byte/packet counts are only updated once
? Brendan O'Dea <bod@optusnet.com.au> 2.0.5
- Handle routing properly in lone-master case
? Brendan O'Dea <bod@optusnet.com.au> 2.0.5
- Handle routing properly in lone-master case
+- Fix intercepts: don't double-snoop throttled customers, ensure
+ byte/packet counts are only updated once
* Mon Nov 8 2004 Brendan O'Dea <bod@optusnet.com.au> 2.0.4
- Added setrxspeed plugin
* Mon Nov 8 2004 Brendan O'Dea <bod@optusnet.com.au> 2.0.4
- Added setrxspeed plugin
// Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced
// vim: sw=8 ts=8
// Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced
// vim: sw=8 ts=8
-char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.45 2004-11-05 07:50:05 bodea Exp $";
+char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.46 2004-11-09 05:42:53 bodea Exp $";
#include <arpa/inet.h>
#include <assert.h>
#include <arpa/inet.h>
#include <assert.h>
- // Snooping this session, send it to intercept box
- if (sp->snoop_ip && sp->snoop_port)
- snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
-
LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
// Add on L2TP header
LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
// Add on L2TP header
tunnelsend(b, len + (p-b), t); // send it...
}
tunnelsend(b, len + (p-b), t); // send it...
}
+ // Snooping this session, send it to intercept box
+ if (sp->snoop_ip && sp->snoop_port)
+ snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
+
sp->cout += len; // byte count
sp->total_cout += len; // byte count
sp->pout++;
sp->cout += len; // byte count
sp->total_cout += len; // byte count
sp->pout++;
if (!session[s].ip)
return;
if (!session[s].ip)
return;
t = session[s].tunnel;
sp = &session[s];
LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
t = session[s].tunnel;
sp = &session[s];
LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
- // Snooping this session.
- if (sp->snoop_ip && sp->snoop_port)
- snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
-
// Add on L2TP header
{
u8 *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIP);
// Add on L2TP header
{
u8 *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIP);
}
tunnelsend(b, len + (p-b), t); // send it...
}
}
tunnelsend(b, len + (p-b), t); // send it...
}
+
+ // Snooping this session.
+ if (sp->snoop_ip && sp->snoop_port)
+ snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
+
sp->cout += len; // byte count
sp->total_cout += len; // byte count
sp->pout++;
sp->cout += len; // byte count
sp->total_cout += len; // byte count
sp->pout++;
-char const *cvs_id_ppp = "$Id: ppp.c,v 1.22 2004-11-05 23:18:54 bodea Exp $";
+char const *cvs_id_ppp = "$Id: ppp.c,v 1.23 2004-11-09 05:42:53 bodea Exp $";
#include <stdio.h>
#include <string.h>
#include <stdio.h>
#include <string.h>
- if (session[s].snoop_ip && session[s].snoop_port)
- {
- // Snooping this session
- snoop_send_packet(p, l, session[s].snoop_ip, session[s].snoop_port);
- }
-
// Add on the tun header
p -= 4;
*(u32 *)p = htonl(0x00000800);
// Add on the tun header
p -= 4;
*(u32 *)p = htonl(0x00000800);
- session[s].cin += l - 4;
- session[s].total_cin += l - 4;
- sess_count[s].cin += l - 4;
-
- session[s].pin++;
- eth_tx += l - 4;
-
- STAT(tun_tx_packets);
- INC_STAT(tun_tx_bytes, l);
-
if (session[s].tbf_in && config->cluster_iam_master) { // Are we throttled and a master?? actually handle the throttled packets.
tbf_queue_packet(session[s].tbf_in, p, l);
return;
if (session[s].tbf_in && config->cluster_iam_master) { // Are we throttled and a master?? actually handle the throttled packets.
tbf_queue_packet(session[s].tbf_in, p, l);
return;
STAT(tun_tx_errors);
LOG(0, 0, s, t, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
l, strerror(errno), tunfd, p);
STAT(tun_tx_errors);
LOG(0, 0, s, t, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
l, strerror(errno), tunfd, p);
+ if (session[s].snoop_ip && session[s].snoop_port)
+ {
+ // Snooping this session
+ snoop_send_packet(p + 4, l - 4, session[s].snoop_ip, session[s].snoop_port);
+ }
+
+ session[s].cin += l - 4;
+ session[s].total_cin += l - 4;
+ sess_count[s].cin += l - 4;
+
+ session[s].pin++;
+ eth_tx += l - 4;
+
+ STAT(tun_tx_packets);
+ INC_STAT(tun_tx_bytes, l - 4);
void send_ipin(sessionidt s, u8 *buf, int len)
{
LOG_HEX(5, "IP in throttled", buf, len);
void send_ipin(sessionidt s, u8 *buf, int len)
{
LOG_HEX(5, "IP in throttled", buf, len);
if (write(tunfd, buf, len) < 0)
{
STAT(tun_tx_errors);
LOG(0, 0, 0, 0, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
len, strerror(errno), tunfd, buf);
if (write(tunfd, buf, len) < 0)
{
STAT(tun_tx_errors);
LOG(0, 0, 0, 0, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
len, strerror(errno), tunfd, buf);
+
+ return;
+ }
+
+ if (session[s].snoop_ip && session[s].snoop_port)
+ {
+ // Snooping this session
+ snoop_send_packet(p + 4, l - 4, session[s].snoop_ip, session[s].snoop_port);
}
// Increment packet counters
}
// Increment packet counters
session[s].pin++;
eth_tx += len - 4;
session[s].pin++;
eth_tx += len - 4;
+
+ STAT(tun_tx_packets);
+ INC_STAT(tun_tx_bytes, l - 4);