[netfilter-cvslog] r6845 - in trunk/conntrack-tools: . include src

pablo at netfilter.org pablo at netfilter.org
Thu May 24 13:32:53 CEST 2007


Author: pablo at netfilter.org
Date: 2007-05-24 13:32:53 +0200 (Thu, 24 May 2007)
New Revision: 6845

Removed:
   trunk/conntrack-tools/src/checksum.c
Modified:
   trunk/conntrack-tools/ChangeLog
   trunk/conntrack-tools/include/mcast.h
   trunk/conntrack-tools/include/network.h
   trunk/conntrack-tools/src/Makefile.am
   trunk/conntrack-tools/src/mcast.c
   trunk/conntrack-tools/src/network.c
   trunk/conntrack-tools/src/read_config_yy.y
Log:
simplify checksum code: use UDP/multicast checksum facilities


Modified: trunk/conntrack-tools/ChangeLog
===================================================================
--- trunk/conntrack-tools/ChangeLog	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/ChangeLog	2007-05-24 11:32:53 UTC (rev 6845)
@@ -1,7 +1,13 @@
-version 0.9.3 (yet unreleased)
+version 0.9.4 (yet unreleased)
 ------------------------------
 
 = conntrackd =
+o simplify checksum code: use UDP/multicast checksum facilities
+
+version 0.9.3 (2006/05/22)
+------------------------------
+
+= conntrackd =
 o fix commit of confirmed expectations (reported by Nishit Shah)
 o fix double increment of counters in cache_update_force() (Niko Tyni)
 o nl_dump_handler must return NFCT_CB_CONTINUE (Niko Tyni)

Modified: trunk/conntrack-tools/include/mcast.h
===================================================================
--- trunk/conntrack-tools/include/mcast.h	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/include/mcast.h	2007-05-24 11:32:53 UTC (rev 6845)
@@ -7,6 +7,7 @@
 	int ipproto;
 	int backlog;
 	int reuseaddr;
+	int checksum;
 	unsigned short port;
 	union {
 		struct in_addr inet_addr;

Modified: trunk/conntrack-tools/include/network.h
===================================================================
--- trunk/conntrack-tools/include/network.h	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/include/network.h	2007-05-24 11:32:53 UTC (rev 6845)
@@ -5,7 +5,6 @@
 
 struct nlnetwork {
 	u_int16_t flags; 
-	u_int16_t checksum;
 	u_int32_t seq;
 };
 

Modified: trunk/conntrack-tools/src/Makefile.am
===================================================================
--- trunk/conntrack-tools/src/Makefile.am	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/src/Makefile.am	2007-05-24 11:32:53 UTC (rev 6845)
@@ -16,7 +16,7 @@
 		    cache_lifetime.c cache_timer.c \
 		    sync-mode.c sync-notrack.c sync-nack.c \
 		    traffic_stats.c stats-mode.c \
-		    network.c checksum.c \
+		    network.c \
 		    state_helper.c state_helper_tcp.c \
 		    read_config_yy.y read_config_lex.l
 

Deleted: trunk/conntrack-tools/src/checksum.c
===================================================================
--- trunk/conntrack-tools/src/checksum.c	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/src/checksum.c	2007-05-24 11:32:53 UTC (rev 6845)
@@ -1,32 +0,0 @@
-/* 
- * Extracted from RFC 1071 with some minor changes to fix compilation on GCC,
- * this can probably be improved
- * 					--pablo 11/feb/07
- */
-
-#include <conntrackd.h>
-
-unsigned short do_csum(const void *addr, unsigned int count)
-{
-	unsigned int sum = 0;
-
-	/* checksumming disabled, just skip */
-	if (CONFIG(flags) & DONT_CHECKSUM)
-		return 0;
-
-	while(count > 1)  {
-		/*  This is the inner loop */
-		sum += *((unsigned short *) addr++);
-		count -= 2;
-	}
-
-	/*  Add left-over byte, if any */
-	if(count > 0)
-		sum += *((unsigned char *) addr);
-
-	/*  Fold 32-bit sum to 16 bits */
-	while (sum>>16)
-		sum = (sum & 0xffff) + (sum >> 16);
-
-	return ~sum;
-}

