nfqws: move code

init.d/sysv/functions

@@ -169,13 +169,10 @@ run_daemon()
 	local DAEMONBASE="$(basename "$2")"
 	local PIDFILE=$PIDDIR/$DAEMONBASE$1.pid
 	echo "Starting daemon $1: $2 $3"
-	if exists start-stop-daemon ; then
-		start-stop-daemon -S -p "$PIDFILE" -m -b -x "$2" -- $3
-	else
 	if [ -f "$PIDFILE" ] && pgrep -F "$PIDFILE" "$DAEMONBASE" >/dev/null; then
 		echo already running
 	else
-			"$2" $3 >/dev/null 2>/dev/null &
+		"$2" $3 >/dev/null &
 		PID=$!
 		if [ -n "$PID" ]; then
 			echo $PID >$PIDFILE
@@ -184,7 +181,6 @@ run_daemon()
 			false
 		fi
 	fi
-	fi
 }
 stop_daemon()
 {

nfq/darkmagic.c

@@ -1871,3 +1871,34 @@ void verdict_udp_csum_fix(uint8_t verdict, struct udphdr *udphdr, size_t transpo
 			udp_fix_checksum(udphdr,transport_len,ip,ip6hdr);
 	}
 }
+
+void dbgprint_socket_buffers(int fd)
+{
+	if (params.debug)
+	{
+		int v;
+		socklen_t sz;
+		sz = sizeof(int);
+		if (!getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &v, &sz))
+			DLOG("fd=%d SO_RCVBUF=%d\n", fd, v);
+			sz = sizeof(int);
+		if (!getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &v, &sz))
+			DLOG("fd=%d SO_SNDBUF=%d\n", fd, v);
+	}
+}
+bool set_socket_buffers(int fd, int rcvbuf, int sndbuf)
+{
+	DLOG("set_socket_buffers fd=%d rcvbuf=%d sndbuf=%d\n", fd, rcvbuf, sndbuf);
+	if (rcvbuf && setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &rcvbuf, sizeof(int)) < 0)
+	{
+		DLOG_PERROR("setsockopt (SO_RCVBUF)");
+		return false;
+	}
+	if (sndbuf && setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &sndbuf, sizeof(int)) < 0)
+	{
+		DLOG_PERROR("setsockopt (SO_SNDBUF)");
+		return false;
+	}
+	dbgprint_socket_buffers(fd);
+	return true;
+}

nfq/darkmagic.h

@@ -247,3 +247,6 @@ void do_nat(bool bOutbound, struct ip *ip, struct ip6_hdr *ip6, struct tcphdr *t
 
 void verdict_tcp_csum_fix(uint8_t verdict, struct tcphdr *tcphdr, size_t transport_len, struct ip *ip, struct ip6_hdr *ip6hdr);
 void verdict_udp_csum_fix(uint8_t verdict, struct udphdr *udphdr, size_t transport_len, struct ip *ip, struct ip6_hdr *ip6hdr);
+
+void dbgprint_socket_buffers(int fd);
+bool set_socket_buffers(int fd, int rcvbuf, int sndbuf);

nfq/desync.c

@@ -2163,7 +2163,7 @@ static void packet_debug(bool replay, const struct dissect *dis)
 			char s[80];
 			str_tcphdr(s,sizeof(s),dis->tcp);
 			DLOG(" %s\n",s);
-			if (dis->len_payload) { DLOG("TCP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, 32); DLOG("\n"); }
+			if (dis->len_payload) { DLOG("TCP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, PKTDATA_MAXDUMP); DLOG("\n"); }
 
 		}
 		else if (dis->udp)
@@ -2171,7 +2171,7 @@ static void packet_debug(bool replay, const struct dissect *dis)
 			char s[30];
 			str_udphdr(s,sizeof(s),dis->udp);
 			DLOG(" %s\n",s);
-			if (dis->len_payload) { DLOG("UDP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, 32); DLOG("\n"); }
+			if (dis->len_payload) { DLOG("UDP: len=%zu : ",dis->len_payload); hexdump_limited_dlog(dis->data_payload, dis->len_payload, PKTDATA_MAXDUMP); DLOG("\n"); }
 		}
 		else
 			DLOG("\n");

nfq/helpers.c

@@ -5,12 +5,11 @@
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
+#include <stdlib.h>
 #include <ctype.h>
 #include <sys/stat.h>
 #include <libgen.h>
 
