]>
Commit | Line | Data |
---|---|---|
6644c1c7 MT |
1 | From e9828b6f66b22ce8873f8d30a773137d1aef1b92 Mon Sep 17 00:00:00 2001 |
2 | From: Karl Vogel <karl.vogel@gmail.com> | |
3 | Date: Fri, 3 Oct 2014 21:45:15 +0100 | |
697b4f04 | 4 | Subject: [PATCH 004/113] Set conntrack mark before connect() call. |
6644c1c7 MT |
5 | |
6 | SO_MARK has to be done before issuing the connect() call on the | |
7 | TCP socket. | |
8 | --- | |
9 | src/forward.c | 36 ++++++++++++++++++------------------ | |
10 | 1 file changed, 18 insertions(+), 18 deletions(-) | |
11 | ||
12 | diff --git a/src/forward.c b/src/forward.c | |
13 | index 4895efeba89a..2cf29eba6e26 100644 | |
14 | --- a/src/forward.c | |
15 | +++ b/src/forward.c | |
16 | @@ -1796,6 +1796,24 @@ unsigned char *tcp_request(int confd, time_t now, | |
17 | if ((last_server->tcpfd = socket(last_server->addr.sa.sa_family, SOCK_STREAM, 0)) == -1) | |
18 | continue; | |
19 | ||
20 | +#ifdef HAVE_CONNTRACK | |
21 | + /* Copy connection mark of incoming query to outgoing connection. */ | |
22 | + if (option_bool(OPT_CONNTRACK)) | |
23 | + { | |
24 | + unsigned int mark; | |
25 | + struct all_addr local; | |
26 | +#ifdef HAVE_IPV6 | |
27 | + if (local_addr->sa.sa_family == AF_INET6) | |
28 | + local.addr.addr6 = local_addr->in6.sin6_addr; | |
29 | + else | |
30 | +#endif | |
31 | + local.addr.addr4 = local_addr->in.sin_addr; | |
32 | + | |
33 | + if (get_incoming_mark(&peer_addr, &local, 1, &mark)) | |
34 | + setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int)); | |
35 | + } | |
36 | +#endif | |
37 | + | |
38 | if ((!local_bind(last_server->tcpfd, &last_server->source_addr, last_server->interface, 1) || | |
39 | connect(last_server->tcpfd, &last_server->addr.sa, sa_len(&last_server->addr)) == -1)) | |
40 | { | |
41 | @@ -1820,24 +1838,6 @@ unsigned char *tcp_request(int confd, time_t now, | |
42 | size = new_size; | |
43 | } | |
44 | #endif | |
45 | - | |
46 | -#ifdef HAVE_CONNTRACK | |
47 | - /* Copy connection mark of incoming query to outgoing connection. */ | |
48 | - if (option_bool(OPT_CONNTRACK)) | |
49 | - { | |
50 | - unsigned int mark; | |
51 | - struct all_addr local; | |
52 | -#ifdef HAVE_IPV6 | |
53 | - if (local_addr->sa.sa_family == AF_INET6) | |
54 | - local.addr.addr6 = local_addr->in6.sin6_addr; | |
55 | - else | |
56 | -#endif | |
57 | - local.addr.addr4 = local_addr->in.sin_addr; | |
58 | - | |
59 | - if (get_incoming_mark(&peer_addr, &local, 1, &mark)) | |
60 | - setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int)); | |
61 | - } | |
62 | -#endif | |
63 | } | |
64 | ||
65 | *length = htons(size); | |
66 | -- | |
67 | 2.1.0 | |
68 |