diff options
author | Stig Thormodsrud <stig@vyatta.com> | 2008-05-23 20:39:24 -0700 |
---|---|---|
committer | Stig Thormodsrud <stig@vyatta.com> | 2008-05-23 20:39:24 -0700 |
commit | 0cf777376bdf5b347afffff8b5ffe56b269f6614 (patch) | |
tree | 16da7e311d77360ec6a44ddf236b956f5ceecf62 /scripts/keepalived/VyattaKeepalived.pm | |
parent | df805435059fce399a070dab8d8497d0ec72b951 (diff) | |
download | vyatta-cfg-system-0cf777376bdf5b347afffff8b5ffe56b269f6614.tar.gz vyatta-cfg-system-0cf777376bdf5b347afffff8b5ffe56b269f6614.zip |
Fix vrrp snoop_for_master() to also work with AH authentication.
Diffstat (limited to 'scripts/keepalived/VyattaKeepalived.pm')
-rwxr-xr-x | scripts/keepalived/VyattaKeepalived.pm | 45 |
1 files changed, 34 insertions, 11 deletions
diff --git a/scripts/keepalived/VyattaKeepalived.pm b/scripts/keepalived/VyattaKeepalived.pm index f4065766..c9abe49e 100755 --- a/scripts/keepalived/VyattaKeepalived.pm +++ b/scripts/keepalived/VyattaKeepalived.pm @@ -37,17 +37,6 @@ my $keepalived_pid = '/var/run/keepalived_vrrp.pid'; my $state_dir = '/var/log/vrrpd'; my $vrrp_log = "$state_dir/vrrp.log"; -sub snoop_for_master { - my ($intf, $group, $vip, $timeout) = @_; - - my $file = get_master_file($intf, $group); - - my $cap_filt = "-f \"host 224.0.0.18 and proto VRRP and ip[21:1] = $group\""; - my $dis_filt = "-R \"vrrp.virt_rtr_id == $group and vrrp.ip_addr == $vip\""; - my $options = "-a duration:$timeout -p -i$intf -c1 -T pdml"; - my $cmd = "tshark $options $cap_filt $dis_filt"; - system("$cmd > $file 2> /dev/null"); -} sub vrrp_log { my $timestamp = strftime("%Y%m%d-%H:%M.%S", localtime); @@ -190,6 +179,40 @@ sub vrrp_get_config { return ($primary_addr, $priority, $preempt, $advert_int, $auth_type, @vips); } +sub snoop_for_master { + my ($intf, $group, $vip, $timeout) = @_; + + my ($cap_filt, $dis_filt, $options, $cmd); + + my $file = get_master_file($intf, $group); + + # + # set up common tshark parameters + # + $cap_filt = "-f \"host 224.0.0.18"; + $dis_filt = "-R \"vrrp.virt_rtr_id == $group and vrrp.ip_addr == $vip\""; + $options = "-a duration:$timeout -p -i$intf -c1 -T pdml"; + + my $auth_type = (vrrp_get_config($intf, $group))[4]; + if (lc($auth_type) ne "ah") { + # + # the vrrp group is the 2nd byte in the vrrp header + # + $cap_filt .= " and proto VRRP and vrrp[1:1] = $group\""; + $cmd = "tshark $options $cap_filt $dis_filt"; + system("$cmd > $file 2> /dev/null"); + } else { + # + # if the vrrp group is using AH authentication, then the proto will be + # AH (0x33) instead of VRRP (0x70). So try snooping for AH and + # look for the vrrp group at byte 45 (ip_header=20, ah=24) + # + $cap_filt .= " and proto 0x33 and ip[45:1] = $group\""; + $cmd = "tshark $options $cap_filt $dis_filt"; + system("$cmd > $file 2> /dev/null"); + } +} + sub vrrp_state_parse { my ($file) = @_; |