summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog2
-rw-r--r--include/network.h22
-rw-r--r--include/sync.h6
-rw-r--r--src/cache.c1
-rw-r--r--src/cache_iterators.c22
-rw-r--r--src/ignore_pool.c1
-rw-r--r--src/local.c19
-rw-r--r--src/network.c89
-rw-r--r--src/run.c13
-rw-r--r--src/stats-mode.c8
-rw-r--r--src/sync-mode.c69
-rw-r--r--src/sync-nack.c63
-rw-r--r--src/sync-notrack.c13
13 files changed, 156 insertions, 172 deletions
diff --git a/ChangeLog b/ChangeLog
index f1ae81f..aa93d4c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,8 @@ o relax event tracking: *_update callbacks use cache_update_force
o use wraparound-aware functions after/before/between
o commit phase: if conntrack exists, update it
o local requests return EXIT_FAILURE if it can't connect to the daemon
+o remove several debug statements
+o fork when internal/external dump cache requests are received
o lots of cleanups
= conntrack =
diff --git a/include/network.h b/include/network.h
index 243815a..31903a5 100644
--- a/include/network.h
+++ b/include/network.h
@@ -3,32 +3,34 @@
#include <sys/types.h>
-struct nlnetwork {
+struct nethdr {
u_int16_t flags;
u_int16_t padding;
u_int32_t seq;
};
+#define NETHDR_SIZ sizeof(struct nethdr)
-struct nlnetwork_ack {
+struct nethdr_ack {
u_int16_t flags;
u_int16_t padding;
u_int32_t seq;
u_int32_t from;
u_int32_t to;
};
+#define NETHDR_ACK_SIZ sizeof(struct nethdr_ack)
enum {
- NET_HELLO_BIT = 0,
- NET_HELLO = (1 << NET_HELLO_BIT),
+ NET_F_HELLO_BIT = 0,
+ NET_F_HELLO = (1 << NET_F_HELLO_BIT),
- NET_RESYNC_BIT = 1,
- NET_RESYNC = (1 << NET_RESYNC_BIT),
+ NET_F_RESYNC_BIT = 1,
+ NET_F_RESYNC = (1 << NET_F_RESYNC_BIT),
- NET_NACK_BIT = 2,
- NET_NACK = (1 << NET_NACK_BIT),
+ NET_F_NACK_BIT = 2,
+ NET_F_NACK = (1 << NET_F_NACK_BIT),
- NET_ACK_BIT = 3,
- NET_ACK = (1 << NET_ACK_BIT),
+ NET_F_ACK_BIT = 3,
+ NET_F_ACK = (1 << NET_F_ACK_BIT),
};
/* extracted from net/tcp.h */
diff --git a/include/sync.h b/include/sync.h
index 72f6313..a737e81 100644
--- a/include/sync.h
+++ b/include/sync.h
@@ -1,7 +1,7 @@
#ifndef _SYNC_HOOKS_H_
#define _SYNC_HOOKS_H_
-struct nlnetwork;
+struct nethdr;
struct us_conntrack;
struct sync_mode {
@@ -13,9 +13,9 @@ struct sync_mode {
int (*init)(void);
void (*kill)(void);
int (*local)(int fd, int type, void *data);
- int (*recv)(const struct nlnetwork *net); /* recv callback */
+ int (*recv)(const struct nethdr *net); /* recv callback */
void (*send)(int type, /* send callback */
- const struct nlnetwork *net,
+ const struct nethdr *net,
struct us_conntrack *u);
};
diff --git a/src/cache.c b/src/cache.c
index 1b130c8..3bf331c 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -23,7 +23,6 @@
#include <errno.h>
#include "us-conntrack.h"
#include "cache.h"
-#include "debug.h"
static u_int32_t hash(const void *data, struct hashtable *table)
{
diff --git a/src/cache_iterators.c b/src/cache_iterators.c
index 279ddab..7ae25fa 100644
--- a/src/cache_iterators.c
+++ b/src/cache_iterators.c
@@ -23,7 +23,6 @@
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
#include <errno.h>
#include "us-conntrack.h"
-#include "debug.h"
struct __dump_container {
int fd;
