be50722b69
specified for montioring
eg allows ipv4 and ipv6 forwarded traffic to be monitored from
both main network and dmz in single graph
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved
Signed-off-by: Simon Day <email@simonday.info>
70 lines
2.6 KiB
Diff
70 lines
2.6 KiB
Diff
--- a/acct.c
|
|
+++ b/acct.c
|
|
@@ -37,8 +37,9 @@
|
|
|
|
uint64_t acct_total_packets = 0, acct_total_bytes = 0;
|
|
|
|
+#define LOCAL_NET_MAX 10
|
|
static int using_localnet4 = 0, using_localnet6 = 0;
|
|
-static struct addr localnet4, localmask4, localnet6, localmask6;
|
|
+static struct addr localnet4[LOCAL_NET_MAX], localmask4[LOCAL_NET_MAX], localnet6[LOCAL_NET_MAX], localmask6[LOCAL_NET_MAX];
|
|
|
|
/* Parse the net/mask specification into two IPs or die trying. */
|
|
void
|
|
@@ -120,13 +121,19 @@ acct_init_localnet(const char *spec)
|
|
/* Register the correct netmask and calculate the correct net. */
|
|
addr_mask(&localnet, &localmask);
|
|
if (localnet.family == IPv6) {
|
|
- using_localnet6 = 1;
|
|
- localnet6 = localnet;
|
|
- localmask6 = localmask;
|
|
+ if(using_localnet6 >= LOCAL_NET_MAX){
|
|
+ errx(1, "Exceeded maximum IPv6 local networks");
|
|
+ }
|
|
+ localnet6[using_localnet6] = localnet;
|
|
+ localmask6[using_localnet6] = localmask;
|
|
+ using_localnet6++;
|
|
} else {
|
|
- using_localnet4 = 1;
|
|
- localnet4 = localnet;
|
|
- localmask4 = localmask;
|
|
+ if(using_localnet4 >= LOCAL_NET_MAX){
|
|
+ errx(1, "Exceeded maximum IPv4 local networks");
|
|
+ }
|
|
+ localnet4[using_localnet4] = localnet;
|
|
+ localmask4[using_localnet4] = localmask;
|
|
+ using_localnet4++;
|
|
}
|
|
|
|
verbosef("local network address: %s", addr_to_str(&localnet));
|
|
@@ -138,11 +145,15 @@ static int addr_is_local(const struct addr * const a,
|
|
if (is_localip(a, local_ips))
|
|
return 1;
|
|
if (a->family == IPv4 && using_localnet4) {
|
|
- if (addr_inside(a, &localnet4, &localmask4))
|
|
- return 1;
|
|
+ for (int i=0; i < using_localnet4; i++){
|
|
+ if (addr_inside(a, &localnet4[i], &localmask4[i]))
|
|
+ return 1;
|
|
+ }
|
|
} else if (a->family == IPv6 && using_localnet6) {
|
|
- if (addr_inside(a, &localnet6, &localmask6))
|
|
- return 1;
|
|
+ for (int i=0; i < using_localnet6; i++){
|
|
+ if (addr_inside(a, &localnet6[i], &localmask6[i]))
|
|
+ return 1;
|
|
+ }
|
|
}
|
|
return 0;
|
|
}
|
|
--- a/darkstat.c
|
|
+++ b/darkstat.c
|
|
@@ -193,7 +193,7 @@ static struct cmdline_arg cmdline_args[] = {
|
|
{"-r", "capfile", cb_capfile, 0},
|
|
{"-p", "port", cb_port, 0},
|
|
{"-b", "bindaddr", cb_bindaddr, -1},
|
|
- {"-l", "network/netmask", cb_local, 0},
|
|
+ {"-l", "network/netmask", cb_local, -1},
|
|
{"--base", "path", cb_base, 0},
|
|
{"--local-only", NULL, cb_local_only, 0},
|
|
{"--snaplen", "bytes", cb_snaplen, 0},
|