We have found out that there is a problem with NAT synchronization. It works as follows.
After ipsyncs writes the synchronization data (read from UDP socket) to /dev/ipsync, ipsync_write function decides
weather it's a ipfsync_nat or ipfsync_state according to the value in synchdr_t->sm_table.
After ipfsync_write reads synchdr_t (24 bytes) from /dev/ipsync, it reads another synchdr_t->sh.sm_len lengths of
data from device and cast this buffers to ipfsync_nat and uses it.
On the other hand, it seems that NAT state table always shows wrong. I detected that a +24 bytes shift of the data read from the
buffer will solve the problem.
The problem seems to be caused by the following ip_sync.c:717 line
717 bcopy(data, &sle, sizeof(sle));
This copies parameter data into to synclogent_t struct (which has a synchdr_t (24 bytes)).
But it should be nat_t, which solves the data alignment problem.
I solve the problem for this far.
Now, it synchronizes from IP, dest, IP and all of NAT data, but nat_fr and nat_ptr values which seem to be
incomplete or missing???
Has anyone gone for this point??????
Following patch corrects the first problem.
|
N. Ersen SISECI EnderUNIX SDT @ Turkey http://www.enderunix.org |
--- ip_sync.old.c Fri Mar 17 13:28:23 2006
+++ ip_sync.c Fri Mar 17 13:30:06 2006
@@ -702,7 +702,6 @@
synchdr_t *sp;
void *data;
{
- synclogent_t sle;
syncupdent_t su;
nat_t *n, *nat;
synclist_t *sl;
@@ -714,7 +713,6 @@
switch (sp->sm_cmd)
{
case SMC_CREATE :
- bcopy(data, &sle, sizeof(sle));
KMALLOC(n, nat_t *);
if (n == NULL) {
@@ -731,7 +729,7 @@
WRITE_ENTER(&ipf_nat);
- nat = &sle.sle_un.sleu_ipn;
+ nat = (nat_t *)data;
bzero((char *)n, offsetof(nat_t, nat_age));
bcopy((char *)&nat->nat_age, (char *)&n->nat_age,
sizeof(*n) - offsetof(nat_t, nat_age));