@@ -120,8 +119,7 @@ static int do_commit(void *data1, void *data2)
free(ct);
if (ret == -1) {
- /* XXX: Please cleanup this debug crap, default in logfile */
- debug("--- failed to build: %s --- \n", strerror(errno));
+ dlog(STATE(log), "failed to build: %s", strerror(errno));
return 0;
}
@@ -135,10 +133,8 @@ static int do_commit(void *data1, void *data2)
c->commit_fail++;
break;
}
- debug("--- failed to commit: %s --- \n", strerror(errno));
} else {
c->commit_ok++;
- debug("----- commit -----\n");
}
/* keep iterating even if we have found errors */
@@ -207,20 +203,8 @@ static int do_bulk(void *data1, void *data2)
{
int ret;
struct us_conntrack *u = data2;
- char buf[4096];
- struct nlnetwork *net = (struct nlnetwork *) buf;
-
- ret = build_network_msg(NFCT_Q_UPDATE,
- STATE(subsys_dump),
- u->ct,
- buf,
- sizeof(buf));
- if (ret == -1)
- debug_ct(u->ct, "failed to build");
-
- mcast_send_netmsg(STATE_SYNC(mcast_client), net);
- if (STATE_SYNC(sync)->send)
- STATE_SYNC(sync)->send(NFCT_T_UPDATE, net, u);
+
+ mcast_build_send_update(u);
/* keep iterating even if we have found errors */
return 0;
diff --git a/src/ignore_pool.c b/src/ignore_pool.c
index 5946617..d6f0e93 100644
--- a/src/ignore_pool.c
+++ b/src/ignore_pool.c
@@ -20,7 +20,6 @@
#include "hash.h"
#include "conntrackd.h"
#include "ignore.h"
-#include "debug.h"
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
#define IGNORE_POOL_SIZE 32
diff --git a/src/local.c b/src/local.c
index eef70ad..be51b9e 100644
--- a/src/local.c
+++ b/src/local.c
@@ -1,5 +1,5 @@
/*
- * (C) 2006 by Pablo Neira Ayuso <pablo@netfilter.org>
+ * (C) 2006-2007 by Pablo Neira Ayuso <pablo@netfilter.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -22,7 +22,6 @@
#include <unistd.h>
#include <arpa/inet.h>
#include <errno.h>
-#include "debug.h"
#include "local.h"
@@ -32,14 +31,11 @@ int local_server_create(struct local_conf *conf)
int len;
struct sockaddr_un local;
- if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
- debug("local_server_create:socket");
+ if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
return -1;
- }
if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &conf->reuseaddr,
sizeof(conf->reuseaddr)) == -1) {
- debug("local_server_create:setsockopt");
close(fd);
return -1;
}
@@ -50,14 +46,12 @@ int local_server_create(struct local_conf *conf)
unlink(conf->path);
if (bind(fd, (struct sockaddr *) &local, len) == -1) {
- debug("local_server_create:bind");
close(fd);
return -1;
}
if (listen(fd, conf->backlog) == -1) {
close(fd);
- debug("local_server_create:listen");
return -1;
}
@@ -76,10 +70,8 @@ int do_local_server_step(int fd, void *data,
struct sockaddr_un local;
size_t sin_size = sizeof(struct sockaddr_un);
- if ((rfd = accept(fd, (struct sockaddr *)&local, &sin_size)) == -1) {
- debug("do_local_server_step:accept");
+ if ((rfd = accept(fd, (struct sockaddr *)&local, &sin_size)) == -1)
return -1;
- }
process(rfd, data);
close(rfd);
@@ -102,7 +94,6 @@ int local_client_create(struct local_conf *conf)
if (connect(fd, (struct sockaddr *) &local, len) == -1) {
close(fd);
- debug("local_client_create: connect: ");
return -1;
}
@@ -146,10 +137,8 @@ int do_local_request(int request,
return -1;
