From bc91f60fc288fe1fd0729f7bafe0596837c3e675 Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org" Date: Thu, 24 May 2007 11:32:53 +0000 Subject: simplify checksum code: use UDP/multicast checksum facilities --- src/Makefile.am | 2 +- src/checksum.c | 32 -------------------------------- src/mcast.c | 8 ++++++++ src/network.c | 33 --------------------------------- src/read_config_yy.y | 3 ++- 5 files changed, 11 insertions(+), 67 deletions(-) delete mode 100644 src/checksum.c (limited to 'src') diff --git a/src/Makefile.am b/src/Makefile.am index 381f8ac..a67e09a 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -16,7 +16,7 @@ conntrackd_SOURCES = alarm.c main.c run.c hash.c buffer.c \ cache_lifetime.c cache_timer.c \ sync-mode.c sync-notrack.c sync-nack.c \ traffic_stats.c stats-mode.c \ - network.c checksum.c \ + network.c \ state_helper.c state_helper_tcp.c \ read_config_yy.y read_config_lex.l diff --git a/src/checksum.c b/src/checksum.c deleted file mode 100644 index 41866ff..0000000 --- a/src/checksum.c +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Extracted from RFC 1071 with some minor changes to fix compilation on GCC, - * this can probably be improved - * --pablo 11/feb/07 - */ - -#include - -unsigned short do_csum(const void *addr, unsigned int count) -{ - unsigned int sum = 0; - - /* checksumming disabled, just skip */ - if (CONFIG(flags) & DONT_CHECKSUM) - return 0; - - while(count > 1) { - /* This is the inner loop */ - sum += *((unsigned short *) addr++); - count -= 2; - } - - /* Add left-over byte, if any */ - if(count > 0) - sum += *((unsigned char *) addr); - - /* Fold 32-bit sum to 16 bits */ - while (sum>>16) - sum = (sum & 0xffff) + (sum >> 16); - - return ~sum; -} diff --git a/src/mcast.c b/src/mcast.c index 9904544..85992fb 100644 --- a/src/mcast.c +++ b/src/mcast.c @@ -192,6 +192,14 @@ struct mcast_sock *mcast_client_create(struct mcast_conf *conf) return NULL; } + if (setsockopt(m->fd, SOL_SOCKET, SO_NO_CHECK, &conf->checksum, + sizeof(int)) == -1) { + debug("mcast_sock_client_create:setsockopt1"); + close(m->fd); + free(m); + return NULL; + } + switch(conf->ipproto) { case AF_INET: ret = __mcast_client_create_ipv4(m, conf); diff --git a/src/network.c b/src/network.c index 51e89c7..d073428 100644 --- a/src/network.c +++ b/src/network.c @@ -60,9 +60,6 @@ int mcast_send_netmsg(struct mcast_sock *m, void *data) if (nlh_host2network(nlh) == -1) return -1; - net->checksum = 0; - net->checksum = ntohs(do_csum(data, len)); - return send_netmsg(m, data, len); } @@ -87,8 +84,6 @@ int mcast_resend_netmsg(struct mcast_sock *m, void *data) net->flags = htons(net->flags); net->seq = htonl(cur_seq++); - net->checksum = 0; - net->checksum = ntohs(do_csum(data, len)); return send_netmsg(m, data, len); } @@ -113,29 +108,10 @@ int mcast_send_error(struct mcast_sock *m, void *data) net->flags = htons(net->flags); net->seq = htonl(cur_seq++); - net->checksum = 0; - net->checksum = ntohs(do_csum(data, len)); return send_netmsg(m, data, len); } -static int valid_checksum(void *data, unsigned int len) -{ - struct nlnetwork *net = data; - unsigned short checksum, tmp; - - checksum = ntohs(net->checksum); - - /* no checksum, skip */ - if (!checksum) - return 1; - - net->checksum = 0; - tmp = do_csum(data, len); - - return tmp == checksum; -} - int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) { int ret; @@ -161,9 +137,6 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) if (ret < sizeof(struct nlnetwork_ack)) return -1; - if (!valid_checksum(data, ret)) - return -1; - /* host byte order conversion */ net->flags = ntohs(net->flags); net->seq = ntohl(net->seq); @@ -176,9 +149,6 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) } if (ntohs(net->flags) & NET_RESYNC) { - if (!valid_checksum(data, ret)) - return -1; - /* host byte order conversion */ net->flags = ntohs(net->flags); net->seq = ntohl(net->seq); @@ -209,9 +179,6 @@ int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len) if (nfhdr->version != NFNETLINK_V0) return -1; - if (!valid_checksum(data, ret)) - return -1; - /* host byte order conversion */ net->flags = ntohs(net->flags); net->seq = ntohl(net->seq); diff --git a/src/read_config_yy.y b/src/read_config_yy.y index 1668919..988b540 100644 --- a/src/read_config_yy.y +++ b/src/read_config_yy.y @@ -104,11 +104,12 @@ timeout: T_TIMEOUT T_NUMBER checksum: T_CHECKSUM T_ON { + conf.mcast.checksum = 0; }; checksum: T_CHECKSUM T_OFF { - conf.flags |= DONT_CHECKSUM; + conf.mcast.checksum = 1; }; ignore_traffic : T_IGNORE_TRAFFIC '{' ignore_traffic_options '}'; -- cgit v1.2.3