2 * stats.c Internal statistics handling.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2008 The FreeRADIUS server project
21 * Copyright 2008 Alan DeKok <aland@deployingradius.com>
24 #include <freeradius-devel/ident.h>
27 #include <freeradius-devel/radiusd.h>
28 #include <freeradius-devel/rad_assert.h>
32 #define USEC (1000000)
33 #define EMA_SCALE (100)
34 #define PREC (USEC * EMA_SCALE)
36 #define F_EMA_SCALE (1000000)
38 static struct timeval start_time;
39 static struct timeval hup_time;
41 fr_stats_t radius_auth_stats = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
42 #ifdef WITH_ACCOUNTING
43 fr_stats_t radius_acct_stats = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
47 fr_stats_t proxy_auth_stats = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
48 #ifdef WITH_ACCOUNTING
49 fr_stats_t proxy_acct_stats = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
53 void request_stats_final(REQUEST *request)
55 if (request->master_state == REQUEST_COUNTED) return;
57 if ((request->listener->type != RAD_LISTEN_NONE) &&
58 (request->listener->type != RAD_LISTEN_AUTH) &&
59 (request->listener->type != RAD_LISTEN_ACCT)) return;
62 #define INC_AUTH(_x) radius_auth_stats._x++;request->listener->stats._x++;if (request->client && request->client->auth) request->client->auth->_x++;
66 #define INC_ACCT(_x) radius_acct_stats._x++;request->listener->stats._x++;if (request->client && request->client->acct) request->client->acct->_x++
69 * Update the statistics.
71 * Note that we do NOT do this in a child thread.
72 * Instead, we update the stats when a request is
73 * deleted, because only the main server thread calls
74 * this function, which makes it thread-safe.
76 if (request->reply) switch (request->reply->code) {
77 case PW_AUTHENTICATION_ACK:
78 INC_AUTH(total_responses);
79 INC_AUTH(total_access_accepts);
82 case PW_AUTHENTICATION_REJECT:
83 INC_AUTH(total_responses);
84 INC_AUTH(total_access_rejects);
87 case PW_ACCESS_CHALLENGE:
88 INC_AUTH(total_responses);
89 INC_AUTH(total_access_challenges);
92 #ifdef WITH_ACCOUNTING
93 case PW_ACCOUNTING_RESPONSE:
94 INC_ACCT(total_responses);
99 * No response, it must have been a bad
103 if (request->packet->code == PW_AUTHENTICATION_REQUEST) {
104 if (request->reply->offset == -2) {
105 INC_AUTH(total_bad_authenticators);
107 INC_AUTH(total_packets_dropped);
109 } else if (request->packet->code == PW_ACCOUNTING_REQUEST) {
110 if (request->reply->offset == -2) {
111 INC_ACCT(total_bad_authenticators);
113 INC_ACCT(total_packets_dropped);
123 if (!request->proxy || !request->proxy_listener) goto done; /* simplifies formatting */
125 switch (request->proxy->code) {
126 case PW_AUTHENTICATION_REQUEST:
127 proxy_auth_stats.total_requests += request->num_proxied_requests;
128 request->proxy_listener->stats.total_requests += request->num_proxied_requests;
129 request->home_server->stats.total_requests += request->num_proxied_requests;
132 #ifdef WITH_ACCOUNTING
133 case PW_ACCOUNTING_REQUEST:
134 proxy_acct_stats.total_requests++;
135 request->proxy_listener->stats.total_requests += request->num_proxied_requests;
136 request->home_server->stats.total_requests += request->num_proxied_requests;
