Add sampling tags 302, 304, 305. Add option for filter labels

ChangeLog

@@ -1,9 +1,14 @@
+2017-12-28
+- Add sampling elements ID 302,304,305. put them identcal to ID 48,49,50
+- Add option to label filter terms. syntax: ( <filter> ) %labelname.
+
 2017-12-27
 - Add ipfix delta timestamp elements 158/159. 
 - Update sflow code to commit 7322984 of https://github.com/sflow/sflowtool
 - Cleanup sflow code - uncomment unnecessary code
 - Fix header includes"
 - Fix 64bit fts compat issue in fts_compat.c
+- Add more detailed autogen.sh - softlink bootstrap
 
 2017-12-22
 - Fix potential memory leaks in nfpcapd

bin/grammar.y

@@ -1,4 +1,5 @@
 /*
+ *  Copyright (c) 2017
  *  Copyright (c) 2016
  *  Copyright (c) 2004-2008, SWITCH - Teleinformatikdienste fuer Lehre und Forschung
  *  All rights reserved.
@@ -2096,6 +2097,10 @@ expr:	term		{ $$ = $1.self;        }
 	| expr AND expr	{ $$ = Connect_AND($1, $3); }
 	| NOT expr	%prec NEGATE	{ $$ = Invert($2);			}
 	| '(' expr ')'	{ $$ = $2; }
+	| '(' expr ')' '%' STRING	{ 
+		$$ = $2; 
+		AddLabel($2, $5);
+	}
 	;
 
 %%

bin/netflow_v9.c

@@ -1391,7 +1391,30 @@ uint16_t	offset_std_sampler_interval, offset_std_sampler_algorithm, found_std_sa
 
 		uint16_t length = Get_val16(p); p = p + 2;
 		offset += length;
-		dbg_printf("Scope field Type: %u, length %u\n", type, length);
+#ifdef DEVEL
+		printf("Scope field: Type ");
+		switch (type) {
+			case 1:
+				printf("(1) - System");
+				break;
+			case 2:
+				printf("(2) - Interface");
+				break;
+			case 3:
+				printf("(3) - Line Card");
+				break;
+			case 4:
+				printf("(4) - NetFlow Cache");
+				break;
+			case 5:
+				printf("(5) - Template");
+				break;
+			default:
+				printf("(%u) - Unknown", type);
+				break;
+		}
+		printf(", length %u\n", length);
+#endif
 	}
 
 	for ( ; i<(nr_scopes+nr_options); i++ ) {
@@ -1429,16 +1452,19 @@ uint16_t	offset_std_sampler_interval, offset_std_sampler_algorithm, found_std_sa
 				break;
 
 			// individual samplers
-			case NF9_FLOW_SAMPLER_ID:
+			case NF9_FLOW_SAMPLER_ID:	// depricated
+			case NF_SELECTOR_ID:
 				offset_sampler_id = offset;
 				sampler_id_length = length;
 				found_sampler++;
 				break;
-			case FLOW_SAMPLER_MODE:
+			case FLOW_SAMPLER_MODE:		// 	// depricated
+			case NF_SELECTOR_ALGORITHM:
 				offset_sampler_mode = offset;
 				found_sampler++;
 				break;
-			case NF9_FLOW_SAMPLER_RANDOM_INTERVAL:
+			case NF9_FLOW_SAMPLER_RANDOM_INTERVAL: // depricated 
+			case NF_SAMPLING_INTERVAL:
 				offset_sampler_interval = offset;
 				offset_std_sampler_interval = offset;
 				found_sampler++;

bin/netflow_v9.h

@@ -220,6 +220,10 @@ typedef struct common_header_s {
 #define FLOW_SAMPLER_MODE 		49 
 #define NF9_FLOW_SAMPLER_RANDOM_INTERVAL 50
 
