diff options
author | t3sserakt <t3ss@posteo.de> | 2022-03-17 14:28:40 +0100 |
---|---|---|
committer | t3sserakt <t3ss@posteo.de> | 2022-03-17 14:28:40 +0100 |
commit | 95a1edacccd9b3bf769a144a12d41946d0ac25dc (patch) | |
tree | b84608361cd836d29649f076589dd42943d1301f /contrib | |
parent | 16c9959d9b395b179446ee4a2cb70f3563c4fb20 (diff) | |
download | gnunet-95a1edacccd9b3bf769a144a12d41946d0ac25dc.tar.gz gnunet-95a1edacccd9b3bf769a144a12d41946d0ac25dc.zip |
- Trying to exchange iptables with nft, first shot failed.
- Fixed small bug in UDP communicator.
- Fixed bug in DV circle test case
- Introduced a default value to wait for a reliability ack.
- Introduced a FC retransmission threshold together with a retransmission count.
- Introduced a original size value for TransportDVBoxMessage
- Checking if we have the root pending messge, when removing the pending message from virtual link.
- Added delay value to schedule_transmit_on_queue to wait for retransmitting.
- Checking for confirmed virtual link, before routing.
- Allow unconfirmed queues or DV routes when doing dv encapsulation for control traffic.
- Changed check_vl_transmission to also check window size for DV next hop peer.
- Fixed fragment box handling to also handle reliability boxed message which needed to be fragmented.
- Fixed completing a message which was not only fragmented but also DV boxed.
- Added logic to notify core about a new virtual link using distance vector without having validated next neighbour.
- Added logic to create a virtual link to handle flow control messages.
- fixed several smaller bugs in fragmentation logic.
- Changed logic for adding the next_attempt value of PendingMessage.
Diffstat (limited to 'contrib')
-rwxr-xr-x | contrib/netjail/netjail_core.sh | 5 | ||||
-rwxr-xr-x | contrib/netjail/netjail_start.sh | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/contrib/netjail/netjail_core.sh b/contrib/netjail/netjail_core.sh index ed363cf35..da784fa5e 100755 --- a/contrib/netjail/netjail_core.sh +++ b/contrib/netjail/netjail_core.sh | |||
@@ -188,7 +188,10 @@ netjail_node_add_nat() { | |||
188 | local ADDRESS=$2 | 188 | local ADDRESS=$2 |
189 | local MASK=$3 | 189 | local MASK=$3 |
190 | 190 | ||
191 | ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE | 191 | ip netns exec $NODE nft add table nat |
192 | ip netns exec $NODE nft add chain nat postrouting { type nat hook postrouting priority 0 \; } | ||
193 | ip netns exec $NODE nft add rule ip nat postrouting ip saddr "$ADDRESS/$MASK" counter masquerade | ||
194 | # ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE | ||
192 | } | 195 | } |
193 | 196 | ||
194 | netjail_node_add_default() { | 197 | netjail_node_add_default() { |
diff --git a/contrib/netjail/netjail_start.sh b/contrib/netjail/netjail_start.sh index f7c417c27..e2d5fd634 100755 --- a/contrib/netjail/netjail_start.sh +++ b/contrib/netjail/netjail_start.sh | |||
@@ -77,11 +77,15 @@ for N in $(seq $GLOBAL_N); do | |||
77 | 77 | ||
78 | if [ "1" == "${R_TCP[$N]}" ] | 78 | if [ "1" == "${R_TCP[$N]}" ] |
79 | then | 79 | then |
80 | #ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N tcp dport 60002 counter dnat to $LOCAL_GROUP.1 | ||
81 | #ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established counter accept | ||
80 | ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p tcp -d $GLOBAL_GROUP.$N --dport 60002 -j DNAT --to $LOCAL_GROUP.1 | 82 | ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p tcp -d $GLOBAL_GROUP.$N --dport 60002 -j DNAT --to $LOCAL_GROUP.1 |
81 | ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT | 83 | ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT |
82 | fi | 84 | fi |
83 | if [ "1" == "${R_UDP[$N]}" ] | 85 | if [ "1" == "${R_UDP[$N]}" ] |
84 | then | 86 | then |
87 | #ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N udp dport $PORT counter dnat to $LOCAL_GROUP.1 | ||
88 | #ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established counter accept | ||
85 | ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p udp -d $GLOBAL_GROUP.$N --dport $PORT -j DNAT --to $LOCAL_GROUP.1 | 89 | ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p udp -d $GLOBAL_GROUP.$N --dport $PORT -j DNAT --to $LOCAL_GROUP.1 |
86 | ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT | 90 | ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT |
87 | fi | 91 | fi |