diff options
author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-06-19 17:00:44 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-06-19 17:00:44 +0000 |
commit | 3f3a6701978df8ca16ebb5988eb7a46771deb964 (patch) | |
tree | 9a031367cd1b4322d193a85f44b15fbc645d4002 | |
parent | e6f0851b184123ebf04df45e2f29a59f0cb827eb (diff) | |
download | conntrack-tools-3f3a6701978df8ca16ebb5988eb7a46771deb964.tar.gz conntrack-tools-3f3a6701978df8ca16ebb5988eb7a46771deb964.zip |
- more cleanups and code refactorization
- remove several debug calls
- create a child to dispatch dump requests: this will help to simplify the
current locking schema. Later.
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | include/network.h | 22 | ||||
-rw-r--r-- | include/sync.h | 6 | ||||
-rw-r--r-- | src/cache.c | 1 | ||||
-rw-r--r-- | src/cache_iterators.c | 22 | ||||
-rw-r--r-- | src/ignore_pool.c | 1 | ||||
-rw-r--r-- | src/local.c | 19 | ||||
-rw-r--r-- | src/network.c | 89 | ||||
-rw-r--r-- | src/run.c | 13 | ||||
-rw-r--r-- | src/stats-mode.c | 8 | ||||
-rw-r--r-- | src/sync-mode.c | 69 | ||||
-rw-r--r-- | src/sync-nack.c | 63 | ||||
-rw-r--r-- | src/sync-notrack.c | 13 |
13 files changed, 156 insertions, 172 deletions
@@ -14,6 +14,8 @@ o relax event tracking: *_update callbacks use cache_update_force o use wraparound-aware functions after/before/between o commit phase: if conntrack exists, update it o local requests return EXIT_FAILURE if it can't connect to the daemon +o remove several debug statements +o fork when internal/external dump cache requests are received o lots of cleanups = conntrack = diff --git a/include/network.h b/include/network.h index 243815a..31903a5 100644 --- a/include/network.h +++ b/include/network.h @@ -3,32 +3,34 @@ #include <sys/types.h> -struct nlnetwork { +struct nethdr { u_int16_t flags; u_int16_t padding; u_int32_t seq; }; +#define NETHDR_SIZ sizeof(struct nethdr) -struct nlnetwork_ack { +struct nethdr_ack { u_int16_t flags; u_int16_t padding; u_int32_t seq; u_int32_t from; u_int32_t to; }; +#define NETHDR_ACK_SIZ sizeof(struct nethdr_ack) enum { - NET_HELLO_BIT = 0, - NET_HELLO = (1 << NET_HELLO_BIT), + NET_F_HELLO_BIT = 0, + NET_F_HELLO = (1 << NET_F_HELLO_BIT), - NET_RESYNC_BIT = 1, - NET_RESYNC = (1 << NET_RESYNC_BIT), + NET_F_RESYNC_BIT = 1, + NET_F_RESYNC = (1 << NET_F_RESYNC_BIT), - NET_NACK_BIT = 2, - NET_NACK = (1 << NET_NACK_BIT), + NET_F_NACK_BIT = 2, + NET_F_NACK = (1 << NET_F_NACK_BIT), - NET_ACK_BIT = 3, - NET_ACK = (1 << NET_ACK_BIT), + NET_F_ACK_BIT = 3, + NET_F_ACK = (1 << NET_F_ACK_BIT), }; /* extracted from net/tcp.h */ diff --git a/include/sync.h b/include/sync.h index 72f6313..a737e81 100644 --- a/include/sync.h +++ b/include/sync.h @@ -1,7 +1,7 @@ #ifndef _SYNC_HOOKS_H_ #define _SYNC_HOOKS_H_ -struct nlnetwork; +struct nethdr; struct us_conntrack; struct sync_mode { @@ -13,9 +13,9 @@ struct sync_mode { int (*init)(void); void (*kill)(void); int (*local)(int fd, int type, void *data); - int (*recv)(const struct nlnetwork *net); /* recv callback */ + int (*recv)(const struct nethdr *net); /* recv callback */ void (*send)(int type, /* send callback */ - const struct nlnetwork *net, + const struct nethdr *net, struct us_conntrack *u); }; diff --git a/src/cache.c