+#define NF_SELECTOR_ID			302
+#define NF_SELECTOR_ALGORITHM	304
+#define NF_SAMPLING_INTERVAL	305
+
 // #define NF9_MIN_TTL			52
 // #define NF9_MAX_TTL			53
 // #define NF9_IPV4_IDENT		54

bin/nftest.c

@@ -440,6 +440,7 @@ void *p;
 	flow_record.V4.srcaddr = 0xac200710;
 	flow_record.V4.dstaddr = 0x0a0a0a0b;
 	ret = check_filter_block("src ip 172.32.7.16", &flow_record, 1);
+	ret = check_filter_block("( src ip 172.32.7.16 ) %MyLabel", &flow_record, 1);
 	ret = check_filter_block("src ip 172.32.7.15", &flow_record, 0);
 	ret = check_filter_block("dst ip 10.10.10.11", &flow_record, 1);
 	ret = check_filter_block("dst ip 10.10.10.10", &flow_record, 0);

bin/nftree.c

@@ -244,6 +244,7 @@ uint32_t	NewBlock(uint32_t offset, uint64_t mask, uint64_t value, uint16_t comp,
 	FilterTree[n].comp 		= comp;
 	FilterTree[n].function 	= flow_procs_map[function].function;
 	FilterTree[n].fname 	= flow_procs_map[function].name;
+	FilterTree[n].label 	= NULL;
 	FilterTree[n].data 		= data;
 	if ( comp > 0 || function > 0 )
 		Extended = 1;
@@ -383,15 +384,17 @@ void DumpList(FilterEngine_data_t *args) {
 
 	for (i=1; i<NumBlocks; i++ ) {
 		if ( args->filter[i].invert )
-			printf("Index: %u, Offset: %u, Mask: %.16llx, Value: %.16llx, Superblock: %u, Numblocks: %u, !OnTrue: %u, !OnFalse: %u Comp: %u Function: %s\n",
+			printf("Index: %u, Offset: %u, Mask: %.16llx, Value: %.16llx, Superblock: %u, Numblocks: %u, !OnTrue: %u, !OnFalse: %u Comp: %u Function: %s, Label: %s\n",
 				i, args->filter[i].offset, (unsigned long long)args->filter[i].mask, 
 				(unsigned long long)args->filter[i].value, args->filter[i].superblock, 
-				args->filter[i].numblocks, args->filter[i].OnTrue, args->filter[i].OnFalse, args->filter[i].comp, args->filter[i].fname);
+				args->filter[i].numblocks, args->filter[i].OnTrue, args->filter[i].OnFalse, 
+				args->filter[i].comp, args->filter[i].fname, args->filter[i].label ? args->filter[i].label : "<none>");
 		else 
-			printf("Index: %u, Offset: %u, Mask: %.16llx, Value: %.16llx, Superblock: %u, Numblocks: %u, OnTrue: %u, OnFalse: %u Comp: %u Function: %s\n",
+			printf("Index: %u, Offset: %u, Mask: %.16llx, Value: %.16llx, Superblock: %u, Numblocks: %u, OnTrue: %u, OnFalse: %u Comp: %u Function: %s, Label: %s\n",
 				i, args->filter[i].offset, (unsigned long long)args->filter[i].mask, 
 				(unsigned long long)args->filter[i].value, args->filter[i].superblock, 
-				args->filter[i].numblocks, args->filter[i].OnTrue, args->filter[i].OnFalse, args->filter[i].comp, args->filter[i].fname);
+				args->filter[i].numblocks, args->filter[i].OnTrue, args->filter[i].OnFalse, 
+				args->filter[i].comp, args->filter[i].fname, args->filter[i].label ? args->filter[i].label : "<none>");
 		if ( args->filter[i].OnTrue > (memblocks * MAXBLOCKS) || args->filter[i].OnFalse > (memblocks * MAXBLOCKS) ) {
 			fprintf(stderr, "Tree pointer out of range for index %u. *** ABORT ***\n", i);
 			exit(255);
@@ -500,6 +503,10 @@ int	evaluate, invert;
 
 } /* End of RunExtendedFilter */
 
+void AddLabel(uint32_t index, char *label) {
+	FilterTree[index].label = strdup(label);
+} // End of AddLabel
+
 uint32_t AddIdent(char *Ident) {
 uint32_t	num;
 

bin/nftree.h

@@ -65,6 +65,7 @@ typedef struct FilterBlock {
 	uint16_t	comp;				/* comperator */
 	flow_proc_t	function;			/* function for flow processing */
 	char		*fname;				/* ascii function name */
+	char		*label;				/* label, if any */
 	void		*data;				/* any additional data for this block */
 } FilterBlock_t;
 
@@ -164,6 +165,11 @@ uint32_t	Connect_OR(uint32_t b1, uint32_t b2);
  */
 uint32_t	Invert(uint32_t a );
 
+/* 
+ * Add label to filter index
+ */
+void AddLabel(uint32_t index, char *label);
+
 /* 
  * Add Ident to Identlist
  */