On Mon, Mar 13, 2017 at 03:14:25PM +0100, Mike Belopuhov wrote:
> On 13 March 2017 at 15:09, Patrick Wildt <[email protected]> wrote:
> > On Mon, Mar 13, 2017 at 02:33:02PM +0100, Mike Belopuhov wrote:
> >> On Tue, Mar 07, 2017 at 10:36 +0100, Patrick Wildt wrote:
> >> > On Tue, Mar 07, 2017 at 10:17:16AM +0100, Patrick Wildt wrote:
> >> > > Hi,
> >> > >
> >> > > currently the pf status struct contains the time since pf was enabled
> >> > > as
> >> > > seen on the wall clock. This means when time drifts, or is set to some
> >> > > earlier value, the time will be off. If we use time since uptime it
> >> > > always increments and shows how long pf has been running compared to
> >> > > its uptime.
> >> > >
> >> > > Does this make sense? Opinions?
> >> > >
> >> > > Patrick
> >> >
> >> > Alternatively it might be nicer to still use the uptime, but only return
> >> > the delta since it was enabled.
> >> >
> >>
> >> I see nothing wrong with this diff. OK mikeb
> >
> > On the one where we return the delta instead of an absolute time?
> >
>
> It's only a status. You might have to go through ports that expect a
> timestamp and fix those, but that's a different question :-)
>
Thanks to sthen@ I now know that 7 ports are using pf_status. Only one
of them uses the "since" attribute, and it does so for internally
comparing timestamps to not calculate a diff between the current and
a previous value if the pf has since been toggled.
I wonder if this diff would work, but I don't feel it's reliable enough
to provide the same feature.
Patrick
diff --git a/net/pfstat/Makefile b/net/pfstat/Makefile
index 1f1cd6296b2..33aab9c8422 100644
--- a/net/pfstat/Makefile
+++ b/net/pfstat/Makefile
@@ -9,8 +9,8 @@ PKGNAME-main= ${DISTNAME}
PKGNAME-daemon= ${DISTNAME:S/-/d-/}
CATEGORIES= net
MASTER_SITES= http://www.benzedrine.ch/
-REVISION-daemon=1
-REVISION-main= 1
+REVISION-daemon=2
+REVISION-main= 2
HOMEPAGE= http://www.benzedrine.ch/pfstat.html
diff --git a/net/pfstat/patches/patch-pf_c b/net/pfstat/patches/patch-pf_c
index 8b9564e1ac8..0654883d56d 100644
--- a/net/pfstat/patches/patch-pf_c
+++ b/net/pfstat/patches/patch-pf_c
@@ -1,6 +1,6 @@
$OpenBSD: patch-pf_c,v 1.2 2014/04/22 10:56:37 jca Exp $
---- pf.c.orig Tue Apr 22 05:08:25 2014
-+++ pf.c Tue Apr 22 05:10:01 2014
+--- pf.c.orig Thu Jan 11 17:01:58 2007
++++ pf.c Thu Mar 16 14:16:00 2017
@@ -38,10 +38,12 @@ static const char rcsid[] = "$Id: pf.c,v 1.1.1.1 2007/
#include <netinet/in.h>
#include <net/if.h>
@@ -14,7 +14,11 @@ $OpenBSD: patch-pf_c,v 1.2 2014/04/22 10:56:37 jca Exp $
#include <arpa/inet.h>
#include <err.h>
#include <errno.h>
-@@ -53,6 +55,7 @@ static const char rcsid[] = "$Id: pf.c,v 1.1.1.1 2007/
+@@ -50,9 +52,11 @@ static const char rcsid[] = "$Id: pf.c,v 1.1.1.1 2007/
+ #include <stdlib.h>
+ #include <string.h>
+ #include <unistd.h>
++#include <time.h>
#include "pf.h"
@@ -22,7 +26,7 @@ $OpenBSD: patch-pf_c,v 1.2 2014/04/22 10:56:37 jca Exp $
union altq_stats {
class_stats_t cbq;
struct priq_classstats priq;
-@@ -138,6 +141,7 @@ query_queues(int fd, void (*cb)(int, const char *, int
+@@ -138,6 +142,7 @@ query_queues(int fd, void (*cb)(int, const char *, int
}
return (0);
}
@@ -30,7 +34,28 @@ $OpenBSD: patch-pf_c,v 1.2 2014/04/22 10:56:37 jca Exp $
static int
query_ifaces(int fd, void (*cb)(int, const char *, int, double))
-@@ -195,9 +199,11 @@ pf_query(int fd, void (*cb)(int, const char *, int, do
+@@ -168,6 +173,7 @@ static int
+ query_counters(int fd, void (*cb)(int, const char *, int, double))
+ {
+ struct pf_status s;
++ struct timespec uptime;
+ int i;
+
+ memset(&s, 0, sizeof(s));
+@@ -175,7 +181,11 @@ query_counters(int fd, void (*cb)(int, const char *, i
+ fprintf(stderr, "ioctl: DIOCGETSTATUS: %s\n", strerror(errno));
+ return (1);
+ }
+- (*cb)(COL_TYPE_SINCE, "", 0, s.since);
++ if (clock_gettime(CLOCK_UPTIME, &uptime)) {
++ fprintf(stderr, "query_counters: clock_gettime() failed\n");
++ return (1);
++ }
++ (*cb)(COL_TYPE_SINCE, "", 0, uptime.tv_sec - s.since);
+ (*cb)(COL_TYPE_GLOBAL, "", 0, s.states);
+ for (i = 0; i < FCNT_MAX; ++i)
+ (*cb)(COL_TYPE_GLOBAL, "", 1 + i, s.fcounters[i]);
+@@ -195,9 +205,11 @@ pf_query(int fd, void (*cb)(int, const char *, int, do
fprintf(stderr, "pf_query: query_ifaces() failed\n");
return (1);
}
