diff options
author | Karl Vogel <karl.vogel@gmail.com> | 2014-10-03 21:45:15 +0100 |
---|---|---|
committer | Simon Kelley <simon@thekelleys.org.uk> | 2014-10-03 21:45:15 +0100 |
commit | e9828b6f66b22ce8873f8d30a773137d1aef1b92 (patch) | |
tree | c9c99f083954db2b49856cb1485c03f989da15f9 | |
parent | 72eba2bffcebb2df50a02e1f394e50cd094f0d36 (diff) | |
download | dnsmasq-e9828b6f66b22ce8873f8d30a773137d1aef1b92.tar.gz |
Set conntrack mark before connect() call.
SO_MARK has to be done before issuing the connect() call on the
TCP socket.
-rw-r--r-- | src/forward.c | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/src/forward.c b/src/forward.c index 4895efe..2cf29eb 100644 --- a/src/forward.c +++ b/src/forward.c @@ -1796,6 +1796,24 @@ unsigned char *tcp_request(int confd, time_t now, if ((last_server->tcpfd = socket(last_server->addr.sa.sa_family, SOCK_STREAM, 0)) == -1) continue; +#ifdef HAVE_CONNTRACK + /* Copy connection mark of incoming query to outgoing connection. */ + if (option_bool(OPT_CONNTRACK)) + { + unsigned int mark; + struct all_addr local; +#ifdef HAVE_IPV6 + if (local_addr->sa.sa_family == AF_INET6) + local.addr.addr6 = local_addr->in6.sin6_addr; + else +#endif + local.addr.addr4 = local_addr->in.sin_addr; + + if (get_incoming_mark(&peer_addr, &local, 1, &mark)) + setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int)); + } +#endif + if ((!local_bind(last_server->tcpfd, &last_server->source_addr, last_server->interface, 1) || connect(last_server->tcpfd, &last_server->addr.sa, sa_len(&last_server->addr)) == -1)) { @@ -1820,24 +1838,6 @@ unsigned char *tcp_request(int confd, time_t now, size = new_size; } #endif - -#ifdef HAVE_CONNTRACK - /* Copy connection mark of incoming query to outgoing connection. */ - if (option_bool(OPT_CONNTRACK)) - { - unsigned int mark; - struct all_addr local; -#ifdef HAVE_IPV6 - if (local_addr->sa.sa_family == AF_INET6) - local.addr.addr6 = local_addr->in6.sin6_addr; - else -#endif - local.addr.addr4 = local_addr->in.sin_addr; - - if (get_incoming_mark(&peer_addr, &local, 1, &mark)) - setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int)); - } -#endif } *length = htons(size); |