Change default log file path and clean up some code.

Makefile

@@ -13,7 +13,6 @@ LOADER_DIR = $(SRC_DIR)/loader
 XDP_DIR = $(SRC_DIR)/xdp
 
 ETC_DIR = /etc/xdpfw
-LOG_DIR = /var/log/xdpfw
 
 # Additional build directories.
 BUILD_LOADER_DIR = $(BUILD_DIR)/loader
@@ -135,7 +134,6 @@ libxdp_clean:
 
 install:
 	mkdir -p $(ETC_DIR)
-	mkdir -p $(LOG_DIR)
 	
 	cp -n xdpfw.conf.example $(ETC_DIR)/xdpfw.conf
 

README.md

@@ -136,7 +136,7 @@ The following table quickly explains the data types used within the configuratio
 | Name | Type | Default | Description |
 | ---- | ---- | ------- | ----------- |
 | verbose | int | `2` | The verbose level for logging (0 - 5 supported so far). |
-| log_file | string | `/var/log/xdpfw/xdpfw.log` | The log file location. If the string is empty (`""`), the log file is disabled. |
+| log_file | string | `/var/log/xdpfw.log` | The log file location. If the string is empty (`""`), the log file is disabled. |
 | interface | string | `NULL` | The network interface name to attach the XDP program to (usually retrieved with `ip a` or `ifconfig`). |
 | update_time | uint | `0` | How often to update the config and filtering rules from the file system in seconds (0 disables). |
 | no_stats | bool | `false` | Whether to enable or disable packet counters. Disabling packet counters will improve performance, but result in less visibility on what the XDP Firewall is doing. |

src/common/types.h

@@ -98,7 +98,7 @@ struct filter
     unsigned int do_bps : 1;
     u64 bps;
 
-    u64 blocktime;
+    u64 block_time;
 
     tcp_opts_t tcpopts;
     udp_opts_t udpopts;

src/loader/utils/config.c

@@ -46,7 +46,7 @@ int LoadConfig(config__t *cfg, char *cfg_file, config_overrides_t* overrides)
 void SetCfgDefaults(config__t *cfg)
 {
     cfg->verbose = 2;
-    cfg->log_file = strdup("/var/log/xdpfw/xdpfw.log");
+    cfg->log_file = strdup("/var/log/xdpfw.log");
     cfg->update_time = 0;
     cfg->interface = NULL;
     cfg->no_stats = 0;
@@ -90,7 +90,7 @@ void SetCfgDefaults(config__t *cfg)
         filter->do_bps = 0;
         filter->bps = 0;
 
-        filter->blocktime = 1;
+        filter->block_time = 1;
         
         filter->tcpopts.enabled = 0;
         filter->tcpopts.do_dport = 0;
@@ -465,15 +465,15 @@ int ReadCfg(config__t *cfg, config_overrides_t* overrides)
         }
 
         // Block time (default 1).
-        long long blocktime;
+        long long block_time;
 
-        if (config_setting_lookup_int64(filter_cfg, "block_time", &blocktime) == CONFIG_TRUE)
+        if (config_setting_lookup_int64(filter_cfg, "block_time", &block_time) == CONFIG_TRUE)
         {
-            filter->blocktime = blocktime;
+            filter->block_time = block_time;
         }
         else
         {
-            filter->blocktime = 1;
+            filter->block_time = 1;
         }
 
         /* TCP options */
@@ -729,7 +729,7 @@ void PrintConfig(config__t* cfg)
         printf("\t\t\t\tTOS => %d\n", filter->tos);
         printf("\t\t\t\tPPS => %llu\n", filter->pps);
         printf("\t\t\t\tBPS => %llu\n", filter->bps);
-        printf("\t\t\t\tBlock Time => %llu\n\n", filter->blocktime);
+        printf("\t\t\t\tBlock Time => %llu\n\n", filter->block_time);
 
         // TCP Options.
         printf("\t\t\tTCP Options\n");

src/loader/utils/logging.c

@@ -164,7 +164,7 @@ int HandleRbEvent(void* ctx, void* data, size_t sz)
 
     const char* protocol_str = GetProtocolStrById(e->protocol);
 
-    LogMsg(cfg, 0, 0, "[FILTER %d] %s %s packet '%s:%d' => '%s:%d' (PPS => %llu, BPS => %llu, Filter Block Time => %llu)...", e->filter_id + 1, action, protocol_str, src_ip_str, htons(e->src_port), dst_ip_str, htons(e->dst_port), e->pps, e->bps, filter->blocktime);
+    LogMsg(cfg, 0, 0, "[FILTER %d] %s %s packet '%s:%d' => '%s:%d' (PPS => %llu, BPS => %llu, Filter Block Time => %llu)...", e->filter_id + 1, action, protocol_str, src_ip_str, htons(e->src_port), dst_ip_str, htons(e->dst_port), e->pps, e->bps, filter->block_time);
 
     return 0;
 }

src/xdp/prog.c

@@ -45,7 +45,7 @@ int xdp_prog_main(struct xdp_md *ctx)
     }
 
     u8 action = 0;
-    u64 blocktime = 1;
+    u64 block_time = 1;
 
     // Initialize IP headers.
     struct iphdr *iph = NULL;
@@ -539,7 +539,7 @@ int xdp_prog_main(struct xdp_md *ctx)
         
         // Matched.
         action = filter->action;
-        blocktime = filter->blocktime;
+        block_time = filter->block_time;
 
         goto matched;
     }
@@ -555,17 +555,17 @@ int xdp_prog_main(struct xdp_md *ctx)
     if (action == 0)
     {
         // Before dropping, update the blacklist map.
-        if (blocktime > 0)
+        if (block_time > 0)
         {
-            u64 newTime = now + (blocktime * NANO_TO_SEC);
+            u64 new_time = now + (block_time * NANO_TO_SEC);
             
             if (iph6)
             {
-                bpf_map_update_elem(&ip6_blacklist_map, &src_ip6, &newTime, BPF_ANY);
+                bpf_map_update_elem(&ip6_blacklist_map, &src_ip6, &new_time, BPF_ANY);
             }
             else if (iph)
             {
-                bpf_map_update_elem(&ip_blacklist_map, &iph->saddr, &newTime, BPF_ANY);
+                bpf_map_update_elem(&ip_blacklist_map, &iph->saddr, &new_time, BPF_ANY);
             }
         }
 

xdpfw.conf.example

@@ -1,5 +1,5 @@
 verbose = 2;
-log_file = "/var/log/xdpfw/xdpfw.log";
+log_file = "/var/log/xdpfw.log";
 interface = "ens18";
 update_time = 15;
 no_stats = false;