Tunnel fixes.

remotes/origin/master-1.0.x
Victor Julien 17 years ago
parent 28d9415e37
commit 8cda70668c

@ -96,17 +96,24 @@ void DecodeIPV4(ThreadVars *t, Packet *p, u_int8_t *pkt, u_int16_t len)
break; break;
case IPPROTO_IPV6: case IPPROTO_IPV6:
{ {
//printf("DecodeIPV4: next layer is IPV6\n"); // #if 0
//printf("DecodeIPV4: we are p %p\n", p); printf("DecodeIPV4: next layer is IPV6\n");
printf("DecodeIPV4: we are p %p\n", p);
/* spawn off tunnel packet */ /* spawn off tunnel packet */
Packet *tp = TunnelPktSetup(t, p, pkt + IPV4_GET_HLEN(p), len - IPV4_GET_HLEN(p), IPV4_GET_IPPROTO(p)); Packet *tp = TunnelPktSetup(t, p, pkt + IPV4_GET_HLEN(p), len - IPV4_GET_HLEN(p), IPV4_GET_IPPROTO(p));
printf("DecodeIPV4: tunnel is tp %p\n", tp);
/* send that to the Tunnel decoder */ /* send that to the Tunnel decoder */
DecodeTunnel(t, tp, tp->pkt, tp->pktlen); DecodeTunnel(t, tp, tp->pkt, tp->pktlen);
printf("DecodeIPV4: DecodeTunnel done, outputing\n");
t->tmqh_out(t,tp);
/* the current packet is now a tunnel packet */ /* the current packet is now a tunnel packet */
SET_TUNNEL_PKT(p); SET_TUNNEL_PKT(p);
printf("DecodeIPV4: packet is now a tunnel (root) packet: %p\n", p);
break; break;
// #endif
} }
} }

@ -35,7 +35,7 @@ DecodeIPV6ExtHdrs(ThreadVars *t, Packet *p, u_int8_t *pkt, u_int16_t len)
case IPPROTO_UDP: case IPPROTO_UDP:
IPV6_SET_L4PROTO(p,nh); IPV6_SET_L4PROTO(p,nh);
//DecodeUDP(t, p, pkt, plen); DecodeUDP(t, p, pkt, plen);
return; return;
case IPPROTO_ICMPV6: case IPPROTO_ICMPV6:
@ -365,12 +365,12 @@ void DecodeIPV6(ThreadVars *t, Packet *p, u_int8_t *pkt, u_int16_t len)
return; return;
/* now process the L4 Layer */ /* now process the L4 Layer */
switch(IPV6_GET_L4PROTO(p)) { switch(IPV6_GET_NH(p)) {
case IPPROTO_TCP: case IPPROTO_TCP:
return(DecodeTCP(t, p, pkt + IPV6_HEADER_LEN, len - IPV6_HEADER_LEN)); return(DecodeTCP(t, p, pkt + IPV6_HEADER_LEN, len - IPV6_HEADER_LEN));
break; break;
case IPPROTO_UDP: case IPPROTO_UDP:
//return(DecodeUDP(p, pkt + IPV6_HEADER_LEN, len - IPV6_HEADER_LEN)); return(DecodeUDP(t, p, pkt + IPV6_HEADER_LEN, len - IPV6_HEADER_LEN));
break; break;
case IPPROTO_ICMPV6: case IPPROTO_ICMPV6:
return(DecodeICMPV6(t, p, pkt + IPV6_HEADER_LEN, len - IPV6_HEADER_LEN)); return(DecodeICMPV6(t, p, pkt + IPV6_HEADER_LEN, len - IPV6_HEADER_LEN));

@ -8,10 +8,11 @@ void DecodeTunnel(ThreadVars *t, Packet *p, u_int8_t *pkt, u_int16_t len)
{ {
switch (p->tunnel_proto) { switch (p->tunnel_proto) {
case IPPROTO_IP: case IPPROTO_IP:
return(DecodeIPV4(t, p, pkt, len)); return DecodeIPV4(t, p, pkt, len);
break; break;
case IPPROTO_IPV6: case IPPROTO_IPV6:
return(DecodeIPV6(t, p, pkt, len)); printf("DecodeTunnel: IPv6 packet\n");
return DecodeIPV6(t, p, pkt, len);
break; break;
default: default:
printf("FIXME: DecodeTunnel: protocol %u not supported.\n", p->tunnel_proto); printf("FIXME: DecodeTunnel: protocol %u not supported.\n", p->tunnel_proto);

