summaryrefslogtreecommitdiffabout
Unidiff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--src/.gitignore1
-rw-r--r--src/Makefile.am5
-rw-r--r--src/VARNISH-MIB.txt83
-rw-r--r--src/ban.c191
-rw-r--r--src/varnish_mib.h52
-rw-r--r--src/varnish_mib.mib2c258
6 files changed, 503 insertions, 87 deletions
diff --git a/src/.gitignore b/src/.gitignore
index 49f397c..61958b7 100644
--- a/src/.gitignore
+++ b/src/.gitignore
@@ -1 +1,2 @@
1varnish_mib.c 1varnish_mib.c
2varnish_mib.h
diff --git a/src/Makefile.am b/src/Makefile.am
index a0e7e72..4643fde 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -29,5 +29,6 @@ varnish_mib_la_SOURCES = \
29BUILT_SOURCES = \ 29BUILT_SOURCES = \
30 varnish_mib.c 30 varnish_mib.c\
31 varnish_mib.h
31 32
32varnish_mib.c: varnish_mib.mib2c VARNISH-MIB.txt 33varnish_mib.c varnish_mib.h: varnish_mib.mib2c VARNISH-MIB.txt
33 34
diff --git a/src/VARNISH-MIB.txt b/src/VARNISH-MIB.txt
index cde935a..47e39c8 100644
--- a/src/VARNISH-MIB.txt
+++ b/src/VARNISH-MIB.txt
@@ -13,2 +13,4 @@ IMPORTS
13 FROM SNMPv2-SMI 13 FROM SNMPv2-SMI
14 DateAndTime
15 FROM SNMPv2-TC
14 OBJECT-GROUP, MODULE-COMPLIANCE 16 OBJECT-GROUP, MODULE-COMPLIANCE
@@ -17,3 +19,3 @@ IMPORTS
17varnishMIB MODULE-IDENTITY 19varnishMIB MODULE-IDENTITY
18 LAST-UPDATED "201411241848Z" 20 LAST-UPDATED "201411260759Z"
19 ORGANIZATION "Shared Autonomous sYstems" 21 ORGANIZATION "Shared Autonomous sYstems"
@@ -22,3 +24,3 @@ varnishMIB MODULE-IDENTITY
22 "This MIB module defines objects for Varnish reverse web proxy." 24 "This MIB module defines objects for Varnish reverse web proxy."
23 REVISION "201411241848Z" 25 REVISION "201411260759Z"
24 DESCRIPTION 26 DESCRIPTION
@@ -76,4 +78,10 @@ clientCacheMisses OBJECT-TYPE
76 78
79VarnishBanString ::= TEXTUAL-CONVENTION
80 DISPLAY-HINT "1024t"
81 STATUS current
82 DESCRIPTION ""
83 SYNTAX OCTET STRING (SIZE (0..1024))
84
77clientBan OBJECT-TYPE 85clientBan OBJECT-TYPE
78 SYNTAXOCTET STRING (SIZE(0..1024)) 86 SYNTAXVarnishBanString
79 MAX-ACCESS read-write 87 MAX-ACCESS read-write
@@ -529,4 +537,59 @@ bansPersistedFragmentation OBJECT-TYPE
529 ::= { bans 17 } 537 ::= { bans 17 }
530
531 538
539banTable OBJECT-TYPE
540 SYNTAX SEQUENCE OF VarnishBanEntry
541 MAX-ACCESS not-accessible
542 STATUS current
543 DESCRIPTION
544 "The (conceptual) table listing available bans"
545 ::= { bans 18 }
546
547varnishBanEntry OBJECT-TYPE
548 SYNTAX VarnishBanEntry
549 MAX-ACCESS not-accessible
550 STATUS current
551 DESCRIPTION
552 "An entry (conceptual row) representing a ban"
553 INDEX { banIndex }
554 ::= { banTable 1 }
555
556VarnishBanEntry ::= SEQUENCE {
557 banIndex Integer32,
558 banTime DateAndTime,
559 banRefCount Counter64,
560 banExpression VarnishBanString
561}
562
563banIndex OBJECT-TYPE
564 SYNTAX Integer32
565 MAX-ACCESS not-accessible
566 STATUS current
567 DESCRIPTION
568 "A number uniquely identifying each ban"
569 ::= { varnishBanEntry 1 }
570