-#include "params.h"
-
 int unique_size_t(size_t *pu, int ct)
 {
 	int i, j, u;
@@ -64,22 +63,6 @@ char *strncasestr(const char *s, const char *find, size_t slen)
 	return (char *)s;
 }
 
-void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit)
-{
-	size_t k;
-	bool bcut = false;
-	if (size > limit)
-	{
-		size = limit;
-		bcut = true;
-	}
-	if (!size) return;
-	for (k = 0; k < size; k++) DLOG("%02X ", data[k]);
-	DLOG(bcut ? "... : " : ": ");
-	for (k = 0; k < size; k++) DLOG("%c", data[k] >= 0x20 && data[k] <= 0x7F ? (char)data[k] : '.');
-	if (bcut) DLOG(" ...");
-}
-
 
 bool load_file(const char *filename, void *buffer, size_t *buffer_size)
 {
@@ -220,38 +203,6 @@ uint16_t saport(const struct sockaddr *sa)
 		     sa->sa_family==AF_INET6 ? ((struct sockaddr_in6*)sa)->sin6_port : 0);
 }
 
-void dbgprint_socket_buffers(int fd)
-{
-	if (params.debug)
-	{
-		int v;
-		socklen_t sz;
-		sz = sizeof(int);
-		if (!getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &v, &sz))
-			DLOG("fd=%d SO_RCVBUF=%d\n", fd, v);
-			sz = sizeof(int);
-		if (!getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &v, &sz))
-			DLOG("fd=%d SO_SNDBUF=%d\n", fd, v);
-	}
-}
-bool set_socket_buffers(int fd, int rcvbuf, int sndbuf)
-{
-	DLOG("set_socket_buffers fd=%d rcvbuf=%d sndbuf=%d\n", fd, rcvbuf, sndbuf);
-	if (rcvbuf && setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &rcvbuf, sizeof(int)) < 0)
-	{
-		DLOG_PERROR("setsockopt (SO_RCVBUF)");
-		close(fd);
-		return false;
-	}
-	if (sndbuf && setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &sndbuf, sizeof(int)) < 0)
-	{
-		DLOG_PERROR("setsockopt (SO_SNDBUF)");
-		close(fd);
-		return false;
-	}
-	dbgprint_socket_buffers(fd);
-	return true;
-}
 
 uint64_t pntoh64(const void *p)
 {

nfq/helpers.h

@@ -24,7 +24,6 @@ void rtrim(char *s);
 void replace_char(char *s, char from, char to);
 char *strncasestr(const char *s,const char *find, size_t slen);
 
-void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit);
 bool load_file(const char *filename,void *buffer,size_t *buffer_size);
 bool load_file_nonempty(const char *filename,void *buffer,size_t *buffer_size);
 bool save_file(const char *filename, const void *buffer, size_t buffer_size);
@@ -40,9 +39,6 @@ uint16_t saport(const struct sockaddr *sa);
 
 bool seq_within(uint32_t s, uint32_t s1, uint32_t s2);
 
-void dbgprint_socket_buffers(int fd);
-bool set_socket_buffers(int fd, int rcvbuf, int sndbuf);
-
 uint64_t pntoh64(const void *p);
 void phton64(uint8_t *p, uint64_t v);
 

