Hello community, here is the log from the commit of package iptraf-ng for openSUSE:Factory checked in at 2020-08-17 12:05:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/iptraf-ng (Old) and /work/SRC/openSUSE:Factory/.iptraf-ng.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "iptraf-ng" Mon Aug 17 12:05:08 2020 rev:3 rq:827057 version:1.2.1 Changes: -------- --- /work/SRC/openSUSE:Factory/iptraf-ng/iptraf-ng.changes 2020-06-11 10:11:56.448555610 +0200 +++ /work/SRC/openSUSE:Factory/.iptraf-ng.new.3399/iptraf-ng.changes 2020-08-17 12:05:41.486704665 +0200 @@ -1,0 +2,10 @@ +Sun Aug 16 14:11:17 UTC 2020 - Dirk Mueller <[email protected]> + +- update to 1.2.1: + * Makefile: protect mandatory compile flags + * packet capture: don't reuse socket for multiple receive functions + * TPACKET_V[23]: continue even if mlock() fails +- remove 0001-Revert-TPACKET_V3-mlock-mmap-ed-address-space-into-R.patch: + fixed differently upstream + +------------------------------------------------------------------- Old: ---- 0001-Revert-TPACKET_V3-mlock-mmap-ed-address-space-into-R.patch v1.2.0.tar.gz New: ---- v1.2.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ iptraf-ng.spec ++++++ --- /var/tmp/diff_new_pack.42eNsS/_old 2020-08-17 12:05:43.538705808 +0200 +++ /var/tmp/diff_new_pack.42eNsS/_new 2020-08-17 12:05:43.542705811 +0200 @@ -17,21 +17,19 @@ Name: iptraf-ng -Version: 1.2.0 +Version: 1.2.1 Release: 0 Summary: TCP/IP Network Monitor License: GPL-2.0-or-later Group: Productivity/Networking/Diagnostic URL: https://github.com/iptraf-ng/iptraf-ng/ - Source: https://github.com/iptraf-ng/iptraf-ng/archive/v%version.tar.gz -Patch1: 0001-Revert-TPACKET_V3-mlock-mmap-ed-address-space-into-R.patch -Obsoletes: iptraf < 4 -# Just pick a number that is >3 -Provides: iptraf = 4 BuildRequires: automake BuildRequires: ncurses-devel BuildRequires: xz +Obsoletes: iptraf < 4 +# Just pick a number that is >3 +Provides: iptraf = 4 %description IPTraf-ng is a console-based network statistics utility. It gathers a @@ -43,7 +41,7 @@ %autosetup -n %name-%version -p1 %build -make %{?_smp_mflags} CFLAGS="%optflags -D_GNU_SOURCE" V=1 +%make_build CFLAGS="%optflags -D_GNU_SOURCE" %install %make_install prefix="%_prefix" V=1 ++++++ v1.2.0.tar.gz -> v1.2.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/CHANGES new/iptraf-ng-1.2.1/CHANGES --- old/iptraf-ng-1.2.0/CHANGES 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/CHANGES 2020-07-21 14:10:43.000000000 +0200 @@ -1,5 +1,10 @@ CHANGES file for iptraf-ng +* Tue Jul 21 2020 Vitezslav Samel <[email protected]> - 1.2.1 +- Makefile: protect mandatory compile flags +- packet capture: don't reuse socket for multiple receive functions +- TPACKET_V[23]: continue even if mlock() fails + * Thu Jun 04 2020 Vitezslav Samel <[email protected]> - 1.2.0 - ipfrag: code refactoring (Nikola Pajkovsky) - ifstats: sort interfaces by name (Jan Engelhardt) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/GEN-VERSION-FILE new/iptraf-ng-1.2.1/GEN-VERSION-FILE --- old/iptraf-ng-1.2.0/GEN-VERSION-FILE 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/GEN-VERSION-FILE 2020-07-21 14:10:43.000000000 +0200 @@ -1,7 +1,7 @@ #!/bin/bash GVF=VERSION-FILE -DEF_VER=1.2.0 +DEF_VER=1.2.1 LF=' ' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/Makefile new/iptraf-ng-1.2.1/Makefile --- old/iptraf-ng-1.2.0/Makefile 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/Makefile 2020-07-21 14:10:43.000000000 +0200 @@ -18,9 +18,10 @@ @$(SHELL_PATH) ./GEN-VERSION-FILE -include VERSION-FILE -CFLAGS = -g -O2 -Wall -W -std=gnu99 -Werror=format-security -D_GNU_SOURCE +CFLAGS = -g -O2 -Wall -W -Werror=format-security LDFLAGS = -ALL_CFLAGS = $(CPPFLAGS) $(CFLAGS) +IPTRAF_CFLAGS := -std=gnu99 -D_GNU_SOURCE +ALL_CFLAGS = $(CPPFLAGS) $(CFLAGS) $(IPTRAF_CFLAGS) ALL_LDFLAGS = $(LDFLAGS) STRIP ?