ports/net/pfflowd/files/pf37-pfflowd.c

--- pfflowd.c.orig	2008-05-28 12:28:08.000000000 -0700
+++ pfflowd.c	2008-05-28 12:28:29.000000000 -0700
@@ -231,7 +231,7 @@
 }
 
 static int
-send_netflow_v1(const struct pfsync_state *st, u_int n, int *flows_exp)
+send_netflow_v1(const struct _PFSYNC_STATE *st, u_int n, int *flows_exp)
 {
 	char now_s[64];
 	int i, j, offset, num_packets, err;
@@ -310,13 +310,13 @@
 		}
 
 		flw = (struct NF1_FLOW *)(packet + offset);
-		if (netflow_socket != -1 && st[i].packets[0][0] != 0) {
+		if (netflow_socket != -1 && st[i].packets[0] != 0) {
 			flw->src_ip = src.addr.v4.s_addr;
 			flw->dest_ip = dst.addr.v4.s_addr;
 			flw->src_port = src.port;
 			flw->dest_port = dst.port;
-			flw->flow_packets = st[i].packets[0][0];
-			flw->flow_octets = st[i].bytes[0][0];
+			flw->flow_packets = st[i].packets[0];
+			flw->flow_octets = st[i].bytes[0];
 			flw->flow_start = htonl(uptime_ms - creation);
 			flw->flow_finish = htonl(uptime_ms);
 			flw->protocol = st[i].proto;
@@ -326,13 +326,13 @@
 			hdr->flows++;
 		}
 		flw = (struct NF1_FLOW *)(packet + offset);
-		if (netflow_socket != -1 && st[i].packets[1][0] != 0) {
+		if (netflow_socket != -1 && st[i].packets[1] != 0) {
 			flw->src_ip = dst.addr.v4.s_addr;
 			flw->dest_ip = src.addr.v4.s_addr;
 			flw->src_port = dst.port;
 			flw->dest_port = src.port;
-			flw->flow_packets = st[i].packets[1][0];
-			flw->flow_octets = st[i].bytes[1][0];
+			flw->flow_packets = st[i].packets[1];
+			flw->flow_octets = st[i].bytes[1];
 			flw->flow_start = htonl(uptime_ms - creation);
 			flw->flow_finish = htonl(uptime_ms);
 			flw->protocol = st[i].proto;
@@ -344,10 +344,10 @@
 		flw = (struct NF1_FLOW *)(packet + offset);
 
 		if (verbose_flag) {
-			packets_out = ntohl(st[i].packets[0][0]);
-			packets_in = ntohl(st[i].packets[1][0]);
-			bytes_out = ntohl(st[i].bytes[0][0]);
-			bytes_in = ntohl(st[i].bytes[1][0]);
+			packets_out = ntohl(st[i].packets[0]);
+			packets_in = ntohl(st[i].packets[1]);
+			bytes_out = ntohl(st[i].bytes[0]);
+			bytes_in = ntohl(st[i].bytes[1]);
 
 			creation_tt = now - (creation / 1000);
 			localtime_r(&creation_tt, &creation_tm);
@@ -368,7 +368,6 @@
 				strlcat(dst_s, pbuf, sizeof(dst_s));
 			}
 
-			syslog(LOG_DEBUG, "IFACE %s", st[i].ifname); 
 			syslog(LOG_DEBUG, "GWY %s", rt_s); 
 			syslog(LOG_DEBUG, "FLOW proto %d direction %d", 
 			    st[i].proto, st[i].direction);
@@ -401,9 +400,8 @@
 	return (ntohs(hdr->flows));
 }
 
-
 static int
-send_netflow_v5(const struct pfsync_state *st, u_int n, int *flows_exp)
+send_netflow_v5(const struct _PFSYNC_STATE *st, u_int n, int *flows_exp)
 {
 	char now_s[64];
 	int i, j, offset, num_packets, err;
@@ -483,13 +481,13 @@
 		}
 
 		flw = (struct NF5_FLOW *)(packet + offset);
-		if (netflow_socket != -1 && st[i].packets[0][0] != 0) {
+		if (netflow_socket != -1 && st[i].packets[0] != 0) {
 			flw->src_ip = src.addr.v4.s_addr;
 			flw->dest_ip = dst.addr.v4.s_addr;
 			flw->src_port = src.port;
 			flw->dest_port = dst.port;
-			flw->flow_packets = st[i].packets[0][0];
-			flw->flow_octets = st[i].bytes[0][0];
+			flw->flow_packets = st[i].packets[0];
+			flw->flow_octets = st[i].bytes[0];
 			flw->flow_start = htonl(uptime_ms - creation);
 			flw->flow_finish = htonl(uptime_ms);
 			flw->tcp_flags = 0;
@@ -499,13 +497,13 @@
 			hdr->flows++;
 		}
 		flw = (struct NF5_FLOW *)(packet + offset);
-		if (netflow_socket != -1 && st[i].packets[1][0] != 0) {
+		if (netflow_socket != -1 && st[i].packets[1] != 0) {
 			flw->src_ip = dst.addr.v4.s_addr;
 			flw->dest_ip = src.addr.v4.s_addr;
 			flw->src_port = dst.port;
 			flw->dest_port = src.port;
-			flw->flow_packets = st[i].packets[1][0];
-			flw->flow_octets = st[i].bytes[1][0];
+			flw->flow_packets = st[i].packets[1];
+			flw->flow_octets = st[i].bytes[1];
 			flw->flow_start = htonl(uptime_ms - creation);
 			flw->flow_finish = htonl(uptime_ms);
 			flw->tcp_flags = 0;
@@ -517,10 +515,10 @@
 		flw = (struct NF5_FLOW *)(packet + offset);
 
