From 78a4af4cd7066d524d6ce8d2ddca904a09392ba5 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Tue, 17 Jan 2012 13:27:00 +0000
Subject: [PATCH] -more stats, more logging, adding access control checks

---
 src/exit/gnunet-daemon-exit.c | 80 +++++++++++++++++++++++++++++++----
 1 file changed, 71 insertions(+), 9 deletions(-)

diff --git a/src/exit/gnunet-daemon-exit.c b/src/exit/gnunet-daemon-exit.c
index 7d9799d10..189accf94 100644
--- a/src/exit/gnunet-daemon-exit.c
+++ b/src/exit/gnunet-daemon-exit.c
@@ -25,7 +25,6 @@
  * @author Christian Grothoff
  *
  * TODO:
- * - need some statistics
  * - test
  *
  * Code cleanup:
@@ -750,6 +749,9 @@ message_token (void *cls GNUNET_UNUSED, void *client GNUNET_UNUSED,
     GNUNET_break (0);
     return;
   }
+  GNUNET_STATISTICS_update (stats,
+			    gettext_noop ("# Bytes received from TUN"),
+			    size, GNUNET_NO);
   pkt_tun = (const struct tun_header *) &message[1];
   size -= sizeof (struct tun_header) + sizeof (struct GNUNET_MessageHeader);
   switch (ntohs (pkt_tun->proto))
@@ -1344,6 +1346,9 @@ receive_tcp_service (void *unused GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunn
   GNUNET_STATISTICS_update (stats,
 			    gettext_noop ("# TCP service creation requests received via mesh"),
 			    1, GNUNET_NO);
+  GNUNET_STATISTICS_update (stats,
+			    gettext_noop ("# Bytes received from MESH"),
+			    pkt_len, GNUNET_NO);
   /* check that we got at least a valid header */
   if (pkt_len < sizeof (struct GNUNET_EXIT_TcpServiceStartMessage))
   {
@@ -1373,6 +1378,9 @@ receive_tcp_service (void *unused GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunn
 		_("No service found for %s on port %d!\n"),
 		"TCP",
 		ntohs (start->tcp_header.dpt));
+    GNUNET_STATISTICS_update (stats,
+			      gettext_noop ("# TCP requests dropped (no such service)"),
+			      1, GNUNET_NO);
     return GNUNET_SYSERR;
   }
   state->ri.remote_address = state->serv->address;    
@@ -1412,6 +1420,9 @@ receive_tcp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
   const void *payload;
   int af;
 
+  GNUNET_STATISTICS_update (stats,
+			    gettext_noop ("# Bytes received from MESH"),
+			    pkt_len, GNUNET_NO);
   GNUNET_STATISTICS_update (stats,
 			    gettext_noop ("# TCP IP-exit creation requests received via mesh"),
 			    1, GNUNET_NO);
@@ -1439,6 +1450,11 @@ receive_tcp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
       GNUNET_break_op (0);
       return GNUNET_SYSERR;
     }
+    if (! ipv4_exit)
+    {
+      GNUNET_break_op (0);
+      return GNUNET_SYSERR;
+    }
     v4 = (const struct in_addr*) &start[1];
     payload = &v4[1];
     pkt_len -= sizeof (struct in_addr);
@@ -1450,6 +1466,11 @@ receive_tcp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
       GNUNET_break_op (0);
       return GNUNET_SYSERR;
     }
+    if (! ipv6_exit)
+    {
+      GNUNET_break_op (0);
+      return GNUNET_SYSERR;
+    }
     v6 = (const struct in6_addr*) &start[1];
     payload = &v6[1];
     pkt_len -= sizeof (struct in_addr);
@@ -1505,6 +1526,9 @@ receive_tcp_data (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
   const struct GNUNET_EXIT_TcpDataMessage *data;
   uint16_t pkt_len = ntohs (message->size);
 