= strip diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/src/capt-mmap-v2.c new/iptraf-ng-1.2.1/src/capt-mmap-v2.c --- old/iptraf-ng-1.2.0/src/capt-mmap-v2.c 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/src/capt-mmap-v2.c 2020-07-21 14:10:43.000000000 +0200 @@ -102,14 +102,17 @@ int capt_setup_mmap_v2(struct capt *capt) { + if (capt_get_socket(capt) == -1) + return -1; + int version = TPACKET_V2; if (setsockopt(capt->fd, SOL_PACKET, PACKET_VERSION, &version, sizeof(version)) != 0) - return -1; + goto err; int hdrlen = version; socklen_t socklen = sizeof(hdrlen); if (getsockopt(capt->fd, SOL_PACKET, PACKET_HDRLEN, &hdrlen, &socklen) != 0) - return -1; + goto err; struct tpacket_req req; @@ -118,18 +121,18 @@ req.tp_frame_size = FRAME_SIZE; req.tp_block_size = req.tp_frame_nr * req.tp_frame_size; - if(setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0) - return -1; + if (setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0) + goto err; size_t size = req.tp_block_size * req.tp_block_nr; void *map = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, capt->fd, 0); if (map == MAP_FAILED) - return -1; + goto err; - if(mlock(map, size) != 0) { - munmap(map, size); - return -1; - } + /* try to lock this memory to RAM */ + (void)mlock(map, size); /* no need to check return value because the mlock() is + * not mandatory; if it fails packet capture just works OK + * albeit suboptimally */ struct capt_data_mmap_v2 *data = xmallocz(sizeof(struct capt_data_mmap_v2)); @@ -151,4 +154,7 @@ capt->cleanup = capt_cleanup_mmap_v2; return 0; /* All O.K. */ +err: + capt_put_socket(capt); + return -1; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/src/capt-mmap-v3.c new/iptraf-ng-1.2.1/src/capt-mmap-v3.c --- old/iptraf-ng-1.2.0/src/capt-mmap-v3.c 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/src/capt-mmap-v3.c 2020-07-21 14:10:43.000000000 +0200 @@ -141,14 +141,17 @@ int capt_setup_mmap_v3(struct capt *capt) { + if (capt_get_socket(capt) == -1) + return -1; + int version = TPACKET_V3; if (setsockopt(capt->fd, SOL_PACKET, PACKET_VERSION, &version, sizeof(version)) != 0) - return -1; + goto err; int hdrlen = version; socklen_t socklen = sizeof(hdrlen); if (getsockopt(capt->fd, SOL_PACKET, PACKET_HDRLEN, &hdrlen, &socklen) != 0) - return -1; + goto err; struct tpacket_req3 req; @@ -162,17 +165,17 @@ // req.tp_feature_req_word = TP_FT_REQ_FILL_RXHASH; if(setsockopt(capt->fd, SOL_PACKET, PACKET_RX_RING, &req, sizeof(req)) != 0) - return -1; + goto err; size_t size = req.tp_block_size * req.tp_block_nr; void *map = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, capt->fd, 0); if (map == MAP_FAILED) - return -1; + goto err; - if (mlock(map, size) != 0) { - munmap(map, size); - return -1; - } + /* try to lock this memory to RAM */ + (void)mlock(map, size); /* no need to check return value because the mlock() is + * not mandatory; if it fails packet capture just works OK + * albeit suboptimally */ struct capt_data_mmap_v3 *data = xmallocz(sizeof(struct capt_data_mmap_v3)); @@ -193,4 +196,7 @@ capt->cleanup = capt_cleanup_mmap_v3; return 0; /* All O.K. */ +err: + capt_put_socket(capt); + return -1; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/src/capt-recvmmsg.c