nfq/nfqws.c

@@ -757,7 +757,7 @@ static bool parse_tlspos(const char *s, struct proto_pos *sp)
 	else if (!strcmp(s, "snisld"))
 	{
 		sp->marker = PM_HOST_MIDSLD;
-		sp->pos=1;
+		sp->pos=0;
 	}
 	else
 		return false;
@@ -1305,10 +1305,6 @@ int main(int argc, char **argv)
 						fprintf(stderr, "cannot create %s\n", params.debug_logfile);
 						exit_clean(1);
 					}
-#ifndef __CYGWIN__
-					if (params.droproot && chown(params.debug_logfile, params.uid, -1))
-						fprintf(stderr, "could not chown %s. log file may not be writable after privilege drop\n", params.debug_logfile);
-#endif
 					params.debug = true;
 					params.debug_target = LOG_TARGET_FILE;
 				}
@@ -1741,10 +1737,6 @@ int main(int argc, char **argv)
 					DLOG_ERR("gzipped auto hostlists are not supported\n");
 					exit_clean(1);
 				}
-#ifndef __CYGWIN__
-				if (params.droproot && chown(optarg, params.uid, -1))
-					DLOG_ERR("could not chown %s. auto hostlist file may not be writable after privilege drop\n", optarg);
-#endif
 			}
 			if (!(dp->hostlist_auto=RegisterHostlist(dp, false, optarg)))
 			{
@@ -1785,10 +1777,6 @@ int main(int argc, char **argv)
 					exit_clean(1);
 				}
 				fclose(F);
-#ifndef __CYGWIN__
-				if (params.droproot && chown(optarg, params.uid, -1))
-					DLOG_ERR("could not chown %s. auto hostlist debug log may not be writable after privilege drop\n", optarg);
-#endif
 				strncpy(params.hostlist_auto_debuglog, optarg, sizeof(params.hostlist_auto_debuglog));
 				params.hostlist_auto_debuglog[sizeof(params.hostlist_auto_debuglog) - 1] = '\0';
 			}
@@ -2032,6 +2020,12 @@ int main(int argc, char **argv)
 
 	DLOG_CONDUP("we have %d user defined desync profile(s) and default low priority profile 0\n",desync_profile_count);
 	
+#ifndef __CYGWIN__
+	if (params.debug_target == LOG_TARGET_FILE && params.droproot && chown(params.debug_logfile, params.uid, -1))
+		fprintf(stderr, "could not chown %s. log file may not be writable after privilege drop\n", params.debug_logfile);
+	if (params.droproot && *params.hostlist_auto_debuglog && chown(params.hostlist_auto_debuglog, params.uid, -1))
+		DLOG_ERR("could not chown %s. auto hostlist debug log may not be writable after privilege drop\n", params.hostlist_auto_debuglog);
+#endif
 	LIST_FOREACH(dpl, &params.desync_profiles, next)
 	{
 		dp = &dpl->dp;
@@ -2043,6 +2037,10 @@ int main(int argc, char **argv)
 		if (AUTOTTL_ENABLED(dp->desync_autottl6))
 			DLOG("[profile %d] autottl ipv6 %u:%u-%u\n",dp->n,dp->desync_autottl6.delta,dp->desync_autottl6.min,dp->desync_autottl6.max);
 		split_compat(dp);
+#ifndef __CYGWIN__
+		if (params.droproot && dp->hostlist_auto && chown(dp->hostlist_auto->filename, params.uid, -1))
+			DLOG_ERR("could not chown %s. auto hostlist file may not be writable after privilege drop\n", dp->hostlist_auto->filename);
+#endif
 	}
 
 	if (!LoadAllHostLists())

nfq/params.c

@@ -154,6 +154,21 @@ int HOSTLIST_DEBUGLOG_APPEND(const char *format, ...)
 		return 0;
 }
 
+void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit)
+{
+	size_t k;
+	bool bcut = false;
+	if (size > limit)
+	{
+		size = limit;
+		bcut = true;
+	}
+	if (!size) return;
+	for (k = 0; k < size; k++) DLOG("%02X ", data[k]);
+	DLOG(bcut ? "... : " : ": ");
+	for (k = 0; k < size; k++) DLOG("%c", data[k] >= 0x20 && data[k] <= 0x7F ? (char)data[k] : '.');
+	if (bcut) DLOG(" ...");
+}
 
 struct desync_profile_list *dp_list_add(struct desync_profile_list_head *head)
 {

nfq/params.h

@@ -148,3 +148,4 @@ int DLOG_ERR(const char *format, ...);
 int DLOG_PERROR(const char *s);
 int DLOG_CONDUP(const char *format, ...);
 int HOSTLIST_DEBUGLOG_APPEND(const char *format, ...);
+void hexdump_limited_dlog(const uint8_t *data, size_t size, size_t limit);