common/base.sh

@@ -405,14 +405,14 @@ std_ports()
 has_bad_ws_options()
 {
 	# $1 - nfqws/tpws opts
-
+	# ПРИМЕЧАНИЕ ДЛЯ РАСПРОСТРАНИТЕЛЕЙ КОПИПАСТЫ
-	# kernel or user mode ipset usage should be wise
+	# ЭТОТ КОД СДЕЛАН СПЕЦИАЛЬНО ДЛЯ ВАС, ЧТОБЫ ВЫ НЕ ПОСТИЛИ В СЕТЬ ПЛОХИЕ РЕЦЕПТЫ
-	# if all traffic is already intercepted it would be OK to use ip-based specialized profiles
+	# ЕСЛИ ВАМ ХОЧЕТСЯ ЕГО УДАЛИТЬ И НАПИСАТЬ ИНСТРУКЦИЮ КАК ЕГО УДАЛЯТЬ, ВЫ ДЕЛАЕТЕ ХРЕНОВУЮ УСЛУГУ. НАПИШИТЕ ЛУЧШЕ custom script.
-	# but if all traffic is intercepted only to filter a group of ip its BAD. kernel ipset should be used.
+	# custom script - ЭТО ФАЙЛИК, КОТОРЫЙ ДОСТАТОЧНО СКОПИРОВАТЬ В НУЖНУЮ ДИРЕКТОРИЮ, ЧТОБЫ ОН СДЕЛАЛ ТОЖЕ САМОЕ, НО ЭФФЕКТИВНО.
-	# I cannot insert brain to copy-pasters, I know they will misuse. But it's their problem.
+	# ФИЛЬТРАЦИЯ ПО IPSET В ЯДРЕ НЕСРАВНИМО ЭФФЕКТИВНЕЕ, ЧЕМ ПЕРЕКИДЫВАТЬ ВСЕ ПАКЕТЫ В nfqws И ТАМ ФИЛЬТРОВАТЬ
-	# zapret is not made for newbies
+	# --ipset СУЩЕСТВУЕТ ТОЛЬКО ДЛЯ ВИНДЫ И LINUX СИСТЕМ БЕЗ ipset (НАПРИМЕР, Android).
-	#contains "$1" "--ipset"
+	# И ТОЛЬКО ПО ЭТОЙ ПРИЧИНЕ ОНО НЕ ВЫКИНУТО ПОЛНОСТЬЮ ИЗ LINUX ВЕРСИИ
-	return 1
+	contains "$1" "--ipset"
 }
 check_bad_ws_options()
 {

docs/changes.txt

@@ -488,5 +488,5 @@ nfqws,tpws: debug tls version, alpn, ech
 nfqws: --dpi-desync-fake-tls=! means default tls fake
 nfqws: --dup*
 nfqws: --orig*
-nfqws: ipcache of hop count and host names
+nfqws: autottl cache
-init.d: remove --ipset parameter prohibition
+nfqws: autottl disable path length check

nfq/conntrack.h

@@ -86,7 +86,6 @@ typedef struct
 	t_l7proto l7proto;
 	bool l7proto_discovered;
 	char *hostname;
-	bool hostname_discovered;
 	bool hostname_ah_check;			// should perform autohostlist checks
 	
 	t_reassemble reasm_orig;

nfq/darkmagic.c

@@ -1863,8 +1863,9 @@ uint8_t autottl_eval(uint8_t hop_count, const autottl *attl)
 	else if (d>attl->max) fake=attl->max;
 	else fake=(uint8_t)d;
 
-	if (attl->delta<0 && fake>=hop_count || attl->delta>=0 && fake<hop_count)
+	// path length check disabled
-		return 0;
+//	if (attl->delta<0 && fake>=hop_count || attl->delta>=0 && fake<hop_count)
+//		return 0;
 
 	return fake;
 }

nfq/desync.c

@@ -353,7 +353,7 @@ static void wssize_cutoff(t_ctrack *ctrack)
 }
 static void forced_wssize_cutoff(t_ctrack *ctrack)
 {
-	if (ctrack && ctrack->dp && !ctrack->b_wssize_cutoff)
+ 	if (ctrack && ctrack->dp && ctrack->dp->wssize && !ctrack->b_wssize_cutoff)
 	{
 		DLOG("forced wssize-cutoff\n");
 		wssize_cutoff(ctrack);
@@ -799,49 +799,6 @@ static void autottl_rediscover(t_ctrack *ctrack, const struct in_addr *a4, const
 	}
 }
 
