Complete filling out the common flow information for "ping" flows by storing the host side information for the ping socket. We can only retrieve this from the socket after we send the echo-request, because that's when the kernel will assign an ID. Signed-off-by: David Gibson <david(a)gibson.dropbear.id.au> --- icmp.c | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/icmp.c b/icmp.c index 53ad087..917c810 100644 --- a/icmp.c +++ b/icmp.c @@ -310,11 +310,41 @@ int icmp_tap_handler(const struct ctx *c, uint8_t pif, int af, if (sendto(pingf->sock, pkt, plen, MSG_NOSIGNAL, &sa.sa, sl) < 0) { debug("%s: failed to relay request to socket: %s", pname, strerror(errno)); - } else { - debug("%s: echo request to socket, ID: %"PRIu16", seq: %"PRIu16, - pname, id, seq); + if (flow) + goto cancel; + } + + debug("%s: echo request to socket, ID: %"PRIu16", seq: %"PRIu16, + pname, id, seq); + + if (!flow) + /* Nothing more to do for an existing flow */ + return 1; + + /* We need to wait until after the sendto() to fill in the SOCKSIDE + * information, so that we can find out the host side id the kernel + * assigned. If there's no bind address specified, this will still have + * 0.0.0.0 or :: as the host side forwarding address. There's not + * really anything we can do to fill that in, which means we can never + * insert the SOCKSIDE of a ping flow into the hash table. + */ + if (flowside_from_sock(SOCKFSIDE(pingf), PIF_HOST, pingf->sock, + NULL, &sa) < 0) { + err("%s: Failed to get local name for outgoing ping socket", + pname); + goto cancel; } + /* We want the id as the "port" on both sides */ + SOCKFSIDE(pingf)->eport = SOCKFSIDE(pingf)->fport; + + FLOW_FWD_DBG(pingf, SOCKSIDE); + + return 1; +cancel: + /* Something went wrong, back out creation of the flow */ + icmp_ping_close(c, pingf); + flow_alloc_cancel(flow); return 1; } -- 2.43.0