[ipfire-2.x.git] / src / patches / dnsmasq / 0004-Set-conntrack-mark-before-connect-call.patch

From e9828b6f66b22ce8873f8d30a773137d1aef1b92 Mon Sep 17 00:00:00 2001
From: Karl Vogel <karl.vogel@gmail.com>
Date: Fri, 3 Oct 2014 21:45:15 +0100
Subject: [PATCH 04/87] Set conntrack mark before connect() call.

SO_MARK has to be done before issuing the connect() call on the
TCP socket.
---
 src/forward.c | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/src/forward.c b/src/forward.c
index 4895efeba89a..2cf29eba6e26 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -1796,6 +1796,24 @@ unsigned char *tcp_request(int confd, time_t now,
 			  if ((last_server->tcpfd = socket(last_server->addr.sa.sa_family, SOCK_STREAM, 0)) == -1)
 			    continue;
 			  
+#ifdef HAVE_CONNTRACK
+			  /* Copy connection mark of incoming query to outgoing connection. */
+			  if (option_bool(OPT_CONNTRACK))
+			    {
+			      unsigned int mark;
+			      struct all_addr local;
+#ifdef HAVE_IPV6		      
+			      if (local_addr->sa.sa_family == AF_INET6)
+				local.addr.addr6 = local_addr->in6.sin6_addr;
+			      else
+#endif
+				local.addr.addr4 = local_addr->in.sin_addr;
+			      
+			      if (get_incoming_mark(&peer_addr, &local, 1, &mark))
+				setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
+			    }
+#endif	
+		      
 			  if ((!local_bind(last_server->tcpfd,  &last_server->source_addr, last_server->interface, 1) ||
 			       connect(last_server->tcpfd, &last_server->addr.sa, sa_len(&last_server->addr)) == -1))
 			    {
@@ -1820,24 +1838,6 @@ unsigned char *tcp_request(int confd, time_t now,
 			      size = new_size;
 			    }
 #endif
-			  
-#ifdef HAVE_CONNTRACK
-			  /* Copy connection mark of incoming query to outgoing connection. */
-			  if (option_bool(OPT_CONNTRACK))
-			    {
-			      unsigned int mark;
-			      struct all_addr local;
-#ifdef HAVE_IPV6		      
-			      if (local_addr->sa.sa_family == AF_INET6)
-				local.addr.addr6 = local_addr->in6.sin6_addr;
-			      else
-#endif
-				local.addr.addr4 = local_addr->in.sin_addr;
-			      
-			      if (get_incoming_mark(&peer_addr, &local, 1, &mark))
-				setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
-			    }
-#endif	
 			}
 		      
 		      *length = htons(size);
-- 
2.1.0
Commit	Line	Data
6644c1c7 MT	1	From e9828b6f66b22ce8873f8d30a773137d1aef1b92 Mon Sep 17 00:00:00 2001
	2	From: Karl Vogel <karl.vogel@gmail.com>
	3	Date: Fri, 3 Oct 2014 21:45:15 +0100
5f206778	4	Subject: [PATCH 04/87] Set conntrack mark before connect() call.
6644c1c7 MT	5
	6	SO_MARK has to be done before issuing the connect() call on the
	7	TCP socket.
	8	---
	9	src/forward.c \| 36 ++++++++++++++++++------------------
	10	1 file changed, 18 insertions(+), 18 deletions(-)
	11
	12	diff --git a/src/forward.c b/src/forward.c
	13	index 4895efeba89a..2cf29eba6e26 100644
	14	--- a/src/forward.c
	15	+++ b/src/forward.c
	16	@@ -1796,6 +1796,24 @@ unsigned char *tcp_request(int confd, time_t now,
	17	if ((last_server->tcpfd = socket(last_server->addr.sa.sa_family, SOCK_STREAM, 0)) == -1)
	18	continue;
	19
	20	+#ifdef HAVE_CONNTRACK
	21	+ /* Copy connection mark of incoming query to outgoing connection. */
	22	+ if (option_bool(OPT_CONNTRACK))
	23	+ {
	24	+ unsigned int mark;
	25	+ struct all_addr local;
	26	+#ifdef HAVE_IPV6
	27	+ if (local_addr->sa.sa_family == AF_INET6)
	28	+ local.addr.addr6 = local_addr->in6.sin6_addr;
	29	+ else
	30	+#endif
	31	+ local.addr.addr4 = local_addr->in.sin_addr;
	32	+
	33	+ if (get_incoming_mark(&peer_addr, &local, 1, &mark))
	34	+ setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
	35	+ }
	36	+#endif
	37	+
	38	if ((!local_bind(last_server->tcpfd, &last_server->source_addr, last_server->interface, 1) \|\|
	39	connect(last_server->tcpfd, &last_server->addr.sa, sa_len(&last_server->addr)) == -1))
	40	{
	41	@@ -1820,24 +1838,6 @@ unsigned char *tcp_request(int confd, time_t now,
	42	size = new_size;
	43	}
	44	#endif
	45	-
	46	-#ifdef HAVE_CONNTRACK
	47	- /* Copy connection mark of incoming query to outgoing connection. */
	48	- if (option_bool(OPT_CONNTRACK))
	49	- {
	50	- unsigned int mark;
	51	- struct all_addr local;
	52	-#ifdef HAVE_IPV6
	53	- if (local_addr->sa.sa_family == AF_INET6)
	54	- local.addr.addr6 = local_addr->in6.sin6_addr;
	55	- else
	56	-#endif
	57	- local.addr.addr4 = local_addr->in.sin_addr;
	58	-
	59	- if (get_incoming_mark(&peer_addr, &local, 1, &mark))
	60	- setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
	61	- }
	62	-#endif
	63	}
	64
	65	*length = htons(size);
	66	--
	67	2.1.0
	68