-static bool ipcache_put_hostname(const struct in_addr *a4, const struct in6_addr *a6, const char *iface, const char *hostname)
-{
-	if (!params.cache_hostnames) return true;
-
-	ip_cache_item *ipc = ipcacheTouch(&params.ipcache,a4,a6,iface);
-	if (!ipc)
-	{
-		DLOG_ERR("ipcache_put_hostname: out of memory\n");
-		return false;
-	}
-	free(ipc->hostname);
-	if (!(ipc->hostname = strdup(hostname)))
-	{
-		DLOG_ERR("ipcache_put_hostname: out of memory\n");
-		return false;
-	}
-	DLOG("hostname cached: %s\n", hostname);
-	return true;
-}
-static bool ipcache_get_hostname(const struct in_addr *a4, const struct in6_addr *a6, const char *iface, char *hostname, size_t hostname_buf_len)
-{
-	if (!params.cache_hostnames)
-	{
-		*hostname = 0;
-		return true;
-	}
-	ip_cache_item *ipc = ipcacheTouch(&params.ipcache,a4,a6,iface);
-	if (!ipc)
-	{
-		DLOG_ERR("ipcache_get_hostname: out of memory\n");
-		return false;
-	}
-	if (ipc->hostname)
-	{
-		DLOG("got cached hostname: %s\n", ipc->hostname);
-		snprintf(hostname,hostname_buf_len,"%s",ipc->hostname);
-	}
-	else
-		*hostname = 0;
-	return true;
-}
-
-
 #ifdef BSD
 // BSD pass to divert socket ip_id=0 and does not auto set it if sent via divert socket
 static uint16_t IP4_IP_ID_FIX(const struct ip *ip)
@@ -1124,7 +1081,6 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 	uint32_t *timestamps;
 	bool bSack,DF;
 	uint16_t nmss;
-	char host[256];
 
 	uint32_t desync_fwmark = fwmark | params.desync_fwmark;
 	extract_endpoints(dis->ip, dis->ip6, dis->tcp, NULL, &src, &dst);
@@ -1142,12 +1098,6 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 			DLOG("using cached desync profile %d\n",dp->n);
 		else if (!ctrack_replay->dp_search_complete)
 		{
-			if (!ctrack_replay->hostname && !bReverse)
-			{
-				if (ipcache_get_hostname(dis->ip ? &dis->ip->ip_dst : NULL,dis->ip6 ? &dis->ip6->ip6_dst : NULL , ifout, host, sizeof(host)) && *host)
-					if (!(ctrack_replay->hostname = strdup(host)))
-						DLOG_ERR("strdup(host): out of memory\n");
-			}
 			dp = ctrack_replay->dp = dp_find(&params.desync_profiles, IPPROTO_TCP, (struct sockaddr *)&dst, ctrack_replay->hostname, ctrack_replay->l7proto, NULL, NULL, NULL);
 			ctrack_replay->dp_search_complete = true;
 		}
@@ -1171,18 +1121,7 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 			DLOG("using cached desync profile %d\n",dp->n);
 		else if (!ctrack || !ctrack->dp_search_complete)
 		{
-			const char *hostname = NULL;
+			dp = dp_find(&params.desync_profiles, IPPROTO_TCP, (struct sockaddr *)&dst, ctrack ? ctrack->hostname : NULL, ctrack ? ctrack->l7proto : UNKNOWN, NULL, NULL, NULL);
-			if (ctrack)
-			{
-				hostname = ctrack->hostname;
-				if (!hostname && !bReverse)
-				{
-					if (ipcache_get_hostname(dis->ip ? &dis->ip->ip_dst : NULL,dis->ip6 ? &dis->ip6->ip6_dst : NULL , ifout, host, sizeof(host)) && *host)
-						if (!(hostname = ctrack_replay->hostname = strdup(host)))
-							DLOG_ERR("strdup(host): out of memory\n");
-				}
-			}
-			dp = dp_find(&params.desync_profiles, IPPROTO_TCP, (struct sockaddr *)&dst, hostname, ctrack ? ctrack->l7proto : UNKNOWN, NULL, NULL, NULL);
 			if (ctrack)
 			{
 				ctrack->dp = dp;
@@ -1366,6 +1305,8 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 	{
 		struct blob_collection_head *fake;
 
