a20:bb24:b0:af:7989:2579 with SMTP id fc36-20020a056a20bb2400b000af79892579mr3025981pzb.32.1671057783425; Wed, 14 Dec 2022 14:43:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671057783; cv=none; d=google.com; s=arc-20160816; b=aV7beVU329CxYwTbPlQ1fTGk13AYqPPz0Eeh0md4ln/AtRbQNFRDI4RixMbqSWAnDi qQdOAxsIPMtUj2F+ONfAuuGx4ouGAl8bxeoPTrpyHVqp8lIiChfm7I55HOgmuVVCagzy Son2pIicLBvmKIYyDXYxHd8YT0kOkiJ77rhB+hwHQEkligSoCGBilngkXL0HnQBNB7ZB Pko/Lyb7s8SL9VYgMYz2ijQfzOivRkNnBXZpU/1pKMcGdWTCSlW6Y3a8U9M3W46jFb29 0orOwgmz20mgxhuUWhJjUChgAXG94t9oW9raL9UZruqBijdEe6TKjeO6mKXLzW5gHETO Zokw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=KRIKhucBhJQ5MdCr9Oir6G/bbZtPcK4QsmhOIAO+Ufk=; b=HVrq6d+z0F5kHWHeNsHj/jB1ikq/Jkga8r+3N3n08Od4dMax0N+bhCXSAgxOIZR9is klp62aV5lhxQ8X/5gGEhmkJgJ4zqWUx3ro/rfdGEbPsk52xAXMDiajovYnySbEs7Kg+F QHFX4c0YeW0IdD9OapC3eFhtAf6QoJ3RqoK26tcWfntt9oVidpLTQJxDT0o4CeTWZxP5 eFwHpMTo/5fE8tjtfUWg2eAGqznjMip6fSpuVSSN/kPVWqDajKoEdh6eLF+cSDylg4DB Qc3A2h2xLMa9DqwL2DadHDPfou+02OstMglSM2CJCt6q+cxlrXAHPwVHqQNONSZByJq5 tvlQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=XSoO0NGR; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=O+pFEkmB; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=dPwXXhHd; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id r17-20020a63a551000000b00476cb3a08fcsi990417pgu.338.2022.12.14.14.43.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Dec 2022 14:43:03 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=XSoO0NGR; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=O+pFEkmB; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=dPwXXhHd; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1p5aSZ-0007y4-74; Wed, 14 Dec 2022 22:42:43 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1p5aSY-0007xy-Fa for openvpn-devel@lists.sourceforge.net; Wed, 14 Dec 2022 22:42:42 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Y0xEWqQxjkG6WuWS1y/MySQnjdlkp6qLJ/TFcJhaOYU=; b=XSoO0NGRY++L5ZsjLjGWkb4URT PSftcEu1xsZ/uPNz4fsz3ctI11+Qw6jGm/e9dDqCALnISE98408pVpr0PRrT/adoXYBhgZSBijiV4 t+NZjUcKDAbZvqxCDeS2G14J3S/qjzEu1BOAbUdw1aIYx0BHMkUY7PWvfibAQ2F0JBAM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Y0xEWqQxjkG6WuWS1y/MySQnjdlkp6qLJ/TFcJhaOYU=; b=O+pFEkmBptZc3WtTFnsk/zBRvi 2dS0xCxqlDEga9S8pdmMwjUgstzJrBINBRVAlJ4/BNyrvUYiECImfREQpLioO85QToYPgmpKHi1NQ UX2YxftezMaLMFBnitVUXJFEMpMPZNnwbsfHb8liJLDt5WDnlO6NKn639ic2gAFIbUW4=; Received: from mail-lf1-f48.google.com ([209.85.167.48]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1p5aSV-00HGc0-1L for openvpn-devel@lists.sourceforge.net; Wed, 14 Dec 2022 22:42:42 +0000 Received: by mail-lf1-f48.google.com with SMTP id y25so12857060lfa.9 for ; Wed, 14 Dec 2022 14:42:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Y0xEWqQxjkG6WuWS1y/MySQnjdlkp6qLJ/TFcJhaOYU=; b=dPwXXhHdzUVfcbBlpbnKJqx/44SIbV7OsGFjacbjzRk2u3XY+57SkOepAyW1EHXtM9 q4tYOaOGrrjLvt9gihfVGO11GIST1n0xe85XetAs5ffN/NMQvfCxkWrGhb0SXdigpy13 GvaikVdCYXecjZGfsd+sP0B+O8NPaCBw5rrX/+leVMlpDV+zBeoxQ6OQexoKtVaozW0i PrsMKq/Gfv8zaKvnjdI+qZ7A3423vXd8nJ0VGdxh6Qb2Atoj4EpygEgwg9eXWcPhxedc 6zy97wq7cGG1BhTlYK1vKPkMsmIdMK3RFRTx1uxy02/2lBge49FgafS9mFTsjvzDncHw Fg6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Y0xEWqQxjkG6WuWS1y/MySQnjdlkp6qLJ/TFcJhaOYU=; b=hNgGeRYN6PZ0iwFj3v5KphBUHFd2DYEQXeO9AQ4Q9MVK48SUYs0J03GAlg3kU2EQd1 