Subject: [ Add option "-a" for reading pcap file and ] fix some bugs Origin: softflowd-0.9.9-22-ge6d29a1 Upstream-Author: Hitoshi Irino Date: Sun May 26 23:00:41 2019 +0900 Comment: Fixes a regression introduced in buster: The flow aggregation is broken, causing a new flow to generated for virtually each packet. If the daemon sees a lot of traffic, the flow table might overflow, resulting in forced expiration and 100% CPU usage. . Thanks Johanna Jerzembeck for reporting and testing. - fix flow_compare for comparing vlan and ether [ - fix missing sequence in netflow v9 ] --- a/softflowd.c +++ b/softflowd.c @@ -55,6 +55,8 @@ static int verbose_flag = 0; /* Debugging flag */ static u_int16_t if_index = 0; /* "manual" interface index */ +static int track_level; + /* Signal handler flags */ static volatile sig_atomic_t graceful_shutdown_request = 0; @@ -144,15 +146,21 @@ { /* Be careful to avoid signed vs unsigned issues here */ int r; + if (track_level == TRACK_FULL_VLAN || track_level == TRACK_FULL_VLAN_ETHER) { + if (a->vlanid[0] != b->vlanid[0]) + return (a->vlanid[0] > b->vlanid[0] ? 1 : -1); + + if (a->vlanid[1] != b->vlanid[1]) + return (a->vlanid[1] > b->vlanid[1] ? 1 : -1); + } - if (a->vlanid != b->vlanid) - return (a->vlanid > b->vlanid ? 1 : -1); - + if (track_level == TRACK_FULL_VLAN_ETHER) { if ((r = memcmp(&a->ethermac[0], &b->ethermac[0], 6)) != 0) return (r > 0 ? 1 : -1); if ((r = memcmp(&a->ethermac[1], &b->ethermac[1], 6)) != 0) return (r > 0 ? 1 : -1); + } if (a->af != b->af) return (a->af > b->af ? 1 : -1); @@ -1526,7 +1534,7 @@ ft->param.max_flows = DEFAULT_MAX_FLOWS; - ft->param.track_level = TRACK_FULL; + track_level = ft->param.track_level = TRACK_FULL; ft->param.tcp_timeout = DEFAULT_TCP_TIMEOUT; ft->param.tcp_rst_timeout = DEFAULT_TCP_RST_TIMEOUT; @@ -1882,6 +1890,7 @@ usage(); exit(1); } + track_level = flowtrack.param.track_level; break; case 'L': hoplimit = atoi(optarg);