+		char host[256];
+		bool bHaveHost=false;
 		uint8_t *p, *phost=NULL;
 		const uint8_t *rdata_payload = dis->data_payload;
 		size_t rlen_payload = dis->len_payload;
@@ -1374,7 +1315,6 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 		int multisplit_count;
 		int i;
 		uint16_t ip_id;
-		bool bHaveHost=false;
 		t_l7proto l7proto = UNKNOWN;
 
 		if (replay)
@@ -1507,14 +1447,12 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 			bDiscoveredL7 = !ctrack_replay && l7proto!=UNKNOWN;
 		if (bDiscoveredL7) DLOG("discovered l7 protocol\n");
 
-		bool bDiscoveredHostname = bHaveHost && !(ctrack_replay && ctrack_replay->hostname_discovered);
+		bool bDiscoveredHostname = bHaveHost && !(ctrack_replay && ctrack_replay->hostname);
 		if (bDiscoveredHostname)
 		{
 			DLOG("discovered hostname\n");
 			if (ctrack_replay)
 			{
-				ctrack_replay->hostname_discovered=true;
-				free(ctrack_replay->hostname);
 				ctrack_replay->hostname=strdup(host);
 				if (!ctrack_replay->hostname)
 				{
@@ -1522,12 +1460,6 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
 					reasm_orig_cancel(ctrack);
 					goto send_orig;
 				}
-				if (!ipcache_put_hostname(dis->ip ? &dis->ip->ip_dst : NULL,dis->ip6 ? &dis->ip6->ip6_dst : NULL , ifout, host))
-				{
-					reasm_orig_cancel(ctrack);
-					goto send_orig;
-				}
-
 			}
 		}
 
@@ -2330,7 +2262,6 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint
 	size_t pkt1_len, pkt2_len;
 	uint8_t ttl_orig,ttl_fake;
 	bool DF;
-	char host[256];
 	t_l7proto l7proto = UNKNOWN;
 
 	extract_endpoints(dis->ip, dis->ip6, NULL, dis->udp, &src, &dst);
@@ -2348,12 +2279,6 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint
 			DLOG("using cached desync profile %d\n",dp->n);
 		else if (!ctrack_replay->dp_search_complete)
 		{
-			if (!ctrack_replay->hostname && !bReverse)
-			{
-				if (ipcache_get_hostname(dis->ip ? &dis->ip->ip_dst : NULL,dis->ip6 ? &dis->ip6->ip6_dst : NULL , ifout, host, sizeof(host)) && *host)
-					if (!(ctrack_replay->hostname = strdup(host)))
-						DLOG_ERR("strdup(host): out of memory\n");
-			}
 			dp = ctrack_replay->dp = dp_find(&params.desync_profiles, IPPROTO_UDP, (struct sockaddr *)&dst, ctrack_replay->hostname, ctrack_replay->l7proto, NULL, NULL, NULL);
 			ctrack_replay->dp_search_complete = true;
 		}
@@ -2380,18 +2305,7 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint
 			DLOG("using cached desync profile %d\n",dp->n);
 		else if (!ctrack || !ctrack->dp_search_complete)
 		{
-			const char *hostname = NULL;
+			dp = dp_find(&params.desync_profiles, IPPROTO_UDP, (struct sockaddr *)&dst, ctrack ? ctrack->hostname : NULL, ctrack ? ctrack->l7proto : UNKNOWN, NULL, NULL, NULL);
-			if (ctrack)
-			{
-				hostname = ctrack->hostname;
-				if (!hostname && !bReverse)
-				{
-					if (ipcache_get_hostname(dis->ip ? &dis->ip->ip_dst : NULL,dis->ip6 ? &dis->ip6->ip6_dst : NULL , ifout, host, sizeof(host)) && *host)
-						if (!(hostname = ctrack_replay->hostname = strdup(host)))
-							DLOG_ERR("strdup(host): out of memory\n");
-				}
-			}
-			dp = dp_find(&params.desync_profiles, IPPROTO_UDP, (struct sockaddr *)&dst, hostname, ctrack ? ctrack->l7proto : UNKNOWN, NULL, NULL, NULL);
 			if (ctrack)
 			{
 				ctrack->dp = dp;
@@ -2439,6 +2353,7 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint
 	if (dis->len_payload)
 	{
 		struct blob_collection_head *fake;
+		char host[256];
 		bool bHaveHost=false;
 		uint16_t ip_id;
 