ret = send(fd, &request, sizeof(int), 0);
- if (ret == -1) {
- debug("send:");
+ if (ret == -1)
return -1;
- }
do_local_client_step(fd, step);
diff --git a/src/network.c b/src/network.c
index 37f437e..159bdf3 100644
--- a/src/network.c
+++ b/src/network.c
@@ -23,12 +23,12 @@ static unsigned int seq_set, cur_seq;
static int send_netmsg(struct mcast_sock *m, void *data, unsigned int len)
{
- struct nlnetwork *net = data;
+ struct nethdr *net = data;
if (!seq_set) {
seq_set = 1;
cur_seq = time(NULL);
- net->flags |= NET_HELLO;
+ net->flags |= NET_F_HELLO;
}
net->flags = htons(net->flags);
@@ -49,9 +49,9 @@ static int send_netmsg(struct mcast_sock *m, void *data, unsigned int len)
int mcast_send_netmsg(struct mcast_sock *m, void *data)
{
- struct nlmsghdr *nlh = data + sizeof(struct nlnetwork);
- unsigned int len = nlh->nlmsg_len + sizeof(struct nlnetwork);
- struct nlnetwork *net = data;
+ struct nlmsghdr *nlh = data + NETHDR_SIZ;
+ unsigned int len = nlh->nlmsg_len + NETHDR_SIZ;
+ struct nethdr *net = data;
if (nlh_host2network(nlh) == -1)
return -1;
@@ -61,40 +61,77 @@ int mcast_send_netmsg(struct mcast_sock *m, void *data)
int mcast_resend_netmsg(struct mcast_sock *m, void *data)
{
- struct nlnetwork *net = data;
- struct nlmsghdr *nlh = data + sizeof(struct nlnetwork);
+ struct nethdr *net = data;
+ struct nlmsghdr *nlh = data + NETHDR_SIZ;
unsigned int len;
net->flags = ntohs(net->flags);
- if (net->flags & NET_NACK || net->flags & NET_ACK)
- len = sizeof(struct nlnetwork_ack);
+ if (net->flags & NET_F_NACK || net->flags & NET_F_ACK)
+ len = NETHDR_ACK_SIZ;
else
- len = sizeof(struct nlnetwork) + ntohl(nlh->nlmsg_len);
+ len = ntohl(nlh->nlmsg_len) + NETHDR_SIZ;
return send_netmsg(m, data, len);
}
int mcast_send_error(struct mcast_sock *m, void *data)
{
- struct nlnetwork *net = data;
- unsigned int len = sizeof(struct nlnetwork);
+ struct nethdr *net = data;
+ unsigned int len = NETHDR_SIZ;
- if (net->flags & NET_NACK || net->flags & NET_ACK) {
- struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net;
+ if (net->flags & NET_F_NACK || net->flags & NET_F_ACK) {
+ struct nethdr_ack *nack = (struct nethdr_ack *) net;
nack->from = htonl(nack->from);
nack->to = htonl(nack->to);
- len = sizeof(struct nlnetwork_ack);
+ len = NETHDR_ACK_SIZ;
}
return send_netmsg(m, data, len);
}
+#include "us-conntrack.h"
+#include "sync.h"
+
+static int __build_send(struct us_conntrack *u, int type, int query)
+{
+ char __net[4096];
+ struct nethdr *net = (struct nethdr *) __net;
+
+ if (!state_helper_verdict(type, u->ct))
+ return 0;
+
+ int ret = build_network_msg(query,
+ STATE(subsys_event),
+ u->ct,
+ __net,
+ sizeof(__net));
+
+ if (ret == -1)
+ return -1;
+
+ mcast_send_netmsg(STATE_SYNC(mcast_client), __net);
+ if (STATE_SYNC(sync)->send)
+ STATE_SYNC(sync)->send(type, net, u);
+
+ return 0;
+}
+
+int mcast_build_send_update(struct us_conntrack *u)
+{
+ return __build_send(u, NFCT_T_UPDATE, NFCT_Q_UPDATE);
+}
+
+int mcast_build_send_destroy(struct us_conntrack *u)
+{
+ return __build_send(u, NFCT_T_DESTROY, NFCT_Q_DESTROY);
+}
+
int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len)
{
int ret;
- struct nlnetwork *net = data;
