Re: IP_RECVDSTADDR support

Mon, 28 Nov 2011 09:22:17 -0800 

On Mon, Nov 28, 2011 at 4:39 PM, Nikolay Denev <[email protected]> wrote:

> Some time ago I submitted patch that added support for IP_RECVDSTADDR on
> *BSDs, as the code
> was only using IP_PKTINFO on Linux for the same behavior i.e.: when
> querying multi homed host via udp snmp
> the host should reply from the IP address that the query was sent to, else
> many statefull firewalls get confused and drop the packets.
> The original patch is here :
> http://sourceforge.net/tracker/?func=detail&aid=3175640&group_id=12694&atid=312694
>
> I've never actually had the chance to test the modified patch that was
> committed to the source before, as I was running my patched version,
> but recently I've upgraded some of my net-snmp daemons and it turned out
> that the IP_RECVDSTADDR support is broken on several places.
> I'll try to work on this in the next few days, but from first glance there
> are several things missing . i.e.:
>
> On line 119 in snmplib/transports/snmpUDPBaseDomain.c:netsnmp_udpbase_recv
>
>    #if defined(linux) && defined(IP_PKTINFO)
>                socklen_t local_addr_len = sizeof(addr_pair->local_addr);
>                rc = netsnmp_udp_recvfrom(t->sock, buf, size, from,
> &fromlen,
>                                          (struct
> sockaddr*)&(addr_pair->local_addr),
>                                          &local_addr_len,
> &(addr_pair->if_index));
>    #else
>                rc = recvfrom(t->sock, buf, size, NETSNMP_DONTWAIT, from,
> &fromlen);
>    #endif /* linux && IP_PKTINFO */
>
> Here the "if" should actually be :
>    #if (defined(linux) && defined(IP_PKTINFO)) || defined(IP_RECVDSTADDR)
>
> The same error can be seen on line 176 in
> snmplib/transports/snmpUDPBaseDomain.c:netsnmp_udpbase_send
>
> I.e. even if we have defined the functions that use IP_RECVDSTADDR they
> are never used.
>
> Also the setsockopt() that sets IP_RECVDSTADDR is missing.
>
> I'll try to come up with a patch so this can be fixed.
>

Please start from the trunk when preparing patches, otherwise you might
miss commit 85f893e2b605e67f9bd0443c74e2ed269aa68564.

Bart.

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to