[Git][NTPsec/ntpsec][master] 3 commits: ntpq: Add noflake and doflake for packet loss simulation.

James Browning gitlab at mg.gitlab.com
Sun Sep 27 01:08:18 UTC 2020 


James Browning pushed to branch master at NTPsec / ntpsec


Commits:
78a96b1e by James Browning at 2020-09-27T00:58:52+00:00
ntpq: Add noflake and doflake for packet loss simulation.




- - - - -
c6147f6b by James Browning at 2020-09-27T00:58:52+00:00
mode 6: Allow returning multiple specific MRU entries ...

if limit == 1 and multiple addresses provided.
mode 6: Solve packet storm when mrulist limit=1
- - - - -
4cb4e4c3 by James Browning at 2020-09-27T00:58:52+00:00
pylib: add first 16 addr & last arguments to mrulist


- - - - -


4 changed files:

- docs/includes/ntpq-body.adoc
- ntpclients/ntpq.py
- ntpd/ntp_control.c
- pylib/packet.py


Changes:

=====================================
docs/includes/ntpq-body.adoc
=====================================
@@ -150,6 +150,12 @@ as following.
 +debug more | less | off+::
   Turns internal query program debugging on and off.
 
++noflake+::
++doflake 'probability'::
+  Disables or enables the dropping of control packets by ntpq for testing.
+  Probabilities 0 and 1 should be certainly accepted and discarded
+  respectively. No default, but 0.1 should be a one in ten loss rate.
+
 +logfile <stderr> | filename+::
   Displays or sets the file for debug logging. <stderr> will send logs
   to standard error.
@@ -301,7 +307,8 @@ ind assid status conf reach auth condition last_event cnt
   server so loaded that none of its MRU entries age out before they
   are shipped. With this option, each segment is reported as it arrives.
 
-[[mrulist]]+mrulist+ [+limited+ | +kod+ | +mincount=+'count' | +mindrop=+'drop' | +minscore=+'score' | +maxlstint=+'seconds' | +minlstint=+'seconds' | +laddr=+'localaddr' | +sort=+'sortorder' | +resany=+'hexmask' | +resall=+'hexmask']::
+[[mrulist]]+mrulist+ [+limited+ | +kod+ | +mincount=+'count' | +mindrop=+'drop' | +minscore=+'score' | +maxlstint=+'seconds' | +minlstint=+'seconds' | +laddr=+'localaddr' | +sort=+'sortorder' | +resany=+'hexmask' | +resall=+'hexmask' | +limit=+'limit' |
++addr.'num'=+'address']::
   Obtain and print traffic counts collected and maintained by the
   monitor facility. This is useful for tracking who _uses_ or
   _abuses_ your server.
@@ -310,6 +317,19 @@ With the exception of +sort=+'sortorder', the options
 filter the list returned by +ntpd+. The +limited+ and +kod+ options
 return only entries representing client addresses from which the last
 packet received triggered either discarding or a KoD response.
+the +addr.'num'=+ option adds specific addresses to retrieve when
++limit=+'1'. Values of 0 to 15 are supported for 'num'. Also, used
+internallly with +last.'num'=+'hextime' to select starting point
+for retrieving continued response.
+the +frags=+'frags' option limits the number of datagrams
+(fragments) in response.  Used by newer ntpq versions instead
+of limit= when retrieving multiple entries.
+The +limit=+ option limits the MRU entries returned. limit=1
+is a special case:  Instead of fetching beginning with the
+supplied starting point's newer neighbor, fetch the supplied
+entries. This enables fetching a multiple entries by IP
+addresses.  When limit is not one and frags= is provided,
+the fragment limit controls.
 The +mincount=+'count' option filters entries that have received less
 than 'count' packets.
 The +mindrop=+'drop' option filters entries that have dropped less


=====================================
ntpclients/ntpq.py
=====================================
@@ -1215,6 +1215,42 @@ usage: config_from_file <configuration filename>
         for entry in entries:
             self.say(self.formatter.summary(entry) + "\n")
 
