diff options
Diffstat (limited to 'node')
| -rw-r--r-- | node/Constants.hpp | 11 | ||||
| -rw-r--r-- | node/Node.cpp | 2 | ||||
| -rw-r--r-- | node/Peer.cpp | 3 | ||||
| -rw-r--r-- | node/Peer.hpp | 2 | ||||
| -rw-r--r-- | node/SocketManager.cpp | 2 | ||||
| -rw-r--r-- | node/SocketManager.hpp | 3 | ||||
| -rw-r--r-- | node/Switch.cpp | 2 | ||||
| -rw-r--r-- | node/Topology.hpp | 2 |
8 files changed, 24 insertions, 3 deletions
diff --git a/node/Constants.hpp b/node/Constants.hpp index 7650de8b..620f9b0d 100644 --- a/node/Constants.hpp +++ b/node/Constants.hpp @@ -228,7 +228,7 @@ /** * Default number of bits in multicast propagation prefix */ -#define ZT_DEFAULT_MULTICAST_PREFIX_BITS 1 +#define ZT_DEFAULT_MULTICAST_PREFIX_BITS 2 /** * Default max depth (TTL) for multicast propagation @@ -272,8 +272,10 @@ * * This should be lower than the UDP conversation entry timeout in most * stateful firewalls. + * + * Uncomment to disable firewall openers. */ -#define ZT_FIREWALL_OPENER_DELAY 30000 +//#define ZT_FIREWALL_OPENER_DELAY 30000 /** * Number of hops to open via firewall opener packets @@ -284,7 +286,7 @@ * 2 should permit traversal of double-NAT configurations, such as from inside * a VM running behind local NAT on a host that is itself behind NAT. */ -#define ZT_FIREWALL_OPENER_HOPS 2 +//#define ZT_FIREWALL_OPENER_HOPS 2 /** * Delay between requests for updated network autoconf information @@ -363,6 +365,9 @@ /** * Delay in milliseconds between firewall opener and real packet for NAT-t + * + * If firewall openers are disbled, it just waits this long before sending + * NAT-t packets. */ #define ZT_RENDEZVOUS_NAT_T_DELAY 500 diff --git a/node/Node.cpp b/node/Node.cpp index f2e6b3e4..7500e736 100644 --- a/node/Node.cpp +++ b/node/Node.cpp @@ -656,7 +656,9 @@ Node::ReasonForTermination Node::run() lastPingCheck = now; try { _r->topology->eachPeer(Topology::PingPeersThatNeedPing(_r,now)); +#ifdef ZT_FIREWALL_OPENER_DELAY _r->topology->eachPeer(Topology::OpenPeersThatNeedFirewallOpener(_r,now)); +#endif } catch (std::exception &exc) { LOG("unexpected exception running ping check cycle: %s",exc.what()); } catch ( ... ) { diff --git a/node/Peer.cpp b/node/Peer.cpp index e61631e2..b10cc1f2 100644 --- a/node/Peer.cpp +++ b/node/Peer.cpp @@ -25,6 +25,7 @@ * LLC. Start here: http://www.zerotier.com/ */ +#include "Constants.hpp" #include "Peer.hpp" #include "Switch.hpp" #include "AntiRecursion.hpp" @@ -180,6 +181,7 @@ Path::Type Peer::send(const RuntimeEnvironment *_r,const void *data,unsigned int return Path::PATH_TYPE_NULL; } +#ifdef ZT_FIREWALL_OPENER_DELAY bool Peer::sendFirewallOpener(const RuntimeEnvironment *_r,uint64_t now) { bool sent = false; @@ -194,6 +196,7 @@ bool Peer::sendFirewallOpener(const RuntimeEnvironment *_r,uint64_t now) return sent; } +#endif bool Peer::sendPing(const RuntimeEnvironment *_r,uint64_t now) { diff --git a/node/Peer.hpp b/node/Peer.hpp index edb66e21..ce0b79a6 100644 --- a/node/Peer.hpp +++ b/node/Peer.hpp @@ -142,6 +142,7 @@ public: */ Path::Type send(const RuntimeEnvironment *_r,const void *data,unsigned int len,uint64_t now); +#ifdef ZT_FIREWALL_OPENER_DELAY /** * Send firewall opener to all UDP paths * @@ -150,6 +151,7 @@ public: * @return True if send appears successful for at least one address type */ bool sendFirewallOpener(const RuntimeEnvironment *_r,uint64_t now); +#endif /** * Send HELLO to a peer via all direct paths available diff --git a/node/SocketManager.cpp b/node/SocketManager.cpp index 6f491012..37e83b5a 100644 --- a/node/SocketManager.cpp +++ b/node/SocketManager.cpp @@ -463,6 +463,7 @@ bool SocketManager::send(const InetAddress &to,bool tcp,bool autoConnectTcp,cons return false; } +#ifdef ZT_FIREWALL_OPENER_DELAY bool SocketManager::sendFirewallOpener(const InetAddress &to,int hopLimit) { if (to.isV4()) { @@ -474,6 +475,7 @@ bool SocketManager::sendFirewallOpener(const InetAddress &to,int hopLimit) } return false; } +#endif void SocketManager::poll(unsigned long timeout) { diff --git a/node/SocketManager.hpp b/node/SocketManager.hpp index 40a0c1df..8dee7e91 100644 --- a/node/SocketManager.hpp +++ b/node/SocketManager.hpp @@ -35,6 +35,7 @@ #include <stdexcept> #include "Constants.hpp" + #include "SharedPtr.hpp" #include "InetAddress.hpp" #include "Socket.hpp" @@ -108,7 +109,9 @@ public: * @param to Destination address * @param hopLimit IP TTL */ +#ifdef ZT_FIREWALL_OPENER_DELAY bool sendFirewallOpener(const InetAddress &to,int hopLimit); +#endif /** * Perform I/O polling operation (e.g. select()) diff --git a/node/Switch.cpp b/node/Switch.cpp index 9b0e3e6e..1a28d4a5 100644 --- a/node/Switch.cpp +++ b/node/Switch.cpp @@ -461,7 +461,9 @@ bool Switch::unite(const Address &p1,const Address &p2,bool force) void Switch::contact(const SharedPtr<Peer> &peer,const InetAddress &atAddr) { +#ifdef ZT_FIREWALL_OPENER_HOPS _r->sm->sendFirewallOpener(atAddr,ZT_FIREWALL_OPENER_HOPS); +#endif { Mutex::Lock _l(_contactQueue_m); diff --git a/node/Topology.hpp b/node/Topology.hpp index 293ac446..0585ad1f 100644 --- a/node/Topology.hpp +++ b/node/Topology.hpp @@ -194,6 +194,7 @@ public: f(*this,*p); } +#ifdef ZT_FIREWALL_OPENER_DELAY /** * Function object to collect peers that need a firewall opener sent */ @@ -214,6 +215,7 @@ public: uint64_t _now; const RuntimeEnvironment *_r; }; +#endif /** * Pings all peers that need a ping sent, excluding supernodes |