cvs commit: src/sys/contrib/ipfilter/netinet
Matthew Dillon
dillon at apollo.backplane.com
Fri Sep 24 20:44:22 PDT 2004
:> TCPS_CLOSED is no longer 0 in DragonFly. Because ipfilter was assuming
:...
:
:Without the following modification, my DragonFly nat box closes TCP
:connections every ten minutes. I'm not 100% sure how the new TCP
:state TCPS_TERMINATING should be handled inside ipfilter code, though.
Ok, I fixed ip_nat as per your patch.
The ipfilter should never see the TCPS_TERMINATING state since it
only applies to wildcard sockets (listen()) being closed.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
:
:Index: contrib/ipfilter/netinet/ip_nat.c
:===================================================================
:RCS file: /home/source/dragonfly/cvs/src/sys/contrib/ipfilter/netinet/ip_nat.c,v
:retrieving revision 1.7
:diff -u -r1.7 ip_nat.c
:--- contrib/ipfilter/netinet/ip_nat.c 28 Jul 2004 00:22:37 -0000 1.7
:+++ contrib/ipfilter/netinet/ip_nat.c 25 Sep 2004 02:18:31 -0000
:@@ -1202,6 +1202,8 @@
: }
:
: bzero((char *)nat, sizeof(*nat));
:+ nat->nat_tcpstate[0] = TCPS_CLOSED;
:+ nat->nat_tcpstate[1] = TCPS_CLOSED;
: nat->nat_flags = flags;
: if (flags & FI_WILDP)
: nat_stats.ns_wilds++;
:Index: contrib/ipfilter/netinet/ip_state.c
:===================================================================
:RCS file: /home/source/dragonfly/cvs/src/sys/contrib/ipfilter/netinet/ip_state.c,v
:retrieving revision 1.8
:diff -u -r1.8 ip_state.c
:--- contrib/ipfilter/netinet/ip_state.c 28 Aug 2004 07:27:02 -0000 1.8
:+++ contrib/ipfilter/netinet/ip_state.c 25 Sep 2004 02:39:58 -0000
:@@ -2093,6 +2093,10 @@
: newage = fr_tcptimeout; /* default 4 mins */
: /* we're in 2MSL timeout now */
: break;
:+ default:
:+ printf("fr_tcp_age: unhandled state %d %s %d\n",
:+ state[0], dir == 0 ? "->" : "<-", state[1]);
:+ break;
: }
:
: if (newage != 0) {
:
More information about the Commits
mailing list