Kapetanakis Giannis <bil...@edu.physics.uoc.gr> writes:
> On 10/07/17 17:22, Jeremie Courreges-Anglas wrote:
>> Using -1 for IPV6_UNICAST_HOPS is correct.
>>
>> Note that you can also use -1 for IP_TTL on OpenBSD, sadly some systems
>> out there don't support it.
>>
>>> comments?
>>
>> ok jca@ with the nits below.
>>
>> It would be nice to factor this out in a helper function and use it
>> elsewhere in relayd.
>
> Thanks for the comments.
>
> My guess is that the helper function should go outside of relayd so it can be
> used by others as well?
> I leave that to a more competent programmer.
>
> Would you like me to set -1 to IP_TTL as well and drop the call to
> getsockopt(2)?
I'm not sure about this. Maybe it should be discussed separately?
> updated diff bellow (in case not) with jca@ recommendations.
I have tweaks, but this already looks fine to me. ok jca@
> G
>
> Index: check_icmp.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/relayd/check_icmp.c,v
> retrieving revision 1.45
> diff -u -p -r1.45 check_icmp.c
> --- check_icmp.c 28 May 2017 10:39:15 -0000 1.45
> +++ check_icmp.c 10 Jul 2017 15:16:02 -0000
> @@ -220,18 +220,45 @@ send_icmp(int s, short event, void *arg)
> sizeof(packet));
> }
>
> - if ((ttl = host->conf.ttl) > 0)
> - (void)setsockopt(s, IPPROTO_IP, IP_TTL,
> - &host->conf.ttl, sizeof(int));
> - else {
> - /* Revert to default TTL */
> - len = sizeof(ttl);
> - if (getsockopt(s, IPPROTO_IP, IP_IPDEFTTL,
> - &ttl, &len) == 0)
> - (void)setsockopt(s, IPPROTO_IP, IP_TTL,
> - &ttl, len);
> - else
> - log_warn("%s: getsockopt",__func__);
> + switch(cie->af) {
> + case AF_INET:
> + if ((ttl = host->conf.ttl) > 0) {
> + if (setsockopt(s, IPPROTO_IP, IP_TTL,
> + &host->conf.ttl, sizeof(int)) == -1)
> + log_warn("%s: setsockopt",
> + __func__);
> + } else {
> + /* Revert to default TTL */
> + len = sizeof(ttl);
> + if (getsockopt(s, IPPROTO_IP,
> + IP_IPDEFTTL, &ttl, &len) == 0) {
> + if (setsockopt(s, IPPROTO_IP,
> + IP_TTL, &ttl, len) == -1)
> + log_warn(
> + "%s: setsockopt",
> + __func__);
> + } else
> + log_warn("%s: getsockopt",
> + __func__);
> + }
> + break;
> + case AF_INET6:
> + if ((ttl = host->conf.ttl) > 0) {
> + if (setsockopt(s, IPPROTO_IPV6,
> + IPV6_UNICAST_HOPS, &host->conf.ttl,
> + sizeof(int)) == -1)
> + log_warn("%s: setsockopt",
> + __func__);
> + } else {
> + /* Revert to default hop limit */
> + ttl = -1;
> + if (setsockopt(s, IPPROTO_IPV6,
> + IPV6_UNICAST_HOPS, &ttl,
> + sizeof(int)) == -1)
> + log_warn("%s: setsockopt",
> + __func__);
> + }
> + break;
> }
>
> r = sendto(s, packet, sizeof(packet), 0, to, slen);
>
>
>
>
>
>
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