+    def do_noflake(self):
+        """Disables the dropping of control packets by ntpq for testing."""
+        self.session.flakey = False
+
+    def help_noflake(self):
+        """Print help for noflake."""
+        self.say("""\
+function: Disables the dropping of received packets by ntpq for testing.
+usage: noflake
+""")
+
+    def do_doflake(self, line):
+        """Drop some received packets for testing.
+
+        Probabilities 0 and 1 should be certainly accepted
+        and discarded respectively. No default, but 0.1
+        should be a one in ten loss rate.
+        """
+        try:
+            _ = float(line)
+            if not 0 < _ < 1:
+                raise ValueError
+            self.session.flakey = _
+        except ValueError:
+            self.say('Flakiness must be a (positive) float less than 1.')
+
+    def help_doflake(self):
+        """Print help for doflake."""
+        self.say("""\
+function: Enables the dropping of control packets by
+ntpq for testing. Probabilities 0 and 1 should be
+certainly accepted and discarded respectively. No
+default, but 0.1 should be a one in ten loss rate.
+usage: doflake <probability>
+""")
+
     def do_mrulist(self, line):
         """display the list of most recently seen source addresses,
            tags mincount=... resall=0x... resany=0x..."""


=====================================
ntpd/ntp_control.c
=====================================
@@ -3637,10 +3637,25 @@ static void read_mru_list(
 	} else if (0 != limit && 0 == frags)
 		frags = MRU_FRAGS_LIMIT;
 
+	mon = NULL;
+	if (limit == 1) {
+		for (i = 0; i < COUNTOF(last); i++) {
+			mon = mon_get_slot(&addr[i]);
+			if (mon != NULL) {
+				send_mru_entry(mon, i);
+			}
+		}
+		generate_nonce(rbufp, buf, sizeof(buf));
+		ctl_putunqstr("nonce", buf, strlen(buf));
+		get_systime(&now);
+		ctl_putts("now", &now);
+		ctl_flushpkt(0);
+		return;
+	}
+
 	/*
 	 * Find the starting point if one was provided.
 	 */
-	mon = NULL;
 	for (i = 0; i < (size_t)priors; i++) {
 		mon = mon_get_slot(&addr[i]);
 		if (mon != NULL) {


=====================================
pylib/packet.py
=====================================
@@ -207,6 +207,7 @@ from __future__ import print_function, division
 import getpass
 import hmac
 import os
+import random
 import select
 import socket
 import string
@@ -740,6 +741,7 @@ class ControlSession:
         self.logfp = sys.stdout
         self.nonce_xmit = 0
         self.slots = 0
+        self.flakey = None
 
     def warndbg(self, text, threshold):
         ntp.util.dolog(self.logfp, text, self.debug, threshold)
@@ -1019,6 +1021,10 @@ class ControlSession:
                 # usually, errno 111: connection refused
                 raise ControlException(SERR_SOCKET)
 
+            if self.flakey and self.flakey >= random.random():
+                warndbg('Flaky: I deliberately dropped a packet.', 1)
+                rawdata = None
+
             warndbg("Received %d octets" % len(rawdata), 3)
             rpkt = ControlPacket(self)
             try:
@@ -1597,6 +1603,11 @@ def parse_mru_variables(variables):
                  "maxlstint", "minlstint", "laddr", "recent",
                  "sort", "frags", "limit"):
             continue
+        elif k.startswith('addr.') or k.startswith('last.'):
+            kn = k.split('.')
+            if len(kn) != 2 or kn[1] not in map(str, list(range(16))):
+                raise ControlException(SERR_BADPARAM % k)
+            continue
         else:
             raise ControlException(SERR_BADPARAM % k)
     if 'frags' in variables:



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/366569b1ea50015b8556799c4d0cccbbfce666b7...4cb4e4c37f4e8a5de0eb4562f5d81831112f3e1b

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/366569b1ea50015b8556799c4d0cccbbfce666b7...4cb4e4c37f4e8a5de0eb4562f5d81831112f3e1b
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20200927/f982c854/attachment-0001.htm>

More information about the vc mailing list