+  GNUNET_STATISTICS_update (stats,
+			    gettext_noop ("# Bytes received from MESH"),
+			    pkt_len, GNUNET_NO);
   GNUNET_STATISTICS_update (stats,
 			    gettext_noop ("# TCP data requests received via mesh"),
 			    1, GNUNET_NO);
@@ -1519,8 +1543,9 @@ receive_tcp_data (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
        (NULL == state->heap_node) )
   {
     /* connection should have been up! */
-    GNUNET_break_op (0);
-    /* FIXME: call statistics */
+    GNUNET_STATISTICS_update (stats,
+			      gettext_noop ("# TCP DATA requests dropped (no session)"),
+			      1, GNUNET_NO);
     return GNUNET_SYSERR;
   }
   GNUNET_break_op (ntohl (data->reserved) == 0);
@@ -1661,6 +1686,9 @@ receive_udp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
   const void *payload;
   int af;
 
+  GNUNET_STATISTICS_update (stats,
+			    gettext_noop ("# Bytes received from MESH"),
+			    pkt_len, GNUNET_NO);
   GNUNET_STATISTICS_update (stats,
 			    gettext_noop ("# UDP IP-exit requests received via mesh"),
 			    1, GNUNET_NO);
@@ -1681,6 +1709,11 @@ receive_udp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
       GNUNET_break_op (0);
       return GNUNET_SYSERR;
     }
+    if (! ipv4_exit)
+    {
+      GNUNET_break_op (0);
+      return GNUNET_SYSERR;
+    }
     v4 = (const struct in_addr*) &msg[1];
     payload = &v4[1];
     pkt_len -= sizeof (struct in_addr);
@@ -1692,6 +1725,11 @@ receive_udp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
       GNUNET_break_op (0);
       return GNUNET_SYSERR;
     }
+    if (! ipv6_exit)
+    {
+      GNUNET_break_op (0);
+      return GNUNET_SYSERR;
+    }
     v6 = (const struct in6_addr*) &msg[1];
     payload = &v6[1];
     pkt_len -= sizeof (struct in_addr);
@@ -1748,6 +1786,9 @@ receive_udp_service (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
   const struct GNUNET_EXIT_UdpServiceMessage *msg;
   uint16_t pkt_len = ntohs (message->size);
 
+  GNUNET_STATISTICS_update (stats,
+			    gettext_noop ("# Bytes received from MESH"),
+			    pkt_len, GNUNET_NO);
   GNUNET_STATISTICS_update (stats,
 			    gettext_noop ("# UDP service requests received via mesh"),
 			    1, GNUNET_NO);
@@ -1771,6 +1812,9 @@ receive_udp_service (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
 		_("No service found for %s on port %d!\n"),
 		"UDP",
 		ntohs (msg->destination_port));
+    GNUNET_STATISTICS_update (stats,
+			      gettext_noop ("# UDP requests dropped (no such service)"),
+			      1, GNUNET_NO);
     return GNUNET_SYSERR;
   }
   state->ri.remote_address = state->serv->address;    
@@ -2019,12 +2063,30 @@ add_services (int proto,
       serv->address.af = res->ai_family;
       switch (res->ai_family)
       {
-	case AF_INET:
-	  serv->address.address.ipv4 = ((struct sockaddr_in *) res->ai_addr)->sin_addr;
-	  break;
-	case AF_INET6:
-	  serv->address.address.ipv6 = ((struct sockaddr_in6 *) res->ai_addr)->sin6_addr;
-	  break;
+      case AF_INET:
+	if (! ipv4_enabled)
+	{
+	  GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+		      _("Service `%s' configured for IPv4, but IPv4 is disabled!\n"),
+		      name);
+	  freeaddrinfo (res);
+	  GNUNET_free (serv);
+	  continue;
+	}
+	serv->address.address.ipv4 = ((struct sockaddr_in *) res->ai_addr)->sin_addr;
+	break;
+      case AF_INET6:
+	if (! ipv6_enabled)
+	{
+	  GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+		      _("Service `%s' configured for IPv4, but IPv4 is disabled!\n"),
+		      name);
+	  freeaddrinfo (res);
+	  GNUNET_free (serv);
+	  continue;
+	}	
+	serv->address.address.ipv6 = ((struct sockaddr_in6 *) res->ai_addr)->sin6_addr;
+	break;
       default:
 	freeaddrinfo (res);
 	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
-- 
2.25.1