3 * Copyright (C) 2006 Florian octo Forster
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 * Florian octo Forster <octo at verplant.org>
26 #include "configfile.h"
27 #include "utils_debug.h"
34 # include <sys/poll.h>
37 #define MODULE_NAME "dns"
40 # define NAMED_HAVE_CONFIG 1
42 # define NAMED_HAVE_CONFIG 0
45 #if HAVE_LIBPCAP && HAVE_PTHREAD_H
46 # include "utils_dns.h"
47 # define NAMED_HAVE_READ 1
49 # define NAMED_HAVE_READ 0
56 struct counter_list_s *next;
58 typedef struct counter_list_s counter_list_t;
60 static char *traffic_file = "dns/dns_traffic.rrd";
61 static char *qtype_file = "dns/qtype-%s.rrd";
62 static char *opcode_file = "dns/opcode-%s.rrd";
63 static char *rcode_file = "dns/rcode-%s.rrd";
65 static char *traffic_ds_def[] =
67 /* Limit to 1GBit/s */
68 "DS:queries:COUNTER:"COLLECTD_HEARTBEAT":0:125000000",
69 "DS:responses:COUNTER:"COLLECTD_HEARTBEAT":0:125000000",
72 static int traffic_ds_num = 2;
74 static char *qtype_ds_def[] =
76 "DS:value:COUNTER:"COLLECTD_HEARTBEAT":0:65535",
79 static int qtype_ds_num = 1;
81 static char *opcode_ds_def[] =
83 "DS:value:COUNTER:"COLLECTD_HEARTBEAT":0:65535",
86 static int opcode_ds_num = 1;
88 static char *rcode_ds_def[] =
90 "DS:value:COUNTER:"COLLECTD_HEARTBEAT":0:65535",
93 static int rcode_ds_num = 1;
95 /* FIXME: Wouldn't other defines be better? -octo */
98 static char *config_keys[] =
104 static int config_keys_num = 2;
105 #endif /* HAVE_LIBPCAP */
106 #endif /* NAMED_HAVE_CONFIG */
109 #define PCAP_SNAPLEN 1460
110 static char *pcap_device = NULL;
112 static unsigned int tr_queries;
113 static unsigned int tr_responses;
114 static counter_list_t *qtype_list;
115 static counter_list_t *opcode_list;
116 static counter_list_t *rcode_list;
120 static pthread_t listen_thread;
121 static int listen_thread_init = 0;
122 /* The `traffic' mutex if for `tr_queries' and `tr_responses' */
123 static pthread_mutex_t traffic_mutex = PTHREAD_MUTEX_INITIALIZER;
124 static pthread_mutex_t qtype_mutex = PTHREAD_MUTEX_INITIALIZER;
125 static pthread_mutex_t opcode_mutex = PTHREAD_MUTEX_INITIALIZER;
126 static pthread_mutex_t rcode_mutex = PTHREAD_MUTEX_INITIALIZER;
129 static counter_list_t *counter_list_search (counter_list_t **list, unsigned int key)
131 counter_list_t *entry;
133 DBG ("counter_list_search (list = %p, key = %u)",
134 (void *) *list, key);
136 for (entry = *list; entry != NULL; entry = entry->next)
137 if (entry->key == key)
140 DBG ("return (%p)", (void *) entry);
144 static counter_list_t *counter_list_create (counter_list_t **list,
145 unsigned int key, unsigned int value)
147 counter_list_t *entry;
149 DBG ("counter_list_create (list = %p, key = %u, value = %u)",
150 (void *) *list, key, value);
152 entry = (counter_list_t *) malloc (sizeof (counter_list_t));
156 memset (entry, 0, sizeof (counter_list_t));
158 entry->value = value;
166 counter_list_t *last;
169 while (last->next != NULL)
175 DBG ("return (%p)", (void *) entry);
179 static void counter_list_add (counter_list_t **list,
180 unsigned int key, unsigned int increment)
182 counter_list_t *entry;
184 DBG ("counter_list_add (list = %p, key = %u, increment = %u)",
185 (void *) *list, key, increment);
187 entry = counter_list_search (list, key);
191 entry->value += increment;
195 counter_list_create (list, key, increment);
200 #if NAMED_HAVE_CONFIG
201 static int dns_config (char *key, char *value)
204 if (strcasecmp (key, "Interface") == 0)
206 if (pcap_device != NULL)
208 if ((pcap_device = strdup (value)) == NULL)
