xref: /openbmc/linux/net/netfilter/nft_counter.c (revision 6189f1b0) 
1 /*
2  * Copyright (c) 2008-2009 Patrick McHardy <kaber@trash.net>
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License version 2 as
6  * published by the Free Software Foundation.
7  *
8  * Development of this code funded by Astaro AG (http://www.astaro.com/)
9  */
10 
11 #include <linux/kernel.h>
12 #include <linux/init.h>
13 #include <linux/module.h>
14 #include <linux/seqlock.h>
15 #include <linux/netlink.h>
16 #include <linux/netfilter.h>
17 #include <linux/netfilter/nf_tables.h>
18 #include <net/netfilter/nf_tables.h>
19 
20 struct nft_counter {
21 	seqlock_t	lock;
22 	u64		bytes;
23 	u64		packets;
24 };
25 
26 static void nft_counter_eval(const struct nft_expr *expr,
27 			     struct nft_regs *regs,
28 			     const struct nft_pktinfo *pkt)
29 {
30 	struct nft_counter *priv = nft_expr_priv(expr);
31 
32 	write_seqlock_bh(&priv->lock);
33 	priv->bytes += pkt->skb->len;
34 	priv->packets++;
35 	write_sequnlock_bh(&priv->lock);
36 }
37 
38 static int nft_counter_dump(struct sk_buff *skb, const struct nft_expr *expr)
39 {
40 	struct nft_counter *priv = nft_expr_priv(expr);
41 	unsigned int seq;
42 	u64 bytes;
43 	u64 packets;
44 
45 	do {
46 		seq = read_seqbegin(&priv->lock);
47 		bytes	= priv->bytes;
48 		packets	= priv->packets;
49 	} while (read_seqretry(&priv->lock, seq));
50 
51 	if (nla_put_be64(skb, NFTA_COUNTER_BYTES, cpu_to_be64(bytes)))
52 		goto nla_put_failure;
53 	if (nla_put_be64(skb, NFTA_COUNTER_PACKETS, cpu_to_be64(packets)))
54 		goto nla_put_failure;
55 	return 0;
56 
57 nla_put_failure:
58 	return -1;
59 }
60 
61 static const struct nla_policy nft_counter_policy[NFTA_COUNTER_MAX + 1] = {
62 	[NFTA_COUNTER_PACKETS]	= { .type = NLA_U64 },
63 	[NFTA_COUNTER_BYTES]	= { .type = NLA_U64 },
64 };
65 
66 static int nft_counter_init(const struct nft_ctx *ctx,
67 			    const struct nft_expr *expr,
68 			    const struct nlattr * const tb[])
69 {
70 	struct nft_counter *priv = nft_expr_priv(expr);
71 
72 	if (tb[NFTA_COUNTER_PACKETS])
73 	        priv->packets = be64_to_cpu(nla_get_be64(tb[NFTA_COUNTER_PACKETS]));
74 	if (tb[NFTA_COUNTER_BYTES])
75 		priv->bytes = be64_to_cpu(nla_get_be64(tb[NFTA_COUNTER_BYTES]));
76 
77 	seqlock_init(&priv->lock);
78 	return 0;
79 }
80 
81 static struct nft_expr_type nft_counter_type;
82 static const struct nft_expr_ops nft_counter_ops = {
83 	.type		= &nft_counter_type,
84 	.size		= NFT_EXPR_SIZE(sizeof(struct nft_counter)),
85 	.eval		= nft_counter_eval,
86 	.init		= nft_counter_init,
87 	.dump		= nft_counter_dump,
88 };
89 
90 static struct nft_expr_type nft_counter_type __read_mostly = {
91 	.name		= "counter",
92 	.ops		= &nft_counter_ops,
93 	.policy		= nft_counter_policy,
94 	.maxattr	= NFTA_COUNTER_MAX,
95 	.flags		= NFT_EXPR_STATEFUL,
96 	.owner		= THIS_MODULE,
97 };
98 
99 static int __init nft_counter_module_init(void)
100 {
101 	return nft_register_expr(&nft_counter_type);
102 }
103 
104 static void __exit nft_counter_module_exit(void)
105 {
106 	nft_unregister_expr(&nft_counter_type);
107 }
108 
109 module_init(nft_counter_module_init);
110 module_exit(nft_counter_module_exit);
111 
112 MODULE_LICENSE("GPL");
113 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
114 MODULE_ALIAS_NFT_EXPR("counter");
115