From f66d6e9db6be3e94b80c59fab99e237d2e2968c5 Mon Sep 17 00:00:00 2001
From: JP Abgrall <jpa@google.com>
Date: Fri, 27 Apr 2012 00:22:57 -0700
Subject: [PATCH] BandwidthController: hookup qtaguid for tracking closest to
 devices.

Before, qtaguid would rely on netdev (up/down) callbacks to read out the
dev rx/tx stats.
Now it uses (raw) PREROUTING and (mangle) POSTROUTING iptable hooks.
We use mangle on the out path because nat is not available in ipv6.
The NatController only masquerades in nat POSTROUTING so we don't count
traffic that might get dropped.


Bug: 5444089
Change-Id: I997b8b3c81264a545f1f575baaf0445c0afc8f72
---
 BandwidthController.cpp | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/BandwidthController.cpp b/BandwidthController.cpp
index 7f1aaf5..980ecea 100644
--- a/BandwidthController.cpp
+++ b/BandwidthController.cpp
@@ -107,6 +107,9 @@ const char *BandwidthController::IPT_FLUSH_COMMANDS[] = {
     "-F bw_FORWARD",
     "-F penalty_box",
     "-F costly_shared",
+
+    "-t raw -F bw_raw_PREROUTING",
+    "-t mangle -F bw_mangle_POSTROUTING",
 };
 
 /* The cleanup commands assume flushing has been done. */
@@ -115,11 +118,18 @@ const char *BandwidthController::IPT_CLEANUP_COMMANDS[] = {
     "-D INPUT -j bw_INPUT",
     "-D OUTPUT -j bw_OUTPUT",
     "-D FORWARD -j bw_FORWARD",
+
+    "-t raw -D bw_raw_PREROUTING",
+    "-t mangle -D bw_mangle_POSTROUTING",
+
     "-X bw_INPUT",
     "-X bw_OUTPUT",
     "-X bw_FORWARD",
     "-X penalty_box",
     "-X costly_shared",
+
+    "-t raw -X bw_raw_PREROUTING",
+    "-t mangle -X bw_mangle_POSTROUTING",
 };
 
 const char *BandwidthController::IPT_SETUP_COMMANDS[] = {
@@ -135,6 +145,11 @@ const char *BandwidthController::IPT_SETUP_COMMANDS[] = {
 
     "-N costly_shared",
     "-N penalty_box",
+
+    "-t raw -N bw_raw_PREROUTING",
+    "-t raw -A PREROUTING -j bw_raw_PREROUTING",
+    "-t mangle -N bw_mangle_POSTROUTING",
+    "-t mangle -A POSTROUTING -j bw_mangle_POSTROUTING",
 };
 
 const char *BandwidthController::IPT_BASIC_ACCOUNTING_COMMANDS[] = {
@@ -146,6 +161,9 @@ const char *BandwidthController::IPT_BASIC_ACCOUNTING_COMMANDS[] = {
 
     "-A costly_shared --jump penalty_box",
     "-A costly_shared -m owner --socket-exists", /* This is a tracking rule. */
+
+    "-t raw -A bw_raw_PREROUTING ! -i lo+ -m owner --socket-exists", /* This is a tracking rule. */
+    "-t mangle -A bw_mangle_POSTROUTING ! -o lo+ -m owner --socket-exists", /* This is a tracking rule. */
 };
 
 BandwidthController::BandwidthController(void) {
-- 
2.11.0