liudf 20160408 optimize domain parse process

src/conf.c

@@ -120,6 +120,7 @@ typedef enum {
 	oThreadNumber,
 	oQueueSize,
 	oWiredPassed,
+	oParseChecked,
 	// <<< liudf added end
 } OpCodes;
 
@@ -177,6 +178,7 @@ static const struct {
 	"threadNumber", oThreadNumber}, {
 	"queueSize", oQueueSize}, {
 	"wiredPassed", oWiredPassed}, {
+	"parseChecked", oParseChecked}, {
 	// <<<< liudf added end
 NULL, oBadOption},};
 
@@ -241,6 +243,7 @@ config_init(void)
 	config.thread_number 	= 20; // only valid when poolMode == 1
 	config.queue_size 		= 200; // only valid when poolMode == 1
 	config.wired_passed		= 0; // default wired device must login
+	config.parse_checked	= 1; // before parse domain's ip; fping check it
 	//<<<
 
     debugconf.log_stderr = 1;
@@ -865,7 +868,9 @@ config_read(const char *filename)
 					break;
 				case oWiredPassed:
                     config.wired_passed = parse_boolean_value(p1);
-                    debug(LOG_ERR, "oWiredPassed: %d %s", config.wired_passed, p1);
+					break;
+				case oParseChecked:
+					config.parse_checked = parse_boolean_value(p1);
 					break;
 				// <<< liudf added end
                 case oBadOption:
@@ -1394,11 +1399,12 @@ parse_trusted_domain_2_ip(t_domain_trusted *p)
     struct in_addr **addr_list;
     int i;
 	
-	// in case of parsing too long
-	// if this server not allow ping; fuck it
-	if(is_server_reachable(p->domain) == 0)
+	// if has parsed; then passed it	
+	if(p->ips_trusted != NULL) {	
+        debug(LOG_INFO, "domain has parsed (%s)", p->domain);
 		return;
- 
+	}
+	 
     if ( (he=gethostbyname2(p->domain, AF_INET) ) == NULL)
     {
         return ;

src/conf.h

@@ -244,7 +244,8 @@ typedef struct {
 	t_trusted_mac	*roam_maclist; /** roam mac list*/
 	t_untrusted_mac	*mac_blacklist; /** blacklist mac*/
 	char 	*htmlredirfile;
-	int		wired_passed; 
+	short	wired_passed;
+	short	parse_checked; 
 	short	js_filter; /** boolean, whether to enable javascript filter url request*/
 	short	pool_mode;
 	short	thread_number;

src/firewall.c

@@ -363,6 +363,12 @@ fw_set_mac_temporary(const char *mac, int which)
 	iptables_fw_set_mac_temporary(mac, which);
 }
 
+void
+fw_set_trusted_mac(const char *mac)
+{
+    debug(LOG_INFO, "Clear untrusted maclist");
+	iptables_fw_set_trusted_mac(mac);
+}
 //<<<<< liudf added end
 
 /** Remove the firewall rules

src/firewall.h

@@ -104,5 +104,7 @@ void fw_set_untrusted_maclist();
 void fw_clear_untrusted_maclist();
 
 void fw_set_mac_temporary(const char *, int);
+
+void fw_set_trusted_mac(const char *);
 //<<<< liudf added end
 #endif                          /* _FIREWALL_H_ */

src/fw_iptables.c

@@ -419,14 +419,7 @@ iptables_fw_set_trusted_maclist(void)
 void
 iptables_fw_set_trusted_mac(const char *mac)
 {
-	const s_config *config;
-	t_trusted_mac *p = NULL;
-	
-    config = config_get_config();
-
-	for (p = config->trustedmaclist; p != NULL; p = p->next)
-		ipset_do_command("add " CHAIN_TRUSTED " %s", mac);
-
+	ipset_do_command("add " CHAIN_TRUSTED " %s", mac);
 }
 
 void

src/fw_iptables.h

@@ -111,6 +111,8 @@ void iptables_fw_clear_roam_maclist(void);
 
 void iptables_fw_set_trusted_maclist(void);
 
+void iptables_fw_set_trusted_mac(const char *);
+
 void iptables_fw_clear_trusted_maclist(void);
 
 void iptables_fw_set_untrusted_maclist(void);

src/http.c

@@ -244,12 +244,10 @@ http_callback_404(httpd * webserver, request * r, int error_code)
 			UNLOCK_CLIENT_LIST();
 			
 			// if device is wired and wired device no need auth
-        	debug(LOG_INFO, "mac: %s wired_passed:  %d  is_device_wired: %d js_filter: %d", 
-					mac, config->wired_passed, is_device_wired(mac), config->js_filter);
 			if(config->wired_passed == 1 && is_device_wired(mac)) {
         		debug(LOG_INFO, "wired_passed:  %s is wired device", mac);
 				t_trusted_mac *pmac = add_trusted_mac(mac);
-				fw_set_mac_temporary(mac, 0); // set to trusted mac list
+				fw_set_trusted_mac(mac);
 				http_send_redirect(r, tmp_url, "device no need login");
 				if(pmac != NULL)
 					pmac->ip = safe_malloc(r->clientAddr);