[packages/squid.git] / squid-2.5.STABLE10-transparent-2.patch

Index: squid/src/client_side.c
diff -c squid/src/client_side.c:1.561.2.77 squid/src/client_side.c:1.561.2.80
*** squid/src/client_side.c:1.561.2.77	Thu Jun  9 01:51:47 2005
--- squid/src/client_side.c	Thu Jun 30 02:38:00 2005
@@ -2733,6 +2733,7 @@
 	int vport;
 	if (vhost_mode) {
 #if IPF_TRANSPARENT
+	    static time_t last_reported = 0;
 	    natLookup.nl_inport = http->conn->me.sin_port;
 	    natLookup.nl_outport = http->conn->peer.sin_port;
 	    natLookup.nl_inip = http->conn->me.sin_addr;
@@ -2751,12 +2752,10 @@
 		errno = save_errno;
 	    }
 	    if (natfd < 0) {
-		debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n",
-		    xstrerror());
-		dlinkDelete(&http->active, &ClientActiveRequests);
-		xfree(http->uri);
-		cbdataFree(http);
-		xfree(inbuf);
+		if (squid_curtime - last_reported > 60) {
+		    debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", xstrerror());
+		    last_reported = squid_curtime;
+		}
 	    } else {
 		/*
 		 * IP-Filter changed the type for SIOCGNATL between
@@ -2773,48 +2772,59 @@
 		}
 		if (x < 0) {
 		    if (errno != ESRCH) {
-			debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n");
+			if (squid_curtime - last_reported > 60) {
+			    debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL): %s\n", xstrerror());
+			    last_reported = squid_curtime;
+			}
 			close(natfd);
 			natfd = -1;
-			dlinkDelete(&http->active, &ClientActiveRequests);
-			xfree(http->uri);
-			cbdataFree(http);
-			xfree(inbuf);
 		    }
 		} else {
 		    conn->me.sin_port = natLookup.nl_realport;
-		    http->conn->me.sin_addr = natLookup.nl_realip;
+		    conn->me.sin_addr = natLookup.nl_realip;
 		}
 	    }
 #elif PF_TRANSPARENT
+	    static time_t last_reported = 0;
 	    if (pffd < 0)
 		pffd = open("/dev/pf", O_RDWR);
 	    if (pffd < 0) {
-		debug(50, 1) ("parseHttpRequest: PF open failed: %s\n",
-		    xstrerror());
-		return parseHttpRequestAbort(conn, "error:pf-open-failed");
-	    }
-	    memset(&nl, 0, sizeof(struct pfioc_natlook));
-	    nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
-	    nl.sport = http->conn->peer.sin_port;
-	    nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
-	    nl.dport = http->conn->me.sin_port;
-	    nl.af = AF_INET;
-	    nl.proto = IPPROTO_TCP;
-	    nl.direction = PF_OUT;
-	    if (ioctl(pffd, DIOCNATLOOK, &nl)) {
-		if (errno != ENOENT) {
-		    debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK)\n");
-		    close(pffd);
-		    pffd = -1;
+		if (squid_curtime - last_reported > 60) {
+		    debug(50, 1) ("parseHttpRequest: PF open failed: %s\n", xstrerror());
+		    last_reported = squid_curtime;
 		}
 	    } else {
-		conn->me.sin_port = nl.rdport;
-		http->conn->me.sin_addr = nl.rdaddr.v4;
+		memset(&nl, 0, sizeof(struct pfioc_natlook));
+		nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
+		nl.sport = http->conn->peer.sin_port;
+		nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
+		nl.dport = http->conn->me.sin_port;
+		nl.af = AF_INET;
+		nl.proto = IPPROTO_TCP;
+		nl.direction = PF_OUT;
+		if (ioctl(pffd, DIOCNATLOOK, &nl)) {
+		    if (errno != ENOENT) {
+			if (squid_curtime - last_reported > 60) {
+			    debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK): %s\n", xstrerror());
+			    last_reported = squid_curtime;
+			}
+			close(pffd);
+			pffd = -1;
+		    }
+		} else {
+		    conn->me.sin_port = nl.rdport;
+		    conn->me.sin_addr = nl.rdaddr.v4;
+		}
 	    }
 #elif LINUX_NETFILTER
+	    static time_t last_reported = 0;
 	    /* If the call fails the address structure will be unchanged */
-	    getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz);
+	    if (getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz) != 0) {
+		if (squid_curtime - last_reported > 60) {
+		    debug(50, 1) ("parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: %s\n", xstrerror());
+		    last_reported = squid_curtime;
+		}
+	    }
 #endif
 	}
 	if (vport_mode)