144 if (!request->proxy_reply) goto done; /* simplifies formatting */
147 #define INC(_x) proxy_auth_stats._x += request->num_proxied_responses; request->proxy_listener->stats._x += request->num_proxied_responses; request->home_server->stats._x += request->num_proxied_responses;
149 switch (request->proxy_reply->code) {
150 case PW_AUTHENTICATION_ACK:
151 INC(total_responses);
152 INC(total_access_accepts);
155 case PW_AUTHENTICATION_REJECT:
156 INC(total_responses);
157 INC(total_access_rejects);
160 case PW_ACCESS_CHALLENGE:
161 INC(total_responses);
162 INC(total_access_challenges);
165 #ifdef WITH_ACCOUNTING
166 case PW_ACCOUNTING_RESPONSE:
167 proxy_acct_stats.total_responses++;
168 request->proxy_listener->stats.total_responses++;
169 request->home_server->stats.total_responses++;
174 proxy_auth_stats.total_unknown_types++;
175 request->proxy_listener->stats.total_unknown_types++;
176 request->home_server->stats.total_unknown_types++;
181 #endif /* WITH_PROXY */
183 request->master_state = REQUEST_COUNTED;
186 typedef struct fr_stats2vp {
194 static fr_stats2vp authvp[] = {
195 { 128, offsetof(fr_stats_t, total_requests) },
196 { 129, offsetof(fr_stats_t, total_access_accepts) },
197 { 130, offsetof(fr_stats_t, total_access_rejects) },
198 { 131, offsetof(fr_stats_t, total_access_challenges) },
199 { 132, offsetof(fr_stats_t, total_responses) },
200 { 133, offsetof(fr_stats_t, total_dup_requests) },
201 { 134, offsetof(fr_stats_t, total_malformed_requests) },
202 { 135, offsetof(fr_stats_t, total_bad_authenticators) },
203 { 136, offsetof(fr_stats_t, total_packets_dropped) },
204 { 137, offsetof(fr_stats_t, total_unknown_types) },
211 * Proxied authentication requests.
213 static fr_stats2vp proxy_authvp[] = {
214 { 138, offsetof(fr_stats_t, total_requests) },
215 { 139, offsetof(fr_stats_t, total_access_accepts) },
216 { 140, offsetof(fr_stats_t, total_access_rejects) },
217 { 141, offsetof(fr_stats_t, total_access_challenges) },
218 { 142, offsetof(fr_stats_t, total_responses) },
219 { 143, offsetof(fr_stats_t, total_dup_requests) },
220 { 144, offsetof(fr_stats_t, total_malformed_requests) },
221 { 145, offsetof(fr_stats_t, total_bad_authenticators) },
222 { 146, offsetof(fr_stats_t, total_packets_dropped) },
223 { 147, offsetof(fr_stats_t, total_unknown_types) },
229 #ifdef WITH_ACCOUNTING
233 static fr_stats2vp acctvp[] = {
234 { 148, offsetof(fr_stats_t, total_requests) },
235 { 149, offsetof(fr_stats_t, total_responses) },
236 { 150, offsetof(fr_stats_t, total_dup_requests) },
237 { 151, offsetof(fr_stats_t, total_malformed_requests) },
238 { 152, offsetof(fr_stats_t, total_bad_authenticators) },
239 { 153, offsetof(fr_stats_t, total_packets_dropped) },
240 { 154, offsetof(fr_stats_t, total_unknown_types) },
245 static fr_stats2vp proxy_acctvp[] = {
246 { 155, offsetof(fr_stats_t, total_requests) },
247 { 156, offsetof(fr_stats_t, total_responses) },
248 { 157, offsetof(fr_stats_t, total_dup_requests) },
249 { 158, offsetof(fr_stats_t, total_malformed_requests) },
250 { 159, offsetof(fr_stats_t, total_bad_authenticators) },
251 { 160, offsetof(fr_stats_t, total_packets_dropped) },