571banTime OBJECT-TYPE
572 SYNTAX DateAndTime
573 MAX-ACCESS read-only
574 STATUS current
575 DESCRIPTION
576 "Time when the ban was created"
577 ::= { varnishBanEntry 2 }
578
579banRefCount OBJECT-TYPE
580 SYNTAX Counter32
581 MAX-ACCESS read-only
582 STATUS current
583 DESCRIPTION
584 "Number of references to this ban"
585 ::= { varnishBanEntry 3 }
586
587banExpression OBJECT-TYPE
588 SYNTAX VarnishBanString
589 MAX-ACCESS read-only
590 STATUS current
591 DESCRIPTION
592 "VCL expression of the ban"
593 ::= { varnishBanEntry 4 }
594
532-- 595--
@@ -587,4 +650,9 @@ varnishGroup OBJECT-GROUP
587 threadsFailed, 650 threadsFailed,
588 threadsQueueLength 651 threadsQueueLength,
589 652 banTable,
653 varnishBanEntry,
654 banIndex,
655 banTime,
656 banRefCount,
657 banExpression
590 } 658 }
@@ -604,4 +672,3 @@ varnishStandardComplianceV1 MODULE-COMPLIANCE
604 MODULE 672 MODULE
605 MANDATORY-GROUPS { 673 MANDATORY-GROUPS { varnishGroup }
606 varnishGroup}
607 674
diff --git a/src/ban.c b/src/ban.c
index a091e37..a3941ab 100644
--- a/src/ban.c
+++ b/src/ban.c
@@ -18,2 +18,3 @@
18#include "varnish_mib.h" 18#include "varnish_mib.h"
19#include <ctype.h>
19 20
@@ -52,3 +53,3 @@ varnish_ban(netsnmp_agent_request_info *reqinfo,
52 expr[len] = 0; 53 expr[len] = 0;
53 DEBUGMSGTL(("vcli_mib", "ban %s\n", expr)); 54 DEBUGMSGTL(("varnish_ban", "setting ban %s\n", expr));
54 rc = vcli_connect(vd, &conn); 55 rc = vcli_connect(vd, &conn);
@@ -56,3 +57,3 @@ varnish_ban(netsnmp_agent_request_info *reqinfo,
56 rc = send_ban_cmd(&conn, expr); 57 rc = send_ban_cmd(&conn, expr);
57 vcli_disconnect(&conn); 58 vcli_disconnect(&conn);
58 } 59 }
@@ -61,2 +62,188 @@ varnish_ban(netsnmp_agent_request_info *reqinfo,
61} 62}
63
64unsigned banTable_timeout = 60;
62 65
66/*
67 * create a new row in the table
68 */
69static struct banTable_entry *
70create_entry(netsnmp_tdata *table_data, long idx, struct banTable_entry *ent)
71{
72 struct banTable_entry *entry;
73 netsnmp_tdata_row *row;
74
75 entry = SNMP_MALLOC_TYPEDEF(struct banTable_entry);
76 if (!entry)
77 return NULL;
78
79 row = netsnmp_tdata_create_row();
80 if (!row) {
81 SNMP_FREE(entry);
82 return NULL;
83 }
84 row->data = entry;
85 *entry = *ent;
86
87 entry->banIndex = idx;
88 netsnmp_tdata_row_add_index(row, ASN_INTEGER,
89 &entry->banIndex,
90 sizeof(entry->banIndex));
91 if (table_data)
92 netsnmp_tdata_add_row(table_data, row);
93 return entry;
94}
95
96#define TMSEC(t) (((t)->tm_hour * 60 + (t)->tm_min) * 60 + (t)->tm_sec)
97
98static int
99utc_offset (void)
100{
101 time_t t = time (NULL);
102 struct tm ltm = *localtime (&t);
103 struct tm gtm = *gmtime (&t);
104 int d = TMSEC (&ltm) - TMSEC (&gtm);
105 if (!(ltm.tm_year = gtm.tm_year && ltm.tm_mon == gtm.tm_mon))
106 d += 86400;
107 return d / 60;
108}
109
110/* Refill the ban table */
111int
112banTable_load(netsnmp_cache *cache, void *vmagic)
113{
114 netsnmp_tdata *table = (netsnmp_tdata *) vmagic;