jzDakUAJ2pEHTjH2DkG+fcE+fByPIj7hnRxeLT94HwG77sTQ9QLUFi9tRykbjZvtP5BV oiyXJCNNtM5Fbx55Hs0sT0orj+pUHS0RwbqbWBjVVwRTbLlcPpvA73LjKseVeYtqcVA4 KyrJeIpCP2co0yY0HEoHBgKOEhMIjZIAgJukGI6cBrCBGLok5y4NOCqqWKIejXFjMnka M+bJxGyQBT6cw40j5/W93GocWkGR/CY8Iw5/8Etx82aDem9L9vujlyVlV3OjD9nlSb9Q 0YlQ== X-Gm-Message-State: ANoB5pmAz/qw2LVdtTjnqRJ6guuNXqrb0uSnPtN2HpvRL1Jz2cR+2NIA UVZAq3L4Kvg1kZUqCqj1Bdt4YGzwCXI= X-Received: by 2002:ac2:4151:0:b0:4b6:f4bb:e53f with SMTP id c17-20020ac24151000000b004b6f4bbe53fmr2694079lfi.60.1671057751834; Wed, 14 Dec 2022 14:42:31 -0800 (PST) Received: from LAPTOP-4L3N7KFS.localdomain (81-175-157-115.bb.dnainternet.fi. [81.175.157.115]) by smtp.gmail.com with ESMTPSA id m1-20020ac24ac1000000b00498f23c249dsm956012lfp.74.2022.12.14.14.42.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Dec 2022 14:42:31 -0800 (PST) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Thu, 15 Dec 2022 00:42:20 +0200 Message-Id: <20221214224220.307-1-lstipakov@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221213103142.1960-1-lstipakov@gmail.com> References: <20221213103142.1960-1-lstipakov@gmail.com> MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Lev Stipakov BYTECOUNT on management interface is used to display client stats, for example by openvpn-gui. At the moment BYTECOUNT is sent if there is a traffic. With DCO, userspace process doesn't see data chann [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.167.48 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [lstipakov[at]gmail.com] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.167.48 listed in wl.mailspike.net] -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-Headers-End: 1p5aSV-00HGc0-1L Subject: [Openvpn-devel] [PATCH v2] management: add timer to output BYTECOUNT X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1752094541896189428?= X-GMAIL-MSGID: =?utf-8?q?1752231086351542624?= From: Lev Stipakov BYTECOUNT on management interface is used to display client stats, for example by openvpn-gui. At the moment BYTECOUNT is sent if there is a traffic. With DCO, userspace process doesn't see data channel traffic, BYTECOUNT is not sent and therefore stats are not updated. Fix displaying DCO client stats by adding a timer, which is triggerd every n seconds, where n is set by existing management command bytecount . Output stats, taking into account stats from DCO, when timer is triggered. While on it, simplify bytecount routines call chains - inlining functions which are used only once. DCO stats fetching is not yet implemented. Stats for the server mode (BYTECOUNT_CLI) are unaffected by this change - to output those in timer callback we would need to enumerate all peers, and I am not sure we want to output stats for all peers every seconds. Signed-off-by: Lev Stipakov Acked-By: Arne Schwabe --- v2: handle "bytecount 0" case and disable timer src/openvpn/forward.c | 11 ++++++-- src/openvpn/manage.c | 42 ++++++++++++++++++++++++------ src/openvpn/manage.h | 60 ++++++++++++------------------------------- 3 files changed, 59 insertions(+), 54 deletions(-) diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index 8c1e49a3..7924fd5c 