Permalink
Browse files

Renamed "flow" to "session" everywhere

  • Loading branch information...
1 parent 71b41b9 commit f4080d9a3baed5ef91a7f5dffaff8138945f30a3 @mjschultz mjschultz committed Apr 23, 2012
View
@@ -1,8 +1,8 @@
# Passive Network Appliance Node Software #
This software is designed to monitor all traffic arriving at a network
-card, extract summary statistics, insert that packet into a flow table, and
-periodically dump that flow table to a file on disk. The Linux kernel
+card, extract summary statistics, insert that packet into a session table, and
+periodically dump that session table to a file on disk. The Linux kernel
module found in `module/` handles the packet reception and table insertion
routines. It also allows arbitrary real-time monitors to be executed for
each packet received. Every 10 seconds a user-space program (in `user/`)
@@ -52,17 +52,18 @@ this project.
- `module/` contains the kernel module source code
- `pna_main.c` is the entry point for the kernel module (initialization
and hooking
- - `pna_flowmon.c` has routines to insert the packet into a flow entry
+ - `pna_session.c` has routines to insert the packet into a session entry
and deals with exporting the summary statistics to user-space
- `pna_rtmon.c` is the handler for real-time monitors
- - `pna_rtmon-conlip.c` are two included real-time monitors (connections
- and local IPs)
- `pna_alert.c` is code to send messages to a user-space process when a
real-time monitor detects anomalous behavior
- `pna_config.c` handles run-time configuration parameters
- - `service/pna` is the script to start and stop all the PNA software
+ - `monitors/` contains existing real-time monitors
+ - `pna_lipmon.c` is a local IP monitor (tracks stats on local IPs)
+ - `pna_conmon.c` is a connection monitor (tracks per-connection stats)
+ - `service/pna` is the script to start, stop, load, or unload any PNA software
- `user/` has the user-space software
- - `user_monitor.c` interacts with the flow tables to export them to a
+ - `user_monitor.c` interacts with the session tables to export them to a
log file
- `user_alerts.c` is the alert handler for real-time monitors
- `util/cron/` contains scripts and crontabs that help move files off-site
View
@@ -102,8 +102,8 @@ struct pna_alert_msg {
/* settings/structures for storing <src,dst,port> entries */
-/* definition of a flow for PNA */
-struct pna_flowkey {
+/* definition of a session for PNA */
+struct session_key {
unsigned short l3_protocol;
unsigned char l4_protocol;
unsigned int local_ip;
@@ -112,18 +112,18 @@ struct pna_flowkey {
unsigned short remote_port;
};
-/* flow data we're interested in off-line */
-struct pna_flow_data {
+/* session data we're interested in off-line */
+struct session_data {
unsigned int bytes[PNA_DIRECTIONS];
unsigned int packets[PNA_DIRECTIONS];
unsigned int timestamp;
unsigned int first_tstamp;
unsigned int first_dir;
};
-struct flow_entry {
- struct pna_flowkey key;
- struct pna_flow_data data;
+struct session_entry {
+ struct session_key key;
+ struct session_data data;
};
#endif /* __PNA_H */
View
@@ -58,7 +58,7 @@
*/
struct pna_rtmon {
int (*init)(void);
- int (*hook)(struct pna_flowkey *, int, struct sk_buff *, unsigned long *);
+ int (*hook)(struct session_key *, int, struct sk_buff *, unsigned long *);
void (*clean)(void);
void (*release)(void);
char *name;
@@ -77,40 +77,40 @@ struct pna_rtmon {
extern char *pna_iface;
extern uint pna_prefix;
extern uint pna_mask;
-extern uint pna_flow_entries;
+extern uint pna_session_entries;
extern uint pna_tables;
extern bool pna_debug;
extern bool pna_perfmon;
-extern bool pna_flowmon;
+extern bool pna_session_mon;
/* table meta-information */
/* number of attempts to insert before giving up */
#define PNA_TABLE_TRIES 32
-struct flowtab_info {
+struct sessiontab_info {
struct pna_hashmap *map;
char table_name[PNA_MAX_STR];
struct mutex read_mutex;
int table_dirty;
time_t first_sec;
int smp_id;
- unsigned int nflows;
- unsigned int nflows_missed;
+ unsigned int nsessions;
+ unsigned int nsessions_missed;
unsigned int probes[PNA_TABLE_TRIES];
};
/* some prototypes */
unsigned int pna_hash(unsigned int key, int bits);
-int flowmon_hook(struct pna_flowkey *key, int direction, struct sk_buff *skb);
-int flowmon_init(void);
-void flowmon_cleanup(void);
+int session_hook(struct session_key *key, int direction, struct sk_buff *skb);
+int session_init(void);
+void session_cleanup(void);
int rtmon_init(void);
int rtmon_load(struct pna_rtmon *monitor);
void rtmon_unload(struct pna_rtmon *monitor);
-int rtmon_hook(struct pna_flowkey *key, int direction, struct sk_buff *skb,
+int rtmon_hook(struct session_key *key, int direction, struct sk_buff *skb,
unsigned long data);
int pna_alert_warn(int reason, int value, struct timeval *time);
View
