--- gvpe/src/protocol.C	2003/03/02 23:04:02	1.2
+++ gvpe/src/protocol.C	2003/03/09 12:40:18	1.6
@@ -483,7 +483,7 @@
   ping_packet *pkt = new ping_packet;
 
   pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
-  vpn->send_vpn_packet (pkt, dsa);
+  vpn->send_vpn_packet (pkt, dsa, IPTOS_LOWDELAY);
 
   delete pkt;
 }
@@ -498,7 +498,7 @@
       config_packet *pkt = new config_packet;
 
       pkt->setup (vpn_packet::PT_RESET, conf->id);
-      vpn->send_vpn_packet (pkt, dsa);
+      vpn->send_vpn_packet (pkt, dsa, IPTOS_MINCOST);
 
       delete pkt;
     }
@@ -552,7 +552,7 @@
 
       slog (L_TRACE, ">>%d PT_AUTH(%d) [%s]", conf->id, subtype, (const char *)sockinfo (sa));
 
-      vpn->send_vpn_packet (pkt, sa);
+      vpn->send_vpn_packet (pkt, sa, IPTOS_RELIABILITY);
 
       delete pkt;
     }
@@ -561,7 +561,7 @@
 void
 connection::establish_connection ()
 {
-  if (!ictx && conf != THISNODE && conf->connectmode != conf_node::C_NEVER)
+  if (!ictx && conf != THISNODE && connectmode != conf_node::C_NEVER)
     {
       if (now >= next_retry)
         {
@@ -570,7 +570,7 @@
           if (retry_cnt < (17 << 2) | 3)
             retry_cnt++;
 
-          if (conf->connectmode == conf_node::C_ONDEMAND
+          if (connectmode == conf_node::C_ONDEMAND
               && retry_int > ::conf.keepalive)
             retry_int = ::conf.keepalive;
 
@@ -637,9 +637,16 @@
 connection::send_data_packet (tap_packet * pkt, bool broadcast)
 {
   vpndata_packet *p = new vpndata_packet;
+  int tos = 0;
+
+  if (conf->inherit_tos
+      && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
+      && ((*pkt)[14] & 0xf0) == 0x40)             // IPv4
+    tos = (*pkt)[15] & IPTOS_TOS_MASK;
+  printf ("%d %02x %02x %02x %02x = %02x\n", (int)conf->inherit_tos, (*pkt)[12],(*pkt)[13],(*pkt)[14],(*pkt)[15], tos);
 
   p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
-  vpn->send_vpn_packet (p, &sa);
+  vpn->send_vpn_packet (p, &sa, tos);
 
   delete p;
 
@@ -694,7 +701,7 @@
 
         config_packet *p = (config_packet *) pkt;
         if (p->chk_config ())
-          if (conf->connectmode == conf_node::C_ALWAYS)
+          if (connectmode == conf_node::C_ALWAYS)
             establish_connection ();
 
         //D slog the protocol mismatch?
@@ -784,6 +791,8 @@
                         delete p;
                       }
 
+                    connectmode = conf->connectmode;
+
                     slog (L_INFO, _("connection to %d (%s %s) established"),
                           conf->id, conf->nodename, (const char *)sockinfo (ssa));
 
@@ -891,17 +900,35 @@
 
           if (c->ictx && c->octx)
             {
-              sockinfo si(sa);
-              
-              slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
-                             c->conf->id, p->id, (const char *)si);
+              // send connect_info packets to both sides, in case one is
+              // behind a nat firewall (or both ;)
+              {
+                sockinfo si(sa);
+                
+                slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
+                               c->conf->id, conf->id, (const char *)si);
+
+                connect_info_packet *r = new connect_info_packet (c->conf->id, conf->id, si);
 
-              connect_info_packet *r = new connect_info_packet (c->conf->id, conf->id, si);
+                r->hmac_set (c->octx);
+                vpn->send_vpn_packet (r, &c->sa);
 
-              r->hmac_set (c->octx);
-              vpn->send_vpn_packet (r, &c->sa);
+                delete r;
+              }
 
-              delete r;
+              {
+                sockinfo si(c->sa);
+                
+                slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
+                               conf->id, c->conf->id, (const char *)si);
+
+                connect_info_packet *r = new connect_info_packet (conf->id, c->conf->id, si);
+
+                r->hmac_set (octx);
+                vpn->send_vpn_packet (r, &sa);
+
+                delete r;
+              }
             }
         }
 
@@ -933,7 +960,7 @@
 {
   if (conf != THISNODE)
     {
-      if (now >= next_retry && conf->connectmode == conf_node::C_ALWAYS)
+      if (now >= next_retry && connectmode == conf_node::C_ALWAYS)
         establish_connection ();
 
       if (ictx && octx)
@@ -1077,8 +1104,9 @@
 }
 
 void
-vpn::send_vpn_packet (vpn_packet *pkt, SOCKADDR *sa)
+vpn::send_vpn_packet (vpn_packet *pkt, SOCKADDR *sa, int tos)
 {
+  setsockopt (socket_fd, SOL_IP, IP_TOS, &tos, sizeof tos);
   sendto (socket_fd, &((*pkt)[0]), pkt->len, 0, (sockaddr *)sa, sizeof (*sa));
 }
 
@@ -1105,8 +1133,7 @@
       conn->conf = *i;
       conns.push_back (conn);
 
-      if (conn->conf->connectmode == conf_node::C_ALWAYS)
-        conn->establish_connection ();
+      conn->establish_connection ();
     }
 }
 
@@ -1120,7 +1147,7 @@
       connection *c = *i;
 
       if (c->conf->routerprio > prio
-          && c->conf->connectmode == conf_node::C_ALWAYS
+          && c->connectmode == conf_node::C_ALWAYS
           && c->conf != THISNODE
           && c->ictx && c->octx)
         {
@@ -1138,6 +1165,11 @@
 
   if (c)
     c->connect_request (id);
+  //else // does not work, because all others must connect to the same router
+  //  // no router found, aggressively connect to all routers
+  //  for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i)
+  //    if ((*i)->conf->routerprio)
+  //      (*i)->establish_connection ();
 }
 
 void