252 { 161, offsetof(fr_stats_t, total_unknown_types) },
258 static fr_stats2vp client_authvp[] = {
259 { 128, offsetof(fr_stats_t, total_requests) },
260 { 129, offsetof(fr_stats_t, total_access_accepts) },
261 { 130, offsetof(fr_stats_t, total_access_rejects) },
262 { 131, offsetof(fr_stats_t, total_access_challenges) },
263 { 132, offsetof(fr_stats_t, total_responses) },
264 { 133, offsetof(fr_stats_t, total_dup_requests) },
265 { 134, offsetof(fr_stats_t, total_malformed_requests) },
266 { 135, offsetof(fr_stats_t, total_bad_authenticators) },
267 { 136, offsetof(fr_stats_t, total_packets_dropped) },
268 { 137, offsetof(fr_stats_t, total_unknown_types) },
272 #ifdef WITH_ACCOUNTING
273 static fr_stats2vp client_acctvp[] = {
274 { 148, offsetof(fr_stats_t, total_requests) },
275 { 149, offsetof(fr_stats_t, total_responses) },
276 { 150, offsetof(fr_stats_t, total_dup_requests) },
277 { 151, offsetof(fr_stats_t, total_malformed_requests) },
278 { 152, offsetof(fr_stats_t, total_bad_authenticators) },
279 { 153, offsetof(fr_stats_t, total_packets_dropped) },
280 { 154, offsetof(fr_stats_t, total_unknown_types) },
285 #define FR2ATTR(x) ((11344 << 16) | (x))
287 static void request_stats_addvp(REQUEST *request,
288 fr_stats2vp *table, fr_stats_t *stats)
293 for (i = 0; table[i].attribute != 0; i++) {
294 vp = radius_paircreate(request, &request->reply->vps,
295 FR2ATTR(table[i].attribute),
299 vp->vp_integer = *(int *)(((char *) stats) + table[i].offset);
304 void request_stats_reply(REQUEST *request)
306 VALUE_PAIR *flag, *vp;
309 * Statistics are available ONLY on a "status" port.
311 rad_assert(request->packet->code == PW_STATUS_SERVER);
312 rad_assert(request->listener->type == RAD_LISTEN_NONE);
314 flag = pairfind(request->packet->vps, FR2ATTR(127));
315 if (!flag || (flag->vp_integer == 0)) return;
320 if (((flag->vp_integer & 0x01) != 0) &&
321 ((flag->vp_integer & 0xc0) == 0)) {
322 request_stats_addvp(request, authvp, &radius_auth_stats);
325 #ifdef WITH_ACCOUNTING
329 if (((flag->vp_integer & 0x02) != 0) &&
330 ((flag->vp_integer & 0xc0) == 0)) {
331 request_stats_addvp(request, acctvp, &radius_acct_stats);
337 * Proxied authentication requests.
339 if (((flag->vp_integer & 0x04) != 0) &&
340 ((flag->vp_integer & 0x20) == 0)) {
341 request_stats_addvp(request, proxy_authvp, &proxy_auth_stats);
344 #ifdef WITH_ACCOUNTING
346 * Proxied accounting requests.
348 if (((flag->vp_integer & 0x08) != 0) &&
349 ((flag->vp_integer & 0x20) == 0)) {
350 request_stats_addvp(request, proxy_acctvp, &proxy_acct_stats);
356 * Internal server statistics
358 if ((flag->vp_integer & 0x10) != 0) {
359 vp = radius_paircreate(request, &request->reply->vps,
360 FR2ATTR(176), PW_TYPE_DATE);
361 if (vp) vp->vp_date = start_time.tv_sec;
362 vp = radius_paircreate(request, &request->reply->vps,
363 FR2ATTR(177), PW_TYPE_DATE);
364 if (vp) vp->vp_date = hup_time.tv_sec;
366 #ifdef HAVE_PTHREAD_H
367 int i, array[RAD_LISTEN_MAX];
369 thread_pool_queue_stats(array);
371 for (i = 0; i <= RAD_LISTEN_DETAIL; i++) {
372 vp = radius_paircreate(request, &request->reply->vps,
377 vp->vp_integer = array[i];
383 * For a particular client.
