diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2011-05-02 16:38:11 +0200 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2011-05-09 00:18:22 +0200 |
commit | 39d3aa36ea38668a2c343b5af42b2d8d3616a9de (patch) | |
tree | 4b43df0411d93a1332c2beeed55d60a6e40cd5b5 /extensions | |
parent | d118d21ea3108f94ca1f84f11dd39f3f12e9ee2b (diff) |
libxt_statistic: increase precision on create and dump
Currently, libxt_statistic only dumps the probability with a
granularity of 1/1000000. Assuming only stuffed packets with 1440
bytes payload, this would match approximately every 1.341 GB, which is
pretty low for a high-volume router. Trying to match any larger
interval than that (e.g. 2 GB) will cause libxt_statistic to output
"--probability 0.000000", and when restored, will cause it to never
match again.
Bump the dump precision to what xt_statistic can really do, and adjust
the manpage to include a word about it.
Furthermore, employ explicit rounding when reading the argument from
the command line, because the previous implicit conversion would use
truncation, which is not very exact.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/libxt_statistic.c | 7 | ||||
-rw-r--r-- | extensions/libxt_statistic.man | 7 |
2 files changed, 7 insertions, 7 deletions
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c index bce83fa9..f13cdba9 100644 --- a/extensions/libxt_statistic.c +++ b/extensions/libxt_statistic.c @@ -1,3 +1,4 @@ +#include <math.h> #include <stdbool.h> #include <stdio.h> #include <netdb.h> @@ -62,11 +63,11 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & 0x2) xtables_error(PARAMETER_PROBLEM, "double --probability"); - prob = atof(optarg); + prob = strtod(optarg, NULL); if (prob < 0 || prob > 1) xtables_error(PARAMETER_PROBLEM, "--probability must be between 0 and 1"); - info->u.random.probability = 0x80000000 * prob; + info->u.random.probability = lround(0x80000000 * prob); *flags |= 0x2; break; case '3': @@ -127,7 +128,7 @@ static void print_match(const struct xt_statistic_info *info, char *prefix) { switch (info->mode) { case XT_STATISTIC_MODE_RANDOM: - printf(" %smode random%s %sprobability %f", prefix, + printf(" %smode random%s %sprobability %.11f", prefix, (info->flags & XT_STATISTIC_INVERT) ? " !" : "", prefix, 1.0 * info->u.random.probability / 0x80000000); diff --git a/extensions/libxt_statistic.man b/extensions/libxt_statistic.man index 4947dafe..47182bfb 100644 --- a/extensions/libxt_statistic.man +++ b/extensions/libxt_statistic.man @@ -12,10 +12,9 @@ and .B nth. .TP [\fB!\fP] \fB\-\-probability\fP \fIp\fP -Set the probability from 0 to 1 for a packet to be randomly -matched. It works only with the -.B random -mode. +Set the probability for a packet to be randomly matched. It only works with the +\fBrandom\fP mode. \fIp\fP must be within 0.0 and 1.0. The supported +granularity is in 1/2147483648th increments. .TP [\fB!\fP] \fB\-\-every\fP \fIn\fP Match one packet every nth packet. It works only with the |