@@ -2638,22 +2553,18 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint
 			bDiscoveredL7 = !ctrack_replay && l7proto!=UNKNOWN;
 		if (bDiscoveredL7) DLOG("discovered l7 protocol\n");
 
-		bool bDiscoveredHostname = bHaveHost && !(ctrack_replay && ctrack_replay->hostname_discovered);
+		bool bDiscoveredHostname = bHaveHost && !(ctrack_replay && ctrack_replay->hostname);
 		if (bDiscoveredHostname)
 		{
 			DLOG("discovered hostname\n");
 			if (ctrack_replay)
 			{
-				ctrack_replay->hostname_discovered=true;
-				free(ctrack_replay->hostname);
 				ctrack_replay->hostname=strdup(host);
 				if (!ctrack_replay->hostname)
 				{
 					DLOG_ERR("hostname dup : out of memory");
 					goto send_orig;
 				}
-				if (!ipcache_put_hostname(dis->ip ? &dis->ip->ip_dst : NULL,dis->ip6 ? &dis->ip6->ip6_dst : NULL , ifout, host))
-					goto send_orig;
 			}
 		}
 
@@ -2996,7 +2907,7 @@ static uint8_t dpi_desync_packet_play(bool replay, size_t reasm_offset, uint32_t
 }
 uint8_t dpi_desync_packet(uint32_t fwmark, const char *ifin, const char *ifout, uint8_t *data_pkt, size_t *len_pkt)
 {
-	ipcachePurgeRateLimited(&params.ipcache, params.ipcache_lifetime);
+	ipcachePurgeRateLimited(&params.ipcache, params.autottl_cache_lifetime);
 	return dpi_desync_packet_play(false, 0, fwmark, ifin, ifout, data_pkt, len_pkt);
 }
 

nfq/nfqws.c

@@ -99,9 +99,9 @@ static void onusr2(int sig)
 		printf("\nDESYNC PROFILE %d\n",dpl->dp.n);
 		HostFailPoolDump(dpl->dp.hostlist_auto_fail_counters);
 	}
-	if (params.autottl_present || params.cache_hostnames)
+	if (params.autottl_present)
 	{
-		printf("\nIPCACHE\n");
+		printf("\nAUTOTTL IP CACHE\n");
 		ipcachePrint(&params.ipcache);
 	}
 	printf("\n");
@@ -637,7 +637,6 @@ static void cleanup_params(void)
 
