-
JP Abgrall authored
This is a minimalistic version to get accounting of data going through tagged socket per uid. When netd starts up the BandwidthController, it will look at the properties for persist.bandwidth.enable=1 and enabled it. It needs the kernel with the xt_qtaguid + iptables/netfilter goodness. stlport is ok to use. The "owner" netfilter module used is actually our xt_qtaguid that acts as it (just until we get around to talking directly the to kernel). Once "ndc bandwidth enable" is invoked all traffic is counted against the UIDs receiving/sending it. This allows BlockGuard.java to "tag" sockets and see stats for the tags. Data shows up in /proc/net/xt_qtaguid/stats /proc/net/xt_qtaguid/iface_stat/<iface>/ rx_packets_tcp rx_bytes_tcp ... There is no <uid>/... Supported commands: - "ndc bandwidth enable" will setup the needed iptable entries to track tag/uid. - "ndc bandwidth disable" will remove the iptable entries. - "ndc bandwidth setquota <iface> <value>" will set a quota on the iface. Once quota is reached, packets are rejected. With the correct kernel, rejects are turned in socket errors. TODO ---- * make bandwidth controller cooperate with tethering. - they both manipulate the iptables. Change-Id: Ieb9e7c60ef8c974e99828f7833065d59b2922bf34a5f5ca3