@ -275,6 +275,8 @@ typedef struct _Packet
(p)->action = 0; \ (p)->action = 0; \
(p)->pktlen = 0; \ (p)->pktlen = 0; \
(p)->tunnel_pkt = 0; \ (p)->tunnel_pkt = 0; \
(p)->tunnel_verdicted = 0; \
pthread_mutex_init(&(p)->mutex_rtv_cnt,NULL); \
(p)->rtv_cnt = 0; \ (p)->rtv_cnt = 0; \
(p)->tpr_cnt = 0; \ (p)->tpr_cnt = 0; \
(p)->root = NULL; \ (p)->root = NULL; \

@ -6,44 +6,6 @@
#include "threads.h" #include "threads.h"
void PacketEnqueue (PacketQueue *q, Packet *p) { void PacketEnqueue (PacketQueue *q, Packet *p) {
if (IS_TUNNEL_PKT(p)) {
/* get a lock */
pthread_mutex_t *m = p->root ? &p->root->mutex_rtv_cnt : &p->mutex_rtv_cnt;
mutex_lock(m);
if (IS_TUNNEL_ROOT_PKT(p)) {
if (TUNNEL_PKT_TPR(p) == 0) {
/* if this packet is the root and there are no
* more tunnel packets, enqueue it */
/* fall through */
} else {
/* if this is the root and there are more tunnel
* packets, don't add this. It's still referenced
* by the tunnel packets, and we will enqueue it
* when we handle them */
p->tunnel_verdicted = 1;
mutex_unlock(m);
return;
}
} else {
if (p->root->tunnel_verdicted == 1 && TUNNEL_PKT_TPR(p) == 1) {
/* the root is ready and we are the last tunnel packet,
* lets enqueue them both. */
TUNNEL_DECR_PKT_TPR_NOLOCK(p);
/* handle the root */
PacketEnqueue(q,p->root);
/* fall through */
} else {
TUNNEL_DECR_PKT_TPR_NOLOCK(p);
/* fall through */
}
}
mutex_unlock(m);
}
/* more packets in queue */ /* more packets in queue */
if (q->top != NULL) { if (q->top != NULL) {
p->next = q->top; p->next = q->top;

@ -337,19 +337,24 @@ int VerdictNFQ(ThreadVars *tv, Packet *p, void *data) {
* already. */ * already. */
if (IS_TUNNEL_PKT(p)) { if (IS_TUNNEL_PKT(p)) {
char verdict = 1; char verdict = 1;
printf("VerdictNFQ: tunnel pkt: %p %s\n", p, p->root ? "upper layer" : "root");
pthread_mutex_t *m = p->root ? &p->root->mutex_rtv_cnt : &p->mutex_rtv_cnt; pthread_mutex_t *m = p->root ? &p->root->mutex_rtv_cnt : &p->mutex_rtv_cnt;
mutex_lock(m); mutex_lock(m);
/* if there are more tunnel packets than ready to verdict packets, /* if there are more tunnel packets than ready to verdict packets,
* we won't verdict this one */ * we won't verdict this one */
if ((TUNNEL_PKT_TPR(p)+1) > TUNNEL_PKT_RTV(p)) { if (TUNNEL_PKT_TPR(p) > TUNNEL_PKT_RTV(p)) {
printf("VerdictNFQ: not ready to verdict yet: TUNNEL_PKT_TPR(p) > TUNNEL_PKT_RTV(p) = %d > %d\n", TUNNEL_PKT_TPR(p), TUNNEL_PKT_RTV(p));
verdict = 0; verdict = 0;
} }
mutex_unlock(m); mutex_unlock(m);
/* don't verdict if we are not ready */ /* don't verdict if we are not ready */
if (verdict == 1) { if (verdict == 1) {
NFQSetVerdict(ntv, p); printf("VerdictNFQ: setting verdict\n");
NFQSetVerdict(ntv, p->root ? p->root : p);
} else {
TUNNEL_INCR_PKT_RTV(p);
} }
} else { } else {
/* no tunnel, verdict normally */ /* no tunnel, verdict normally */

@ -5,6 +5,7 @@
#ifdef DBG_THREADS #ifdef DBG_THREADS
#include <pthread.h>
int mutex_lock_dbg (pthread_mutex_t *); int mutex_lock_dbg (pthread_mutex_t *);
int mutex_trylock_dbg (pthread_mutex_t *); int mutex_trylock_dbg (pthread_mutex_t *);
int mutex_unlock_dbg (pthread_mutex_t *); int mutex_unlock_dbg (pthread_mutex_t *);