115 long idx = 0;
116 int rc;
117 struct vcli_conn conn;
118 char *p;
119 struct VSM_data *vd;
120
121 DEBUGMSGTL(("varnish_ban", "reloading ban table"));
122 vd = varnish_get_vsm_data();
123 rc = vcli_connect(vd, &conn);
124 if (rc != SNMP_ERR_NOERROR)
125 return rc;
126
127 if (vcli_asprintf(&conn, "ban.list\n") || vcli_write(&conn))
128 return SNMP_ERR_GENERR;
129
130 if (vcli_read_response(&conn))
131 return SNMP_ERR_GENERR;
132
133 if (conn.resp != CLIS_OK) {
134 snmp_log(LOG_ERR, "ban.list command rejected: %u %s\n",
135 conn.resp, conn.base);
136 return SNMP_ERR_GENERR;
137 }
138
139 p = conn.base;
140 while (p < conn.base + conn.bufsize) {
141 char *q;
142 struct banTable_entry e;
143 struct tm *tm;
144 time_t t;
145 int n;
146
147 if (*p == '\n') {
148 ++p;
149 continue;
150 }
151 e.banIndex = idx;
152 t = strtoul(p, &q, 10);
153 if (*q != '.') {
154 p = strchr(p, '\n');
155 if (!p)
156 break;
157 continue;
158 }
159 ++q;
160
161 e.banTime_len = 11;
162 e.banTime = malloc(e.banTime_len + 1);
163 if (!e.banTime) {
164 vcli_disconnect(&conn);
165 snmp_log(LOG_ERR, "out of memory\n");
166 return SNMP_ERR_GENERR;
167 }
168 tm = localtime(&t);
169 /* A date-time specification.
170
171 field octets contents range
172 ----- ------ -------- -----
173 1 1-2 year* 0..65536
174 2 3 month 1..12
175 3 4 day 1..31
176 4 5 hour 0..23
177 5 6 minutes 0..59
178 6 7 seconds 0..60
179 (use 60 for leap-second)
180 7 8 deci-seconds 0..9
181 8 9 direction from UTC '+' / '-'
182 9 10 hours from UTC* 0..13
183 10 11 minutes from UTC 0..59
184
185 * Notes:
186 - the value of year is in network-byte order
187 */
188 n = tm->tm_year % 100;
189 e.banTime[0] = n >> 8;
190 e.banTime[1] = n & 0xff;
191 e.banTime[2] = tm->tm_mon + 1;
192 e.banTime[3] = tm->tm_mday;
193 e.banTime[4] = tm->tm_hour;
194 e.banTime[5] = tm->tm_min;
195 e.banTime[6] = tm->tm_sec;
196 e.banTime[7] = *q - '0';
197 n = utc_offset();
198 if (n < 0) {
199 e.banTime[8] = '-';
200 n = - n;
201 } else
202 e.banTime[8] = '+';
203 e.banTime[9] = n / 60;
204 e.banTime[10] = n % 60;
205
206 while (*q && isdigit(*q))
207 ++q;
208 while (*q && isspace(*q))
209 ++q;
210 e.banRefCount = strtoul(q, &q, 10);
211
212 while (*q && isspace(*q))
213 ++q;
214
215 e.banExpression_len = strcspn(q, "\n");
216 e.banExpression = malloc(e.banExpression_len);
217 if (!e.banExpression) {
218 vcli_disconnect(&conn);
219 free(e.banTime);
220 snmp_log(LOG_ERR, "out of memory\n");
221 return SNMP_ERR_GENERR;
222 }
223 memcpy(e.banExpression, q, e.banExpression_len);
224
225 create_entry(table, idx, &e);
226 ++idx;
227 q += e.banExpression_len;
228 p = q;
229 }
230 vcli_disconnect(&conn);
231 DEBUGMSGTL(("varnish_ban", "loaded %ld ban entries", idx));
232 return 0;
233}
234
235void
236banTable_free(netsnmp_cache *cache, void *vmagic)
237{
238 netsnmp_tdata *table = (netsnmp_tdata *) vmagic;
239 netsnmp_tdata_row *row;
240
