| DNS_CACHE_GC_INT error { yyerror("boolean value expected"); }
| DNS_CACHE_DEL_NONEXP EQUAL NUMBER { IF_DNS_CACHE(dns_cache_del_nonexp=$3); }
| DNS_CACHE_DEL_NONEXP error { yyerror("boolean value expected"); }
- | USE_DST_BLST EQUAL NUMBER { IF_DST_BLACKLIST(use_dst_blacklist=$3); }
+ | USE_DST_BLST EQUAL NUMBER { IF_DST_BLACKLIST(default_core_cfg.use_dst_blacklist=$3); }
| USE_DST_BLST error { yyerror("boolean value expected"); }
- | DST_BLST_MEM EQUAL NUMBER { IF_DST_BLACKLIST(blst_max_mem=$3); }
+ | DST_BLST_MEM EQUAL NUMBER { IF_DST_BLACKLIST(default_core_cfg.blst_max_mem=$3); }
| DST_BLST_MEM error { yyerror("boolean value expected"); }
- | DST_BLST_TTL EQUAL NUMBER { IF_DST_BLACKLIST(blst_timeout=$3); }
+ | DST_BLST_TTL EQUAL NUMBER { IF_DST_BLACKLIST(default_core_cfg.blst_timeout=$3); }
| DST_BLST_TTL error { yyerror("boolean value expected"); }
| DST_BLST_GC_INT EQUAL NUMBER { IF_DST_BLACKLIST(blst_timer_interval=$3);}
| DST_BLST_GC_INT error { yyerror("boolean value expected"); }
*/
#include "dprint.h"
+#include "dst_blacklist.h"
#include "cfg/cfg.h"
#include "cfg_core.h"
struct cfg_group_core default_core_cfg = {
- L_DEFAULT /* print only msg. < L_WARN */
+ L_DEFAULT, /* print only msg. < L_WARN */
+#ifdef USE_DST_BLACKLIST
+ 0, /* dst blacklist is disabled by default */
+ DEFAULT_BLST_TIMEOUT,
+ DEFAULT_BLST_MAX_MEM,
+#endif
};
void *core_cfg = &default_core_cfg;
cfg_def_t core_cfg_def[] = {
{"debug", CFG_VAR_INT, 0, 0, 0, 0, "debug level"},
+#ifdef USE_DST_BLACKLIST
+ {"use_dst_blacklist", CFG_VAR_INT, 0, 0, 0, 0,
+ "enable/disable destination blacklisting"},
+ {"dst_blacklist_expire", CFG_VAR_INT, 0, 0, 0, 0,
+ "how much time (in s) a blacklisted destination is kept in the list"},
+ {"dst_blacklist_mem", CFG_VAR_INT, 0, 0, blst_max_mem_fixup, 0,
+ "maximum shared memory amount (in KB) used for keeping the blacklisted destinations"},
+#endif
{0, 0, 0, 0, 0, 0}
};
struct cfg_group_core {
int debug;
+#ifdef USE_DST_BLACKLIST
+ int use_dst_blacklist; /* 1 if blacklist is enabled */
+ unsigned int blst_timeout; /* blacklist entry ttl */
+ unsigned int blst_max_mem; /* maximum memory used for the
+ blacklist entries */
+#endif
};
extern struct cfg_group_core default_core_cfg;
#include "dst_blacklist.h"
#include "globals.h"
+#include "cfg_core.h"
#include "mem/shm_mem.h"
#include "hashes.h"
#include "locking.h"
#define DST_BLST_HASH_SIZE 1024
-#define DEFAULT_BLST_MAX_MEM 250 /* 1 Kb FIXME (debugging)*/
#define DEFAULT_BLST_TIMER_INTERVAL 60 /* 1 min */
static struct timer_ln* blst_timer_h=0;
static volatile unsigned int* blst_mem_used=0;
-unsigned int blst_max_mem=DEFAULT_BLST_MAX_MEM; /* maximum memory used
- for the blacklist entries*/
-unsigned int blst_timeout=DEFAULT_BLST_TIMEOUT;
unsigned int blst_timer_interval=DEFAULT_BLST_TIMER_INTERVAL;
struct dst_blst_lst_head* dst_blst_hash=0;
goto error;
}
/* fix options */
- blst_max_mem<<=10; /* in Kb */ /* TODO: test with 0 */
+ default_core_cfg.blst_max_mem<<=10; /* in Kb */ /* TODO: test with 0 */
