summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2008-05-26 02:24:03 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2008-05-26 02:24:03 +0200
commite877faf2c1c557399a57a884a21133e607909b16 (patch)
tree89184e9ee045eb48a3299ae6bbb562a58f69920e /src
parentf152340a26912d090b5fd15be10208605929816b (diff)
downloadconntrack-tools-e877faf2c1c557399a57a884a21133e607909b16.tar.gz
conntrack-tools-e877faf2c1c557399a57a884a21133e607909b16.zip
rework the HELLO logic inside FT-FW
Diffstat (limited to 'src')
-rw-r--r--src/sync-ftfw.c50
-rw-r--r--src/sync-mode.c4
2 files changed, 47 insertions, 7 deletions
diff --git a/src/sync-ftfw.c b/src/sync-ftfw.c
index adfdda9..42005c4 100644
--- a/src/sync-ftfw.c
+++ b/src/sync-ftfw.c
@@ -52,6 +52,7 @@ static uint32_t window;
static uint32_t ack_from;
static int ack_from_set = 0;
static struct alarm_block alive_alarm;
+static int hello_state = SAY_HELLO;
/* XXX: alive message expiration configurable */
#define ALIVE_INT 1
@@ -97,6 +98,16 @@ static void tx_queue_add_ctlmsg(uint32_t flags, uint32_t from, uint32_t to)
.to = to,
};
+ switch(hello_state) {
+ case SAY_HELLO:
+ ack.flags |= NET_F_HELLO;
+ break;
+ case HELLO_BACK:
+ ack.flags |= NET_F_HELLO_BACK;
+ hello_state = HELLO_DONE;
+ break;
+ }
+
queue_add(tx_queue, &ack, NETHDR_ACK_SIZ);
write_evfd(STATE_SYNC(evfd));
}
@@ -315,10 +326,29 @@ static int digest_msg(const struct nethdr *net)
return MSG_BAD;
}
+static int digest_hello(const struct nethdr *net)
+{
+ int ret = 0;
+
+ if (IS_HELLO(net)) {
+ dlog(LOG_NOTICE, "The other node says HELLO");
+ hello_state = HELLO_BACK;
+ ret = 1;
+ } else if (IS_HELLO_BACK(net)) {
+ dlog(LOG_NOTICE, "The other node says HELLO BACK");
+ hello_state = HELLO_DONE;
+ }
+
+ return ret;
+}
+
static int ftfw_recv(const struct nethdr *net)
{
int ret = MSG_DATA;
+ if (digest_hello(net))
+ goto bypass;
+
switch (mcast_track_seq(net->seq, &exp_seq)) {
case SEQ_AFTER:
ret = digest_msg(net);
@@ -348,14 +378,12 @@ static int ftfw_recv(const struct nethdr *net)
/* we don't accept delayed packets */
dlog(LOG_WARNING, "Received seq=%u before expected seq=%u",
net->seq, exp_seq);
- dlog(LOG_WARNING, "Probably the other node has come back"
- "to life but you forgot to add "
- "conntrackd -r to your scripts");
ret = MSG_DROP;
break;
case SEQ_UNSET:
case SEQ_IN_SYNC:
+bypass:
ret = digest_msg(net);
if (ret == MSG_BAD) {
ret = MSG_BAD;
@@ -390,8 +418,6 @@ static void ftfw_send(struct nethdr *net, struct us_conntrack *u)
struct netpld *pld = NETHDR_DATA(net);
struct cache_ftfw *cn;
- HDR_NETWORK2HOST(net);
-
switch(ntohs(pld->query)) {
case NFCT_Q_CREATE:
case NFCT_Q_UPDATE:
@@ -404,7 +430,19 @@ static void ftfw_send(struct nethdr *net, struct us_conntrack *u)
rs_list_len--;
}
- cn->seq = net->seq;
+ switch(hello_state) {
+ case SAY_HELLO:
+ net->flags = ntohs(net->flags) | NET_F_HELLO;
+ net->flags = htons(net->flags);
+ break;
+ case HELLO_BACK:
+ net->flags = ntohs(net->flags) | NET_F_HELLO_BACK;
+ net->flags = htons(net->flags);
+ hello_state = HELLO_DONE;
+ break;
+ }
+
+ cn->seq = ntohl(net->seq);
list_add_tail(&cn->rs_list, &rs_list);
rs_list_len++;
break;
diff --git a/src/sync-mode.c b/src/sync-mode.c
index 16cc70d..4b36935 100644
--- a/src/sync-mode.c
+++ b/src/sync-mode.c
@@ -395,9 +395,11 @@ static void mcast_send_sync(struct us_conntrack *u, int query)
net = BUILD_NETMSG(u->ct, query);
len = prepare_send_netmsg(STATE_SYNC(mcast_client), net);
- mcast_buffered_send_netmsg(STATE_SYNC(mcast_client), net, len);
+
if (STATE_SYNC(sync)->send)
STATE_SYNC(sync)->send(net, u);
+
+ mcast_buffered_send_netmsg(STATE_SYNC(mcast_client), net, len);
}
static int purge_step(void *data1, void *data2)