On 10/07/17 17:22, Jeremie Courreges-Anglas wrote:
> Using -1 for IPV6_UNICAST_HOPS is correct.
>
> Note that you can also use -1 for IP_TTL on OpenBSD, sadly some systems
> out there don't support it.
>
>> comments?
>
> ok jca@ with the nits below.
>
> It would be nice to factor this out in a helper function and use it
> elsewhere in relayd.
Thanks for the comments.
My guess is that the helper function should go outside of relayd so it can be
used by others as well?
I leave that to a more competent programmer.
Would you like me to set -1 to IP_TTL as well and drop the call to
getsockopt(2)?
updated diff bellow (in case not) with jca@ recommendations.
G
Index: check_icmp.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/check_icmp.c,v
retrieving revision 1.45
diff -u -p -r1.45 check_icmp.c
--- check_icmp.c 28 May 2017 10:39:15 -0000 1.45
+++ check_icmp.c 10 Jul 2017 15:16:02 -0000
@@ -220,18 +220,45 @@ send_icmp(int s, short event, void *arg)
sizeof(packet));
}
- if ((ttl = host->conf.ttl) > 0)
- (void)setsockopt(s, IPPROTO_IP, IP_TTL,
- &host->conf.ttl, sizeof(int));
- else {
- /* Revert to default TTL */
- len = sizeof(ttl);
- if (getsockopt(s, IPPROTO_IP, IP_IPDEFTTL,
- &ttl, &len) == 0)
- (void)setsockopt(s, IPPROTO_IP, IP_TTL,
- &ttl, len);
- else
- log_warn("%s: getsockopt",__func__);
+ switch(cie->af) {
+ case AF_INET:
+ if ((ttl = host->conf.ttl) > 0) {
+ if (setsockopt(s, IPPROTO_IP, IP_TTL,
+ &host->conf.ttl, sizeof(int)) == -1)
+ log_warn("%s: setsockopt",
+ __func__);
+ } else {
+ /* Revert to default TTL */
+ len = sizeof(ttl);
+ if (getsockopt(s, IPPROTO_IP,
+ IP_IPDEFTTL, &ttl, &len) == 0) {
+ if (setsockopt(s, IPPROTO_IP,
+ IP_TTL, &ttl, len) == -1)
+ log_warn(
+ "%s: setsockopt",
+ __func__);
+ } else
+ log_warn("%s: getsockopt",
+ __func__);
+ }
+ break;
+ case AF_INET6:
+ if ((ttl = host->conf.ttl) > 0) {
+ if (setsockopt(s, IPPROTO_IPV6,
+ IPV6_UNICAST_HOPS, &host->conf.ttl,
+ sizeof(int)) == -1)
+ log_warn("%s: setsockopt",
+ __func__);
+ } else {
+ /* Revert to default hop limit */
+ ttl = -1;
+ if (setsockopt(s, IPPROTO_IPV6,
+ IPV6_UNICAST_HOPS, &ttl,
+ sizeof(int)) == -1)
+ log_warn("%s: setsockopt",
+ __func__);
+ }
+ break;
}
r = sendto(s, packet, sizeof(packet), 0, to, slen);