if (blst_timer_interval){
timer_init(blst_timer_h, blst_timer, 0 ,0); /* slow timer */
if (timer_add(blst_timer_h, S_TO_TICKS(blst_timer_interval))<0){
e->flags|=err_flags;
e->expire=now+timeout; /* update the timeout */
}else{
- if (unlikely((*blst_mem_used+size)>=blst_max_mem)){
+ if (unlikely((*blst_mem_used+size) >=
+ cfg_get(core, core_cfg, blst_max_mem))){
#ifdef USE_DST_BLACKLIST_STATS
dst_blacklist_stats[process_no].bkl_lru_cnt++;
#endif
* spend more then 250 ms*/
dst_blacklist_clean_expired(*blst_mem_used/16*14, 0,
MS_TO_TICKS(250));
- if (unlikely(*blst_mem_used+size>=blst_max_mem)){
+ if (unlikely(*blst_mem_used+size >=
+ cfg_get(core, core_cfg, blst_max_mem))){
ret=-1;
goto error;
}
/* rpc functions */
void dst_blst_mem_info(rpc_t* rpc, void* ctx)
{
- if (!use_dst_blacklist){
+ if (!cfg_get(core, core_cfg, use_dst_blacklist)){
rpc->fault(ctx, 500, "dst blacklist support disabled");
return;
}
- rpc->add(ctx, "dd", *blst_mem_used, blst_max_mem);
+ rpc->add(ctx, "dd", *blst_mem_used, cfg_get(core, core_cfg, blst_max_mem));
}
NULL
};
- if (!use_dst_blacklist){
+ if (!cfg_get(core, core_cfg, use_dst_blacklist)){
rpc->fault(c, 500, "dst blacklist support disabled");
return;
}
ticks_t now;
struct ip_addr ip;
- if (!use_dst_blacklist){
+ if (!cfg_get(core, core_cfg, use_dst_blacklist)){
rpc->fault(ctx, 500, "dst blacklist support disabled");
return;
}
n=0;
#endif
- if (!use_dst_blacklist){
+ if (!cfg_get(core, core_cfg, use_dst_blacklist)){
rpc->fault(ctx, 500, "dst blacklist support disabled");
return;
}
ticks_t now;
struct ip_addr ip;
- if (!use_dst_blacklist){
+ if (!cfg_get(core, core_cfg, use_dst_blacklist)){
rpc->fault(ctx, 500, "dst blacklist support disabled");
return;
}
/* rpc wrapper function for dst_blst_flush() */
void dst_blst_delete_all(rpc_t* rpc, void* ctx)
{
- if (!use_dst_blacklist){
+ if (!cfg_get(core, core_cfg, use_dst_blacklist)){
rpc->fault(ctx, 500, "dst blacklist support disabled");
return;
}
unsigned char err_flags;
struct ip_addr *ip_addr;
- if (!use_dst_blacklist){
+ if (!cfg_get(core, core_cfg, use_dst_blacklist)){
rpc->fault(ctx, 500, "dst blacklist support disabled");
return;
}
}
if (dst_blacklist_add_ip(err_flags, proto, ip_addr, port,
- S_TO_TICKS(blst_timeout)))
+ S_TO_TICKS(cfg_get(core, core_cfg, blst_timeout))))
rpc->fault(ctx, 400, "Failed to add the entry to the blacklist");
}
+/* KByte to Byte conversion */
+int blst_max_mem_fixup(void *handle, str *name, void **val)
+{
+ unsigned int u;
+
+ u = ((unsigned int)(long)(*val))<<10;
+ (*val) = (void *)(long)u;
+ return 0;
+}
+
#endif /* USE_DST_BLACKLIST */
#include "ip_addr.h"
#include "parser/msg_parser.h"
#include "timer_ticks.h"
+#include "cfg_core.h"
#define DEFAULT_BLST_TIMEOUT 60 /* 1 min. */
+#define DEFAULT_BLST_MAX_MEM 250 /* 250 KB */
/* flags: */
#define BLST_IS_IPV6 1 /* set if the address is ipv6 */
/* adds a dst to the blacklist with default timeout */
#define dst_blacklist_add(err_flags, si, msg) \
- dst_blacklist_add_to((err_flags), (si), (msg), S_TO_TICKS(blst_timeout))
