[tproxy] tproxy race condition? [RESEND]
KOVACS Krisztian
hidden@balabit.hu
Mon, 20 Dec 2004 12:04:19 +0100
Hi Jim,
2004-12-20, h keltezéssel 11:48-kor jim@minter.demon.co.uk ezt írta:
> hidden@balabit.hu wrote:
> > OK, thanks, I've downloaded the tarball. BTW, the syslog is indeed not
> > very useful, since it is horribly incomplete...
>
> Sorry :o(. I'm currently recompiling the kernel with a larger log
> buffer and will rerun the tests and post an updated tarball.
I'm afraid it won't help much, but let's see.
> > Could you try what happens if you omit the ITP_ONCE flag from the
> > FLAGS setsockopt(), and set only ITP_CONNECT?
>
> OK, in this case we don't get any un-NATted packets at the remote
> host, but sooner or later one of the processes gets stuck in a
> connect() call and never returns: presumably every time it attempts to
> issue a SYN packet, this packet gets lost somewhere? Maybe with
> proper logging it will be clearer what's going on here.
OK, thanks. So, in the meantime I reproduced the problem (and tested
without ITP_ONCE as well). Seems interesting, since I get a lot of
"failed to apply NAT mapping" errors...
--
Regards,
Krisztian KOVACS