[tproxy] tproxy race condition? [RESEND]
jim@minter.demon.co.uk
jim@minter.demon.co.uk
Mon, 20 Dec 2004 10:48:50 +0000
Hi!
hidden@balabit.hu wrote:
> OK, thanks, I've downloaded the tarball. BTW, the syslog is indeed not
> very useful, since it is horribly incomplete...
Sorry :o(. I'm currently recompiling the kernel with a larger log buffer and will rerun the tests and post an updated tarball.
> Could you try what happens if you omit the ITP_ONCE flag from the
> FLAGS setsockopt(), and set only ITP_CONNECT?
OK, in this case we don't get any un-NATted packets at the remote host, but sooner or later one of the processes gets stuck in a connect() call and never returns: presumably every time it attempts to issue a SYN packet, this packet gets lost somewhere? Maybe with proper logging it will be clearer what's going on here.
Jim