From e6f0851b184123ebf04df45e2f29a59f0cb827eb Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org" Date: Wed, 13 Jun 2007 19:46:11 +0000 Subject: - local requests return EXIT_FAILURE if it can't connect to the daemon - several cleanups --- ChangeLog | 1 + include/network.h | 5 +++-- src/main.c | 4 +++- src/network.c | 46 ++++++++++++---------------------------------- src/sync-nack.c | 40 ++++++++++------------------------------ 5 files changed, 29 insertions(+), 67 deletions(-) diff --git a/ChangeLog b/ChangeLog index 86a9a46..f1ae81f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,7 @@ o remove confusing StripNAT parameter: NAT support enabled by default o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o commit phase: if conntrack exists, update it +o local requests return EXIT_FAILURE if it can't connect to the daemon o lots of cleanups = conntrack = diff --git a/include/network.h b/include/network.h index 5ba808a..243815a 100644 --- a/include/network.h +++ b/include/network.h @@ -4,13 +4,14 @@ #include struct nlnetwork { - u_int16_t flags; + u_int16_t flags; + u_int16_t padding; u_int32_t seq; }; struct nlnetwork_ack { u_int16_t flags; - u_int16_t checksum; + u_int16_t padding; u_int32_t seq; u_int32_t from; u_int32_t to; diff --git a/src/main.c b/src/main.c index 1c75970..a039793 100644 --- a/src/main.c +++ b/src/main.c @@ -252,9 +252,11 @@ int main(int argc, char *argv[]) } if (type == REQUEST) { - if (do_local_request(action, &conf.local, local_step) == -1) + if (do_local_request(action, &conf.local, local_step) == -1) { fprintf(stderr, "can't connect: is conntrackd " "running? appropiate permissions?\n"); + exit(EXIT_FAILURE); + } exit(EXIT_SUCCESS); } diff --git a/src/network.c b/src/network.c index a7ce740..37f437e 100644 --- a/src/network.c +++ b/src/network.c @@ -19,20 +19,25 @@ #include "conntrackd.h" #include "network.h" -#if 0 -#define _TEST_DROP -#else -#undef _TEST_DROP -#endif - -static int drop = 0; /* debugging purposes */ static unsigned int seq_set, cur_seq; static int send_netmsg(struct mcast_sock *m, void *data, unsigned int len) { struct nlnetwork *net = data; + if (!seq_set) { + seq_set = 1; + cur_seq = time(NULL); + net->flags |= NET_HELLO; + } + + net->flags = htons(net->flags); + net->seq = htonl(cur_seq++); + +#undef _TEST_DROP #ifdef _TEST_DROP + static int drop = 0; + if (++drop > 10) { drop = 0; printf("dropping resend (seq=%u)\n", ntohl(net->seq)); @@ -48,15 +53,6 @@ int mcast_send_netmsg(struct mcast_sock *m, void *data) unsigned int len = nlh->nlmsg_len + sizeof(struct nlnetwork); struct nlnetwork *net = data; - if (!seq_set) { - seq_set = 1; - cur_seq = time(NULL); - net->flags |= NET_HELLO; - } - - net->flags = htons(net->flags); - net->seq = htonl(cur_seq++); - if (nlh_host2network(nlh) == -1) return -1; @@ -71,20 +67,11 @@ int mcast_resend_netmsg(struct mcast_sock *m, void *data) net->flags = ntohs(net->flags); - if (!seq_set) { - seq_set = 1; - cur_seq = time(NULL); - net->flags |= NET_HELLO; - } - if (net->flags & NET_NACK || net->flags & NET_ACK) len = sizeof(struct nlnetwork_ack); else len = sizeof(struct nlnetwork) + ntohl(nlh->nlmsg_len); - net->flags = htons(net->flags); - net->seq = htonl(cur_seq++); - return send_netmsg(m, data, len); } @@ -93,12 +80,6 @@ int mcast_send_error(struct mcast_sock *m, void *data) struct nlnetwork *net = data; unsigned int len = sizeof(struct nlnetwork); - if (!seq_set) { - seq_set = 1; - cur_seq = time(NULL); - net->flags |= NET_HELLO; - } - if (net->flags & NET_NACK || net->flags & NET_ACK) { struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net; nack->from = htonl(nack->from); @@ -106,9 +87,6 @@ int mcast_send_error(struct mcast_sock *m, void *data) len = sizeof(struct nlnetwork_ack); } - net->flags = htons(net->flags); - net->seq = htonl(cur_seq++); - return send_netmsg(m, data, len); } diff --git a/src/sync-nack.c b/src/sync-nack.c index e435b09..1f62294 100644 --- a/src/sync-nack.c +++ b/src/sync-nack.c @@ -77,47 +77,25 @@ static void nack_kill() buffer_destroy(STATE_SYNC(buffer)); } -static void mcast_send_nack(u_int32_t expt_seq, u_int32_t recv_seq) -{ - struct nlnetwork_ack nack = { - .flags = NET_NACK, - .from = expt_seq, - .to = recv_seq, - }; - - mcast_send_error(STATE_SYNC(mcast_client), &nack); - buffer_add(STATE_SYNC(buffer), &nack, sizeof(struct nlnetwork_ack)); -} - -static void mcast_send_ack(u_int32_t from, u_int32_t to) +static void mcast_send_control(u_int32_t flags, u_int32_t from, u_int32_t to) { struct nlnetwork_ack ack = { - .flags = NET_ACK, - .from = from, - .to = to, + .flags = flags, + .from = from, + .to = to, }; mcast_send_error(STATE_SYNC(mcast_client), &ack); buffer_add(STATE_SYNC(buffer), &ack, sizeof(struct nlnetwork_ack)); } -static void mcast_send_resync() -{ - struct nlnetwork net = { - .flags = NET_RESYNC, - }; - - mcast_send_error(STATE_SYNC(mcast_client), &net); - buffer_add(STATE_SYNC(buffer), &net, sizeof(struct nlnetwork)); -} - -int nack_local(int fd, int type, void *data) +static int nack_local(int fd, int type, void *data) { int ret = 1; switch(type) { case REQUEST_DUMP: - mcast_send_resync(); + mcast_send_control(NET_RESYNC, 0, 0); dlog(STATE(log), "[REQ] request resync"); break; default: @@ -228,13 +206,15 @@ static int nack_recv(const struct nlnetwork *net) if (!mcast_track_seq(net->seq, &exp_seq)) { dp("OOS: sending nack (seq=%u)\n", exp_seq); - mcast_send_nack(exp_seq, net->seq - 1); + mcast_send_control(NET_NACK, exp_seq, net->seq - 1); window = CONFIG(window_size); } else { /* received a window, send an acknowledgement */ if (--window == 0) { dp("sending ack (seq=%u)\n", net->seq); - mcast_send_ack(net->seq-CONFIG(window_size), net->seq); + mcast_send_control(NET_ACK, + net->seq - CONFIG(window_size), + net->seq); } } -- cgit v1.2.3