… | |
… | |
1143 | iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid |
1143 | iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid |
1144 | |
1144 | |
1145 | si = rsi; |
1145 | si = rsi; |
1146 | protocol = rsi.prot; |
1146 | protocol = rsi.prot; |
1147 | |
1147 | |
1148 | slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d."), |
1148 | slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."), |
1149 | conf->nodename, (const char *)rsi, |
1149 | conf->nodename, (const char *)rsi, |
|
|
1150 | is_direct ? "direct" : "routed", |
1150 | p->prot_major, p->prot_minor); |
1151 | p->prot_major, p->prot_minor); |
1151 | |
1152 | |
1152 | connection_established (); |
1153 | connection_established (); |
1153 | |
1154 | |
1154 | if (::conf.script_node_up) |
1155 | if (::conf.script_node_up) |
… | |
… | |
1204 | // fast re-sync on source address changes, useful especially for tcp/ip |
1205 | // fast re-sync on source address changes, useful especially for tcp/ip |
1205 | //if (last_si_change < ev_now () + 5.) |
1206 | //if (last_si_change < ev_now () + 5.) |
1206 | // { |
1207 | // { |
1207 | si = rsi; |
1208 | si = rsi; |
1208 | |
1209 | |
1209 | slog (L_INFO, _("%s(%s): socket address changed to %s."), |
1210 | slog (L_INFO, _("%s(%s): socket address changed."), |
1210 | conf->nodename, (const char *)si, (const char *)rsi); |
1211 | conf->nodename, (const char *)si); |
1211 | // } |
1212 | // } |
1212 | //else |
1213 | //else |
1213 | // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."), |
1214 | // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."), |
1214 | // conf->nodename, (const char *)si, (const char *)rsi); |
1215 | // conf->nodename, (const char *)si, (const char *)rsi); |
1215 | } |
1216 | } |
1216 | } |
1217 | } |
1217 | else if (seqclass == 1) // silently ignore |
1218 | else if (seqclass == 1) // far history |
|
|
1219 | slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). " |
|
|
1220 | "possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1); |
|
|
1221 | else if (seqclass == 2) // in-window duplicate, happens often on wireless |
1218 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
1222 | slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). " |
1219 | "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1); |
1223 | "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1); |
1220 | else if (seqclass == 2) // reset |
1224 | else if (seqclass == 3) // reset |
1221 | { |
1225 | { |
1222 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
1226 | slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). " |
1223 | "possible replay attack, or just massive packet loss, resetting connection."), seqno, iseqno.seq + 1); |
1227 | "probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1); |
1224 | send_reset (rsi); |
1228 | send_reset (rsi); |
1225 | } |
1229 | } |
1226 | |
1230 | |
1227 | delete d; |
1231 | delete d; |
1228 | break; |
1232 | break; |