b/src/cache.c index 1b130c8..3bf331c 100644 --- a/src/cache.c +++ b/src/cache.c @@ -23,7 +23,6 @@ #include <errno.h> #include "us-conntrack.h" #include "cache.h" -#include "debug.h" static u_int32_t hash(const void *data, struct hashtable *table) { diff --git a/src/cache_iterators.c b/src/cache_iterators.c index 279ddab..7ae25fa 100644 --- a/src/cache_iterators.c +++ b/src/cache_iterators.c @@ -23,7 +23,6 @@ #include <libnetfilter_conntrack/libnetfilter_conntrack.h> #include <errno.h> #include "us-conntrack.h" -#include "debug.h" struct __dump_container { int fd; @@ -120,8 +119,7 @@ static int do_commit(void *data1, void *data2) free(ct); if (ret == -1) { - /* XXX: Please cleanup this debug crap, default in logfile */ - debug("--- failed to build: %s --- \n", strerror(errno)); + dlog(STATE(log), "failed to build: %s", strerror(errno)); return 0; } @@ -135,10 +133,8 @@ static int do_commit(void *data1, void *data2) c->commit_fail++; break; } - debug("--- failed to commit: %s --- \n", strerror(errno)); } else { c->commit_ok++; - debug("----- commit -----\n"); } /* keep iterating even if we have found errors */ @@ -207,20 +203,8 @@ static int do_bulk(void *data1, void *data2) { int ret; struct us_conntrack *u = data2; - char buf[4096]; - struct nlnetwork *net = (struct nlnetwork *) buf; - - ret = build_network_msg(NFCT_Q_UPDATE, - STATE(subsys_dump), - u->ct, - buf, - sizeof(buf)); - if (ret == -1) - debug_ct(u->ct, "failed to build"); - - mcast_send_netmsg(STATE_SYNC(mcast_client), net); - if (STATE_SYNC(sync)->send) - STATE_SYNC(sync)->send(NFCT_T_UPDATE, net, u); + + mcast_build_send_update(u); /* keep iterating even if we have found errors */ return 0; diff --git a/src/ignore_pool.c b/src/ignore_pool.c index 5946617..d6f0e93 100644 --- a/src/ignore_pool.c +++ b/src/ignore_pool.c @@ -20,7 +20,6 @@ #include "hash.h" #include "conntrackd.h" #include "ignore.h" -#include "debug.h" #include <libnetfilter_conntrack/libnetfilter_conntrack.h> #define IGNORE_POOL_SIZE 32 diff --git a/src/local.c b/src/local.c index eef70ad..be51b9e 100644 --- a/src/local.c +++ b/src/local.c @@ -1,5 +1,5 @@ /* - * (C) 2006 by Pablo Neira Ayuso <pablo@netfilter.org> + * (C) 2006-2007 by Pablo Neira Ayuso <pablo@netfilter.org> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,7 +22,6 @@ #include <unistd.h> #include <arpa/inet.h> #include <errno.h> -#include "debug.h" #include "local.h" @@ -32,14 +31,11 @@ int local_server_create(struct local_conf *conf) int len; struct sockaddr_un local; - if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) { - debug("local_server_create:socket"); + if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) return -1; - } if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &conf->reuseaddr, sizeof(conf->reuseaddr)) == -1) { - debug("local_server_create:setsockopt"); close(fd); return -1; } @@ -50,14 +46,12 @@ int local_server_create(struct local_conf *conf) unlink(conf->path); if (bind(fd, (struct sockaddr *) &local, len) == -1) { - debug("local_server_create:bind"); close(fd); return -1; } if (listen(fd, conf->backlog) == -1) { close(fd); - debug("local_server_create:listen"); return -1; } @@ -76,10 +70,8 @@ int do_local_server_step(int fd, void *data, struct sockaddr_un local; size_t