Commit	Line	Data
657376c6	1	Index: squid/src/client_side.c
	2	diff -c squid/src/client_side.c:1.561.2.77 squid/src/client_side.c:1.561.2.80
	3	*** squid/src/client_side.c:1.561.2.77 Thu Jun 9 01:51:47 2005
	4	--- squid/src/client_side.c Thu Jun 30 02:38:00 2005
	5	@@ -2733,6 +2733,7 @@
	6	int vport;
	7	if (vhost_mode) {
	8	#if IPF_TRANSPARENT
	9	+ static time_t last_reported = 0;
	10	natLookup.nl_inport = http->conn->me.sin_port;
	11	natLookup.nl_outport = http->conn->peer.sin_port;
	12	natLookup.nl_inip = http->conn->me.sin_addr;
	13	@@ -2751,12 +2752,10 @@
	14	errno = save_errno;
	15	}
	16	if (natfd < 0) {
	17	- debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n",
	18	- xstrerror());
	19	- dlinkDelete(&http->active, &ClientActiveRequests);
	20	- xfree(http->uri);
	21	- cbdataFree(http);
	22	- xfree(inbuf);
	23	+ if (squid_curtime - last_reported > 60) {
	24	+ debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", xstrerror());
	25	+ last_reported = squid_curtime;
	26	+ }
	27	} else {
	28	/*
	29	* IP-Filter changed the type for SIOCGNATL between
	30	@@ -2773,48 +2772,59 @@
	31	}
	32	if (x < 0) {
	33	if (errno != ESRCH) {
	34	- debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n");
	35	+ if (squid_curtime - last_reported > 60) {
	36	+ debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL): %s\n", xstrerror());
	37	+ last_reported = squid_curtime;
	38	+ }
	39	close(natfd);
	40	natfd = -1;
	41	- dlinkDelete(&http->active, &ClientActiveRequests);
	42	- xfree(http->uri);
	43	- cbdataFree(http);
	44	- xfree(inbuf);
	45	}
	46	} else {
	47	conn->me.sin_port = natLookup.nl_realport;
	48	- http->conn->me.sin_addr = natLookup.nl_realip;
	49	+ conn->me.sin_addr = natLookup.nl_realip;
	50	}
	51	}
	52	#elif PF_TRANSPARENT
	53	+ static time_t last_reported = 0;
	54	if (pffd < 0)
	55	pffd = open("/dev/pf", O_RDWR);
	56	if (pffd < 0) {
	57	- debug(50, 1) ("parseHttpRequest: PF open failed: %s\n",
	58	- xstrerror());
	59	- return parseHttpRequestAbort(conn, "error:pf-open-failed");
	60	- }
	61	- memset(&nl, 0, sizeof(struct pfioc_natlook));
	62	- nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
	63	- nl.sport = http->conn->peer.sin_port;
	64	- nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
65	- nl.dport = http->conn->me.sin_port;
66	- nl.af = AF_INET;
67	- nl.proto = IPPROTO_TCP;
68	- nl.direction = PF_OUT;
69	- if (ioctl(pffd, DIOCNATLOOK, &nl)) {
70	- if (errno != ENOENT) {
71	- debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK)\n");
72	- close(pffd);
73	- pffd = -1;
74	+ if (squid_curtime - last_reported > 60) {
75	+ debug(50, 1) ("parseHttpRequest: PF open failed: %s\n", xstrerror());
76	+ last_reported = squid_curtime;
77	}
78	} else {
79	- conn->me.sin_port = nl.rdport;
80	- http->conn->me.sin_addr = nl.rdaddr.v4;
81	+ memset(&nl, 0, sizeof(struct pfioc_natlook));
82	+ nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
83	+ nl.sport = http->conn->peer.sin_port;
84	+ nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
85	+ nl.dport = http->conn->me.sin_port;
86	+ nl.af = AF_INET;
87	+ nl.proto = IPPROTO_TCP;
88	+ nl.direction = PF_OUT;
89	+ if (ioctl(pffd, DIOCNATLOOK, &nl)) {
90	+ if (errno != ENOENT) {
91	+ if (squid_curtime - last_reported > 60) {
92	+ debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK): %s\n", xstrerror());
93	+ last_reported = squid_curtime;
94	+ }
95	+ close(pffd);
96	+ pffd = -1;
97	+ }
98	+ } else {
99	+ conn->me.sin_port = nl.rdport;
100	+ conn->me.sin_addr = nl.rdaddr.v4;
101	+ }
102	}
103	#elif LINUX_NETFILTER
104	+ static time_t last_reported = 0;
105	/* If the call fails the address structure will be unchanged */
106	- getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz);
107	+ if (getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz) != 0) {
108	+ if (squid_curtime - last_reported > 60) {
109	+ debug(50, 1) ("parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: %s\n", xstrerror());
110	+ last_reported = squid_curtime;
111	+ }
112	+ }
113	#endif
114	}
115	if (vport_mode)