search

pyrovski / wrtbwmon

Linux bandwidth monitor with per-device tracking
Other
178 stars 47 forks source link

Repeated rules in iptables #15

Closed Jcarnage closed 8 years ago

Jcarnage commented 8 years ago

Hi been using this utility for a while (actually also forked it as I'm creating a version that sends all the data to a Pi or other Linux device for storing in a sqlite database), and have noticed a small issue. The RRDIPT_FORWARD rules have many repeated entries. As I understand it the newRule(arp_ip) function will add rules to this section when it detects an IP address that it thinks isn't in there already. I think the issue is with this section of code:

for hosts without rules

for(host in hosts){  
if(!inInterfaces(host))
newRule(host)

}

If I understand this code correctly, if the IP exists in the usage.db but NOT in the arps table, then the specific host won't be removed from the hosts array; then when we get to this section of code, it treats it like a host that hasn't been entered in the RRDIPT_FORWARD ruleset and adds it again.

I've got a few ideas on how to fix this, but don't want to break anything (not knowing the full intent of this code section.)

pyrovski commented 8 years ago

Thanks for finding that issue; I'll take a look today. On Mar 6, 2016 5:40 AM, "Jcarnage" notifications@github.com wrote:

Hi been using this utility for a while (actually also forked it as I'm creating a version that sends all the data to a Pi or other Linux device for storing in a sqlite database), and have noticed a small issue. The RRDIPT_FORWARD rules have many repeated entries. As I understand it the newRule(arp_ip) function will add rules to this section when it detects an IP address that it thinks isn't in there already. I think the issue is with this section of code:

for hosts without rules

for(host in hosts){

if(!inInterfaces(host)) newRule(host) }

If I understand this code correctly, if the IP exists in the usage.db but NOT in the arps table, then the specific host won't be removed from the hosts array; then when we get to this section of code, it treats it like a host that hasn't been entered in the RRDIPT_FORWARD ruleset and adds it again.

I've got a few ideas on how to fix this, but don't to break anything not knowing the full intent of this code section.

— Reply to this email directly or view it on GitHub https://github.com/pyrovski/wrtbwmon/issues/15.

pyrovski commented 8 years ago

Please check if c89d85ccee3707e5557e6db64bc0cd4b0f0edd5d fixes this issue for you.

Jcarnage commented 8 years ago

Peter

I'm traveling this week - I'll get you feedback by Friday.

Sent from my iPhone

On Mar 7, 2016, at 3:22 AM, Peter Bailey notifications@github.com wrote:

Please check if c89d85c fixes this issue for you.

— Reply to this email directly or view it on GitHub.

Jcarnage commented 8 years ago

I've updated my system with the fix; after 48 hours of running I see now duplicate entries in the iptables list. I consider this issue closed.