 	hostlist_files_destroy(&params.hostlists);
 	ipset_files_destroy(&params.ipsets);
-	ipcacheDestroy(&params.ipcache);
 #ifdef __CYGWIN__
 	strlist_destroy(&params.ssid_filter);
 	strlist_destroy(&params.nlm_filter);
@@ -1417,8 +1416,7 @@ static void exithelp(void)
 		" --bind-fix6\t\t\t\t\t; apply outgoing interface selection fix for generated ipv6 packets\n"
 #endif
 		" --ctrack-timeouts=S:E:F[:U]\t\t\t; internal conntrack timeouts for TCP SYN, ESTABLISHED, FIN stages, UDP timeout. default %u:%u:%u:%u\n"
-		" --ipcache-lifetime=<int>\t\t\t; time in seconds to keep cached hop count and domain name (default %u)\n"
+		" --autottl-cache-lifetime=<int>\t\t\t; time in seconds to keep cached hop count (default %u)\n"
-		" --ipcache-hostnames=[0|1]\t\t\t; 1 or no argument enables ip->hostname caching\n"
 #ifdef __CYGWIN__
 		"\nWINDIVERT FILTER:\n"
 		" --wf-iface=<int>[.<int>]\t\t\t; numeric network interface and subinterface indexes\n"
@@ -1522,7 +1520,7 @@ static void exithelp(void)
 		" --dpi-desync-start=[n|d|s]N\t\t\t; apply dpi desync only to packet numbers (n, default), data packet numbers (d), relative sequence (s) greater or equal than N\n"
 		" --dpi-desync-cutoff=[n|d|s]N\t\t\t; apply dpi desync only to packet numbers (n, default), data packet numbers (d), relative sequence (s) less than N\n",
 		CTRACK_T_SYN, CTRACK_T_EST, CTRACK_T_FIN, CTRACK_T_UDP,
-		IPCACHE_LIFETIME,
+		AUTOTTL_CACHE_LIFETIME,
 		HOSTLIST_AUTO_FAIL_THRESHOLD_DEFAULT, HOSTLIST_AUTO_FAIL_TIME_DEFAULT, HOSTLIST_AUTO_RETRANS_THRESHOLD_DEFAULT,
 		AUTOTTL_DEFAULT_ORIG_DELTA,AUTOTTL_DEFAULT_ORIG_MIN,AUTOTTL_DEFAULT_ORIG_MAX,
 		AUTOTTL_DEFAULT_DUP_DELTA,AUTOTTL_DEFAULT_DUP_MIN,AUTOTTL_DEFAULT_DUP_MAX,
@@ -1620,8 +1618,7 @@ enum opt_indices {
 	IDX_WSSIZE,
 	IDX_WSSIZE_CUTOFF,
 	IDX_CTRACK_TIMEOUTS,
-	IDX_IPCACHE_LIFETIME,
+	IDX_AUTOTTL_CACHE_LIFETIME,
-	IDX_IPCACHE_HOSTNAMES,
 	IDX_HOSTCASE,
 	IDX_HOSTSPELL,
 	IDX_HOSTNOSPACE,
@@ -1739,8 +1736,7 @@ static const struct option long_options[] = {
 	[IDX_WSSIZE] = {"wssize", required_argument, 0, 0},
 	[IDX_WSSIZE_CUTOFF] = {"wssize-cutoff", required_argument, 0, 0},
 	[IDX_CTRACK_TIMEOUTS] = {"ctrack-timeouts", required_argument, 0, 0},
-	[IDX_IPCACHE_LIFETIME] = {"ipcache-lifetime", required_argument, 0, 0},
+	[IDX_AUTOTTL_CACHE_LIFETIME] = {"autottl-cache-lifetime", required_argument, 0, 0},
-	[IDX_IPCACHE_HOSTNAMES] = {"ipcache-hostnames", optional_argument, 0, 0},
 	[IDX_HOSTCASE] = {"hostcase", no_argument, 0, 0},
 	[IDX_HOSTSPELL] = {"hostspell", required_argument, 0, 0},
 	[IDX_HOSTNOSPACE] = {"hostnospace", no_argument, 0, 0},
@@ -1894,7 +1890,7 @@ int main(int argc, char **argv)
 	params.ctrack_t_est = CTRACK_T_EST;
 	params.ctrack_t_fin = CTRACK_T_FIN;
 	params.ctrack_t_udp = CTRACK_T_UDP;
-	params.ipcache_lifetime = IPCACHE_LIFETIME;
+	params.autottl_cache_lifetime = AUTOTTL_CACHE_LIFETIME;
 
 	LIST_INIT(&params.hostlists);
 	LIST_INIT(&params.ipsets);
@@ -2048,16 +2044,13 @@ int main(int argc, char **argv)
 				exit_clean(1);
 			}
 			break;
-		case IDX_IPCACHE_LIFETIME:
+		case IDX_AUTOTTL_CACHE_LIFETIME:
-			if (sscanf(optarg, "%u", &params.ipcache_lifetime)!=1)
+			if (sscanf(optarg, "%u", &params.autottl_cache_lifetime)!=1)
 			{
-				DLOG_ERR("invalid ipcache-lifetime value\n");
+				DLOG_ERR("invalid autottl-cache-lifetime value\n");
 				exit_clean(1);
 			}
 			break;
-		case IDX_IPCACHE_HOSTNAMES:
-			params.cache_hostnames = !optarg || !!atoi(optarg);
-			break;
 		case IDX_HOSTCASE:
 			dp->hostcase = true;
 			break;
@@ -2964,7 +2957,6 @@ int main(int argc, char **argv)
 	}
 