- struct nlmsghdr *nlh = data + sizeof(struct nlnetwork);
+ struct nethdr *net = data;
+ struct nlmsghdr *nlh = data + NETHDR_SIZ;
struct nfgenmsg *nfhdr;
ret = mcast_recv(m, net, len);
@@ -102,17 +139,17 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len)
return ret;
/* message too small: no room for the header */
- if (ret < sizeof(struct nlnetwork))
+ if (ret < NETHDR_SIZ)
return -1;
- if (ntohs(net->flags) & NET_HELLO)
+ if (ntohs(net->flags) & NET_F_HELLO)
STATE_SYNC(last_seq_recv) = ntohl(net->seq) - 1;
- if (ntohs(net->flags) & NET_NACK || ntohs(net->flags) & NET_ACK) {
- struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net;
+ if (ntohs(net->flags) & NET_F_NACK || ntohs(net->flags) & NET_F_ACK) {
+ struct nethdr_ack *nack = (struct nethdr_ack *) net;
/* message too small: no room for the header */
- if (ret < sizeof(struct nlnetwork_ack))
+ if (ret < NETHDR_ACK_SIZ)
return -1;
/* host byte order conversion */
@@ -126,7 +163,7 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len)
return ret;
}
- if (ntohs(net->flags) & NET_RESYNC) {
+ if (ntohs(net->flags) & NET_F_RESYNC) {
/* host byte order conversion */
net->flags = ntohs(net->flags);
net->seq = ntohl(net->seq);
@@ -139,7 +176,7 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len)
return -1;
/* information received and message length does not match */
- if (ret != ntohl(nlh->nlmsg_len) + sizeof(struct nlnetwork))
+ if (ret != ntohl(nlh->nlmsg_len) + NETHDR_SIZ)
return -1;
/* this message does not come from ctnetlink */
@@ -209,8 +246,8 @@ int build_network_msg(const int msg_type,
unsigned int size)
{
memset(buffer, 0, size);
- buffer += sizeof(struct nlnetwork);
- size -= sizeof(struct nlnetwork);
+ buffer += NETHDR_SIZ;
+ size -= NETHDR_SIZ;
return nfct_build_query(ssh, msg_type, ct, buffer, size);
}
diff --git a/src/run.c b/src/run.c
index b7dc543..0173c9f 100644
--- a/src/run.c
+++ b/src/run.c
@@ -47,6 +47,11 @@ void killer(int foo)
exit(0);
}
+static void child(int foo)
+{
+ while(wait(NULL) > 0);
+}
+
void local_handler(int fd, void *data)
{
int ret;
@@ -54,11 +59,11 @@ void local_handler(int fd, void *data)
ret = read(fd, &type, sizeof(type));
if (ret == -1) {
- dlog(STATE(log), "can't read from unix socket\n");
+ dlog(STATE(log), "can't read from unix socket");
return;
}
if (ret == 0) {
- debug("nothing to process\n");
+ dlog(STATE(log), "local request: nothing to process?");
return;
}
@@ -122,6 +127,7 @@ int init(int mode)
sigemptyset(&STATE(block));
sigaddset(&STATE(block), SIGTERM);
sigaddset(&STATE(block), SIGINT);
+ sigaddset(&STATE(block), SIGCHLD);
if (signal(SIGINT, killer) == SIG_ERR)
return -1;
@@ -133,6 +139,9 @@ int init(int mode)
if (signal(SIGPIPE, SIG_IGN) == SIG_ERR)
return -1;
+ if (signal(SIGCHLD, child) == SIG_ERR)
+ return -1;
+
dlog(STATE(log), "[OK] initialization completed");
return 0;
diff --git a/src/stats-mode.c b/src/stats-mode.c
index f65fbdb..92794cd 100644
--- a/src/stats-mode.c
+++ b/src/stats-mode.c
@@ -142,9 +142,11 @@ static void event_new_stats(struct nf_conntrack *ct, struct nlmsghdr *nlh)
if (cache_add(STATE_STATS(cache), ct)) {
debug_ct(ct, "cache new");
} else {