 		if (verbose_flag) {
-			packets_out = ntohl(st[i].packets[0][0]);
-			packets_in = ntohl(st[i].packets[1][0]);
-			bytes_out = ntohl(st[i].bytes[0][0]);
-			bytes_in = ntohl(st[i].bytes[1][0]);
+			packets_out = ntohl(st[i].packets[0]);
+			packets_in = ntohl(st[i].packets[1]);
+			bytes_out = ntohl(st[i].bytes[0]);
+			bytes_in = ntohl(st[i].bytes[1]);
 
 			creation_tt = now - (creation / 1000);
 			localtime_r(&creation_tt, &creation_tm);
@@ -541,7 +539,6 @@
 				strlcat(dst_s, pbuf, sizeof(dst_s));
 			}
 
-			syslog(LOG_DEBUG, "IFACE %s", st[i].ifname); 
 			syslog(LOG_DEBUG, "GWY %s", rt_s); 
 			syslog(LOG_DEBUG, "FLOW proto %d direction %d", 
 			    st[i].proto, st[i].direction);
@@ -574,32 +571,6 @@
 	return (ntohs(hdr->flows));
 }
 
-static void
-send_flow(const struct pfsync_state *st, u_int n, int *flows_exp)
-{
-	int r = 0;
-
-	switch (export_version) {
-	case 1:
-		r = send_netflow_v1(st, n, flows_exp);
-		break;
-	case 5:
-		r = send_netflow_v5(st, n, flows_exp);
-		break;
-	default:
-		/* should never reach this point */
-		syslog(LOG_DEBUG, "Invalid netflow version, exiting");
-		exit(1);
-	}
-
-	if (r > 0) {
-		flows_exported += r;
-		if (verbose_flag)
-			syslog(LOG_DEBUG, "flows_exported = %d", *flows_exp);
-	}
-
-}
-
 /*
  * Per-packet callback function from libpcap. 
  */
@@ -608,8 +579,8 @@
     const u_char *pkt)
 {
 	const struct pfsync_header *ph = (const struct pfsync_header *)pkt;
-	const struct pfsync_state *st;
-	u_int64_t bytes[2], packets[2]; 
+	const struct _PFSYNC_STATE *st;
+	int r = 0;
 
 	if (phdr->caplen < PFSYNC_HDRLEN) {
 		syslog(LOG_WARNING, "Runt pfsync packet header");
@@ -632,56 +603,25 @@
 		return;
 	}
 
-	st = (const struct pfsync_state *)((const u_int8_t *)ph + sizeof(*ph));
+	st = (const struct _PFSYNC_STATE *)((const u_int8_t *)ph + sizeof(*ph));
 
-	/*
-	 * Check if any members of st->packets or st->bytes overflow
-	 * the 32 bit netflow counters, if so, create as many flow records 
-	 * that are needed to clear the counter. 
-	 */
-	 
-	 pf_state_counter_ntoh(st->packets[0],packets[0]); 
-	 pf_state_counter_ntoh(st->packets[1],packets[1]); 
-	 pf_state_counter_ntoh(st->bytes[0],bytes[0]); 
-	 pf_state_counter_ntoh(st->bytes[1],bytes[1]); 
-
-	 while (bytes[0] > 0 || bytes[1] > 0 || 
-	        packets[0] > 0 || packets[1] > 0) {
-		
-		struct pfsync_state st1;
-
-		memcpy(&st1, st, sizeof(st1));
-
-		if (bytes[0] > UINT_MAX) {
-			st1.bytes[0][0] = 0xffffffff;
-			bytes[0] -= MIN(bytes[0], 0xffffffff);
-		} else {
-			st1.bytes[0][0] = htonl(bytes[0]);
-			bytes[0] = 0;
-		}
-		if (bytes[1] > UINT_MAX) {
-			st1.bytes[1][0] = 0xffffffff;
-			bytes[1] -= MIN(bytes[1], 0xffffffff);
-		} else {
-			st1.bytes[1][0] = htonl(bytes[1]);
-			bytes[1] = 0;
-		}
-		if (packets[0] > UINT_MAX) {
-			st1.packets[0][0] = 0xffffffff;
-			packets[0] -= MIN(packets[0], 0xffffffff);
-		} else {
-			st1.packets[0][0] = htonl(packets[0]);
-			packets[0] = 0;
-		}
-		if (packets[1] > UINT_MAX) {
-			st1.packets[1][0] = 0xffffffff;
-			packets[1] -= MIN(packets[1], 0xffffffff);
-		} else {
-			st1.packets[1][0] = htonl(packets[1]);
-			packets[1] = 0;
-		}
+	switch (export_version) {
+	case 1:
+		r = send_netflow_v1(st, ph->count, &flows_exported);
+		break;
+	case 5:
+		r = send_netflow_v5(st, ph->count, &flows_exported);
+		break;
+	default:
+		/* should never reach this point */
+		syslog(LOG_DEBUG, "Invalid netflow version, exiting");
+		exit(1);
+	}
 
-		send_flow(&st1, ph->count, &flows_exported);
+	if (r > 0) {
+		flows_exported += r;
+		if (verbose_flag)
+			syslog(LOG_DEBUG, "flows_exported = %d", flows_exported);
 	}
 }