From f229c236ef9e8a8cb748e343bc01ef96ed27a403 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 8 Jul 2009 11:53:21 -0700 Subject: fix for case where iptables command fails on setting snat rules after receiving new address. in this case the new address is not recorded and we'll try creating the rule on the next processing cycle until successful. --- src/lbdecision.cc | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/lbdecision.cc b/src/lbdecision.cc index 1c320ce..6787f41 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -168,8 +168,11 @@ if so then this stuff goes here! execute(string("ip rule add fwmark ") + hex_buf + " table " + buf, stdout); if (lbdata._disable_source_nat == false) { - iter->second._address = fetch_iface_addr(iface); - execute(string("iptables -t nat -A WANLOADBALANCE -m connmark --mark ") + buf + " -j SNAT --to-source " + iter->second._address, stdout); + string new_addr = fetch_iface_addr(iface); + int err = execute(string("iptables -t nat -A WANLOADBALANCE -m connmark --mark ") + buf + " -j SNAT --to-source " + new_addr, stdout); + if (err == 0) { + iter->second._address = new_addr; + } } ++iter; } @@ -206,10 +209,11 @@ LBDecision::update_paths(LBData &lbdata) } if (new_addr != iter->second._address) { - execute(string("iptables -t nat -D WANLOADBALANCE -m connmark --mark ") + buf + " -j SNAT --to-source " + iter->second._address, stdout); - execute(string("iptables -t nat -A WANLOADBALANCE -m connmark --mark ") + buf + " -j SNAT --to-source " + new_addr, stdout); - iter->second._address = new_addr; - + int err = execute(string("iptables -t nat -D WANLOADBALANCE -m connmark --mark ") + buf + " -j SNAT --to-source " + iter->second._address, stdout); + err |= execute(string("iptables -t nat -A WANLOADBALANCE -m connmark --mark ") + buf + " -j SNAT --to-source " + new_addr, stdout); + if (err == 0) { //only set if both are 0 + iter->second._address = new_addr; + } } } ++iter; -- cgit v1.2.3