- dlog(STATE(log), "can't add to cache cache: "
- "%s\n", strerror(errno));
- debug_ct(ct, "can't add");
+ if (errno != EEXIST) {
+ dlog(STATE(log), "can't add to cache cache: "
+ "%s\n", strerror(errno));
+ debug_ct(ct, "can't add");
+ }
}
}
diff --git a/src/sync-mode.c b/src/sync-mode.c
index cb95392..8433532 100644
--- a/src/sync-mode.c
+++ b/src/sync-mode.c
@@ -32,10 +32,10 @@
static void mcast_handler()
{
int ret;
- unsigned int type, size = sizeof(struct nlnetwork);
+ unsigned int type;
char __net[4096];
- struct nlnetwork *net = (struct nlnetwork *) __net;
- struct nlmsghdr *nlh = (struct nlmsghdr *) (__net + size);
+ struct nethdr *net = (struct nethdr *) __net;
+ struct nlmsghdr *nlh = (struct nlmsghdr *) (__net + NETHDR_SIZ);
char __ct[nfct_maxsize()];
struct nf_conntrack *ct = (struct nf_conntrack *) __ct;
struct us_conntrack *u = NULL;
@@ -93,7 +93,7 @@ retry:
debug_ct(ct, "can't destroy");
break;
default:
- debug("unknown type %d\n", type);
+ dlog(STATE(log), "mcast received unknown msg type %d\n", type);
break;
}
}
@@ -216,16 +216,32 @@ static int local_handler_sync(int fd, int type, void *data)
switch(type) {
case DUMP_INTERNAL:
- cache_dump(STATE_SYNC(internal), fd, NFCT_O_PLAIN);
+ ret = fork();
+ if (ret == 0) {
+ cache_dump(STATE_SYNC(internal), fd, NFCT_O_PLAIN);
+ exit(EXIT_SUCCESS);
+ }
break;
case DUMP_EXTERNAL:
- cache_dump(STATE_SYNC(external), fd, NFCT_O_PLAIN);
+ ret = fork();
+ if (ret == 0) {
+ cache_dump(STATE_SYNC(external), fd, NFCT_O_PLAIN);
+ exit(EXIT_SUCCESS);
+ }
break;
case DUMP_INT_XML:
- cache_dump(STATE_SYNC(internal), fd, NFCT_O_XML);
+ ret = fork();
+ if (ret == 0) {
+ cache_dump(STATE_SYNC(internal), fd, NFCT_O_XML);
+ exit(EXIT_SUCCESS);
+ }
break;
case DUMP_EXT_XML:
- cache_dump(STATE_SYNC(external), fd, NFCT_O_XML);
+ ret = fork();
+ if (ret == 0) {
+ cache_dump(STATE_SYNC(external), fd, NFCT_O_XML);
+ exit(EXIT_SUCCESS);
+ }
break;
case COMMIT:
dlog(STATE(log), "[REQ] commit external cache to master table");
@@ -280,14 +296,14 @@ static void mcast_send_sync(struct nlmsghdr *nlh,
int type)
{
char __net[4096];
- struct nlnetwork *net = (struct nlnetwork *) __net;
+ struct nethdr *net = (struct nethdr *) __net;
memset(__net, 0, sizeof(__net));
if (!state_helper_verdict(type, ct))
return;
- memcpy(__net + sizeof(struct nlnetwork), nlh, nlh->nlmsg_len);
+ memcpy(__net + NETHDR_SIZ, nlh, nlh->nlmsg_len);
mcast_send_netmsg(STATE_SYNC(mcast_client), net);
if (STATE_SYNC(sync)->send)
STATE_SYNC(sync)->send(type, net, u);
@@ -312,24 +328,8 @@ static int overrun_cb(enum nf_conntrack_msg_type type,
if (!cache_test(STATE_SYNC(internal), ct)) {
if ((u = cache_update_force(STATE_SYNC(internal), ct))) {
- int ret;
- char __nlh[4096];
- struct nlmsghdr *nlh = (struct nlmsghdr *) __nlh;
-
debug_ct(u->ct, "overrun resync");
-
- ret = nfct_build_query(STATE(subsys_dump),
- NFCT_Q_UPDATE,
- u->ct,
- __nlh,
- sizeof(__nlh));
-
- if (ret == -1) {
- dlog(STATE(log), "can't build overrun");
- return NFCT_CB_CONTINUE;
- }
-
- mcast_send_sync(nlh, u, ct, NFCT_T_UPDATE);
+ mcast_build_send_update(u);
}
}
@@ -344,21 +344,8 @@ static int overrun_purge_step(void *data1, void *data2)
ret = nfct_query(h, NFCT_Q_GET, u->ct);