@@ -15,7 +15,7 @@
# kernel module files
obj-m += pna.o
-pna-objs := pna_main.o pna_config.o pna_flowmon.o
+pna-objs := pna_main.o pna_config.o pna_session.o
pna-objs += pna_hashmap.o murmur3.o
pna-objs += pna_alerts.o pna_rtmon.o
View
@@ -22,18 +22,18 @@
char *pna_iface = "eth0";
uint pna_prefix = 0xc0a80000; /* 192.168.0.0 */
uint pna_mask = 0xffff0000; /* /16 */
-uint pna_flow_entries = (1 << 20); /* 1,048,576 */
+uint pna_session_entries = (1 << 23); /* 8,388,608 */
uint pna_tables = 4;
bool pna_debug = false;
bool pna_perfmon = true;
-bool pna_flowmon = true;
+bool pna_session_mon = true;
PNA_PARAM(charp, pna_iface, "Interface on which we listen to packets");
PNA_PARAM(uint, pna_prefix, "Network prefix defining 'local' IP addresses");
PNA_PARAM(uint, pna_mask, "Network mask for IP addresses");
-PNA_PARAM(uint, pna_flow_entries, "Number of flow entries per dump period");
+PNA_PARAM(uint, pna_session_entries, "Number of session entries per dump period");
PNA_PARAM(uint, pna_tables, "Number of <src,dst,port> tables to use");
PNA_PARAM(bool, pna_debug, "Enable kernel debug log messages");
PNA_PARAM(bool, pna_perfmon, "Enable PNA performance monitoring messages");
-PNA_PARAM(bool, pna_flowmon, "Enable PNA flow monitoring");
+PNA_PARAM(bool, pna_session_mon, "Enable PNA session monitoring");
View
@@ -39,7 +39,7 @@
#include "pna_module.h"
static void pna_perflog(struct sk_buff *skb, int dir);
-static int pna_localize(struct pna_flowkey *key, int *direction);
+static int pna_localize(struct session_key *key, int *direction);
static int pna_done(struct sk_buff *skb);
int pna_hook(struct sk_buff *skb, struct net_device *dev,
struct packet_type *pt, struct net_device *orig_dev);
@@ -100,8 +100,8 @@ unsigned int pna_hash(unsigned int key, int bits)
}
EXPORT_SYMBOL(pna_hash);
-//swap remote and local in the pna_flowkey
-static inline void pna_key_swap(struct pna_flowkey * key)
+//swap remote and local in the session_key
+static inline void pna_key_swap(struct session_key *key)
{
unsigned int temp;
@@ -118,7 +118,7 @@ static inline void pna_key_swap(struct pna_flowkey * key)
* Receive Packet Hook (and helpers)
*/
/* make sure the local and remote values are correct in the key */
-static int pna_localize(struct pna_flowkey *key, int *direction)
+static int pna_localize(struct session_key *key, int *direction)
{
unsigned int temp;
@@ -168,7 +168,7 @@ static int pna_done(struct sk_buff *skb)
int pna_hook(struct sk_buff *skb, struct net_device *dev,
struct packet_type *pt, struct net_device *orig_dev)
{
- struct pna_flowkey key;
+ struct session_key key;
struct ethhdr *ethhdr;
struct iphdr *iphdr;
struct tcphdr *tcphdr;
@@ -227,7 +227,7 @@ int pna_hook(struct sk_buff *skb, struct net_device *dev,
return pna_done(skb);
}
- /* entire key should now be filled in and we have a flow, localize it */
+ /* entire key should now be filled in and we have a session, localize it */
if (!pna_localize(&key, &direction)) {
/* couldn't localize the IP (neither source nor dest in prefix) */
return pna_done(skb);
@@ -241,9 +241,9 @@ int pna_hook(struct sk_buff *skb, struct net_device *dev,
/* hook actions here */
//pr_info("key: {%d/%d, 0x%08x, 0x%08x, 0x%04x, 0x%04x}\n", key.l3_protocol, key.l4_protocol, key.local_ip, key.remote_ip, key.local_port, key.remote_port);
- /* insert into flow table */
- if (pna_flowmon == true) {
- ret = flowmon_hook(&key, direction, skb);
+ /* insert into session table */
+ if (pna_session_mon == true) {
+ ret = session_hook(&key, direction, skb);
if (ret < 0) {
/* failed to insert -- cleanup */
return pna_done(skb);
@@ -305,7 +305,7 @@ static void pna_perflog(struct sk_buff *skb, int dir)
/* report the numbers */
if (fps_in + fps_out > 1000) {
- pr_info("pna flowmon_smpid:%d,in_fps:%llu,in_Mbps:%llu,in_avg:%llu,"
+ pr_info("pna session_smpid:%d,in_fps:%llu,in_Mbps:%llu,in_avg:%llu,"
"out_fps:%llu,out_Mbps:%llu,out_avg:%llu\n", smp_processor_id(),
fps_in, Mbps_in, avg_in, fps_out, Mbps_out, avg_out);
@@ -362,8 +362,8 @@ int __init pna_init(void)
int i;
int ret = 0;
- /* set up the flow table(s) */
- if ((ret = flowmon_init()) < 0) {
+ /* set up the session table(s) */
+ if ((ret = session_init()) < 0) {
return ret;
}
@@ -411,7 +411,7 @@ void pna_cleanup(void)
pr_info("pna: released %s\n", pna_packet_type[i].dev->name);
}
pna_alert_cleanup();
- flowmon_cleanup();
+ session_cleanup();
pr_info("pna: module is inactive\n");
}
View
@@ -42,7 +42,7 @@ static void rtmon_clean(unsigned long data)
}
/* hook from main on packet to start real-time monitoring */
-int rtmon_hook(struct pna_flowkey *key, int direction, struct sk_buff *skb,
+int rtmon_hook(struct session_key *key, int direction, struct sk_buff *skb,
unsigned long data)
{
struct pna_rtmon *monitor;
Oops, something went wrong.

0 comments on commit f4080d9

Please sign in to comment.