sin_size = sizeof(struct sockaddr_un); - if ((rfd = accept(fd, (struct sockaddr *)&local, &sin_size)) == -1) { - debug("do_local_server_step:accept"); + if ((rfd = accept(fd, (struct sockaddr *)&local, &sin_size)) == -1) return -1; - } process(rfd, data); close(rfd); @@ -102,7 +94,6 @@ int local_client_create(struct local_conf *conf) if (connect(fd, (struct sockaddr *) &local, len) == -1) { close(fd); - debug("local_client_create: connect: "); return -1; } @@ -146,10 +137,8 @@ int do_local_request(int request, return -1; ret = send(fd, &request, sizeof(int), 0); - if (ret == -1) { - debug("send:"); + if (ret == -1) return -1; - } do_local_client_step(fd, step); diff --git a/src/network.c b/src/network.c index 37f437e..159bdf3 100644 --- a/src/network.c +++ b/src/network.c @@ -23,12 +23,12 @@ static unsigned int seq_set, cur_seq; static int send_netmsg(struct mcast_sock *m, void *data, unsigned int len) { - struct nlnetwork *net = data; + struct nethdr *net = data; if (!seq_set) { seq_set = 1; cur_seq = time(NULL); - net->flags |= NET_HELLO; + net->flags |= NET_F_HELLO; } net->flags = htons(net->flags); @@ -49,9 +49,9 @@ static int send_netmsg(struct mcast_sock *m, void *data, unsigned int len) int mcast_send_netmsg(struct mcast_sock *m, void *data) { - struct nlmsghdr *nlh = data + sizeof(struct nlnetwork); - unsigned int len = nlh->nlmsg_len + sizeof(struct nlnetwork); - struct nlnetwork *net = data; + struct nlmsghdr *nlh = data + NETHDR_SIZ; + unsigned int len = nlh->nlmsg_len + NETHDR_SIZ; + struct nethdr *net = data; if (nlh_host2network(nlh) == -1) return -1; @@ -61,40 +61,77 @@ int mcast_send_netmsg(struct mcast_sock *m, void *data) int mcast_resend_netmsg(struct mcast_sock *m, void *data) { - struct nlnetwork *net = data; - struct nlmsghdr *nlh = data + sizeof(struct nlnetwork); + struct nethdr *net = data; + struct nlmsghdr *nlh = data + NETHDR_SIZ; unsigned int len; net->flags = ntohs(net->flags); - if (net->flags & NET_NACK || net->flags & NET_ACK) - len = sizeof(struct nlnetwork_ack); + if (net->flags & NET_F_NACK || net->flags & NET_F_ACK) + len = NETHDR_ACK_SIZ; else - len = sizeof(struct nlnetwork) + ntohl(nlh->nlmsg_len); + len = ntohl(nlh->nlmsg_len) + NETHDR_SIZ; return send_netmsg(m, data, len); } int mcast_send_error(struct mcast_sock *m, void *data) { - struct nlnetwork *net = data; - unsigned int len = sizeof(struct nlnetwork); + struct nethdr *net = data; + unsigned int len = NETHDR_SIZ; - if (net->flags & NET_NACK || net->flags & NET_ACK) { - struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net; + if (net->flags & NET_F_NACK || net->flags & NET_F_ACK) { + struct nethdr_ack *nack = (struct nethdr_ack *) net; nack->from = htonl(nack->from); nack->to = htonl(nack->to); - len = sizeof(struct nlnetwork_ack); + len = NETHDR_ACK_SIZ; } return send_netmsg(m, data, len); } +#include "us-conntrack.h" +#include "sync.h" + +static int __build_send(struct us_conntrack *u, int type, int query) +{ + char __net[4096]; + struct nethdr *net = (struct nethdr *) __net; + + if (!state_helper_verdict(type, u->ct)) + return 0; + + int ret = build_network_msg(query, + STATE(subsys_event), + u->ct, + __net, + sizeof(__net)); + + if (ret == -1) + return -1; + + mcast_send_netmsg(STATE_SYNC(mcast_client), __net); + if (STATE_SYNC(sync)->send) + STATE_SYNC(sync)->send(type, net, u); + + return 0; +} + +int mcast_build_send_update(struct us_conntrack *u) +{ + return __build_send(u, NFCT_T_UPDATE, NFCT_Q_UPDATE); +} + +int mcast_build_send_destroy(struct us_conntrack *u) +{ + return __build_send(u, NFCT_T_DESTROY, NFCT_Q_DESTROY); +} + int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) { int ret; - struct nlnetwork *net = data; - struct nlmsghdr *nlh = data + sizeof(struct nlnetwork); + struct nethdr *net = data; + struct nlmsghdr *nlh = data + NETHDR_SIZ; struct nfgenmsg *nfhdr; ret = mcast_recv(m, net, len); @@ -102,17 +139,17 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) return ret; /* message too small: no room for the header */ - if (ret < sizeof(struct nlnetwork)) + if (ret < NETHDR_SIZ) return -1; - if (ntohs(net->flags) & NET_HELLO) + if (ntohs(net->flags) & NET_F_HELLO) STATE_SYNC(last_seq_recv) = ntohl(net->seq) - 1; - if (ntohs(net->flags) & NET_NACK || ntohs(net->flags) & NET_ACK) { - struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net; + if (ntohs(net->flags) & NET_F_NACK || ntohs(net->flags) & NET_F_ACK) { + struct nethdr_ack *nack = (struct nethdr_ack *) net; /* message too small: no room for the header */ - if (ret < sizeof(struct nlnetwork_ack)) + if (ret < NETHDR_ACK_SIZ) return -1; /* host byte order conversion */ @@ -126,7 +163,7 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) return ret; } - if (ntohs(net->flags) & NET_RESYNC) { + if (ntohs(net->flags) & NET_F_RESYNC) { /* host byte order conversion */ net->flags = ntohs(net->flags); net->seq = ntohl(net->seq); @@ -139,7 +176,7 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) return -1; /* information received and message length does not match */ - if (ret != ntohl(nlh->nlmsg_len) + sizeof(struct nlnetwork)) + if (ret != ntohl(nlh->nlmsg_len) + NETHDR_SIZ) return -1; /* this message does not come from ctnetlink */ @@ -209,8 +246,8 @@ int build_network_msg(const int msg_type, unsigned int size) { memset(buffer, 0, size); - buffer += sizeof(struct nlnetwork); - size -= sizeof(struct nlnetwork); + buffer += NETHDR_SIZ; + size -= NETHDR_SIZ; return nfct_build_query(ssh, msg_type, ct, buffer, size); } @@ -47,6 +47,11 @@ void killer(int foo) exit(0); } +static void child(int foo) +{ + while(wait(NULL) > 0); +} + void local_handler(int fd, void *data) { int ret; @@ -54,11 +59,11 @@ void local_handler(int fd, void *data) ret = read(fd, &type, sizeof(type)); if (ret == -1) { - dlog(STATE(log), "can't read from unix socket\n"); + dlog(STATE(log), "can't read from unix socket"); return; } if (ret == 0) { - debug("nothing to process\n"); + dlog(STATE(log), "local request: nothing to process?"); return; } @@ -122,6 +127,7 @@ int init(int mode) sigemptyset(&STATE(block)); sigaddset(&STATE(block), SIGTERM); sigaddset(&STATE(block), SIGINT); + sigaddset(&STATE(block), SIGCHLD); if (signal(SIGINT, killer) == SIG_ERR) return -1; @@ -133,6 +139,9 @@ int init(int mode) if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) return -1; + if (signal(SIGCHLD, child) == SIG_ERR) + return -1; + dlog(STATE(log), "[OK] initialization completed"); return 0; diff --git a/src/stats-mode.c b/src/stats-mode.c index