@ -22,23 +22,74 @@ Packet *TmqhInputPacketpool(ThreadVars *t)
Packet *p = SetupPkt(); Packet *p = SetupPkt();
mutex_lock(&mutex_pending); mutex_lock(&mutex_pending);
if (pending > MAX_PENDING) if (pending > MAX_PENDING) {
pthread_cond_wait(&cond_pending, &mutex_pending); pthread_cond_wait(&cond_pending, &mutex_pending);
}
mutex_unlock(&mutex_pending); mutex_unlock(&mutex_pending);
return p; return p;
} }
void TmqhOutputPacketpool(ThreadVars *t, Packet *p) void TmqhOutputPacketpool(ThreadVars *t, Packet *p)
{ {
PacketQueue *q = &packet_q; PacketQueue *q = &packet_q;
char proot = 0;
if (IS_TUNNEL_PKT(p)) {
printf("TmqhOutputPacketpool: tunnel packet: %p %s\n", p,p->root ? "upper layer":"root");
/* get a lock */
pthread_mutex_t *m = p->root ? &p->root->mutex_rtv_cnt : &p->mutex_rtv_cnt;
mutex_lock(m);
if (IS_TUNNEL_ROOT_PKT(p)) {
printf("TmqhOutputPacketpool: IS_TUNNEL_ROOT_PKT\n");
if (TUNNEL_PKT_TPR(p) == 0) {
printf("TmqhOutputPacketpool: TUNNEL_PKT_TPR(p) == 0\n");
/* if this packet is the root and there are no
* more tunnel packets, enqueue it */
/* fall through */
} else {
printf("TmqhOutputPacketpool: TUNNEL_PKT_TPR(p) > 0\n");
/* if this is the root and there are more tunnel
* packets, don't add this. It's still referenced
* by the tunnel packets, and we will enqueue it
* when we handle them */
p->tunnel_verdicted = 1;
mutex_unlock(m);
return;
}
} else {
printf("TmqhOutputPacketpool: NOT IS_TUNNEL_ROOT_PKT\n");
if (p->root->tunnel_verdicted == 1 && TUNNEL_PKT_TPR(p) == 1) {
printf("TmqhOutputPacketpool: p->root->tunnel_verdicted == 1 && TUNNEL_PKT_TPR(p) == 1\n");
/* the root is ready and we are the last tunnel packet,
* lets enqueue them both. */
TUNNEL_DECR_PKT_TPR_NOLOCK(p);
/* handle the root */
printf("TmqhOutputPacketpool: calling PacketEnqueue for root pkt\n");
proot = 1;
/* fall through */
} else {
printf("TmqhOutputPacketpool: NOT p->root->tunnel_verdicted == 1 && TUNNEL_PKT_TPR(p) == 1 (%u)\n", TUNNEL_PKT_TPR(p));
TUNNEL_DECR_PKT_TPR_NOLOCK(p);
/* fall through */
}
}
mutex_unlock(m);
printf("TmqhOutputPacketpool: tunnel stuff done, move on\n");
}
mutex_lock(&q->mutex_q); mutex_lock(&q->mutex_q);
if (proot) PacketEnqueue(q, p->root);
PacketEnqueue(q, p); PacketEnqueue(q, p);
mutex_unlock(&q->mutex_q); mutex_unlock(&q->mutex_q);
mutex_lock(&mutex_pending); mutex_lock(&mutex_pending);
pending--; if (pending) pending--;
if (pending <= MAX_PENDING) if (pending <= MAX_PENDING)
pthread_cond_signal(&cond_pending); pthread_cond_signal(&cond_pending);
mutex_unlock(&mutex_pending); mutex_unlock(&mutex_pending);

@ -85,13 +85,13 @@ Packet *SetupPkt (void)
mutex_unlock(&packet_q.mutex_q); mutex_unlock(&packet_q.mutex_q);
CLEAR_PACKET(p); CLEAR_PACKET(p);
//printf("p %p\n", p);
return p; return p;
} }
Packet *TunnelPktSetup(ThreadVars *t, Packet *parent, u_int8_t *pkt, u_int16_t len, u_int8_t proto) Packet *TunnelPktSetup(ThreadVars *t, Packet *parent, u_int8_t *pkt, u_int16_t len, u_int8_t proto)
{ {
printf("TunnelPktSetup: pkt %p, len %u, proto %u\n", pkt, len, proto);
/* get us a packet */ /* get us a packet */
mutex_lock(&packet_q.mutex_q); mutex_lock(&packet_q.mutex_q);
Packet *p = PacketDequeue(&packet_q); Packet *p = PacketDequeue(&packet_q);

Loading…
Cancel
Save