241 DEBUGMSGTL(("varnish_ban", "freeing ban table"));
242 while ((row = netsnmp_tdata_row_first(table))) {
243 struct banTable_entry *entry = row->data;
244 free(entry->banExpression);
245 free(entry->banTime);
246 SNMP_FREE(entry);
247 netsnmp_tdata_remove_and_delete_row(table, row);
248 }
249}
diff --git a/src/varnish_mib.h b/src/varnish_mib.h
deleted file mode 100644
index 31e3de1..0000000
--- a/src/varnish_mib.h
+++ b/dev/null
@@ -1,52 +0,0 @@
1/* This file is part of varnish-mib -*- c -*-
2 Copyright (C) 2014 Sergey Poznyakoff
3
4 Varnish-mib is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 3, or (at your option)
7 any later version.
8
9 Varnish-mib is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with varnish-mib. If not, see <http://www.gnu.org/licenses/>.
16*/
17#include <config.h>
18#include <stdlib.h>
19#include <stdint.h>
20
21#include <vapi/vsc.h>
22#include <vapi/vsm.h>
23#include <vcli.h>
24
25#include <net-snmp/net-snmp-config.h>
26#include <net-snmp/net-snmp-includes.h>
27#include <net-snmp/agent/net-snmp-agent-includes.h>
28
29typedef struct vcli_conn {
30 int fd;
31 char *secret;
32 int resp;
33 char *base;
34 size_t bufmax;
35 size_t bufsize;
36} vcli_conn_t;
37
38int vcli_write(vcli_conn_t *conn);
39int vcli_read_response(vcli_conn_t *conn);
40int vcli_vasprintf(vcli_conn_t *conn, const char *fmt, va_list ap);
41int vcli_asprintf(vcli_conn_t *conn, const char *fmt, ...);
42void vcli_disconnect(vcli_conn_t *conn);
43int vcli_connect(struct VSM_data *vd, vcli_conn_t *conn);
44
45
46int varnish_auth_response(const char *file, const char *challenge,
47 char response[CLI_AUTH_RESPONSE_LEN + 1]);
48
49int varnish_ban(netsnmp_agent_request_info *reqinfo,
50 netsnmp_request_info *requests,
51 struct VSM_data *vd);
52
diff --git a/src/varnish_mib.mib2c b/src/varnish_mib.mib2c
index 9825728..34f0f16 100644
--- a/src/varnish_mib.mib2c
+++ b/src/varnish_mib.mib2c
@@ -25,24 +25,2 @@
25@enddefine@ 25@enddefine@
26@open ${name}@
27/* THIS FILE IS GENERATED AUTOMATICALLY. PLEASE DO NOT EDIT. */
28
29#include "varnish_mib.h"
30
31static struct VSM_data *vd;
32
33void
34varnish_snmp_init(void)
35{
36 vd = VSM_New();
37
38 if (VSM_Open(vd))
39 exit(1);
40}
41
42void
43varnish_snmp_deinit(void)
44{
45 VSM_Close(vd);
46}
47
48@startperl@ 26@startperl@
@@ -143,3 +121,3 @@ $vars{'modulename'} =~ s#.*/##;
143$vars{'modulename'} =~ s/\.c$//; 121$vars{'modulename'} =~ s/\.c$//;
144print "$vars{'modulename'}\n"; 122#print "$vars{'modulename'}\n";
145 123
@@ -147,2 +125,75 @@ print "$vars{'modulename'}\n";
147@endperl@ 125@endperl@
126@open ${modulename}.h@
127/* THIS FILE IS GENERATED AUTOMATICALLY. PLEASE DO NOT EDIT. */
128#include <config.h>
129#include <stdlib.h>
130#include <stdint.h>
131
132#include <vapi/vsc.h>
133#include <vapi/vsm.h>
134#include <vcli.h>
135
136#include <net-snmp/net-snmp-config.h>
137#include <net-snmp/net-snmp-includes.h>
138#include <net-snmp/agent/net-snmp-agent-includes.h>