385 if ((flag->vp_integer & 0x20) != 0) {
387 VALUE_PAIR *server_ip, *server_port = NULL;
388 RADCLIENT *client = NULL;
389 RADCLIENT_LIST *cl = NULL;
392 * See if we need to look up the client by server
395 server_ip = pairfind(request->packet->vps, FR2ATTR(170));
397 server_port = pairfind(request->packet->vps,
402 ipaddr.ipaddr.ip4addr.s_addr = server_ip->vp_ipaddr;
403 cl = listener_find_client_list(&ipaddr, server_port->vp_integer);
406 * Not found: don't do anything
413 vp = pairfind(request->packet->vps, FR2ATTR(167));
416 ipaddr.ipaddr.ip4addr.s_addr = vp->vp_ipaddr;
417 client = client_find(cl, &ipaddr, IPPROTO_UDP);
420 client = client_find(cl, &ipaddr, IPPROTO_TCP);
425 * Else look it up by number.
427 } else if ((vp = pairfind(request->packet->vps,
428 FR2ATTR(168))) != NULL) {
429 client = client_findbynumber(cl, vp->vp_integer);
434 * If found, echo it back, along with
435 * the requested statistics.
437 pairadd(&request->reply->vps, paircopyvp(vp));
440 * When retrieving client by number, also
441 * echo back it's IP address.
443 if ((vp->type == PW_TYPE_INTEGER) &&
444 (client->ipaddr.af == AF_INET)) {
445 vp = radius_paircreate(request,
446 &request->reply->vps,
450 vp->vp_ipaddr = client->ipaddr.ipaddr.ip4addr.s_addr;
453 if (client->prefix != 32) {
454 vp = radius_paircreate(request,
455 &request->reply->vps,
459 vp->vp_integer = client->prefix;
465 pairadd(&request->reply->vps,
466 paircopyvp(server_ip));
467 pairadd(&request->reply->vps,
468 paircopyvp(server_port));
472 ((flag->vp_integer & 0x01) != 0)) {
473 request_stats_addvp(request, client_authvp,
476 #ifdef WITH_ACCOUNTING
478 ((flag->vp_integer & 0x01) != 0)) {
479 request_stats_addvp(request, client_acctvp,
483 } /* else client wasn't found, don't echo it back */
487 * For a particular "listen" socket.
489 if (((flag->vp_integer & 0x40) != 0) &&
490 ((flag->vp_integer & 0x03) != 0)) {
492 VALUE_PAIR *server_ip, *server_port;
496 * See if we need to look up the server by socket
499 server_ip = pairfind(request->packet->vps, FR2ATTR(170));
500 if (!server_ip) return;
502 server_port = pairfind(request->packet->vps,
504 if (!server_port) return;
507 ipaddr.ipaddr.ip4addr.s_addr = server_ip->vp_ipaddr;
508 this = listener_find_byipaddr(&ipaddr,
509 server_port->vp_integer);
512 * Not found: don't do anything
516 pairadd(&request->reply->vps,
517 paircopyvp(server_ip));
518 pairadd(&request->reply->vps,
519 paircopyvp(server_port));
521 if (((flag->vp_integer & 0x01) != 0) &&
522 ((request->listener->type == RAD_LISTEN_AUTH) ||
523 (request->listener->type == RAD_LISTEN_NONE))) {
524 request_stats_addvp(request, authvp, &this->stats);
527 #ifdef WITH_ACCOUNTING
528 if (((flag->vp_integer & 0x02) != 0) &&
529 ((request->listener->type == RAD_LISTEN_ACCT) ||
530 (request->listener->type == RAD_LISTEN_NONE))) {
531 request_stats_addvp(request, acctvp, &this->stats);
540 if (((flag->vp_integer & 0x80) != 0) &&
541 ((flag->vp_integer & 0x03) != 0)) {
543 VALUE_PAIR *server_ip, *server_port;
547 * See if we need to look up the server by socket
