Date: Mon, 16 Apr 2001 10:17:34 +0600 (YEKST) From: serg@tmn.ru To: FreeBSD-gnats-submit@freebsd.org Subject: ports/26607: squid-2.2(2.3) IPF_TRANSPARENT & ipfilter 3.4.x problems Message-ID: <200104160417.f3G4HXm29076@sv.tech.sibitex.tmn.ru>
next in thread | raw e-mail | index | archive | help
>Number: 26607 >Category: ports >Synopsis: squid port don't work corretly when compiled with IPF_TRANSPARENT option >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Apr 15 21:20:01 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Sergey N. Voronkov >Release: FreeBSD 4.3-RC i386 >Organization: Sibitex >Environment: System: FreeBSD xxxxxxxxx 4.3-RC FreeBSD 4.3-RC #11: Thu Apr 12 22:04:01 YEKST 2001 serg@sv.tech.sibitex.tmn.ru:/usr/obj/usr/src/sys/SV i386 ports tree dated 2001-04-13 >Description: ioctl interface has been changed in ipfilter 3.4.x, but it isn't reflected in squid source tree. >How-To-Repeat: Compile squid22/squid23 port with IPF_TRANSPARENT enabled. Telnet to running squid using redirection and type somthing like that: $telnet -K www.freebsd.org 80 [....] GET / HTTP/1.0 And you get "NAT lookup failed" message into your cache.log. >Fix: (Patch idea taken from ipfilter mailing list and oops sources) squid-2.2.diff: --- src/client_side.c.orig Mon Apr 16 09:39:26 2001 +++ src/client_side.c Mon Apr 16 09:51:08 2001 @@ -1938,6 +1938,7 @@ clientHttpRequest *http = NULL; #if IPF_TRANSPARENT struct natlookup natLookup; + natlookup_t *nlp = &natLookup; static int natfd = -1; #endif @@ -2089,7 +2090,14 @@ xstrerror()); return parseHttpRequestAbort(conn, "error:nat-open-failed"); } - if (ioctl(natfd, SIOCGNATL, &natLookup) < 0) { + +#define NEWSIOCGNATLCMD _IOWR('r', 63, struct natlookup *) + if ( SIOCGNATL == NEWSIOCGNATLCMD) + r = ioctl(natfd, SIOCGNATL, &nlp); + else + r = ioctl(natfd, SIOCGNATL, &natLookup); +#undef NEWSIOCGNATLCMD + if ( r < 0 ) { if (errno != ESRCH) { debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n"); close(natfd); squid-2.3.diff: --- src/client_side.c.orig Mon Apr 16 09:54:24 2001 +++ src/client_side.c Mon Apr 16 09:57:50 2001 @@ -2101,6 +2101,7 @@ clientHttpRequest *http = NULL; #if IPF_TRANSPARENT struct natlookup natLookup; + natlookup_t *nlp = &natLookup; static int natfd = -1; #endif @@ -2263,7 +2264,14 @@ xstrerror()); return parseHttpRequestAbort(conn, "error:nat-open-failed"); } - if (ioctl(natfd, SIOCGNATL, &natLookup) < 0) { + +#define NEWSIOCGNATLCMD _IOWR('r', 63, struct natlookup *) + if ( SIOCGNATL == NEWSIOCGNATLCMD) + r = ioctl(natfd, SIOCGNATL, &nlp); + else + r = ioctl(natfd, SIOCGNATL, &natLookup); +#undef NEWSIOCGNATLCMD + if ( r < 0 ) { if (errno != ESRCH) { debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n"); close(natfd); >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104160417.f3G4HXm29076>