netd: Idletimer vs Nat vs Bandwidth controllers
* modified iptables users to work in controller specific custom chains.
- each controller only works withing his own custom chains and not the
top level ones (INPUT, OUTPUT, FORWARD, POSTROUTING,...)
- CommandListener now invokes setupIptablesHooks() for each controller
once. That is the only time they are allowed to access the top-level
chains.
* Added idletimer controller.
From https://android-git.corp.google.com/g/#/c/180769/2
- supported commands
. ndc idletimer enable
. ndc idletimer add <iface> <timeout>
. ndc idletimer remove <iface> <timeout_used_during_add>
There is a framework change elsewhere that receives netlink messages.
Signed-off-by: Ashish Sharma <ashishsharma@google.com>
Signed-off-by: JP Abgrall <jpa@google.com>
Change-Id: Ia57450c09166ce20f21d1e3b49047ef1e98f2a3d
diff --git a/BandwidthController.h b/BandwidthController.h
index 2b4cecb..a8dc992 100644
--- a/BandwidthController.h
+++ b/BandwidthController.h
@@ -46,7 +46,10 @@
};
BandwidthController();
- int enableBandwidthControl(void);
+
+ int setupIptablesHooks(void);
+
+ int enableBandwidthControl(bool force);
int disableBandwidthControl(void);
int setInterfaceSharedQuota(const char *iface, int64_t bytes);
@@ -125,7 +128,7 @@
* extraProcessingInfo: contains raw parsed data, and error info.
*/
static int parseForwardChainStats(TetherStats &stats, FILE *fp,
- std::string &extraProcessingInfo);
+ std::string &extraProcessingInfo);
/*------------------*/
@@ -147,6 +150,7 @@
std::list<int /*appUid*/> naughtyAppUids;
private:
+ static const char *IPT_FLUSH_COMMANDS[];
static const char *IPT_CLEANUP_COMMANDS[];
static const char *IPT_SETUP_COMMANDS[];
static const char *IPT_BASIC_ACCOUNTING_COMMANDS[];
@@ -154,8 +158,6 @@
/* Alphabetical */
static const int ALERT_RULE_POS_IN_COSTLY_CHAIN;
static const char ALERT_GLOBAL_NAME[];
- static const char IP6TABLES_PATH[];
- static const char IPTABLES_PATH[];
static const int MAX_CMD_ARGS;
static const int MAX_CMD_LEN;
static const int MAX_IFACENAME_LEN;