From: Martin Schwenke Date: Mon, 21 Mar 2016 00:11:19 +0000 (+1100) Subject: ctdb-killtcp: Filter out sent packets X-Git-Tag: tdb-1.3.9~32 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7e5eab139d37819e162188dd474e5d142f3c04c1;p=thirdparty%2Fsamba.git ctdb-killtcp: Filter out sent packets When previously killing TCP connections via the daemon there was some latency due to each kill being sent to the daemon via a separate control. This probably meant that when doing a 2-way kill the tickle ACKs sent to the client end of a connection would not interfere with listening for the reply ACK from the server end. Now that there is no latency, the tickle ACK or RST sent to the client end can be seen as the reply to the server end tickle ACK, and vice-versa. To avoid this, throw away packets that look like we sent them. Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs --- diff --git a/ctdb/tools/ctdb_killtcp.c b/ctdb/tools/ctdb_killtcp.c index f6b6a0e6dde..11028cc954c 100644 --- a/ctdb/tools/ctdb_killtcp.c +++ b/ctdb/tools/ctdb_killtcp.c @@ -124,6 +124,18 @@ static void capture_tcp_handler(struct tevent_context *ev, return; } + if (window == htons(1234) && (rst || seq == 0)) { + /* Ignore packets that we sent! */ + DEBUG(DEBUG_DEBUG, + ("Ignoring packet with dst=%s:%d, src=%s:%d, seq=%"PRIu32", ack_seq=%"PRIu32", rst=%d, window=%"PRIu16"\n", + ctdb_sock_addr_to_string(killtcp, &dst), + ntohs(dst.ip.sin_port), + ctdb_sock_addr_to_string(killtcp, &src), + ntohs(src.ip.sin_port), + seq, ack_seq, rst, ntohs(window))); + return; + } + /* check if we have this guy in our list of connections to kill */