139
140typedef struct vcli_conn {
141 int fd;
142 char *secret;
143 int resp;
144 char *base;
145 size_t bufmax;
146 size_t bufsize;
147} vcli_conn_t;
148
149int vcli_write(vcli_conn_t *conn);
150int vcli_read_response(vcli_conn_t *conn);
151int vcli_vasprintf(vcli_conn_t *conn, const char *fmt, va_list ap);
152int vcli_asprintf(vcli_conn_t *conn, const char *fmt, ...);
153void vcli_disconnect(vcli_conn_t *conn);
154int vcli_connect(struct VSM_data *vd, vcli_conn_t *conn);
155
156struct VSM_data *varnish_get_vsm_data(void);
157
158int varnish_auth_response(const char *file, const char *challenge,
159 char response[CLI_AUTH_RESPONSE_LEN + 1]);
160
161int varnish_ban(netsnmp_agent_request_info *reqinfo,
162 netsnmp_request_info *requests,
163 struct VSM_data *vd);
164
165extern unsigned banTable_timeout;
166
167@open ${name}@
168/* THIS FILE IS GENERATED AUTOMATICALLY. PLEASE DO NOT EDIT. */
169
170#include "varnish_mib.h"
171
172static struct VSM_data *vd;
173
174void
175varnish_snmp_init(void)
176{
177 vd = VSM_New();
178
179 if (VSM_Open(vd))
180 exit(1);
181}
182
183void
184varnish_snmp_deinit(void)
185{
186 VSM_Close(vd);
187}
188
189struct VSM_data *
190varnish_get_vsm_data()
191{
192 if (VSM_Abandoned(vd)) {
193 DEBUGMSGTL(("$modulename", "reopening vd\n"));
194 VSM_Close(vd);
195 VSM_Open(vd);
196 }
197 return vd;
198}
148 199
@@ -275,2 +326,160 @@ handle_$i(netsnmp_mib_handler *handler,
275 326
327@foreach $i table@
328 ## Determine the first/last column names
329 @eval $first_column = "-"@
330 @eval $last_column = "-"@
331 @foreach $c column@
332 @if $c.readable@
333 @if "$first_column" eq "-"@
334 @eval $first_column = $c@
335 @end@
336 @eval $last_column = $c@
337 @end@
338 @end@
339
340@push@
341@append ${modulename}.h@
342/* column number definitions for table $i */
343 @foreach $c column@
344 #define COLUMN_$c.uc $c.subid
345 @end@
346
347struct ${i}_entry {
348 /* Index values */
349 @foreach $idx index@
350 @if $idx.needlength@
351 $idx.decl *$idx;
352 size_t ${idx}_len;
353 @else@
354 $idx.decl $idx;
355 @end@
356 @end@
357
358 /* Column values */
359 @foreach $c nonindex@
360 @if $c.readable@
361 @if $c.needlength@
362 $c.decl *$c;
363 size_t ${c}_len;
364 @else@
365 $c.decl $c;
366 @end@
367 @end@
368 @end@
369};
370
371int ${i}_load(netsnmp_cache *cache, void *vmagic);
372void ${i}_free(netsnmp_cache *cache, void *vmagic);
373@pop@
374
375/** handles requests for the $i table */
376static int
377handle_table_${i}(
378 netsnmp_mib_handler *handler,
379 netsnmp_handler_registration *reginfo,
380 netsnmp_agent_request_info *reqinfo,
381 netsnmp_request_info *requests)
382{
383 netsnmp_request_info *request;
384 netsnmp_table_request_info *table_info;
385 struct ${i}_entry *table_entry;
386
387 switch (reqinfo->mode) {
388 case MODE_GET:
389 for (request = requests; request; request = request->next) {
390 table_entry = (struct ${i}_entry *)