+ dst_blacklist_add_to((err_flags), (si), (msg), \
+ S_TO_TICKS(cfg_get(core, core_cfg, blst_timeout)))
int dst_is_blacklisted(struct dest_info* si, struct sip_msg* msg);
/* delete an entry from the blacklist */
*/
void dst_blst_flush(void);
+/* KByte to Byte conversion */
+int blst_max_mem_fixup(void *handle, str *name, void **val);
+
#endif
#include "route.h"
#include "dprint.h"
#include "globals.h"
+#include "cfg_core.h"
#include "data_lump.h"
#include "ut.h"
#include "mem/mem.h"
#endif
}
#ifdef USE_DST_BLACKLIST
- if (use_dst_blacklist){
+ if (cfg_get(core, core_cfg, use_dst_blacklist)){
if (dst_is_blacklisted(send_info, msg)){
su2ip_addr(&ip, &send_info->to);
LOG(L_DBG, "DEBUG: blacklisted destination:%s:%d (%d)\n",
if (msg_send(send_info, buf, len)<0){
ret=ser_error=E_SEND;
#ifdef USE_DST_BLACKLIST
- if (use_dst_blacklist)
+ if (cfg_get(core, core_cfg, use_dst_blacklist))
dst_blacklist_add(BLST_ERR_SEND, send_info, msg);
#endif
#ifdef USE_DNS_FAILOVER
#endif /* USE_DNS_CACHE_STATS */
#endif
#ifdef USE_DST_BLACKLIST
-extern int use_dst_blacklist; /* 1 if the blacklist is enabled */
-extern unsigned int blst_max_mem; /* maximum memory used for the blacklist
- entries*/
-extern unsigned int blst_timeout; /* blacklist entry ttl */
extern unsigned int blst_timer_interval; /*blacklist gc timer interval (in s)*/
#ifdef USE_DST_BLACKLIST_STATS
int use_dns_cache=1; /* 1 if the cache is enabled, 0 otherwise */
int use_dns_failover=0; /* 1 if failover is enabled, 0 otherwise */
#endif
-#ifdef USE_DST_BLACKLIST
-int use_dst_blacklist=0; /* 1 if the blacklist is enabled */
-#endif
int tos = IPTOS_LOWDELAY;
int pmtu_discovery = 0;
#include "../../timer.h"
#include "../../hash_func.h"
#include "../../globals.h"
+#include "../../cfg_core.h"
#include "../../mem/mem.h"
#include "../../dset.h"
#include "../../action.h"
return -1; /* drop, try next branch */
}
#ifdef USE_DST_BLACKLIST
- if (use_dst_blacklist
+ if (cfg_get(core, core_cfg, use_dst_blacklist)
&& p_msg
&& (p_msg->REQ_METHOD & tm_blst_methods_lookup)
){
ip_addr2a(&ip), su_getport(&uac->request.dst.to),
uac->request.dst.proto);
#ifdef USE_DST_BLACKLIST
- if (use_dst_blacklist)
+ if (cfg_get(core, core_cfg, use_dst_blacklist))
dst_blacklist_add(BLST_ERR_SEND, &uac->request.dst, p_msg);
#endif
#ifdef USE_DNS_FAILOVER
}
#ifdef USE_DST_BLACKLIST
/* add temporary to the blacklist the source of a 503 reply */
- if (tm_blst_503 && use_dst_blacklist && (msg_status==503)){
+ if (tm_blst_503 && cfg_get(core, core_cfg, use_dst_blacklist) && (msg_status==503)){
blst_503_timeout=tm_blst_503_default;
if ((parse_headers(p_msg, HDR_RETRY_AFTER_F, 0)==0) &&
(p_msg->parsed_flag & HDR_RETRY_AFTER_F)){
(t->uac[r_buf->branch].last_received==0)){
/* no reply received */
#ifdef USE_DST_BLACKLIST
- if (use_dst_blacklist
+ if (cfg_get(core, core_cfg, use_dst_blacklist)
&& r_buf->my_T
&& r_buf->my_T->uas.request
&& (r_buf->my_T->uas.request->REQ_METHOD & tm_blst_methods_add)
projects / sip-router / commitdiff