f65fbdb..92794cd 100644 --- a/src/stats-mode.c +++ b/src/stats-mode.c @@ -142,9 +142,11 @@ static void event_new_stats(struct nf_conntrack *ct, struct nlmsghdr *nlh) if (cache_add(STATE_STATS(cache), ct)) { debug_ct(ct, "cache new"); } else { - dlog(STATE(log), "can't add to cache cache: " - "%s\n", strerror(errno)); - debug_ct(ct, "can't add"); + if (errno != EEXIST) { + dlog(STATE(log), "can't add to cache cache: " + "%s\n", strerror(errno)); + debug_ct(ct, "can't add"); + } } } diff --git a/src/sync-mode.c b/src/sync-mode.c index cb95392..8433532 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -32,10 +32,10 @@ static void mcast_handler() { int ret; - unsigned int type, size = sizeof(struct nlnetwork); + unsigned int type; char __net[4096]; - struct nlnetwork *net = (struct nlnetwork *) __net; - struct nlmsghdr *nlh = (struct nlmsghdr *) (__net + size); + struct nethdr *net = (struct nethdr *) __net; + struct nlmsghdr *nlh = (struct nlmsghdr *) (__net + NETHDR_SIZ); char __ct[nfct_maxsize()]; struct nf_conntrack *ct = (struct nf_conntrack *) __ct; struct us_conntrack *u = NULL; @@ -93,7 +93,7 @@ retry: debug_ct(ct, "can't destroy"); break; default: - debug("unknown type %d\n", type); + dlog(STATE(log), "mcast received unknown msg type %d\n", type); break; } } @@ -216,16 +216,32 @@ static int local_handler_sync(int fd, int type, void *data) switch(type) { case DUMP_INTERNAL: - cache_dump(STATE_SYNC(internal), fd, NFCT_O_PLAIN); + ret = fork(); + if (ret == 0) { + cache_dump(STATE_SYNC(internal), fd, NFCT_O_PLAIN); + exit(EXIT_SUCCESS); + } break; case DUMP_EXTERNAL: - cache_dump(STATE_SYNC(external), fd, NFCT_O_PLAIN); + ret = fork(); + if (ret == 0) { + cache_dump(STATE_SYNC(external), fd, NFCT_O_PLAIN); + exit(EXIT_SUCCESS); + } break; case DUMP_INT_XML: - cache_dump(STATE_SYNC(internal), fd, NFCT_O_XML); + ret = fork(); + if (ret == 0) { + cache_dump(STATE_SYNC(internal), fd, NFCT_O_XML); + exit(EXIT_SUCCESS); + } break; case DUMP_EXT_XML: - cache_dump(STATE_SYNC(external), fd, NFCT_O_XML); + ret = fork(); + if (ret == 0) { + cache_dump(STATE_SYNC(external), fd, NFCT_O_XML); + exit(EXIT_SUCCESS); + } break; case COMMIT: dlog(STATE(log), "[REQ] commit external cache to master table"); @@ -280,14 +296,14 @@ static void mcast_send_sync(struct nlmsghdr *nlh, int type) { char __net[4096]; - struct nlnetwork *net = (struct nlnetwork *) __net; + struct nethdr *net = (struct nethdr *) __net; memset(__net, 0, sizeof(__net)); if (!state_helper_verdict(type, ct)) return; - memcpy(__net + sizeof(struct nlnetwork), nlh, nlh->nlmsg_len); + memcpy(__net + NETHDR_SIZ, nlh, nlh->nlmsg_len); mcast_send_netmsg(STATE_SYNC(mcast_client), net); if (STATE_SYNC(sync)->send) STATE_SYNC(sync)->send(type, net, u); @@ -312,24 +328,8 @@ static int overrun_cb(enum nf_conntrack_msg_type type, if (!cache_test(STATE_SYNC(internal), ct)) { if ((u = cache_update_force(STATE_SYNC(internal), ct))) { - int ret; - char __nlh[4096]; - struct nlmsghdr *nlh = (struct nlmsghdr *) __nlh; - debug_ct(u->ct, "overrun resync"); - - ret = nfct_build_query(STATE(subsys_dump), - NFCT_Q_UPDATE, - u->ct, - __nlh, - sizeof(__nlh)); - - if (ret == -1) { - dlog(STATE(log), "can't build overrun"); - return