/*
- Copyright (C) 2014 Proxmox Server Solutions GmbH
+ Copyright (C) 2014 - 2021 Proxmox Server Solutions GmbH
This software is written by Proxmox Server Solutions GmbH <support@proxmox.com>
LOG FORMAT:
-Special care was taken to allow fast parsing (and filer messages for a singl VM).
+Special care was taken to allow fast parsing and filering messages for a single VM.
<VMID> <LOGLEVEL> <CHAIN> <TIME> <TIMEZONE> <MSG>
static void
log_status_message(guint loglevel, const char *fmt, ...)
{
- va_list ap;
- va_start(ap, fmt);
+ va_list ap, ap2;
if (loglevel > 7 ) loglevel = 7; // syslog defines level 0-7
LEPRINTTIME(time(NULL));
+ va_start(ap, fmt);
+ va_copy(ap2, ap);
le->len += vsnprintf(le->buf + le->len, LE_MAX - le->len, fmt, ap);
+ va_end(ap);
LEPRINTF("\n");
// also log to syslog
- vsyslog(loglevel, fmt, ap);
+ vsyslog(loglevel, fmt, ap2);
+ va_end(ap2);
}
static int
return 0;
struct ip6_ext *exthdr = (struct ip6_ext*)hdr;
+ int ext_len = 0;
switch (proto) {
/* protocols (these return) */
return -1;
if (print_fragment(le, (struct ip6_frag*)hdr, payload_len) < 0)
return -1;
+ ext_len = sizeof(struct ip6_frag);
break;
case IPPROTO_HOPOPTS:
LEPRINTF("NEXTHDR=HOPOPTS ");
/* next header: */
if (check_ip6ext(le, exthdr, payload_len) < 0)
return -1;
- hdr += exthdr->ip6e_len;
- payload_len -= exthdr->ip6e_len;
+ if(ext_len == 0) {
+ ext_len = (exthdr->ip6e_len+1) * 8;
+ }
+ hdr += ext_len;
+ payload_len -= ext_len;
+ proto = exthdr->ip6e_nxt;
}
}
{
int res;
if ((res = nfct_catch(nfcth)) < 0) {
- log_status_message(3, "error catching nfct");
- return FALSE;
+ if (errno == ENOBUFS) {
+ log_status_message(3, "nfct_catch returned ENOBUFS: conntrack information may be incomplete");
+ } else {
+ log_status_message(3, "error catching nfct: %s", strerror(errno));
+ return FALSE;
+ }
}
return TRUE;
}
for (int i = 10; i >= 0; i--) {
if (flock(lockfd, LOCK_EX|LOCK_NB) != 0) {
if (!i) {
- fprintf(stderr, "unable to aquire lock '%s': %s\n", LOCKFILE, strerror (errno));
+ fprintf(stderr, "unable to acquire lock '%s': %s\n", LOCKFILE, strerror (errno));
exit(-1);
}
if (i == 10)
- fprintf(stderr, "unable to aquire lock '%s' - trying again.\n", LOCKFILE);
+ fprintf(stderr, "unable to acquire lock '%s' - trying again.\n", LOCKFILE);
sleep(1);
}