summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMaciej Żenczykowski <maze@google.com>2023-04-17 17:25:12 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>2023-04-17 17:25:12 +0000
commita2089e57167685322b59c73d7d157fac15c3e93c (patch)
tree0b3f6052a5413e94df1d01c063f013f592e6d612
parent78879f5dd897fca5aa403ab93dd2b210fccb0c06 (diff)
parenta13a183ff9d2e3d436a9e0aad3940f652b6bbf7f (diff)
downloadnetd-a2089e57167685322b59c73d7d157fac15c3e93c.tar.gz
Merge "WakeupController - improve iptables command legibility"
Diffstat
-rw-r--r--server/WakeupController.cpp14
-rw-r--r--server/WakeupControllerTest.cpp16
2 files changed, 17 insertions, 13 deletions
diff --git a/server/WakeupController.cpp b/server/WakeupController.cpp
index eb36291c..be9c9e06 100644
--- a/server/WakeupController.cpp
+++ b/server/WakeupController.cpp
@@ -205,14 +205,14 @@ Status WakeupController::execIptables(const std::string& action, const std::stri
const std::string& prefix, uint32_t mark, uint32_t mask) {
// NFLOG messages to batch before releasing to userspace
constexpr int kBatch = 8;
- // Max log message rate in packets/second
- constexpr int kRateLimit = 10;
const char kFormat[] =
- "*mangle\n%s %s -i %s -j NFLOG --nflog-prefix %s --nflog-group %d --nflog-threshold %d"
- " -m mark --mark 0x%08x/0x%08x -m limit --limit %d/s\nCOMMIT\n";
- const auto cmd = StringPrintf(
- kFormat, action.c_str(), WakeupController::LOCAL_MANGLE_INPUT, ifName.c_str(),
- prefix.c_str(), NetlinkManager::NFLOG_WAKEUP_GROUP, kBatch, mark, mask, kRateLimit);
+ "*mangle\n"
+ "%s %s -i %s -m mark --mark 0x%08x/0x%08x -m limit --limit 10/s"
+ " -j NFLOG --nflog-prefix %s --nflog-group %d --nflog-threshold %d\n"
+ "COMMIT\n";
+ const auto cmd = StringPrintf(kFormat,
+ action.c_str(), WakeupController::LOCAL_MANGLE_INPUT, ifName.c_str(), mark, mask,
+ prefix.c_str(), NetlinkManager::NFLOG_WAKEUP_GROUP, kBatch);
std::string out;
auto rv = mIptables->execute(V4V6, cmd, &out);
diff --git a/server/WakeupControllerTest.cpp b/server/WakeupControllerTest.cpp
index ff99b987..6ef49005 100644
--- a/server/WakeupControllerTest.cpp
+++ b/server/WakeupControllerTest.cpp
@@ -287,9 +287,11 @@ TEST_F(WakeupControllerTest, addInterface) {
const uint32_t kMark = 0x12345678;
const uint32_t kMask = 0x0F0F0F0F;
const char kExpected[] =
- "*mangle\n-A wakeupctrl_mangle_INPUT -i test:prefix"
- " -j NFLOG --nflog-prefix wlan8 --nflog-group 3 --nflog-threshold 8"
- " -m mark --mark 0x12345678/0x0f0f0f0f -m limit --limit 10/s\nCOMMIT\n";
+ "*mangle\n"
+ "-A wakeupctrl_mangle_INPUT -i test:prefix"
+ " -m mark --mark 0x12345678/0x0f0f0f0f -m limit --limit 10/s"
+ " -j NFLOG --nflog-prefix wlan8 --nflog-group 3 --nflog-threshold 8\n"
+ "COMMIT\n";
EXPECT_CALL(mIptables, execute(V4V6, kExpected, _)).WillOnce(Return(0));
EXPECT_OK(mController.addInterface(kPrefix, kIfName, kMark, kMask));
}
@@ -300,9 +302,11 @@ TEST_F(WakeupControllerTest, delInterface) {
const uint32_t kMark = 0x12345678;
const uint32_t kMask = 0xF0F0F0F0;
const char kExpected[] =
- "*mangle\n-D wakeupctrl_mangle_INPUT -i test:prefix"
- " -j NFLOG --nflog-prefix wlan8 --nflog-group 3 --nflog-threshold 8"
- " -m mark --mark 0x12345678/0xf0f0f0f0 -m limit --limit 10/s\nCOMMIT\n";
+ "*mangle\n"
+ "-D wakeupctrl_mangle_INPUT -i test:prefix"
+ " -m mark --mark 0x12345678/0xf0f0f0f0 -m limit --limit 10/s"
+ " -j NFLOG --nflog-prefix wlan8 --nflog-group 3 --nflog-threshold 8\n"
+ "COMMIT\n";
EXPECT_CALL(mIptables, execute(V4V6, kExpected, _)).WillOnce(Return(0));
EXPECT_OK(mController.delInterface(kPrefix, kIfName, kMark, kMask));
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-18 04:56:47 +0000