summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2007-06-13 19:46:11 +0000
committer/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2007-06-13 19:46:11 +0000
commite6f0851b184123ebf04df45e2f29a59f0cb827eb (patch)
tree173f08d0a5e3c059bec480ba3a4fe9880e7267e1
parent7e28837a6073600129d2fc06c23c40726ef5976a (diff)
downloadconntrack-tools-e6f0851b184123ebf04df45e2f29a59f0cb827eb.tar.gz
conntrack-tools-e6f0851b184123ebf04df45e2f29a59f0cb827eb.zip
- local requests return EXIT_FAILURE if it can't connect to the daemon
- several cleanups
-rw-r--r--ChangeLog1
-rw-r--r--include/network.h5
-rw-r--r--src/main.c4
-rw-r--r--src/network.c46
-rw-r--r--src/sync-nack.c40
5 files changed, 29 insertions, 67 deletions
diff --git a/ChangeLog b/ChangeLog
index 86a9a46..f1ae81f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,7 @@ o remove confusing StripNAT parameter: NAT support enabled by default
o relax event tracking: *_update callbacks use cache_update_force
o use wraparound-aware functions after/before/between
o commit phase: if conntrack exists, update it
+o local requests return EXIT_FAILURE if it can't connect to the daemon
o lots of cleanups
= conntrack =
diff --git a/include/network.h b/include/network.h
index 5ba808a..243815a 100644
--- a/include/network.h
+++ b/include/network.h
@@ -4,13 +4,14 @@
#include <sys/types.h>
struct nlnetwork {
- u_int16_t flags;
+ u_int16_t flags;
+ u_int16_t padding;
u_int32_t seq;
};
struct nlnetwork_ack {
u_int16_t flags;
- u_int16_t checksum;
+ u_int16_t padding;
u_int32_t seq;
u_int32_t from;
u_int32_t to;
diff --git a/src/main.c b/src/main.c
index 1c75970..a039793 100644
--- a/src/main.c
+++ b/src/main.c
@@ -252,9 +252,11 @@ int main(int argc, char *argv[])
}
if (type == REQUEST) {
- if (do_local_request(action, &conf.local, local_step) == -1)
+ if (do_local_request(action, &conf.local, local_step) == -1) {
fprintf(stderr, "can't connect: is conntrackd "
"running? appropiate permissions?\n");
+ exit(EXIT_FAILURE);
+ }
exit(EXIT_SUCCESS);
}
diff --git a/src/network.c b/src/network.c
index a7ce740..37f437e 100644
--- a/src/network.c
+++ b/src/network.c
@@ -19,20 +19,25 @@
#include "conntrackd.h"
#include "network.h"
-#if 0
-#define _TEST_DROP
-#else
-#undef _TEST_DROP
-#endif
-
-static int drop = 0; /* debugging purposes */
static unsigned int seq_set, cur_seq;
static int send_netmsg(struct mcast_sock *m, void *data, unsigned int len)
{
struct nlnetwork *net = data;
+ if (!seq_set) {
+ seq_set = 1;
+ cur_seq = time(NULL);
+ net->flags |= NET_HELLO;
+ }
+
+ net->flags = htons(net->flags);
+ net->seq = htonl(cur_seq++);
+
+#undef _TEST_DROP
#ifdef _TEST_DROP
+ static int drop = 0;
+
if (++drop > 10) {
drop = 0;
printf("dropping resend (seq=%u)\n", ntohl(net->seq));
@@ -48,15 +53,6 @@ int mcast_send_netmsg(struct mcast_sock *m, void *data)
unsigned int len = nlh->nlmsg_len + sizeof(struct nlnetwork);
struct nlnetwork *net = data;
- if (!seq_set) {
- seq_set = 1;
- cur_seq = time(NULL);
- net->flags |= NET_HELLO;
- }
-
- net->flags = htons(net->flags);