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -771,6 +771,13 @@ process_coarse_timers(struct context *c) /* Should we ping the remote? */ check_ping_send(c); + +#ifdef ENABLE_MANAGEMENT + if (management) + { + management_check_bytecount(c, management, &c->c2.timeval); + } +#endif /* ENABLE_MANAGEMENT */ } static void @@ -953,7 +960,7 @@ process_incoming_link_part1(struct context *c, struct link_socket_info *lsi, boo #ifdef ENABLE_MANAGEMENT if (management) { - management_bytes_in(management, c->c2.buf.len); + management_bytes_client(management, c->c2.buf.len, 0); management_bytes_server(management, &c->c2.link_read_bytes, &c->c2.link_write_bytes, &c->c2.mda_context); } #endif @@ -1793,7 +1800,7 @@ process_outgoing_link(struct context *c) #ifdef ENABLE_MANAGEMENT if (management) { - management_bytes_out(management, size); + management_bytes_client(management, 0, size); management_bytes_server(management, &c->c2.link_read_bytes, &c->c2.link_write_bytes, &c->c2.mda_context); } #endif diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index 5b288eab..c2c5da56 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -42,6 +42,7 @@ #include "ssl.h" #include "common.h" #include "manage.h" +#include "openvpn.h" #include "memdbg.h" @@ -460,32 +461,37 @@ man_status(struct management *man, const int version, struct status_output *so) static void man_bytecount(struct management *man, const int update_seconds) { - if (update_seconds >= 0) + if (update_seconds > 0) { man->connection.bytecount_update_seconds = update_seconds; + event_timeout_init(&man->connection.bytecount_update_interval, + man->connection.bytecount_update_seconds, + now); } else { man->connection.bytecount_update_seconds = 0; + event_timeout_clear(&man->connection.bytecount_update_interval); } msg(M_CLIENT, "SUCCESS: bytecount interval changed"); } -void -man_bytecount_output_client(struct management *man) +static void +man_bytecount_output_client(struct management *man, + counter_type dco_read_bytes, + counter_type dco_write_bytes) { char in[32]; char out[32]; + /* do in a roundabout way to work around possible mingw or mingw-glibc bug */ - openvpn_snprintf(in, sizeof(in), counter_format, man->persist.bytes_in); - openvpn_snprintf(out, sizeof(out), counter_format, man->persist.bytes_out); + openvpn_snprintf(in, sizeof(in), counter_format, man->persist.bytes_in + dco_read_bytes); + openvpn_snprintf(out, sizeof(out), counter_format, man->persist.bytes_out + dco_write_bytes); msg(M_CLIENT, ">BYTECOUNT:%s,%s", in, out); - man->connection.bytecount_last_update = now; } void -man_bytecount_output_server(struct management *man, - const counter_type *bytes_in_total, +man_bytecount_output_server(const counter_type *bytes_in_total, const counter_type *bytes_out_total, struct man_def_auth_context *mdac) { @@ -2542,6 +2548,8 @@ man_connection_close(struct management *man) command_line_free(mc->in); buffer_list_free(mc->out); + event_timeout_clear(&mc->bytecount_update_interval); + in_extra_reset(&man->connection, IER_RESET); buffer_list_free(mc->ext_key_input); man_connection_clear(mc); @@ -4037,6 +4045,24 @@ management_sleep(const int n) } } +void +management_check_bytecount(struct context *c, struct management *man, struct timeval *timeval) +{ + if (event_timeout_trigger(&man->connection.bytecount_update_interval, + timeval, ETT_DEFAULT)) + { + /* TODO: get stats from DCO */ + + counter_type dco_read_bytes = 0; + counter_type dco_write_bytes = 0; + + if (!