550 server_ip = pairfind(request->packet->vps, FR2ATTR(170));
551 if (!server_ip) return;
553 server_port = pairfind(request->packet->vps,
555 if (!server_port) return;
558 ipaddr.ipaddr.ip4addr.s_addr = server_ip->vp_ipaddr;
559 home = home_server_find(&ipaddr, server_port->vp_integer,
563 * Not found: don't do anything
567 pairadd(&request->reply->vps,
568 paircopyvp(server_ip));
569 pairadd(&request->reply->vps,
570 paircopyvp(server_port));
572 vp = radius_paircreate(request, &request->reply->vps,
573 FR2ATTR(172), PW_TYPE_INTEGER);
574 if (vp) vp->vp_integer = home->currently_outstanding;
576 vp = radius_paircreate(request, &request->reply->vps,
577 FR2ATTR(173), PW_TYPE_INTEGER);
578 if (vp) vp->vp_integer = home->state;
580 if ((home->state == HOME_STATE_ALIVE) &&
581 (home->revive_time.tv_sec != 0)) {
582 vp = radius_paircreate(request, &request->reply->vps,
583 FR2ATTR(175), PW_TYPE_DATE);
584 if (vp) vp->vp_date = home->revive_time.tv_sec;
587 if ((home->state == HOME_STATE_ALIVE) &&
588 (home->ema.window > 0)) {
589 vp = radius_paircreate(request,
590 &request->reply->vps,
593 if (vp) vp->vp_integer = home->ema.window;
594 vp = radius_paircreate(request,
595 &request->reply->vps,
598 if (vp) vp->vp_integer = home->ema.ema1 / EMA_SCALE;
599 vp = radius_paircreate(request,
600 &request->reply->vps,
603 if (vp) vp->vp_integer = home->ema.ema10 / EMA_SCALE;
607 if (home->state == HOME_STATE_IS_DEAD) {
608 vp = radius_paircreate(request, &request->reply->vps,
609 FR2ATTR(174), PW_TYPE_DATE);
610 if (vp) vp->vp_date = home->zombie_period_start.tv_sec + home->zombie_period;
613 if (((flag->vp_integer & 0x01) != 0) &&
614 (home->type == HOME_TYPE_AUTH)) {
615 request_stats_addvp(request, proxy_authvp,
619 #ifdef WITH_ACCOUNTING
620 if (((flag->vp_integer & 0x02) != 0) &&
621 (home->type == HOME_TYPE_ACCT)) {
622 request_stats_addvp(request, proxy_acctvp,
627 #endif /* WITH_PROXY */
630 void radius_stats_init(int flag)
633 gettimeofday(&start_time, NULL);
634 hup_time = start_time; /* it's just nicer this way */
636 gettimeofday(&hup_time, NULL);
640 void radius_stats_ema(fr_stats_ema_t *ema,
641 struct timeval *start, struct timeval *end)
645 #ifdef WITH_STATS_DEBUG
648 if (ema->window == 0) return;
650 rad_assert(start->tv_sec >= end->tv_sec);
656 if (ema->window > 10000) ema->window = 10000;
658 ema->f1 = (2 * F_EMA_SCALE) / (ema->window + 1);
659 ema->f10 = (2 * F_EMA_SCALE) / ((10 * ema->window) + 1);
663 tdiff = start->tv_sec;
664 tdiff -= end->tv_sec;
667 if (micro > 40) micro = 40; /* don't overflow 32-bit ints */
669 micro += start->tv_usec;
670 micro -= end->tv_usec;
674 if (ema->ema1 == 0) {
680 diff = ema->f1 * (micro - ema->ema1);
681 ema->ema1 += (diff / 1000000);
683 diff = ema->f10 * (micro - ema->ema10);
684 ema->ema10 += (diff / 1000000);
688 #ifdef WITH_STATS_DEBUG
689 DEBUG("time %d %d.%06d\t%d.%06d\t%d.%06d\n",
690 n, micro / PREC, (micro / EMA_SCALE) % USEC,
691 ema->ema1 / PREC, (ema->ema1 / EMA_SCALE) % USEC,
692 ema->ema10 / PREC, (ema->ema10 / EMA_SCALE) % USEC);
697 #endif /* WITH_STATS */