… | |
… | |
1212 | //else |
1212 | //else |
1213 | // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."), |
1213 | // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."), |
1214 | // conf->nodename, (const char *)si, (const char *)rsi); |
1214 | // conf->nodename, (const char *)si, (const char *)rsi); |
1215 | } |
1215 | } |
1216 | } |
1216 | } |
1217 | else if (seqclass == 1) // silently ignore |
1217 | else if (seqclass == 1) // far history |
|
|
1218 | slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). " |
|
|
1219 | "possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1); |
|
|
1220 | else if (seqclass == 2) // in-window duplicate, happens often on wireless |
1218 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
1221 | slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). " |
1219 | "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1); |
1222 | "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1); |
1220 | else if (seqclass == 2) // reset |
1223 | else if (seqclass == 3) // reset |
1221 | { |
1224 | { |
1222 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
1225 | slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). " |
1223 | "possible replay attack, or just massive packet loss, resetting connection."), seqno, iseqno.seq + 1); |
1226 | "probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1); |
1224 | send_reset (rsi); |
1227 | send_reset (rsi); |
1225 | } |
1228 | } |
1226 | |
1229 | |
1227 | delete d; |
1230 | delete d; |
1228 | break; |
1231 | break; |