From f3465600df2a8dec4ad1c6f0fe262ce161aae9c7 Mon Sep 17 00:00:00 2001 From: Yunchih Chen Date: Tue, 20 Mar 2018 15:56:51 +0800 Subject: Batch kernel -> userspace packet delivery To reduce #syscall, configure libnetfilter to send packet in batch via netlink. In this way, we also have more effective rate-limitating because the batchly-sent packets will get same timestamp. --- lib/collect.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/lib/collect.c b/lib/collect.c index fe8d5c1..c076c9c 100644 --- a/lib/collect.c +++ b/lib/collect.c @@ -144,11 +144,13 @@ static void nfl_init(nfl_state_t *nf) { // bind to group nf->nfl_group_fd = nflog_bind_group(nf->nfl_fd, nf->global->nfl_group_id); - /* ERR(nflog_set_mode(nf->nfl_group_fd, NFULNL_COPY_PACKET, sizeof(struct - * iphdr) + 4) < 0, */ ERR(nflog_set_mode(nf->nfl_group_fd, NFULNL_COPY_PACKET, nfl_recv_size) < 0, "Could not set copy mode"); + // Batch send 128 packets from kernel to userspace + ERR(nflog_set_qthresh(nf->nfl_group_fd, NF_NFLOG_QTHRESH), + "Could not set qthresh"); + nflog_callback_register(nf->nfl_group_fd, &handle_packet, nf); debug("Registering nflog callback"); @@ -167,10 +169,10 @@ void *nfl_collect_worker(void *targs) { time(&nf->header->start_time); int rv; - // Must have at least 128 to account for sizeof(struct iphdr) + - // sizeof(struct tcphdr) - // plus the size of meta data needed by the library's data structure - char buf[128]; + // Must have at least 128 for each packet to account for + // sizeof(struct iphdr) + sizeof(struct tcphdr) plus the + // size of meta data needed by the library's data structure. + char buf[128 * NF_NFLOG_QTHRESH + 1]; while (*p_cnt_now < cnt_max) { if ((rv = recv(fd, buf, sizeof(buf), 0)) && rv > 0) { debug("Recv worker #%u: nflog packet received (len=%u)", -- cgit v1.2.3