- net->seq = htonl(cur_seq++);
-
if (nlh_host2network(nlh) == -1)
return -1;
@@ -71,20 +67,11 @@ int mcast_resend_netmsg(struct mcast_sock *m, void *data)
net->flags = ntohs(net->flags);
- if (!seq_set) {
- seq_set = 1;
- cur_seq = time(NULL);
- net->flags |= NET_HELLO;
- }
-
if (net->flags & NET_NACK || net->flags & NET_ACK)
len = sizeof(struct nlnetwork_ack);
else
len = sizeof(struct nlnetwork) + ntohl(nlh->nlmsg_len);
- net->flags = htons(net->flags);
- net->seq = htonl(cur_seq++);
-
return send_netmsg(m, data, len);
}
@@ -93,12 +80,6 @@ int mcast_send_error(struct mcast_sock *m, void *data)
struct nlnetwork *net = data;
unsigned int len = sizeof(struct nlnetwork);
- if (!seq_set) {
- seq_set = 1;
- cur_seq = time(NULL);
- net->flags |= NET_HELLO;
- }
-
if (net->flags & NET_NACK || net->flags & NET_ACK) {
struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net;
nack->from = htonl(nack->from);
@@ -106,9 +87,6 @@ int mcast_send_error(struct mcast_sock *m, void *data)
len = sizeof(struct nlnetwork_ack);
}
- net->flags = htons(net->flags);
- net->seq = htonl(cur_seq++);
-
return send_netmsg(m, data, len);
}
diff --git a/src/sync-nack.c b/src/sync-nack.c
index e435b09..1f62294 100644
--- a/src/sync-nack.c
+++ b/src/sync-nack.c
@@ -77,47 +77,25 @@ static void nack_kill()
buffer_destroy(STATE_SYNC(buffer));
}
-static void mcast_send_nack(u_int32_t expt_seq, u_int32_t recv_seq)
-{
- struct nlnetwork_ack nack = {
- .flags = NET_NACK,
- .from = expt_seq,
- .to = recv_seq,
- };
-
- mcast_send_error(STATE_SYNC(mcast_client), &nack);
- buffer_add(STATE_SYNC(buffer), &nack, sizeof(struct nlnetwork_ack));
-}
-
-static void mcast_send_ack(u_int32_t from, u_int32_t to)
+static void mcast_send_control(u_int32_t flags, u_int32_t from, u_int32_t to)
{
struct nlnetwork_ack ack = {
- .flags = NET_ACK,
- .from = from,
- .to = to,
+ .flags = flags,
+ .from = from,
+ .to = to,
};
mcast_send_error(STATE_SYNC(mcast_client), &ack);
buffer_add(STATE_SYNC(buffer), &ack, sizeof(struct nlnetwork_ack));
}
-static void mcast_send_resync()
-{
- struct nlnetwork net = {
- .flags = NET_RESYNC,
- };
-
- mcast_send_error(STATE_SYNC(mcast_client), &net);
- buffer_add(STATE_SYNC(buffer), &net, sizeof(struct nlnetwork));
-}
-
-int nack_local(int fd, int type, void *data)
+static int nack_local(int fd, int type, void *data)
{
int ret = 1;
switch(type) {
case REQUEST_DUMP:
- mcast_send_resync();
+ mcast_send_control(NET_RESYNC, 0, 0);
dlog(STATE(log), "[REQ] request resync");
break;
default:
@@ -228,13 +206,15 @@ static int nack_recv(const struct nlnetwork *net)
if (!mcast_track_seq(net->seq, &exp_seq)) {
dp("OOS: sending nack (seq=%u)\n", exp_seq);
- mcast_send_nack(exp_seq, net->seq - 1);
+ mcast_send_control(NET_NACK, exp_seq, net->seq - 1);
window = CONFIG(window_size);
} else {
/* received a window, send an acknowledgement */
if (--window == 0) {
dp("sending ack (seq=%u)\n", net->seq);
- mcast_send_ack(net->seq-CONFIG(window_size), net->seq);
+ mcast_send_control(NET_ACK,
+ net->seq - CONFIG(window_size),
+ net->seq);
}
}