391 netsnmp_tdata_extract_entry(request);
392 table_info = netsnmp_extract_table_info(request);
393
394 switch (table_info->colnum) {
395 @foreach $c column@
396 @if $c.readable@
397 case COLUMN_$c.uc:
398 if (!table_entry) {
399 netsnmp_set_request_error(reqinfo, request,
400 SNMP_NOSUCHINSTANCE);
401 continue;
402 }
403 @if $c.needlength@
404 snmp_set_var_typed_value(request->requestvb, $c.type,
405 table_entry->$c,
406 table_entry->${c}_len);
407 @else@
408 snmp_set_var_typed_integer(request->requestvb, $c.type,
409 table_entry->$c);
410 @end@
411 break;
412 @end@
413 @end@
414 default:
415 netsnmp_set_request_error(reqinfo, request,
416 SNMP_NOSUCHOBJECT);
417 break;
418 }
419 }
420 break;
421 default:
422 /* we should never get here, so this is a really bad error */
423 snmp_log(LOG_ERR, "unknown mode (%d) in handle_table_${i}\n",
424 reqinfo->mode);
425 return SNMP_ERR_GENERR;
426
427 }
428 return SNMP_ERR_NOERROR;
429}
430
431/** Initialize the $i table by defining its contents and how it's structured */
432static void
433initialize_table_$i(void)
434{
435 const oid ${i}_oid[] = {$i.commaoid};
436 const size_t ${i}_oid_len = OID_LENGTH(${i}_oid);
437 netsnmp_handler_registration *reg;
438 netsnmp_tdata *table_data;
439 netsnmp_table_registration_info *table_info;
440 netsnmp_cache *cache;
441
442 DEBUGMSGTL(("${name}:init", "initializing table $i\n"));
443
444 reg = netsnmp_create_handler_registration("$i", handle_table_${i},
445 ${i}_oid, ${i}_oid_len,
446 HANDLER_CAN_RONLY);
447
448 table_data = netsnmp_tdata_create_table("$i", 0);
449 if (!table_data) {
450 snmp_log(LOG_ERR,"error creating tdata table for $i\n");
451 return;
452 }
453 cache = netsnmp_cache_create(${i}_timeout,
454 ${i}_load, ${i}_free,
455 ${i}_oid, ${i}_oid_len);
456 if (!cache) {
457 snmp_log(LOG_ERR,"error creating cache for $i\n");
458 } else
459 cache->magic = (void *)table_data;
460 table_info = SNMP_MALLOC_TYPEDEF(netsnmp_table_registration_info);
461 if (!table_info) {
462 snmp_log(LOG_ERR,"error creating table info for $i\n");
463 return;
464 }
465 netsnmp_table_helper_add_indexes(table_info,
466 @foreach $idx index@
467 $idx.type, /* index: $idx */
468 @end@
469 0);
470
471 table_info->min_column = COLUMN_$first_column.uc;
472 table_info->max_column = COLUMN_$last_column.uc;
473
474 netsnmp_tdata_register(reg, table_data, table_info);
475 if (cache)
476 netsnmp_inject_handler(reg, netsnmp_cache_handler_get(cache));
477 /*
478 netsnmp_inject_handler_before(reg, netsnmp_cache_handler_get(cache),
479 TABLE_TDATA_NAME);
480*/
481}
482
483@end@
484
276/** Initializes the $name module */ 485/** Initializes the $name module */
@@ -297,2 +506,5 @@ init_$modulename(void)
297 @end@ 506 @end@
507 @foreach $i table@
508 initialize_table_$i();
509 @end@
298 varnish_snmp_init(); 510 varnish_snmp_init();

Return to:

Send suggestions and report system problems to the System administrator.