new/iptraf-ng-1.2.1/src/capt-recvmmsg.c --- old/iptraf-ng-1.2.0/src/capt-recvmmsg.c 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/src/capt-recvmmsg.c 2020-07-21 14:10:43.000000000 +0200 @@ -114,6 +114,9 @@ { struct capt_data_recvmmsg *data; + if (capt_get_socket(capt) == -1) + return -1; + data = xmallocz(sizeof(struct capt_data_recvmmsg)); data->buf = xmallocz(FRAMES * MAX_PACKET_SIZE); data->msgvec = xmallocz(FRAMES * sizeof(*data->msgvec)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/src/capt-recvmsg.c new/iptraf-ng-1.2.1/src/capt-recvmsg.c --- old/iptraf-ng-1.2.0/src/capt-recvmsg.c 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/src/capt-recvmsg.c 2020-07-21 14:10:43.000000000 +0200 @@ -64,8 +64,12 @@ int capt_setup_recvmsg(struct capt *capt) { - struct capt_data_recvmsg *data = xmallocz(sizeof(struct capt_data_recvmsg)); + struct capt_data_recvmsg *data; + if (capt_get_socket(capt) == -1) + return -1; + + data = xmallocz(sizeof(struct capt_data_recvmsg)); data->buf = xmallocz(MAX_PACKET_SIZE); data->iov.iov_len = MAX_PACKET_SIZE; data->iov.iov_base = data->buf; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/src/capt.c new/iptraf-ng-1.2.1/src/capt.c --- old/iptraf-ng-1.2.0/src/capt.c 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/src/capt.c 2020-07-21 14:10:43.000000000 +0200 @@ -15,6 +15,26 @@ #include "capt-mmap-v2.h" #include "capt-mmap-v3.h" +int capt_get_socket(struct capt *capt) { + + /* initialize socket first with some default protocol; + * the right protocol is then set with bind(); + * this overcomes the problem with getting packets + * from other interfaces, because the socket was not + * properly initialized yet */ + int fd = socket(PF_PACKET, SOCK_RAW, 0); + if (fd == -1) + return -1; + + capt->fd = fd; + return 0; +} + +void capt_put_socket(struct capt *capt) { + close(capt->fd); + capt->fd = -1; +} + static int capt_set_recv_timeout(int fd, unsigned int msec) { struct timeval timeout; @@ -56,29 +76,20 @@ capt->put_packet = NULL; capt->get_dropped = NULL; capt->cleanup = NULL; + capt->fd = -1; capt->dropped = 0UL; INIT_LIST_HEAD(&capt->promisc); - /* initialize socket first with some default protocol; - * the right protocol is then set with bind(); - * this overcomes the problem with getting packets - * from other interfaces, because the socket was not - * properly initialized yet */ - int fd = socket(PF_PACKET, SOCK_RAW, 0); - if (fd == -1) - return fd; - capt->fd = fd; + /* try all available receive functions */ + if (capt_setup_receive_function(capt) == -1) + goto out; /* set socket receive timeout */ if (capt_set_recv_timeout(capt->fd, 250) == -1) goto out; - /* try all available receive functions */ - if (capt_setup_receive_function(capt) == -1) - goto out; - if (options.promisc) promisc_enable(capt->fd, &capt->promisc, ifname); @@ -102,8 +113,7 @@ if (capt->cleanup) capt->cleanup(capt); - close(capt->fd); - capt->fd = -1; + capt_put_socket(capt); } static unsigned long capt_get_dropped_generic(struct capt *capt) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/iptraf-ng-1.2.0/src/capt.h new/iptraf-ng-1.2.1/src/capt.h --- old/iptraf-ng-1.2.0/src/capt.h 2020-06-10 14:08:05.000000000 +0200 +++ new/iptraf-ng-1.2.1/src/capt.h 2020-07-21 14:10:43.000000000 +0200 @@ -27,6 +27,8 @@ void (*cleanup)(struct capt *capt); }; +int capt_get_socket(struct capt *capt); +void capt_put_socket(struct capt *capt); int capt_init(struct capt *capt, char *ifname); void capt_destroy(struct capt *capt); unsigned long capt_get_dropped(struct capt *capt);
