]>
Commit | Line | Data |
---|---|---|
657376c6 | 1 | Index: squid/src/client_side.c |
2 | diff -c squid/src/client_side.c:1.561.2.77 squid/src/client_side.c:1.561.2.80 | |
3 | *** squid/src/client_side.c:1.561.2.77 Thu Jun 9 01:51:47 2005 | |
4 | --- squid/src/client_side.c Thu Jun 30 02:38:00 2005 | |
5 | @@ -2733,6 +2733,7 @@ | |
6 | int vport; | |
7 | if (vhost_mode) { | |
8 | #if IPF_TRANSPARENT | |
9 | + static time_t last_reported = 0; | |
10 | natLookup.nl_inport = http->conn->me.sin_port; | |
11 | natLookup.nl_outport = http->conn->peer.sin_port; | |
12 | natLookup.nl_inip = http->conn->me.sin_addr; | |
13 | @@ -2751,12 +2752,10 @@ | |
14 | errno = save_errno; | |
15 | } | |
16 | if (natfd < 0) { | |
17 | - debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", | |
18 | - xstrerror()); | |
19 | - dlinkDelete(&http->active, &ClientActiveRequests); | |
20 | - xfree(http->uri); | |
21 | - cbdataFree(http); | |
22 | - xfree(inbuf); | |
23 | + if (squid_curtime - last_reported > 60) { | |
24 | + debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", xstrerror()); | |
25 | + last_reported = squid_curtime; | |
26 | + } | |
27 | } else { | |
28 | /* | |
29 | * IP-Filter changed the type for SIOCGNATL between | |
30 | @@ -2773,48 +2772,59 @@ | |
31 | } | |
32 | if (x < 0) { | |
33 | if (errno != ESRCH) { | |
34 | - debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n"); | |
35 | + if (squid_curtime - last_reported > 60) { | |
36 | + debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL): %s\n", xstrerror()); | |
37 | + last_reported = squid_curtime; | |
38 | + } | |
39 | close(natfd); | |
40 | natfd = -1; | |
41 | - dlinkDelete(&http->active, &ClientActiveRequests); | |
42 | - xfree(http->uri); | |
43 | - cbdataFree(http); | |
44 | - xfree(inbuf); | |
45 | } | |
46 | } else { | |
47 | conn->me.sin_port = natLookup.nl_realport; | |
48 | - http->conn->me.sin_addr = natLookup.nl_realip; | |
49 | + conn->me.sin_addr = natLookup.nl_realip; | |
50 | } | |
51 | } | |
52 | #elif PF_TRANSPARENT | |
53 | + static time_t last_reported = 0; | |
54 | if (pffd < 0) | |
55 | pffd = open("/dev/pf", O_RDWR); | |
56 | if (pffd < 0) { | |
57 | - debug(50, 1) ("parseHttpRequest: PF open failed: %s\n", | |
58 | - xstrerror()); | |
59 | - return parseHttpRequestAbort(conn, "error:pf-open-failed"); | |
60 | - } | |
61 | - memset(&nl, 0, sizeof(struct pfioc_natlook)); | |
62 | - nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr; | |
63 | - nl.sport = http->conn->peer.sin_port; | |
64 | - nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr; | |
65 | - nl.dport = http->conn->me.sin_port; | |
66 | - nl.af = AF_INET; | |
67 | - nl.proto = IPPROTO_TCP; | |
68 | - nl.direction = PF_OUT; | |
69 | - if (ioctl(pffd, DIOCNATLOOK, &nl)) { | |
70 | - if (errno != ENOENT) { | |
71 | - debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK)\n"); | |
72 | - close(pffd); | |
73 | - pffd = -1; | |
74 | + if (squid_curtime - last_reported > 60) { | |
75 | + debug(50, 1) ("parseHttpRequest: PF open failed: %s\n", xstrerror()); | |
76 | + last_reported = squid_curtime; | |
77 | } | |
78 | } else { | |
79 | - conn->me.sin_port = nl.rdport; | |
80 | - http->conn->me.sin_addr = nl.rdaddr.v4; | |
81 | + memset(&nl, 0, sizeof(struct pfioc_natlook)); | |
82 | + nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr; | |
83 | + nl.sport = http->conn->peer.sin_port; | |
84 | + nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr; | |
85 | + nl.dport = http->conn->me.sin_port; | |
86 | + nl.af = AF_INET; | |
87 | + nl.proto = IPPROTO_TCP; | |
88 | + nl.direction = PF_OUT; | |
89 | + if (ioctl(pffd, DIOCNATLOOK, &nl)) { | |
90 | + if (errno != ENOENT) { | |
91 | + if (squid_curtime - last_reported > 60) { | |
92 | + debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK): %s\n", xstrerror()); | |
93 | + last_reported = squid_curtime; | |
94 | + } | |
95 | + close(pffd); | |
96 | + pffd = -1; | |
97 | + } | |
98 | + } else { | |
99 | + conn->me.sin_port = nl.rdport; | |
100 | + conn->me.sin_addr = nl.rdaddr.v4; | |
101 | + } | |
102 | } | |
103 | #elif LINUX_NETFILTER | |
104 | + static time_t last_reported = 0; | |
105 | /* If the call fails the address structure will be unchanged */ | |
106 | - getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz); | |
107 | + if (getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz) != 0) { | |
108 | + if (squid_curtime - last_reported > 60) { | |
109 | + debug(50, 1) ("parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: %s\n", xstrerror()); | |
110 | + last_reported = squid_curtime; | |
111 | + } | |
112 | + } | |
113 | #endif | |
114 | } | |
115 | if (vport_mode) |