squid-2.5.STABLE10-transparent-2.patch

   1 Index: squid/src/client_side.c
   2 diff -c squid/src/client_side.c:1.561.2.77 squid/src/client_side.c:1.561.2.80
   3 *** squid/src/client_side.c:1.561.2.77  Thu Jun  9 01:51:47 2005
   4 --- squid/src/client_side.c     Thu Jun 30 02:38:00 2005
   5 @@ -2733,6 +2733,7 @@
   6         int vport;
   7         if (vhost_mode) {
   8  #if IPF_TRANSPARENT
   9 +           static time_t last_reported = 0;
  10             natLookup.nl_inport = http->conn->me.sin_port;
  11             natLookup.nl_outport = http->conn->peer.sin_port;
  12             natLookup.nl_inip = http->conn->me.sin_addr;
  13 @@ -2751,12 +2752,10 @@
  14                 errno = save_errno;
  15             }
  16             if (natfd < 0) {
  17 -               debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n",
  18 -                   xstrerror());
  19 -               dlinkDelete(&http->active, &ClientActiveRequests);
  20 -               xfree(http->uri);
  21 -               cbdataFree(http);
  22 -               xfree(inbuf);
  23 +               if (squid_curtime - last_reported > 60) {
  24 +                   debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", xstrerror());
  25 +                   last_reported = squid_curtime;
  26 +               }
  27             } else {
  28                 /*
  29                  * IP-Filter changed the type for SIOCGNATL between
  30 @@ -2773,48 +2772,59 @@
  31                 }
  32                 if (x < 0) {
  33                     if (errno != ESRCH) {
  34 -                       debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n");
  35 +                       if (squid_curtime - last_reported > 60) {
  36 +                           debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL): %s\n", xstrerror());
  37 +                           last_reported = squid_curtime;
  38 +                       }
  39                         close(natfd);
  40                         natfd = -1;
  41 -                       dlinkDelete(&http->active, &ClientActiveRequests);
  42 -                       xfree(http->uri);
  43 -                       cbdataFree(http);
  44 -                       xfree(inbuf);
  45                     }
  46                 } else {
  47                     conn->me.sin_port = natLookup.nl_realport;
  48 -                   http->conn->me.sin_addr = natLookup.nl_realip;
  49 +                   conn->me.sin_addr = natLookup.nl_realip;
  50                 }
  51             }
  52  #elif PF_TRANSPARENT
  53 +           static time_t last_reported = 0;
  54             if (pffd < 0)
  55                 pffd = open("/dev/pf", O_RDWR);
  56             if (pffd < 0) {
  57 -               debug(50, 1) ("parseHttpRequest: PF open failed: %s\n",
  58 -                   xstrerror());
  59 -               return parseHttpRequestAbort(conn, "error:pf-open-failed");
  60 -           }
  61 -           memset(&nl, 0, sizeof(struct pfioc_natlook));
  62 -           nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
  63 -           nl.sport = http->conn->peer.sin_port;
  64 -           nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
  65 -           nl.dport = http->conn->me.sin_port;
  66 -           nl.af = AF_INET;
  67 -           nl.proto = IPPROTO_TCP;
  68 -           nl.direction = PF_OUT;
  69 -           if (ioctl(pffd, DIOCNATLOOK, &nl)) {
  70 -               if (errno != ENOENT) {
  71 -                   debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK)\n");
  72 -                   close(pffd);
  73 -                   pffd = -1;
  74 +               if (squid_curtime - last_reported > 60) {
  75 +                   debug(50, 1) ("parseHttpRequest: PF open failed: %s\n", xstrerror());
  76 +                   last_reported = squid_curtime;
  77                 }
  78             } else {
  79 -               conn->me.sin_port = nl.rdport;
  80 -               http->conn->me.sin_addr = nl.rdaddr.v4;
  81 +               memset(&nl, 0, sizeof(struct pfioc_natlook));
  82 +               nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
  83 +               nl.sport = http->conn->peer.sin_port;
  84 +               nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
  85 +               nl.dport = http->conn->me.sin_port;
  86 +               nl.af = AF_INET;
  87 +               nl.proto = IPPROTO_TCP;
  88 +               nl.direction = PF_OUT;
  89 +               if (ioctl(pffd, DIOCNATLOOK, &nl)) {
  90 +                   if (errno != ENOENT) {
  91 +                       if (squid_curtime - last_reported > 60) {
  92 +                           debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK): %s\n", xstrerror());
  93 +                           last_reported = squid_curtime;
  94 +                       }
  95 +                       close(pffd);
  96 +                       pffd = -1;
  97 +                   }
  98 +               } else {
  99 +                   conn->me.sin_port = nl.rdport;
 100 +                   conn->me.sin_addr = nl.rdaddr.v4;
 101 +               }
 102             }
 103  #elif LINUX_NETFILTER
 104 +           static time_t last_reported = 0;
 105             /* If the call fails the address structure will be unchanged */
 106 -           getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz);
 107 +           if (getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz) != 0) {
 108 +               if (squid_curtime - last_reported > 60) {
 109 +                   debug(50, 1) ("parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: %s\n", xstrerror());
 110 +                   last_reported = squid_curtime;
 111 +               }
 112 +           }
 113  #endif
 114         }
 115         if (vport_mode)