if (ret == -1 && errno == ENOENT) {
- char __nlh[4096];
- struct nlmsghdr *nlh = (struct nlmsghdr *) (__nlh);
-
debug_ct(u->ct, "overrun purge resync");
-
- ret = nfct_build_query(STATE(subsys_dump),
- NFCT_Q_DESTROY,
- u->ct,
- __nlh,
- sizeof(__nlh));
-
- if (ret == -1)
- dlog(STATE(log), "failed to build network message");
-
- mcast_send_sync(nlh, NULL, u->ct, NFCT_T_DESTROY);
+ mcast_build_send_destroy(u);
__cache_del(STATE_SYNC(internal), u->ct);
}
diff --git a/src/sync-nack.c b/src/sync-nack.c
index 1f62294..20ad1f4 100644
--- a/src/sync-nack.c
+++ b/src/sync-nack.c
@@ -79,14 +79,14 @@ static void nack_kill()
static void mcast_send_control(u_int32_t flags, u_int32_t from, u_int32_t to)
{
- struct nlnetwork_ack ack = {
+ struct nethdr_ack ack = {
.flags = flags,
.from = from,
.to = to,
};
mcast_send_error(STATE_SYNC(mcast_client), &ack);
- buffer_add(STATE_SYNC(buffer), &ack, sizeof(struct nlnetwork_ack));
+ buffer_add(STATE_SYNC(buffer), &ack, NETHDR_ACK_SIZ);
}
static int nack_local(int fd, int type, void *data)
@@ -95,7 +95,7 @@ static int nack_local(int fd, int type, void *data)
switch(type) {
case REQUEST_DUMP:
- mcast_send_control(NET_RESYNC, 0, 0);
+ mcast_send_control(NET_F_RESYNC, 0, 0);
dlog(STATE(log), "[REQ] request resync");
break;
default:
@@ -108,9 +108,9 @@ static int nack_local(int fd, int type, void *data)
static int buffer_compare(void *data1, void *data2)
{
- struct nlnetwork *net = data1;
- struct nlnetwork_ack *nack = data2;
- struct nlmsghdr *nlh = data1 + sizeof(struct nlnetwork);
+ struct nethdr *net = data1;
+ struct nethdr_ack *nack = data2;
+ struct nlmsghdr *nlh = data1 + NETHDR_SIZ;
unsigned old_seq = ntohl(net->seq);
@@ -124,8 +124,8 @@ static int buffer_compare(void *data1, void *data2)
static int buffer_remove(void *data1, void *data2)
{
- struct nlnetwork *net = data1;
- struct nlnetwork_ack *h = data2;
+ struct nethdr *net = data1;
+ struct nethdr_ack *h = data2;
if (between(ntohl(net->seq), h->from, h->to)) {
dp("remove from buffer (seq=%u)\n", ntohl(net->seq));
@@ -138,9 +138,7 @@ static void queue_resend(struct cache *c, unsigned int from, unsigned int to)
{
struct list_head *n;
struct us_conntrack *u;
- unsigned int *seq;
- lock();
list_for_each(n, &queue) {
struct cache_nack *cn = (struct cache_nack *) n;
struct us_conntrack *u;
@@ -151,35 +149,19 @@ static void queue_resend(struct cache *c, unsigned int from, unsigned int to)
debug_ct(u->ct, "resend nack");
dp("resending nack'ed (oldseq=%u) ", cn->seq);
- char buf[4096];
- struct nlnetwork *net = (struct nlnetwork *) buf;
-
- int ret = build_network_msg(NFCT_Q_UPDATE,
- STATE(subsys_event),
- u->ct,
- buf,
- sizeof(buf));
- if (ret == -1) {
- unlock();
- break;
- }
-
- mcast_send_netmsg(STATE_SYNC(mcast_client), buf);
- if (STATE_SYNC(sync)->send)
- STATE_SYNC(sync)->send(NFCT_T_UPDATE, net, u);
- dp("(newseq=%u)\n", *seq);
+ if (mcast_build_send_update(u) == -1)
+ continue;
+
+ dp("(newseq=%u)\n", cn->seq);
}
}
- unlock();
}
static void queue_empty(struct cache *c, unsigned int from, unsigned int to)
{
struct list_head *n, *tmp;
struct us_conntrack *u;
- unsigned int *seq;
- lock();
dp("ACK from %u to %u\n", from, to);