211 else if (strcasecmp (key, "IgnoreSource") == 0)
214 ignore_list_add_name (value);
222 #endif /* HAVE_LIBPCAP */
224 #endif /* NAMED_HAVE_CONFIG */
226 static void dns_child_callback (const rfc1035_header_t *dns)
230 /* This is a query */
231 pthread_mutex_lock (&traffic_mutex);
232 tr_queries += dns->length;
233 pthread_mutex_unlock (&traffic_mutex);
235 pthread_mutex_lock (&qtype_mutex);
236 counter_list_add (&qtype_list, dns->qtype, 1);
237 pthread_mutex_unlock (&qtype_mutex);
241 /* This is a reply */
242 pthread_mutex_lock (&traffic_mutex);
243 tr_responses += dns->length;
244 pthread_mutex_unlock (&traffic_mutex);
246 pthread_mutex_lock (&rcode_mutex);
247 counter_list_add (&rcode_list, dns->rcode, 1);
248 pthread_mutex_unlock (&rcode_mutex);
251 /* FIXME: Are queries, replies or both interesting? */
252 pthread_mutex_lock (&opcode_mutex);
253 counter_list_add (&opcode_list, dns->opcode, 1);
254 pthread_mutex_unlock (&opcode_mutex);
257 static void *dns_child_loop (void *dummy)
260 char pcap_error[PCAP_ERRBUF_SIZE];
261 struct bpf_program fp;
263 struct pollfd poll_fds[1];
266 /* Don't block any signals */
269 sigemptyset (&sigmask);
270 pthread_sigmask (SIG_SETMASK, &sigmask, NULL);
273 /* Passing `pcap_device == NULL' is okay and the same as passign "any" */
274 DBG ("Creating PCAP object..");
275 pcap_obj = pcap_open_live (pcap_device,
277 0 /* Not promiscuous */,
278 0 /* no read timeout */,
280 if (pcap_obj == NULL)
282 syslog (LOG_ERR, "dns plugin: Opening interface `%s' "
284 (pcap_device != NULL) ? pcap_device : "any",
289 memset (&fp, 0, sizeof (fp));
290 if (pcap_compile (pcap_obj, &fp, "udp port 53", 1, 0) < 0)
292 DBG ("pcap_compile failed");
293 syslog (LOG_ERR, "dns plugin: pcap_compile failed");
296 if (pcap_setfilter (pcap_obj, &fp) < 0)
298 DBG ("pcap_setfilter failed");
299 syslog (LOG_ERR, "dns plugin: pcap_setfilter failed");
303 DBG ("PCAP object created.");
305 dnstop_set_pcap_obj (pcap_obj);
306 dnstop_set_callback (dns_child_callback);
308 /* Set up poll object */
309 poll_fds[0].fd = pcap_fileno (pcap_obj);
310 poll_fds[0].events = POLLIN | POLLPRI;
315 status = poll (poll_fds, 1, -1 /* wait forever for a change */);
317 /* Signals are not caught, but this is very handy when
318 * attaching to the process with a debugger. -octo */
319 if ((status < 0) && (errno == EINTR))
327 syslog (LOG_ERR, "dns plugin: poll(2) failed: %s",
332 if (poll_fds[0].revents & (POLLERR | POLLHUP | POLLNVAL))
334 DBG ("pcap-device closed. Exiting.");
335 syslog (LOG_ERR, "dns plugin: pcap-device closed. Exiting.");
338 else if (poll_fds[0].revents & (POLLIN | POLLPRI))
340 status = pcap_dispatch (pcap_obj,
341 10 /* Only handle 10 packets at a time */,
342 handle_pcap /* callback */,
343 NULL /* Whatever this means.. */);
346 DBG ("pcap_dispatch failed: %s", pcap_geterr (pcap_obj));
347 syslog (LOG_ERR, "dns plugin: pcap_dispatch failed: %s",
348 pcap_geterr (pcap_obj));
354 DBG ("child is exiting");
356 pcap_close (pcap_obj);
360 } /* static void dns_child_loop (void) */
362 static void dns_init (void)
366 /* clean up an old thread */
369 pthread_mutex_lock (&traffic_mutex);
372 pthread_mutex_unlock (&traffic_mutex);
374 if (listen_thread_init != 0)
377 status = pthread_create (&listen_thread, NULL, dns_child_loop,
381 syslog (LOG_ERR, "dns plugin: pthread_create failed: %s",
386 listen_thread_init = 1;
391 static void traffic_write (char *host, char *inst, char *val)
393 rrd_update_file (host, traffic_file, val,