Modified: trunk/conntrack-tools/src/mcast.c
===================================================================
--- trunk/conntrack-tools/src/mcast.c	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/src/mcast.c	2007-05-24 11:32:53 UTC (rev 6845)
@@ -192,6 +192,14 @@
 		return NULL;
 	}
 
+	if (setsockopt(m->fd, SOL_SOCKET, SO_NO_CHECK, &conf->checksum, 
+				sizeof(int)) == -1) {
+		debug("mcast_sock_client_create:setsockopt1");
+		close(m->fd);
+		free(m);
+		return NULL;
+	}
+
 	switch(conf->ipproto) {
 		case AF_INET:
 			ret = __mcast_client_create_ipv4(m, conf);

Modified: trunk/conntrack-tools/src/network.c
===================================================================
--- trunk/conntrack-tools/src/network.c	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/src/network.c	2007-05-24 11:32:53 UTC (rev 6845)
@@ -60,9 +60,6 @@
 	if (nlh_host2network(nlh) == -1)
 		return -1;
 
-	net->checksum = 0;
-	net->checksum = ntohs(do_csum(data, len));
-
 	return send_netmsg(m, data, len);
 }
 
@@ -87,8 +84,6 @@
 
 	net->flags = htons(net->flags);
 	net->seq = htonl(cur_seq++);
-	net->checksum = 0;
-	net->checksum = ntohs(do_csum(data, len));
 
 	return send_netmsg(m, data, len);
 }
@@ -113,29 +108,10 @@
 
 	net->flags = htons(net->flags);
 	net->seq = htonl(cur_seq++);
-	net->checksum = 0;
-	net->checksum = ntohs(do_csum(data, len));
 
 	return send_netmsg(m, data, len);
 }
 
-static int valid_checksum(void *data, unsigned int len)
-{
-	struct nlnetwork *net = data;
-	unsigned short checksum, tmp;
-
-	checksum = ntohs(net->checksum);
-
-	/* no checksum, skip */
-	if (!checksum)
-		return 1;
-
-	net->checksum = 0;
-	tmp = do_csum(data, len);
-
-	return tmp == checksum;
-}
-
 int mcast_recv_netmsg(struct mcast_sock *m, void *data, int len)
 {
 	int ret;
@@ -161,9 +137,6 @@
 		if (ret < sizeof(struct nlnetwork_ack))
 			return -1;
 
-		if (!valid_checksum(data, ret))
-			return -1;
-
 		/* host byte order conversion */
 		net->flags = ntohs(net->flags);
 		net->seq = ntohl(net->seq);
@@ -176,9 +149,6 @@
 	}
 
 	if (ntohs(net->flags) & NET_RESYNC) {
-		if (!valid_checksum(data, ret))
-			return -1;
-
 		/* host byte order conversion */
 		net->flags = ntohs(net->flags);
 		net->seq = ntohl(net->seq);
@@ -209,9 +179,6 @@
 	if (nfhdr->version != NFNETLINK_V0)
 		return -1;
 
-	if (!valid_checksum(data, ret))
-		return -1;
-
 	/* host byte order conversion */
 	net->flags = ntohs(net->flags);
 	net->seq = ntohl(net->seq);

Modified: trunk/conntrack-tools/src/read_config_yy.y
===================================================================
--- trunk/conntrack-tools/src/read_config_yy.y	2007-05-23 20:48:53 UTC (rev 6844)
+++ trunk/conntrack-tools/src/read_config_yy.y	2007-05-24 11:32:53 UTC (rev 6845)
@@ -104,11 +104,12 @@
 
 checksum: T_CHECKSUM T_ON 
 {
+	conf.mcast.checksum = 0;
 };
 
 checksum: T_CHECKSUM T_OFF
 {
-	conf.flags |= DONT_CHECKSUM;
+	conf.mcast.checksum = 1;
 };
 
 ignore_traffic : T_IGNORE_TRAFFIC '{' ignore_traffic_options '}';




More information about the netfilter-cvslog mailing list