Re: [tproxy] Invalid Arguement for setsockopt
Hi, On 2005. December 20. 00.08, Sai Bathina wrote:
I am seeing that I am getting an Invalid Arguement for setsockopt for TPROXY_ASSIGN. I have tried this compiling tproxy into the kernel as well as loading them as modules.
First of all, sorry for the delayed answer. Obviously, compiling into the kernel and loading as a module should give exactly the same results.
This is the code snippet:
sock = socket(AF_INET, SOCK_STREAM, 0); if (sock == -1) { perror("socket"); return -1; }
/* check tproxy version*/ itp.op = TPROXY_VERSION; itp.v.version = 0x02000000; if (setsockopt(sock, SOL_IP, IP_TPROXY, &itp, sizeof(itp)) == -1) { perror("setsockopt(SOL_IP, IP_TPROXY, TPROXY_VERSION)"); return -1; }
/* bind to local address */ sin.sin_family = AF_INET; sin.sin_addr.s_addr = INADDR_ANY; //inet_aton(argv[1], &sin.sin_addr); sin.sin_port = htons(9999);
if (bind(sock, (struct sockaddr *) &sin, sizeof(sin)) == -1) { perror("bind"); return -1; }
listen(sock, 5); clilen = sizeof(cli_addr); newsockfd = accept(sock,(struct sockaddr *) &cli_addr,&clilen); if (newsockfd < 0) error("ERROR on accept");
printf("Here is the client: %s:%i\n",inet_ntoa(cli_addr.sin_addr.s_addr), ntohs(cli_addr.sin_port) );
Ok, no problems up to this point. However, the next few lines are somewhat problematic.
/* assign foreign address */ itp.op = TPROXY_ASSIGN;
memcpy( &itp.v.addr.faddr, &cli_addr.sin_addr, sizeof( struct in_addr ) );
itp.v.addr.fport = cli_addr.sin_port;
printf("Here is the itp vals for faddr and fport %s:%i\n",inet_ntoa(itp.v.addr.faddr), ntohs(itp.v.addr.fport) );
if (setsockopt(sock, SOL_IP, IP_TPROXY, &itp, sizeof(itp)) == -1) { perror("setsockopt(SOL_IP, IP_TPROXY, TPROXY_ASSIGN)"); return -1; }
Once you've accept()-ed the connection and have a socket, you cannot do any assignments on the socket because it has the same local endpoint (IP:port) as the listener socket. By the way, I don't really get what you're trying to do, so I could probably help you more if you told us what this piece of the program is supposed to achieve. -- Regards, Krisztian Kovacs
participants (1)
-
KOVACS Krisztian