NFCT_CB_CONTINUE; - } - - mcast_send_sync(nlh, u, ct, NFCT_T_UPDATE); + mcast_build_send_update(u); } } @@ -344,21 +344,8 @@ static int overrun_purge_step(void *data1, void *data2) ret = nfct_query(h, NFCT_Q_GET, u->ct); if (ret == -1 && errno == ENOENT) { - char __nlh[4096]; - struct nlmsghdr *nlh = (struct nlmsghdr *) (__nlh); - debug_ct(u->ct, "overrun purge resync"); - - ret = nfct_build_query(STATE(subsys_dump), - NFCT_Q_DESTROY, - u->ct, - __nlh, - sizeof(__nlh)); - - if (ret == -1) - dlog(STATE(log), "failed to build network message"); - - mcast_send_sync(nlh, NULL, u->ct, NFCT_T_DESTROY); + mcast_build_send_destroy(u); __cache_del(STATE_SYNC(internal), u->ct); } diff --git a/src/sync-nack.c b/src/sync-nack.c index 1f62294..20ad1f4 100644 --- a/src/sync-nack.c +++ b/src/sync-nack.c @@ -79,14 +79,14 @@ static void nack_kill() static void mcast_send_control(u_int32_t flags, u_int32_t from, u_int32_t to) { - struct nlnetwork_ack ack = { + struct nethdr_ack ack = { .flags = flags, .from = from, .to = to, }; mcast_send_error(STATE_SYNC(mcast_client), &ack); - buffer_add(STATE_SYNC(buffer), &ack, sizeof(struct nlnetwork_ack)); + buffer_add(STATE_SYNC(buffer), &ack, NETHDR_ACK_SIZ); } static int nack_local(int fd, int type, void *data) @@ -95,7 +95,7 @@ static int nack_local(int fd, int type, void *data) switch(type) { case REQUEST_DUMP: - mcast_send_control(NET_RESYNC, 0, 0); + mcast_send_control(NET_F_RESYNC, 0, 0); dlog(STATE(log), "[REQ] request resync"); break; default: @@ -108,9 +108,9 @@ static int nack_local(int fd, int type, void *data) static int buffer_compare(void *data1, void *data2) { - struct nlnetwork *net = data1; - struct nlnetwork_ack *nack = data2; - struct nlmsghdr *nlh = data1 + sizeof(struct nlnetwork); + struct nethdr *net = data1; + struct nethdr_ack *nack = data2; + struct nlmsghdr *nlh = data1 + NETHDR_SIZ; unsigned old_seq = ntohl(net->seq); @@ -124,8 +124,8 @@ static int buffer_compare(void *data1, void *data2) static int buffer_remove(void *data1, void *data2) { - struct nlnetwork *net = data1; - struct nlnetwork_ack *h = data2; + struct nethdr *net = data1; + struct nethdr_ack *h = data2; if (between(ntohl(net->seq), h->from, h->to)) { dp("remove from buffer (seq=%u)\n", ntohl(net->seq)); @@ -138,9 +138,7 @@ static void queue_resend(struct cache *c, unsigned int from, unsigned int to) { struct list_head *n; struct us_conntrack *u; - unsigned int *seq; - lock(); list_for_each(n, &queue) { struct cache_nack *cn = (struct cache_nack *) n; struct us_conntrack *u; @@ -151,35 +149,19 @@ static void queue_resend(struct cache *c, unsigned int from, unsigned int to) debug_ct(u->ct, "resend nack"); dp("resending nack'ed (oldseq=%u) ", cn->seq); - char buf[4096]; - struct nlnetwork *net = (struct nlnetwork *) buf; - - int ret = build_network_msg(NFCT_Q_UPDATE, - STATE(subsys_event), - u->ct, - buf, - sizeof(buf)); - if (ret == -1) { - unlock(); - break; - } - - mcast_send_netmsg(STATE_SYNC(mcast_client), buf); - if (STATE_SYNC(sync)->send) - STATE_SYNC(sync)->send(NFCT_T_UPDATE, net, u); - dp("(newseq=%u)\n", *seq); + if (mcast_build_send_update(u) == -1) + continue; + + dp("(newseq=%u)\n", cn->seq); } } - unlock(); } static void queue_empty(struct cache *c, unsigned int from, unsigned int to) { struct list_head *n, *tmp; struct