 	DLOG("initializing conntrack with timeouts tcp=%u:%u:%u udp=%u\n", params.ctrack_t_syn, params.ctrack_t_est, params.ctrack_t_fin, params.ctrack_t_udp);
-	if (params.autottl_present || params.cache_hostnames) DLOG("ipcache lifetime %us\n", params.ipcache_lifetime);
 	ConntrackPoolInit(&params.conntrack, 10, params.ctrack_t_syn, params.ctrack_t_est, params.ctrack_t_fin, params.ctrack_t_udp);
 
 #ifdef __linux__

nfq/params.h

@@ -36,8 +36,7 @@
 #define	HOSTLIST_AUTO_FAIL_TIME_DEFAULT 	60
 #define	HOSTLIST_AUTO_RETRANS_THRESHOLD_DEFAULT	3
 
-#define IPCACHE_LIFETIME		7200
+#define AUTOTTL_CACHE_LIFETIME		86400
-
 #define AUTOTTL_DEFAULT_DESYNC_DELTA	-1
 #define AUTOTTL_DEFAULT_DESYNC_MIN	3
 #define AUTOTTL_DEFAULT_DESYNC_MAX	20
@@ -198,8 +197,8 @@ struct params_s
 	unsigned int ctrack_t_syn, ctrack_t_est, ctrack_t_fin, ctrack_t_udp;
 	t_conntrack conntrack;
 
-	unsigned int ipcache_lifetime;
+	unsigned int autottl_cache_lifetime;
-	bool autottl_present,cache_hostnames;
+	bool autottl_present;
 	ip_cache ipcache;
 };
 

nfq/pools.c

@@ -589,13 +589,8 @@ static void ipcache_item_touch(ip_cache_item *item)
 static void ipcache_item_init(ip_cache_item *item)
 {
 	ipcache_item_touch(item);
-	item->hostname = NULL;
 	item->hops = 0;
 }
-static void ipcache_item_destroy(ip_cache_item *item)
-{
-	free(item->hostname);
-}
 
 static void ipcache4Destroy(ip_cache4 **ipcache)
 {
@@ -603,7 +598,6 @@ static void ipcache4Destroy(ip_cache4 **ipcache)
 	HASH_ITER(hh, *ipcache, elem, tmp)
 	{
 		HASH_DEL(*ipcache, elem);
-		ipcache_item_destroy(&elem->data);
 		free(elem);
 	}
 }
@@ -651,7 +645,7 @@ static void ipcache4Print(ip_cache4 *ipcache)
 	{
 		*s_ip=0;
 		inet_ntop(AF_INET, &ipc->key.addr, s_ip, sizeof(s_ip));
-		printf("%s iface=%s : hops %u hostname=%s now=last+%llu\n", s_ip, ipc->key.iface, ipc->data.hops, ipc->data.hostname ? ipc->data.hostname : "", (unsigned long long)(now-ipc->data.last));
+		printf("%s iface=%s : hops %u now=last+%llu\n", s_ip, ipc->key.iface, ipc->data.hops, (unsigned long long)(now-ipc->data.last));
 	}
 }
 
@@ -661,7 +655,6 @@ static void ipcache6Destroy(ip_cache6 **ipcache)
 	HASH_ITER(hh, *ipcache, elem, tmp)
 	{
 		HASH_DEL(*ipcache, elem);
-		ipcache_item_destroy(&elem->data);
 		free(elem);
 	}
 }
@@ -709,7 +702,7 @@ static void ipcache6Print(ip_cache6 *ipcache)
 	{
 		*s_ip=0;
 		inet_ntop(AF_INET6, &ipc->key.addr, s_ip, sizeof(s_ip));
-		printf("%s iface=%s : hops %u hostname=%s now=last+%llu\n", s_ip, ipc->key.iface, ipc->data.hops, ipc->data.hostname ? ipc->data.hostname : "", (unsigned long long)(now-ipc->data.last));
+		printf("%s iface=%s : hops %u now=last+%llu\n", s_ip, ipc->key.iface, ipc->data.hops, (unsigned long long)(now-ipc->data.last));
 	}
 }
 

nfq/pools.h

@@ -177,7 +177,6 @@ typedef struct ip6if
 typedef struct ip_cache_item
 {
 	time_t last;
-	char *hostname;
 	uint8_t hops;
 } ip_cache_item;
 typedef struct ip_cache4