list_for_each_safe(n, tmp, &queue) {
struct cache_nack *cn = (struct cache_nack *) n;
@@ -193,10 +175,9 @@ static void queue_empty(struct cache *c, unsigned int from, unsigned int to)
INIT_LIST_HEAD(&cn->head);
}
}
- unlock();
}
-static int nack_recv(const struct nlnetwork *net)
+static int nack_recv(const struct nethdr *net)
{
static unsigned int window = 0;
unsigned int exp_seq;
@@ -206,31 +187,31 @@ static int nack_recv(const struct nlnetwork *net)
if (!mcast_track_seq(net->seq, &exp_seq)) {
dp("OOS: sending nack (seq=%u)\n", exp_seq);
- mcast_send_control(NET_NACK, exp_seq, net->seq - 1);
+ mcast_send_control(NET_F_NACK, exp_seq, net->seq - 1);
window = CONFIG(window_size);
} else {
/* received a window, send an acknowledgement */
if (--window == 0) {
dp("sending ack (seq=%u)\n", net->seq);
- mcast_send_control(NET_ACK,
+ mcast_send_control(NET_F_ACK,
net->seq - CONFIG(window_size),
net->seq);
}
}
- if (net->flags & NET_NACK) {
- struct nlnetwork_ack *nack = (struct nlnetwork_ack *) net;
+ if (net->flags & NET_F_NACK) {
+ struct nethdr_ack *nack = (struct nethdr_ack *) net;
dp("NACK: from seq=%u to seq=%u\n", nack->from, nack->to);
queue_resend(STATE_SYNC(internal), nack->from, nack->to);
buffer_iterate(STATE_SYNC(buffer), nack, buffer_compare);
return 1;
- } else if (net->flags & NET_RESYNC) {
+ } else if (net->flags & NET_F_RESYNC) {
dp("RESYNC ALL\n");
cache_bulk(STATE_SYNC(internal));
return 1;
- } else if (net->flags & NET_ACK) {
- struct nlnetwork_ack *h = (struct nlnetwork_ack *) net;
+ } else if (net->flags & NET_F_ACK) {
+ struct nethdr_ack *h = (struct nethdr_ack *) net;
dp("ACK: from seq=%u to seq=%u\n", h->from, h->to);
queue_empty(STATE_SYNC(internal), h->from, h->to);
@@ -242,10 +223,10 @@ static int nack_recv(const struct nlnetwork *net)
}
static void nack_send(int type,
- const struct nlnetwork *net,
+ const struct nethdr *net,
struct us_conntrack *u)
{
- unsigned int size = sizeof(struct nlnetwork);
+ int size = NETHDR_SIZ;
struct nlmsghdr *nlh = (struct nlmsghdr *) ((void *) net + size);
struct cache_nack *cn;
diff --git a/src/sync-notrack.c b/src/sync-notrack.c
index 4a470f9..1d6eba8 100644
--- a/src/sync-notrack.c
+++ b/src/sync-notrack.c
@@ -25,18 +25,11 @@
static void refresher(struct alarm_list *a, void *data)
{
struct us_conntrack *u = data;
- char __net[4096];
- int size;
debug_ct(u->ct, "persistence update");
a->expires = random() % CONFIG(refresh) + 1;
- size = build_network_msg(NFCT_Q_UPDATE,
- STATE(subsys_event),
- u->ct,
- __net,
- sizeof(__net));
- mcast_send_netmsg(STATE_SYNC(mcast_client), __net);
+ mcast_build_send_update(u);
}
static void cache_notrack_add(struct us_conntrack *u, void *data)
@@ -69,7 +62,7 @@ static struct cache_extra cache_notrack_extra = {
.destroy = cache_notrack_destroy
};
-static int notrack_recv(const struct nlnetwork *net)
+static int notrack_recv(const struct nethdr *net)
{
unsigned int exp_seq;
@@ -78,7 +71,7 @@ static int notrack_recv(const struct nlnetwork *net)
* generated in notrack mode, we don't want to crash the daemon
* if someone nuts mixes nack and notrack.
*/
- if (net->flags & (NET_RESYNC | NET_NACK))
+ if (net->flags)
return 1;
/*