us_conntrack *u; - unsigned int *seq; - lock(); dp("ACK from %u to %u\n", from, to); list_for_each_safe(n, tmp, &queue) { struct cache_nack *cn = (struct cache_nack *) n; @@ -193,10 +175,9 @@ static void queue_empty(struct cache *c, unsigned int from, unsigned int to) INIT_LIST_HEAD(&cn->head); } } - unlock(); } -static int nack_recv(const struct nlnetwork *net) +static int nack_recv(const struct nethdr *net) { static unsigned int window = 0; unsigned int exp_seq; @@ -206,31 +187,31 @@ static int nack_recv(const struct nlnetwork *net) if (!mcast_track_seq(net->seq, &exp_seq)) { dp("OOS: sending nack (seq=%u)\n", exp_seq); - mcast_send_control(NET_NACK, exp_seq, net->seq - 1); + mcast_send_control(NET_F_NACK, exp_seq, net->seq - 1); window = CONFIG(window_size); } else { /* received a window, send an acknowledgement */ if (--window == 0) { dp("sending ack (seq=%u)\n", net->seq); - mcast_send_control(NET_ACK, + mcast_send_control(NET_F_ACK, net->seq - CONFIG(window_size), net->seq); } } - if (net->flags & NET_NACK) { - struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net; + if (net->flags & NET_F_NACK) { + struct nethdr_ack *nack = (struct nethdr_ack *) net; dp("NACK: from seq=%u to seq=%u\n", nack->from, nack->to); queue_resend(STATE_SYNC(internal), nack->from, nack->to); buffer_iterate(STATE_SYNC(buffer), nack, buffer_compare); return 1; - } else if (net->flags & NET_RESYNC) { + } else if (net->flags & NET_F_RESYNC) { dp("RESYNC ALL\n"); cache_bulk(STATE_SYNC(internal)); return 1; - } else if (net->flags & NET_ACK) { - struct nlnetwork_ack *h = (struct nlnetwork_ack *) net; + } else if (net->flags & NET_F_ACK) { + struct nethdr_ack *h = (struct nethdr_ack *) net; dp("ACK: from seq=%u to seq=%u\n", h->from, h->to); queue_empty(STATE_SYNC(internal), h->from, h->to); @@ -242,10 +223,10 @@ static int nack_recv(const struct nlnetwork *net) } static void nack_send(int type, - const struct nlnetwork *net, + const struct nethdr *net, struct us_conntrack *u) { - unsigned int size = sizeof(struct nlnetwork); + int size = NETHDR_SIZ; struct nlmsghdr *nlh = (struct nlmsghdr *) ((void *) net + size); struct cache_nack *cn; diff --git a/src/sync-notrack.c b/src/sync-notrack.c index 4a470f9..1d6eba8 100644 --- a/src/sync-notrack.c +++ b/src/sync-notrack.c @@ -25,18 +25,11 @@ static void refresher(struct alarm_list *a, void *data) { struct us_conntrack *u = data; - char __net[4096]; - int size; debug_ct(u->ct, "persistence update"); a->expires = random() % CONFIG(refresh) + 1; - size = build_network_msg(NFCT_Q_UPDATE, - STATE(subsys_event), - u->ct, - __net, - sizeof(__net)); - mcast_send_netmsg(STATE_SYNC(mcast_client), __net); + mcast_build_send_update(u); } static void cache_notrack_add(struct us_conntrack *u, void *data) @@ -69,7 +62,7 @@ static struct cache_extra cache_notrack_extra = { .destroy = cache_notrack_destroy }; -static int notrack_recv(const struct nlnetwork *net) +static int notrack_recv(const struct nethdr *net) { unsigned int exp_seq; @@ -78,7 +71,7 @@ static int notrack_recv(const struct nlnetwork *net) * generated in notrack mode, we don't want to crash the daemon * if someone nuts mixes nack and notrack. */ - if (net->flags & (NET_RESYNC | NET_NACK)) + if (net->flags) return 1; /* |