commit fa6f46d3370ae5475fc3bc8273bbe04ee7348d60
author JP Abgrall <jpa@google.com> Fri Jun 17 23:17:28 2011 -0700
committer JP Abgrall <jpa@google.com> Thu Jun 23 17:57:30 2011 -0700
tree 9850df9e5cc796be32ec5c25022e7f450c0fdf2d
parent 2ad297402daa97238e3fb099fe547e2c0b2cdc4b

netd:bandwidth: initial pass at app-rules, and some ipv6.

Adds initial per-app penalty box rules, and prepares for
handling per iface quota.

The following commands work:

* penalty box

ndc bandwidth addnaughtyapps <uid> ...
ndc bandwidth removenaughtyapps <uid> ...

* Shared quota

 - add (updates the bytes, if they differ from last time)

ndc bandwidth setquota <iface> <bytes>
ndc bandwidth setquota <iface1> <bytes>
ndc bandwidth setquota <iface2> <bytes>

  - remove
ndc bandwidth removequota <iface>
[ oldschool: ndc bandwidth setquota <iface> -1 ]

Change-Id: Ibefc16e81c7713feb47577a9687dcd032dedf06e

BandwidthController.h

diff --git a/BandwidthController.h b/BandwidthController.h
index db57208..405e2ef 100644
--- a/BandwidthController.h
+++ b/BandwidthController.h
@@ -18,30 +18,42 @@
 
 #include <list>
 #include <string>
-
+#include <utility>  // for pair
 class BandwidthController {
 public:
-	BandwidthController();
-	int enableBandwidthControl(void);
-	int disableBandwidthControl(void);
-	int setInterfaceQuota(const char *iface, int64_t bytes);
+    BandwidthController();
+    int enableBandwidthControl(void);
+    int disableBandwidthControl(void);
+
+    int setInterfaceSharedQuota(int64_t bytes, const char *iface);
+    int removeInterfaceSharedQuota(const char *iface);
+
+    int addNaughtyApps(int numUids, char *appUids[]);
+    int removeNaughtyApps(int numUids, char *appUids[]);
 
 protected:
-	int runCommands(const char *commands[], int numCommands,
-			bool allowFailure = false);
-	int removeQuota(const char *iface);
-	std::list<std::string /*ifaceName*/> ifaceRules;
+    int runCommands(int numCommands, const char *commands[],
+            bool allowFailure = false, bool isIpv6 = false);
+    typedef std::pair<std::string /*ifaceName*/, int64_t /*quota*/> QuotaInfo;
+    enum IptOp {IptOpInsert, IptOpReplace, IptOpDelete};
+    int64_t sharedQuotaBytes;
+    std::list<QuotaInfo> ifaceRules;
+    std::list<int /*appUid*/> naughtyAppUids;
+    std::string makeIptablesNaughtyCmd(IptOp op, int uid, bool isIp6);
+    std::string makeIptablesQuotaCmd(IptOp op, char *costName, int64_t quota, bool isIp6);
+    int maninpulateNaughtyApps(int numUids, char *appStrUids[], bool doAdd);
 
 private:
-	static const char *cleanupCommands[];
-	static const char *setupCommands[];
-	static const char *basicAccountingCommands[];
-	static const int MAX_CMD_LEN;
-	static const int MAX_IFACENAME_LEN;
-	static const int MAX_CMD_ARGS;
-	static const char IPTABLES_PATH[];
+    static const char *cleanupCommands[];
+    static const char *setupCommands[];
+    static const char *basicAccountingCommands[];
+    static const int MAX_CMD_LEN;
+    static const int MAX_IFACENAME_LEN;
+    static const int MAX_CMD_ARGS;
+    static const char IPTABLES_PATH[];
+    static const char IP6TABLES_PATH[];
 
-	static int runIptablesCmd(const char *cmd);
+    static int runIptablesCmd(const char *cmd, bool isIp6 = false);
 };
 
 #endif