… | |
… | |
584 | ///////////////////////////////////////////////////////////////////////////// |
584 | ///////////////////////////////////////////////////////////////////////////// |
585 | |
585 | |
586 | void |
586 | void |
587 | connection::connection_established () |
587 | connection::connection_established () |
588 | { |
588 | { |
|
|
589 | slog (L_TRACE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx); |
|
|
590 | |
589 | if (ictx && octx) |
591 | if (ictx && octx) |
590 | { |
592 | { |
591 | connectmode = conf->connectmode; |
593 | connectmode = conf->connectmode; |
592 | |
594 | |
593 | // make sure rekeying timeouts are slightly asymmetric |
595 | // make sure rekeying timeouts are slightly asymmetric |
… | |
… | |
760 | |
762 | |
761 | bool slow = si.prot & PROT_SLOW; |
763 | bool slow = si.prot & PROT_SLOW; |
762 | |
764 | |
763 | if (si.prot && !si.host) |
765 | if (si.prot && !si.host) |
764 | { |
766 | { |
|
|
767 | slog (L_TRACE, _("%s: connection request (indirect)"), conf->nodename); |
765 | /*TODO*/ /* start the timer so we don't recurse endlessly */ |
768 | /*TODO*/ /* start the timer so we don't recurse endlessly */ |
766 | w.start (1); |
769 | w.start (1); |
767 | vpn->send_connect_request (conf->id); |
770 | vpn->send_connect_request (conf->id); |
768 | } |
771 | } |
769 | else |
772 | else |
770 | { |
773 | { |
|
|
774 | slog (L_TRACE, _("%s: connection request (direct)"), conf->nodename, !!ictx, !!octx); |
|
|
775 | |
771 | const sockinfo &dsi = forward_si (si); |
776 | const sockinfo &dsi = forward_si (si); |
772 | |
777 | |
773 | slow = slow || (dsi.prot & PROT_SLOW); |
778 | slow = slow || (dsi.prot & PROT_SLOW); |
774 | |
779 | |
775 | if (dsi.valid () && auth_rate_limiter.can (dsi)) |
780 | if (dsi.valid () && auth_rate_limiter.can (dsi)) |
… | |
… | |
887 | { |
892 | { |
888 | last_activity = ev::ev_now (); |
893 | last_activity = ev::ev_now (); |
889 | |
894 | |
890 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
895 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
891 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
896 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
|
|
897 | |
|
|
898 | if (connectmode == conf_node::C_DISABLED) |
|
|
899 | return; |
892 | |
900 | |
893 | switch (pkt->typ ()) |
901 | switch (pkt->typ ()) |
894 | { |
902 | { |
895 | case vpn_packet::PT_PING: |
903 | case vpn_packet::PT_PING: |
896 | // we send pings instead of auth packets after some retries, |
904 | // we send pings instead of auth packets after some retries, |