(man->persist.callback.flags & MCF_SERVER)) + { + man_bytecount_output_client(man, dco_read_bytes, dco_write_bytes); + } + } +} + #else /* ifdef ENABLE_MANAGEMENT */ void diff --git a/src/openvpn/manage.h b/src/openvpn/manage.h index f46274e6..700b15cf 100644 --- a/src/openvpn/manage.h +++ b/src/openvpn/manage.h @@ -295,7 +295,7 @@ struct man_connection { bool log_realtime; bool echo_realtime; int bytecount_update_seconds; - time_t bytecount_last_update; + struct event_timeout bytecount_update_interval; const char *up_query_type; int up_query_mode; @@ -512,55 +512,27 @@ void management_auth_token(struct management *man, const char *token); * These functions drive the bytecount in/out counters. */ -void man_bytecount_output_client(struct management *man); - -static inline void -man_bytecount_possible_output_client(struct management *man) -{ - if (man->connection.bytecount_update_seconds > 0 - && now >= man->connection.bytecount_last_update - + man->connection.bytecount_update_seconds) - { - man_bytecount_output_client(man); - } -} - -static inline void -management_bytes_out_client(struct management *man, const int size) -{ - man->persist.bytes_out += size; - man_bytecount_possible_output_client(man); -} - -static inline void -management_bytes_in_client(struct management *man, const int size) -{ - man->persist.bytes_in += size; - man_bytecount_possible_output_client(man); -} - -static inline void -management_bytes_out(struct management *man, const int size) -{ - if (!(man->persist.callback.flags & MCF_SERVER)) - { - management_bytes_out_client(man, size); - } -} +void +management_check_bytecount(struct context *c, + struct management *man, + struct timeval *timeval); static inline void -management_bytes_in(struct management *man, const int size) +management_bytes_client(struct management *man, + const int size_in, + const int size_out) { if (!(man->persist.callback.flags & MCF_SERVER)) { - management_bytes_in_client(man, size); + man->persist.bytes_in += size_in; + man->persist.bytes_out += size_out; } } -void man_bytecount_output_server(struct management *man, - const counter_type *bytes_in_total, - const counter_type *bytes_out_total, - struct man_def_auth_context *mdac); +void +man_bytecount_output_server(const counter_type *bytes_in_total, + const counter_type *bytes_out_total, + struct man_def_auth_context *mdac); static inline void management_bytes_server(struct management *man, @@ -570,9 +542,9 @@ management_bytes_server(struct management *man, { if (man->connection.bytecount_update_seconds > 0 && now >= mdac->bytecount_last_update + man->connection.bytecount_update_seconds - && (mdac->flags & (DAF_CONNECTION_ESTABLISHED|DAF_CONNECTION_CLOSED)) == DAF_CONNECTION_ESTABLISHED) + && (mdac->flags & (DAF_CONNECTION_ESTABLISHED | DAF_CONNECTION_CLOSED)) == DAF_CONNECTION_ESTABLISHED) { - man_bytecount_output_server(man, bytes_in_total, bytes_out_total, mdac); + man_bytecount_output_server(bytes_in_total, bytes_out_total, mdac); } }