394 traffic_ds_def, traffic_ds_num);
397 static void qtype_write (char *host, char *inst, char *val)
402 status = snprintf (file, 512, qtype_file, inst);
405 else if (status >= 512)
408 rrd_update_file (host, file, val, qtype_ds_def, qtype_ds_num);
411 static void rcode_write (char *host, char *inst, char *val)
416 status = snprintf (file, 512, rcode_file, inst);
419 else if (status >= 512)
422 rrd_update_file (host, file, val, rcode_ds_def, rcode_ds_num);
425 static void opcode_write (char *host, char *inst, char *val)
430 status = snprintf (file, 512, opcode_file, inst);
433 else if (status >= 512)
436 rrd_update_file (host, file, val, opcode_ds_def, opcode_ds_num);
439 static void traffic_submit (unsigned int queries, unsigned int replies)
444 status = snprintf (buffer, 64, "N:%u:%u", queries, replies);
445 if ((status < 1) || (status >= 64))
448 plugin_submit ("dns_traffic", "-", buffer);
451 static void qtype_submit (int qtype, unsigned int counter)
457 strncpy (inst, qtype_str (qtype), 32);
460 status = snprintf (buffer, 32, "N:%u", counter);
461 if ((status < 1) || (status >= 32))
464 plugin_submit ("dns_qtype", inst, buffer);
467 static void rcode_submit (int rcode, unsigned int counter)
473 strncpy (inst, rcode_str (rcode), 32);
476 status = snprintf (buffer, 32, "N:%u", counter);
477 if ((status < 1) || (status >= 32))
480 plugin_submit ("dns_rcode", inst, buffer);
483 static void opcode_submit (int opcode, unsigned int counter)
489 strncpy (inst, opcode_str (opcode), 32);
492 status = snprintf (buffer, 32, "N:%u", counter);
493 if ((status < 1) || (status >= 32))
496 plugin_submit ("dns_opcode", inst, buffer);
500 static void dns_read (void)
502 unsigned int keys[T_MAX];
503 unsigned int values[T_MAX];
509 pthread_mutex_lock (&traffic_mutex);
510 values[0] = tr_queries;
511 values[1] = tr_responses;
512 pthread_mutex_unlock (&traffic_mutex);
513 traffic_submit (values[0], values[1]);
515 pthread_mutex_lock (&qtype_mutex);
516 for (ptr = qtype_list, len = 0;
517 (ptr != NULL) && (len < T_MAX);
518 ptr = ptr->next, len++)
520 keys[len] = ptr->key;
521 values[len] = ptr->value;
523 pthread_mutex_unlock (&qtype_mutex);
525 for (i = 0; i < len; i++)
527 DBG ("qtype = %u; counter = %u;", keys[i], values[i]);
528 qtype_submit (keys[i], values[i]);
531 pthread_mutex_lock (&opcode_mutex);
532 for (ptr = opcode_list, len = 0;
533 (ptr != NULL) && (len < T_MAX);
534 ptr = ptr->next, len++)
536 keys[len] = ptr->key;
537 values[len] = ptr->value;
539 pthread_mutex_unlock (&opcode_mutex);
541 for (i = 0; i < len; i++)
543 DBG ("opcode = %u; counter = %u;", keys[i], values[i]);
544 opcode_submit (keys[i], values[i]);
547 pthread_mutex_lock (&rcode_mutex);
548 for (ptr = rcode_list, len = 0;
549 (ptr != NULL) && (len < T_MAX);
550 ptr = ptr->next, len++)
552 keys[len] = ptr->key;
553 values[len] = ptr->value;
555 pthread_mutex_unlock (&rcode_mutex);
557 for (i = 0; i < len; i++)
559 DBG ("rcode = %u; counter = %u;", keys[i], values[i]);
560 rcode_submit (keys[i], values[i]);
563 #else /* if !NAMED_HAVE_READ */
564 # define dns_read NULL
567 void module_register (void)
569 plugin_register (MODULE_NAME, dns_init, dns_read, NULL);
570 plugin_register ("dns_traffic", NULL, NULL, traffic_write);
571 plugin_register ("dns_qtype", NULL, NULL, qtype_write);
572 plugin_register ("dns_rcode", NULL, NULL, rcode_write);
573 plugin_register ("dns_opcode", NULL, NULL, opcode_write);
574 cf_register (MODULE_NAME, dns_config, config_keys, config_keys_num);